diff --git a/.fixtures.yml b/.fixtures.yml index 067ccf066..848319b8e 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,10 +1,8 @@ +--- fixtures: repositories: stdlib: 'https://github.com/puppetlabs/puppetlabs-stdlib' apt: 'https://github.com/puppetlabs/puppetlabs-apt' archive: 'https://github.com/voxpupuli/puppet-archive' - erlang: 'https://github.com/garethr/garethr-erlang' systemd: 'https://github.com/voxpupuli/puppet-systemd' - yumrepo_core: - repo: 'https://github.com/puppetlabs/puppetlabs-yumrepo_core' - puppet_version: '>= 6.0.0' + yumrepo_core: 'https://github.com/puppetlabs/puppetlabs-yumrepo_core' diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 8b466cfb9..daceb642f 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -131,19 +131,29 @@ You can install all needed gems for spec tests into the modules directory by running: ```sh -bundle install --path .vendor/ --without development system_tests release --jobs "$(nproc)" +bundle config set --local path '.vendor/' +bundle config set --local without 'development system_tests release' +bundle install --jobs "$(nproc)" ``` If you also want to run acceptance tests: ```sh -bundle install --path .vendor/ --with system_tests --without development release --jobs "$(nproc)" +bundle config set --local path '.vendor/' +bundle config set --local without 'development release' +bundle config set --local with 'system_tests' +bundle install --jobs "$(nproc)" ``` Our all in one solution if you don't know if you need to install or update gems: ```sh -bundle install --path .vendor/ --with system_tests --without development release --jobs "$(nproc)"; bundle update; bundle clean +bundle config set --local path '.vendor/' +bundle config set --local without 'development release' +bundle config set --local with 'system_tests' +bundle install --jobs "$(nproc)" +bundle update +bundle clean ``` As an alternative to the `--jobs "$(nproc)` parameter, you can set an @@ -232,18 +242,29 @@ simple tests against it after applying the module. You can run this with: ```sh -BEAKER_setfile=debian11-64 bundle exec rake beaker +BEAKER_PUPPET_COLLECTION=puppet7 BEAKER_setfile=debian11-64 bundle exec rake beaker ``` -You can replace the string `debian10` with any common operating system. +or + +```sh +BEAKER_PUPPET_COLLECTION=none BEAKER_setfile=archlinux-64 bundle exec rake beaker +``` + +This latter example will use the distribution's own version of Puppet. + +You can replace the string `debian11` with any common operating system. The following strings are known to work: -* ubuntu1804 * ubuntu2004 -* debian10 +* ubuntu2204 * debian11 -* centos7 -* centos8 +* debian12 +* centos9 +* archlinux +* almalinux8 +* almalinux9 +* fedora36 For more information and tips & tricks, see [voxpupuli-acceptance's documentation](https://github.com/voxpupuli/voxpupuli-acceptance#running-tests). diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index cacadf220..000000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,3 +0,0 @@ -# Vox Pupuli Security Policy - -Our vulnerabilities reporting process is at https://voxpupuli.org/security/ diff --git a/.rspec b/.github/labeler.yml similarity index 63% rename from .rspec rename to .github/labeler.yml index f634583de..f2d08d6b4 100644 --- a/.rspec +++ b/.github/labeler.yml @@ -1,5 +1,6 @@ +--- # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ ---format documentation ---color +skip-changelog: + - head-branch: ['^release-*', 'release'] diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 000000000..f5b5d7a99 --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,42 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +# https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes + +changelog: + exclude: + labels: + - duplicate + - invalid + - modulesync + - question + - skip-changelog + - wont-fix + - wontfix + + categories: + - title: Breaking Changes 🛠 + labels: + - backwards-incompatible + + - title: New Features 🎉 + labels: + - enhancement + + - title: Bug Fixes 🐛 + labels: + - bug + + - title: Documentation Updates 📚 + labels: + - documentation + - docs + + - title: Dependency Updates ⬆️ + labels: + - dependencies + + - title: Other Changes + labels: + - "*" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8a0779116..8c32acf95 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,7 +4,13 @@ name: CI -on: pull_request +# yamllint disable-line rule:truthy +on: + pull_request: {} + push: + branches: + - main + - master concurrency: group: ${{ github.ref_name }} @@ -13,6 +19,4 @@ concurrency: jobs: puppet: name: Puppet - uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v1 - with: - pidfile_workaround: 'false' + uses: voxpupuli/gha-puppet/.github/workflows/beaker.yml@v3 diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 000000000..73be88dce --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,18 @@ +--- +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + +name: "Pull Request Labeler" + +# yamllint disable-line rule:truthy +on: + pull_request_target: {} + +jobs: + labeler: + permissions: + contents: read + pull-requests: write + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v5 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15f172134..4adf65cd1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,6 +4,7 @@ name: Release +# yamllint disable-line rule:truthy on: push: tags: @@ -12,7 +13,7 @@ on: jobs: release: name: Release - uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v1 + uses: voxpupuli/gha-puppet/.github/workflows/release.yml@v3 with: allowed_owner: 'voxpupuli' secrets: @@ -20,3 +21,10 @@ jobs: # https://docs.github.com/en/actions/security-guides/encrypted-secrets username: ${{ secrets.PUPPET_FORGE_USERNAME }} api_key: ${{ secrets.PUPPET_FORGE_API_KEY }} + + create-github-release: + name: Create GitHub Release + runs-on: ubuntu-latest + steps: + - name: Create GitHub release + uses: voxpupuli/gha-create-a-github-release@v1 diff --git a/.gitignore b/.gitignore index 9b95224ce..adea1b017 100644 --- a/.gitignore +++ b/.gitignore @@ -1,23 +1,25 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -pkg/ -Gemfile.lock -Gemfile.local -vendor/ -.vendor/ -spec/fixtures/manifests/ -spec/fixtures/modules/ -.vagrant/ -.bundle/ -.ruby-version -coverage/ -log/ -.idea/ -.dependencies/ -.librarian/ -Puppetfile.lock +/pkg/ +/Gemfile.lock +/Gemfile.local +/vendor/ +/.vendor/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/.vagrant/ +/.bundle/ +/.ruby-version +/coverage/ +/log/ +/.idea/ +/.dependencies/ +/.librarian/ +/Puppetfile.lock *.iml .*.sw? -.yardoc/ -Guardfile +/.yardoc/ +/Guardfile +bolt-debug.log +.rerun.json diff --git a/.msync.yml b/.msync.yml index 968a93678..ac84b45df 100644 --- a/.msync.yml +++ b/.msync.yml @@ -2,4 +2,4 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -modulesync_config_version: '5.2.0' +modulesync_config_version: '9.3.0' diff --git a/.overcommit.yml b/.overcommit.yml index d367adaea..4ed994cc5 100644 --- a/.overcommit.yml +++ b/.overcommit.yml @@ -43,10 +43,12 @@ PreCommit: enabled: true description: 'Runs rubocop on modified files only' command: ['bundle', 'exec', 'rubocop'] - PuppetLint: + RakeTarget: enabled: true - description: 'Runs puppet-lint on modified files only' - command: ['bundle', 'exec', 'puppet-lint'] + description: 'Runs lint on modified files only' + targets: + - 'lint' + command: ['bundle', 'exec', 'rake'] YamlSyntax: enabled: true JsonSyntax: diff --git a/.pmtignore b/.pmtignore index 65f505149..a9d37aa0c 100644 --- a/.pmtignore +++ b/.pmtignore @@ -1,37 +1,39 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -docs/ -pkg/ -Gemfile -Gemfile.lock -Gemfile.local -vendor/ -.vendor/ -spec/ -Rakefile -.vagrant/ -.bundle/ -.ruby-version -coverage/ -log/ -.idea/ -.dependencies/ -.github/ -.librarian/ -Puppetfile.lock +/docs/ +/pkg/ +/Gemfile +/Gemfile.lock +/Gemfile.local +/vendor/ +/.vendor/ +/spec/ +/Rakefile +/.vagrant/ +/.bundle/ +/.ruby-version +/coverage/ +/log/ +/.idea/ +/.dependencies/ +/.github/ +/.librarian/ +/Puppetfile.lock +/Puppetfile *.iml -.editorconfig -.fixtures.yml -.gitignore -.msync.yml -.overcommit.yml -.pmtignore -.rspec -.rspec_parallel -.rubocop.yml -.sync.yml +/.editorconfig +/.fixtures.yml +/.gitignore +/.msync.yml +/.overcommit.yml +/.pmtignore +/.rspec +/.rspec_parallel +/.rubocop.yml +/.sync.yml .*.sw? -.yardoc/ -.yardopts -Dockerfile +/.yardoc/ +/.yardopts +/Dockerfile +/HISTORY.md diff --git a/.puppet-lint.rc b/.puppet-lint.rc index dd8272c7b..37817b676 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1,3 +1,4 @@ +# Managed by modulesync - DO NOT EDIT +# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ + --fail-on-warnings ---no-parameter_documentation-check ---no-parameter_types-check diff --git a/.rspec_parallel b/.rspec_parallel deleted file mode 100644 index a9a84f852..000000000 --- a/.rspec_parallel +++ /dev/null @@ -1,4 +0,0 @@ -# Managed by modulesync - DO NOT EDIT -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ - ---format progress diff --git a/.rubocop.yml b/.rubocop.yml index 53ac18982..fded90cf2 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -2,5 +2,6 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ +inherit_from: .rubocop_todo.yml inherit_gem: voxpupuli-test: rubocop.yml diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml new file mode 100644 index 000000000..f6f53043d --- /dev/null +++ b/.rubocop_todo.yml @@ -0,0 +1,32 @@ +# This configuration was generated by +# `rubocop --auto-gen-config` +# on 2024-05-18 22:27:55 UTC using RuboCop version 1.50.2. +# The point is for the user to remove these configuration records +# one by one as the offenses are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of RuboCop, may require this file to be generated again. + +# Offense count: 8 +# This cop supports unsafe autocorrection (--autocorrect-all). +RSpec/BeEq: + Exclude: + - 'spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb' + - 'spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb' + - 'spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb' + - 'spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb' + - 'spec/unit/puppet/type/rabbitmq_user_permissions_spec.rb' + +# Offense count: 3 +RSpec/PendingWithoutReason: + Exclude: + - 'spec/acceptance/class_spec.rb' + +# Offense count: 4 +RSpec/RepeatedExampleGroupBody: + Exclude: + - 'spec/classes/rabbitmq_spec.rb' + +# Offense count: 14 +RSpec/RepeatedExampleGroupDescription: + Exclude: + - 'spec/classes/rabbitmq_spec.rb' diff --git a/.sync.yml b/.sync.yml index 835f3019f..c266ecde2 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,4 +1,9 @@ --- spec/spec_helper.rb: - spec_overrides: "require 'spec_helper_local'" + facterdb_string_keys: true mock_with: ':mocha' + spec_overrides: "require 'spec_helper_local'" +.puppet-lint.rc: + enabled_lint_checks: + - parameter_documentation + - parameter_types diff --git a/CHANGELOG.md b/CHANGELOG.md index 44339f0be..edd10760b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,253 @@ All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module. +## [v14.2.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v14.2.0) (2024-12-21) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v14.1.0...v14.2.0) + +**Implemented enhancements:** + +- Quorum Queue Reconciliation Support? [\#1029](https://github.com/voxpupuli/puppet-rabbitmq/issues/1029) +- puppet/systemd: allow 8.x [\#1036](https://github.com/voxpupuli/puppet-rabbitmq/pull/1036) ([jay7x](https://github.com/jay7x)) + +## [v14.1.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v14.1.0) (2024-12-11) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v14.0.0...v14.1.0) + +**Implemented enhancements:** + +- Add `enable_centos_release` parameter [\#1034](https://github.com/voxpupuli/puppet-rabbitmq/pull/1034) ([wyardley](https://github.com/wyardley)) + +**Closed issues:** + +- centos-release being enabled by default on RHEL [\#1033](https://github.com/voxpupuli/puppet-rabbitmq/issues/1033) + +## [v14.0.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v14.0.0) (2024-12-07) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.7.0...v14.0.0) + +**Breaking changes:** + +- Add support for CentOS / RHEL 9 and drop support for 7 [\#1027](https://github.com/voxpupuli/puppet-rabbitmq/pull/1027) ([wyardley](https://github.com/wyardley)) +- Drop support for Debian 10, Ubuntu 18, and FreeBSD 12 [\#1026](https://github.com/voxpupuli/puppet-rabbitmq/pull/1026) ([wyardley](https://github.com/wyardley)) + +**Implemented enhancements:** + +- Add client\_renegotiation ssl option, use more ssl options in management plugin [\#1024](https://github.com/voxpupuli/puppet-rabbitmq/pull/1024) ([wyardley](https://github.com/wyardley)) + +**Fixed bugs:** + +- Disallow empty string in `package_apt_pin` [\#1025](https://github.com/voxpupuli/puppet-rabbitmq/pull/1025) ([wyardley](https://github.com/wyardley)) + +## [v13.7.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.7.0) (2024-09-06) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.6.0...v13.7.0) + +**Implemented enhancements:** + +- Add support for Ubuntu 20 and 22 [\#1015](https://github.com/voxpupuli/puppet-rabbitmq/pull/1015) ([wyardley](https://github.com/wyardley)) +- Add support for cowboy\_opts config in rabbitmq.config [\#1013](https://github.com/voxpupuli/puppet-rabbitmq/pull/1013) ([SpinEternel](https://github.com/SpinEternel)) + +**Fixed bugs:** + +- Convert `queue-version` to integer [\#1019](https://github.com/voxpupuli/puppet-rabbitmq/pull/1019) ([wyardley](https://github.com/wyardley)) + +## [v13.6.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.6.0) (2024-06-28) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.5.1...v13.6.0) + +**Implemented enhancements:** + +- Add support for Debian 11 [\#1010](https://github.com/voxpupuli/puppet-rabbitmq/pull/1010) ([wyardley](https://github.com/wyardley)) +- Add support for FreeBSD 14 [\#1009](https://github.com/voxpupuli/puppet-rabbitmq/pull/1009) ([smortex](https://github.com/smortex)) + +**Merged pull requests:** + +- replace systemd fact with core fact [\#1007](https://github.com/voxpupuli/puppet-rabbitmq/pull/1007) ([bastelfreak](https://github.com/bastelfreak)) + +## [v13.5.1](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.5.1) (2024-05-29) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.5.0...v13.5.1) + +**Fixed bugs:** + +- Fix indentation for cluster\_nodes [\#1002](https://github.com/voxpupuli/puppet-rabbitmq/pull/1002) ([jplindquist](https://github.com/jplindquist)) +- require puppet/systemd \>= 6.0.0 [\#1001](https://github.com/voxpupuli/puppet-rabbitmq/pull/1001) ([saz](https://github.com/saz)) + +## [v13.5.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.5.0) (2024-05-23) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.4.0...v13.5.0) + +**Implemented enhancements:** + +- Add require\_epel parameter, defaulting to `true` [\#997](https://github.com/voxpupuli/puppet-rabbitmq/pull/997) ([wyardley](https://github.com/wyardley)) +- Add support for policy definition consumer-timeout [\#991](https://github.com/voxpupuli/puppet-rabbitmq/pull/991) ([wyardley](https://github.com/wyardley)) + +**Fixed bugs:** + +- Handle rabbitmq.config when cluster\_nodes is empty [\#993](https://github.com/voxpupuli/puppet-rabbitmq/pull/993) ([nosrio](https://github.com/nosrio)) + +**Closed issues:** + +- Does not find rabbitmqadmin under ubuntu [\#812](https://github.com/voxpupuli/puppet-rabbitmq/issues/812) + +**Merged pull requests:** + +- Add unit test to handle bug solved on PR \#993 [\#994](https://github.com/voxpupuli/puppet-rabbitmq/pull/994) ([nosrio](https://github.com/nosrio)) +- Use stdlib::ensure\_packages [\#990](https://github.com/voxpupuli/puppet-rabbitmq/pull/990) ([wyardley](https://github.com/wyardley)) + +## [v13.4.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.4.0) (2024-05-19) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.3.0...v13.4.0) + +Historically we used the garethr/erlang module as soft dependency on CentOS 7. This also configured the EPEL7 repository. We have replaced this with an include of the EPEL repo on CentOS 7. + +**Implemented enhancements:** + +- puppetlabs/apt: Allow 9.x [\#988](https://github.com/voxpupuli/puppet-rabbitmq/pull/988) ([bastelfreak](https://github.com/bastelfreak)) +- puppetlabs/stdlib: Allow 9.x [\#986](https://github.com/voxpupuli/puppet-rabbitmq/pull/986) ([bastelfreak](https://github.com/bastelfreak)) +- puppet/archive: Allow 7.x [\#952](https://github.com/voxpupuli/puppet-rabbitmq/pull/952) ([bastelfreak](https://github.com/bastelfreak)) + +**Fixed bugs:** + +- metadata.json: re-add Puppet 8 support [\#985](https://github.com/voxpupuli/puppet-rabbitmq/pull/985) ([bastelfreak](https://github.com/bastelfreak)) +- CentOS7: default to EPEL7 as source [\#983](https://github.com/voxpupuli/puppet-rabbitmq/pull/983) ([bastelfreak](https://github.com/bastelfreak)) + +**Merged pull requests:** + +- docs: update readme badges [\#987](https://github.com/voxpupuli/puppet-rabbitmq/pull/987) ([wyardley](https://github.com/wyardley)) + +## [v13.3.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.3.0) (2024-05-19) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.2.0...v13.3.0) + +**Implemented enhancements:** + +- Use epp template to handle sensitive data [\#966](https://github.com/voxpupuli/puppet-rabbitmq/issues/966) +- systemd: migrate from service\_limits-\>manage\_dropin [\#982](https://github.com/voxpupuli/puppet-rabbitmq/pull/982) ([bastelfreak](https://github.com/bastelfreak)) +- Remove leftovers from Linux systems without systemd [\#981](https://github.com/voxpupuli/puppet-rabbitmq/pull/981) ([bastelfreak](https://github.com/bastelfreak)) +- update puppet-systemd upper bound to 8.0.0 [\#977](https://github.com/voxpupuli/puppet-rabbitmq/pull/977) ([TheMeier](https://github.com/TheMeier)) +- Harden codebase and add documentation stubs [\#974](https://github.com/voxpupuli/puppet-rabbitmq/pull/974) ([zilchms](https://github.com/zilchms)) + +**Fixed bugs:** + +- add a workaround for rabbitmq\_vhost when running with --noop or --tags [\#969](https://github.com/voxpupuli/puppet-rabbitmq/pull/969) ([bugfood](https://github.com/bugfood)) + +**Merged pull requests:** + +- Migrate erb to epp templates [\#978](https://github.com/voxpupuli/puppet-rabbitmq/pull/978) ([nosrio](https://github.com/nosrio)) +- Use a more expressive method of rewriting values [\#975](https://github.com/voxpupuli/puppet-rabbitmq/pull/975) ([ekohl](https://github.com/ekohl)) + +## [v13.2.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.2.0) (2023-12-11) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.1.2...v13.2.0) + +**Implemented enhancements:** + +- Add support for Vhost metadata [\#964](https://github.com/voxpupuli/puppet-rabbitmq/pull/964) ([jimmybigcommerce](https://github.com/jimmybigcommerce)) + +**Fixed bugs:** + +- resources fail to prefetch when rabbitmq is not intended to be installed \(via --noop or --tags\) [\#961](https://github.com/voxpupuli/puppet-rabbitmq/issues/961) + +## [v13.1.2](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.1.2) (2023-11-06) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.1.1...v13.1.2) + +**Fixed bugs:** + +- Bugfix: Fix parsing issue for queue policies targeted at quorum queues [\#958](https://github.com/voxpupuli/puppet-rabbitmq/pull/958) ([jimmybigcommerce](https://github.com/jimmybigcommerce)) + +## [v13.1.1](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.1.1) (2023-11-01) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.1.0...v13.1.1) + +**Fixed bugs:** + +- Treat `initial-cluster-size` option in policy as an integer [\#950](https://github.com/voxpupuli/puppet-rabbitmq/pull/950) ([jimmybigcommerce](https://github.com/jimmybigcommerce)) + +## [v13.1.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.1.0) (2023-10-30) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v13.0.0...v13.1.0) + +**Implemented enhancements:** + +- Add additional applyto options for policies [\#948](https://github.com/voxpupuli/puppet-rabbitmq/pull/948) ([wyardley](https://github.com/wyardley)) +- Add Puppet 8 support [\#938](https://github.com/voxpupuli/puppet-rabbitmq/pull/938) ([bastelfreak](https://github.com/bastelfreak)) + +**Fixed bugs:** + +- fix purge rabbitmq\_parameter [\#945](https://github.com/voxpupuli/puppet-rabbitmq/pull/945) ([fatpat](https://github.com/fatpat)) + +## [v13.0.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v13.0.0) (2023-05-13) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v12.1.0...v13.0.0) + +**Breaking changes:** + +- BREAKING: Drop official Archlinux support [\#933](https://github.com/voxpupuli/puppet-rabbitmq/pull/933) ([wyardley](https://github.com/wyardley)) +- Remove support for Debian 9 and Ubuntu 16.04; Add Debian 10 support [\#928](https://github.com/voxpupuli/puppet-rabbitmq/pull/928) ([wyardley](https://github.com/wyardley)) +- Drop Puppet 6 support [\#927](https://github.com/voxpupuli/puppet-rabbitmq/pull/927) ([bastelfreak](https://github.com/bastelfreak)) + +**Implemented enhancements:** + +- Support FreeBSD 12 and 13 [\#932](https://github.com/voxpupuli/puppet-rabbitmq/pull/932) ([wyardley](https://github.com/wyardley)) +- Remove deprecated `Stdlib::Compat` [\#931](https://github.com/voxpupuli/puppet-rabbitmq/pull/931) ([wyardley](https://github.com/wyardley)) +- cluster: add local\_node settings [\#923](https://github.com/voxpupuli/puppet-rabbitmq/pull/923) ([fatpat](https://github.com/fatpat)) + +**Fixed bugs:** + +- Idempotency issue with implicitly enabled plugins [\#930](https://github.com/voxpupuli/puppet-rabbitmq/issues/930) +- Fix detection of management\_ip\_address for rabbitmqadmin [\#924](https://github.com/voxpupuli/puppet-rabbitmq/pull/924) ([kajinamit](https://github.com/kajinamit)) + +**Closed issues:** + +- Compatibility with puppet-systemd [\#898](https://github.com/voxpupuli/puppet-rabbitmq/issues/898) +- Add support for debian 10 [\#887](https://github.com/voxpupuli/puppet-rabbitmq/issues/887) + +**Merged pull requests:** + +- Remove testing workarounds from Puppet \< 6 [\#929](https://github.com/voxpupuli/puppet-rabbitmq/pull/929) ([wyardley](https://github.com/wyardley)) + +## [v12.1.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v12.1.0) (2023-02-11) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v12.0.2...v12.1.0) + +**Implemented enhancements:** + +- bump puppet/systemd to \< 5.0.0 [\#919](https://github.com/voxpupuli/puppet-rabbitmq/pull/919) ([jhoblitt](https://github.com/jhoblitt)) +- Enable usage of custom list of plugins when using static config file [\#917](https://github.com/voxpupuli/puppet-rabbitmq/pull/917) ([enothen](https://github.com/enothen)) + +**Closed issues:** + +- rabbitmq clustering status needs manual intervention if cluster partners aren't reachable at time of creation [\#130](https://github.com/voxpupuli/puppet-rabbitmq/issues/130) + +**Merged pull requests:** + +- docs: fix minor grammar & typo [\#921](https://github.com/voxpupuli/puppet-rabbitmq/pull/921) ([MindTooth](https://github.com/MindTooth)) + +## [v12.0.2](https://github.com/voxpupuli/puppet-rabbitmq/tree/v12.0.2) (2022-08-13) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v12.0.1...v12.0.2) + +**Fixed bugs:** + +- rabbitmq\_plugin not working properly with RabbitMQ 3.10.x [\#909](https://github.com/voxpupuli/puppet-rabbitmq/issues/909) + +**Merged pull requests:** + +- Make rabbitmq\_plugin resource functional on RabbitMQ 3.10.x [\#912](https://github.com/voxpupuli/puppet-rabbitmq/pull/912) ([kvisle](https://github.com/kvisle)) +- Update tests for rabbitmqctl version parsing [\#911](https://github.com/voxpupuli/puppet-rabbitmq/pull/911) ([wyardley](https://github.com/wyardley)) + +## [v12.0.1](https://github.com/voxpupuli/puppet-rabbitmq/tree/v12.0.1) (2022-06-17) + +[Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v12.0.0...v12.0.1) + +**Fixed bugs:** + +- Fixing Yum repo [\#907](https://github.com/voxpupuli/puppet-rabbitmq/pull/907) ([bishopbm1](https://github.com/bishopbm1)) +- Use default install method on Archlinux [\#905](https://github.com/voxpupuli/puppet-rabbitmq/pull/905) ([wyardley](https://github.com/wyardley)) + ## [v12.0.0](https://github.com/voxpupuli/puppet-rabbitmq/tree/v12.0.0) (2022-03-28) [Full Changelog](https://github.com/voxpupuli/puppet-rabbitmq/compare/v11.1.0...v12.0.0) @@ -187,7 +434,7 @@ Debian 8 is EOL since some months now. Release 10.2.0 will be the last one with - Add a custom fact for rabbitmq's plugins folder. [\#778](https://github.com/voxpupuli/puppet-rabbitmq/pull/778) ([TomRitserveldt](https://github.com/TomRitserveldt)) - Add support for enabled plugins config using enabled\_plugins file [\#777](https://github.com/voxpupuli/puppet-rabbitmq/pull/777) ([hjensas](https://github.com/hjensas)) - Allow Array values in rabbitmq\_parameter [\#774](https://github.com/voxpupuli/puppet-rabbitmq/pull/774) ([vStone](https://github.com/vStone)) -- Add optional variables for SSL management-console [\#648](https://github.com/voxpupuli/puppet-rabbitmq/pull/648) ([Slm0n87](https://github.com/Slm0n87)) +- Add optional variables for SSL management-console [\#648](https://github.com/voxpupuli/puppet-rabbitmq/pull/648) ([slm0n87](https://github.com/slm0n87)) **Fixed bugs:** @@ -204,7 +451,7 @@ Debian 8 is EOL since some months now. Release 10.2.0 will be the last one with **Merged pull requests:** - docs: Updates autocluster plugin link [\#809](https://github.com/voxpupuli/puppet-rabbitmq/pull/809) ([wyardley](https://github.com/wyardley)) -- Update link to rabbitmq-autocluster [\#808](https://github.com/voxpupuli/puppet-rabbitmq/pull/808) ([makmarius](https://github.com/makmarius)) +- Update link to rabbitmq-autocluster [\#808](https://github.com/voxpupuli/puppet-rabbitmq/pull/808) ([ghost](https://github.com/ghost)) - Allow `puppetlabs/stdlib` 6.x and `puppet/archive` 4.x [\#803](https://github.com/voxpupuli/puppet-rabbitmq/pull/803) ([alexjfisher](https://github.com/alexjfisher)) - Remove unused curl\_prefix variable [\#800](https://github.com/voxpupuli/puppet-rabbitmq/pull/800) ([mbaldessari](https://github.com/mbaldessari)) - Use data-in-modules instead of params.pp [\#797](https://github.com/voxpupuli/puppet-rabbitmq/pull/797) ([dhoppe](https://github.com/dhoppe)) @@ -533,7 +780,7 @@ Debian 8 is EOL since some months now. Release 10.2.0 will be the last one with - \[Bugfix\] convert $ssl\_depth from string to integer [\#539](https://github.com/voxpupuli/puppet-rabbitmq/pull/539) ([bastelfreak](https://github.com/bastelfreak)) - Extend rabbitmqadmin config template with SSL options. [\#526](https://github.com/voxpupuli/puppet-rabbitmq/pull/526) ([justahero](https://github.com/justahero)) - \[MODULES-4223\] don't set NODE\_PORT and NODE\_IP\_ADDRESS if ssl\_only [\#524](https://github.com/voxpupuli/puppet-rabbitmq/pull/524) ([JAORMX](https://github.com/JAORMX)) -- \[MODULES-3733\] rabbitmq provider env\_path does not locate ruby gem installed puppet binary [\#517](https://github.com/voxpupuli/puppet-rabbitmq/pull/517) ([lowstorage](https://github.com/lowstorage)) +- \[MODULES-3733\] rabbitmq provider env\_path does not locate ruby gem installed puppet binary [\#517](https://github.com/voxpupuli/puppet-rabbitmq/pull/517) ([totalcharge](https://github.com/totalcharge)) **Closed issues:** diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 8dd82d636..000000000 --- a/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# MANAGED BY MODULESYNC -# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ - -FROM ruby:2.7 - -WORKDIR /opt/puppet - -# https://github.com/puppetlabs/puppet/blob/06ad255754a38f22fb3a22c7c4f1e2ce453d01cb/lib/puppet/provider/service/runit.rb#L39 -RUN mkdir -p /etc/sv - -ARG PUPPET_GEM_VERSION="~> 6.0" -ARG PARALLEL_TEST_PROCESSORS=4 - -# Cache gems -COPY Gemfile . -RUN bundle install --without system_tests development release --path=${BUNDLE_PATH:-vendor/bundle} - -COPY . . - -RUN bundle install -RUN bundle exec rake release_checks - -# Container should not saved -RUN exit 1 diff --git a/Gemfile b/Gemfile index 225c39694..2ac98f891 100644 --- a/Gemfile +++ b/Gemfile @@ -4,10 +4,10 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' group :test do - gem 'voxpupuli-test', '~> 5.0', :require => false + gem 'voxpupuli-test', '~> 9.0', :require => false gem 'coveralls', :require => false gem 'simplecov-console', :require => false - gem 'puppet_metadata', '~> 1.0', :require => false + gem 'puppet_metadata', '~> 4.0', :require => false end group :development do @@ -16,19 +16,17 @@ group :development do end group :system_tests do - gem 'voxpupuli-acceptance', '~> 1.0', :require => false + gem 'voxpupuli-acceptance', '~> 3.0', :require => false end group :release do - gem 'github_changelog_generator', '>= 1.16.1', :require => false if RUBY_VERSION >= '2.5' - gem 'voxpupuli-release', '>= 1.2.0', :require => false - gem 'puppet-strings', '>= 2.2', :require => false + gem 'voxpupuli-release', '~> 3.0', :require => false end gem 'rake', :require => false gem 'facter', ENV['FACTER_GEM_VERSION'], :require => false, :groups => [:test] -puppetversion = ENV['PUPPET_GEM_VERSION'] || '>= 6.0' +puppetversion = ENV['PUPPET_GEM_VERSION'] || [">= 7.24", "< 9"] gem 'puppet', puppetversion, :require => false, :groups => [:test] # vim: syntax=ruby diff --git a/README.md b/README.md index 471ea7c89..76ca572c3 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,7 @@ # rabbitmq [![License](https://img.shields.io/github/license/voxpupuli/puppet-rabbitmq.svg)](https://github.com/voxpupuli/puppet-rabbitmq/blob/master/LICENSE) -[![Build Status](https://travis-ci.org/voxpupuli/puppet-rabbitmq.svg?branch=master)](https://travis-ci.org/voxpupuli/puppet-rabbitmq) -[![Code Coverage](https://coveralls.io/repos/github/voxpupuli/puppet-rabbitmq/badge.svg?branch=master)](https://coveralls.io/github/voxpupuli/puppet-rabbitmq) +[![Build Status](https://github.com/voxpupuli/puppet-rabbitmq/actions/workflows/ci.yml/badge.svg)](https://github.com/voxpupuli/puppet-rabbitmq/actions) [![Puppet Forge](https://img.shields.io/puppetforge/v/puppet/rabbitmq.svg)](https://forge.puppetlabs.com/puppet/rabbitmq) [![Puppet Forge - downloads](https://img.shields.io/puppetforge/dt/puppet/rabbitmq.svg)](https://forge.puppetlabs.com/puppet/rabbitmq) [![Puppet Forge - endorsement](https://img.shields.io/puppetforge/e/puppet/rabbitmq.svg)](https://forge.puppetlabs.com/puppet/rabbitmq) @@ -50,6 +49,10 @@ These are now documented via [Puppet Strings](https://github.com/puppetlabs/pupp You can view example usage in [REFERENCE](REFERENCE.md). +**[puppet/epel](https://forge.puppet.com/modules/puppet/epel) is a soft dependency. If you're on CentOS 7 and don't want to require it, set `$require_epel` to `false`** + +Version v13.2.0 and older also added an erlang repository on CentOS 7. That isn't used and can be safely removed. + ## Reference See [REFERENCE](REFERENCE.md). diff --git a/REFERENCE.md b/REFERENCE.md index 5415c0acc..f18f86259 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1,15 +1,16 @@ # Reference + ## Table of Contents -**Classes** +### Classes -_Public Classes_ +#### Public Classes * [`rabbitmq`](#rabbitmq): A module to manage RabbitMQ -_Private Classes_ +#### Private Classes * `rabbitmq::config`: Sets all the configuration values for RabbitMQ and creates the directories for config and ssl. * `rabbitmq::install`: Ensures that rabbitmq-server exists @@ -19,7 +20,7 @@ _Private Classes_ * `rabbitmq::repo::rhel`: Makes sure that the Packagecloud repo is installed * `rabbitmq::service`: This class manages the rabbitmq server service itself. -**Resource types** +### Resource types * [`rabbitmq_binding`](#rabbitmq_binding): Native type for managing rabbitmq bindings rabbitmq_binding { 'binding 1': ensure => present, source => 'myexchange' * [`rabbitmq_cluster`](#rabbitmq_cluster): Native type for managing rabbitmq cluster @@ -35,7 +36,7 @@ _Private Classes_ ## Classes -### rabbitmq +### `rabbitmq` A module to manage RabbitMQ @@ -74,6 +75,23 @@ class { 'rabbitmq': } ``` +##### Offline installation from local mirror: + +```puppet +class { 'rabbitmq': + key_content => template('openstack/rabbit.pub.key'), + repo_gpg_key => '/tmp/rabbit.pub.key', +} +``` + +##### Use external package key source for any (apt/rpm) package provider: + +```puppet +class { 'rabbitmq': + repo_gpg_key => 'http://www.some_site.some_domain/some_key.pub.key', +} +``` + ##### To use RabbitMQ Environment Variables, use the parameters `environment_variables` e.g.: ```puppet @@ -174,18 +192,133 @@ class { 'rabbitmq': #### Parameters -The following parameters are available in the `rabbitmq` class. - -##### `admin_enable` +The following parameters are available in the `rabbitmq` class: + +* [`admin_enable`](#-rabbitmq--admin_enable) +* [`management_enable`](#-rabbitmq--management_enable) +* [`use_config_file_for_plugins`](#-rabbitmq--use_config_file_for_plugins) +* [`plugins`](#-rabbitmq--plugins) +* [`auth_backends`](#-rabbitmq--auth_backends) +* [`cluster`](#-rabbitmq--cluster) +* [`cluster_node_type`](#-rabbitmq--cluster_node_type) +* [`cluster_nodes`](#-rabbitmq--cluster_nodes) +* [`cluster_partition_handling`](#-rabbitmq--cluster_partition_handling) +* [`collect_statistics_interval`](#-rabbitmq--collect_statistics_interval) +* [`config`](#-rabbitmq--config) +* [`config_additional_variables`](#-rabbitmq--config_additional_variables) +* [`config_cluster`](#-rabbitmq--config_cluster) +* [`config_cowboy_opts`](#-rabbitmq--config_cowboy_opts) +* [`config_kernel_variables`](#-rabbitmq--config_kernel_variables) +* [`config_path`](#-rabbitmq--config_path) +* [`config_ranch`](#-rabbitmq--config_ranch) +* [`config_management_variables`](#-rabbitmq--config_management_variables) +* [`config_stomp`](#-rabbitmq--config_stomp) +* [`config_shovel`](#-rabbitmq--config_shovel) +* [`config_shovel_statics`](#-rabbitmq--config_shovel_statics) +* [`config_variables`](#-rabbitmq--config_variables) +* [`default_user`](#-rabbitmq--default_user) +* [`default_pass`](#-rabbitmq--default_pass) +* [`delete_guest_user`](#-rabbitmq--delete_guest_user) +* [`enable_centos_release`](#-rabbitmq--enable_centos_release) +* [`env_config`](#-rabbitmq--env_config) +* [`env_config_path`](#-rabbitmq--env_config_path) +* [`environment_variables`](#-rabbitmq--environment_variables) +* [`erlang_cookie`](#-rabbitmq--erlang_cookie) +* [`file_limit`](#-rabbitmq--file_limit) +* [`oom_score_adj`](#-rabbitmq--oom_score_adj) +* [`heartbeat`](#-rabbitmq--heartbeat) +* [`inetrc_config`](#-rabbitmq--inetrc_config) +* [`inetrc_config_path`](#-rabbitmq--inetrc_config_path) +* [`ipv6`](#-rabbitmq--ipv6) +* [`interface`](#-rabbitmq--interface) +* [`key_content`](#-rabbitmq--key_content) +* [`ldap_auth`](#-rabbitmq--ldap_auth) +* [`ldap_server`](#-rabbitmq--ldap_server) +* [`ldap_user_dn_pattern`](#-rabbitmq--ldap_user_dn_pattern) +* [`ldap_other_bind`](#-rabbitmq--ldap_other_bind) +* [`ldap_config_variables`](#-rabbitmq--ldap_config_variables) +* [`ldap_use_ssl`](#-rabbitmq--ldap_use_ssl) +* [`ldap_port`](#-rabbitmq--ldap_port) +* [`ldap_log`](#-rabbitmq--ldap_log) +* [`manage_python`](#-rabbitmq--manage_python) +* [`management_hostname`](#-rabbitmq--management_hostname) +* [`management_port`](#-rabbitmq--management_port) +* [`management_ip_address`](#-rabbitmq--management_ip_address) +* [`management_ssl`](#-rabbitmq--management_ssl) +* [`node_ip_address`](#-rabbitmq--node_ip_address) +* [`package_apt_pin`](#-rabbitmq--package_apt_pin) +* [`package_ensure`](#-rabbitmq--package_ensure) +* [`package_gpg_key`](#-rabbitmq--package_gpg_key) +* [`package_source`](#-rabbitmq--package_source) +* [`package_provider`](#-rabbitmq--package_provider) +* [`repo_gpg_key`](#-rabbitmq--repo_gpg_key) +* [`package_name`](#-rabbitmq--package_name) +* [`port`](#-rabbitmq--port) +* [`python_package`](#-rabbitmq--python_package) +* [`quorum_membership_reconciliation_enabled`](#-rabbitmq--quorum_membership_reconciliation_enabled) +* [`quorum_membership_reconciliation_auto_remove`](#-rabbitmq--quorum_membership_reconciliation_auto_remove) +* [`quorum_membership_reconciliation_interval`](#-rabbitmq--quorum_membership_reconciliation_interval) +* [`quorum_membership_reconciliation_trigger_interval`](#-rabbitmq--quorum_membership_reconciliation_trigger_interval) +* [`quorum_membership_reconciliation_target_group_size`](#-rabbitmq--quorum_membership_reconciliation_target_group_size) +* [`repos_ensure`](#-rabbitmq--repos_ensure) +* [`service_ensure`](#-rabbitmq--service_ensure) +* [`service_manage`](#-rabbitmq--service_manage) +* [`service_name`](#-rabbitmq--service_name) +* [`service_restart`](#-rabbitmq--service_restart) +* [`ssl`](#-rabbitmq--ssl) +* [`ssl_cacert`](#-rabbitmq--ssl_cacert) +* [`ssl_cert`](#-rabbitmq--ssl_cert) +* [`ssl_cert_password`](#-rabbitmq--ssl_cert_password) +* [`ssl_client_renegotiation`](#-rabbitmq--ssl_client_renegotiation) +* [`ssl_depth`](#-rabbitmq--ssl_depth) +* [`ssl_dhfile`](#-rabbitmq--ssl_dhfile) +* [`ssl_erl_dist`](#-rabbitmq--ssl_erl_dist) +* [`ssl_honor_cipher_order`](#-rabbitmq--ssl_honor_cipher_order) +* [`ssl_interface`](#-rabbitmq--ssl_interface) +* [`ssl_key`](#-rabbitmq--ssl_key) +* [`ssl_only`](#-rabbitmq--ssl_only) +* [`ssl_management_port`](#-rabbitmq--ssl_management_port) +* [`ssl_management_cacert`](#-rabbitmq--ssl_management_cacert) +* [`ssl_management_cert`](#-rabbitmq--ssl_management_cert) +* [`ssl_management_key`](#-rabbitmq--ssl_management_key) +* [`ssl_management_fail_if_no_peer_cert`](#-rabbitmq--ssl_management_fail_if_no_peer_cert) +* [`ssl_port`](#-rabbitmq--ssl_port) +* [`ssl_reuse_sessions`](#-rabbitmq--ssl_reuse_sessions) +* [`ssl_secure_renegotiate`](#-rabbitmq--ssl_secure_renegotiate) +* [`ssl_stomp_port`](#-rabbitmq--ssl_stomp_port) +* [`ssl_verify`](#-rabbitmq--ssl_verify) +* [`ssl_fail_if_no_peer_cert`](#-rabbitmq--ssl_fail_if_no_peer_cert) +* [`ssl_management_verify`](#-rabbitmq--ssl_management_verify) +* [`ssl_versions`](#-rabbitmq--ssl_versions) +* [`ssl_ciphers`](#-rabbitmq--ssl_ciphers) +* [`ssl_crl_check`](#-rabbitmq--ssl_crl_check) +* [`ssl_crl_cache_hash_dir`](#-rabbitmq--ssl_crl_cache_hash_dir) +* [`ssl_crl_cache_http_timeout`](#-rabbitmq--ssl_crl_cache_http_timeout) +* [`stomp_port`](#-rabbitmq--stomp_port) +* [`stomp_ssl_only`](#-rabbitmq--stomp_ssl_only) +* [`stomp_ensure`](#-rabbitmq--stomp_ensure) +* [`tcp_backlog`](#-rabbitmq--tcp_backlog) +* [`tcp_keepalive`](#-rabbitmq--tcp_keepalive) +* [`tcp_recbuf`](#-rabbitmq--tcp_recbuf) +* [`tcp_sndbuf`](#-rabbitmq--tcp_sndbuf) +* [`wipe_db_on_cookie_change`](#-rabbitmq--wipe_db_on_cookie_change) +* [`rabbitmq_user`](#-rabbitmq--rabbitmq_user) +* [`rabbitmq_group`](#-rabbitmq--rabbitmq_group) +* [`rabbitmq_home`](#-rabbitmq--rabbitmq_home) +* [`rabbitmqadmin_package`](#-rabbitmq--rabbitmqadmin_package) +* [`archive_options`](#-rabbitmq--archive_options) +* [`loopback_users`](#-rabbitmq--loopback_users) + +##### `admin_enable` Data type: `Boolean` If enabled sets up the management interface/plugin for RabbitMQ. -This also install the rabbitmqadmin command line tool. +This will also install the rabbitmqadmin command line tool. Default value: `true` -##### `management_enable` +##### `management_enable` Data type: `Boolean` @@ -194,7 +327,7 @@ NOTE: This does not install the rabbitmqadmin command line tool. Default value: `false` -##### `use_config_file_for_plugins` +##### `use_config_file_for_plugins` Data type: `Boolean` @@ -203,7 +336,15 @@ replacing the use of the rabbitmqplugins provider to enable plugins. Default value: `false` -##### `auth_backends` +##### `plugins` + +Data type: `Array` + +Additional list of plugins to start, or to add to /etc/rabbitmq/enabled_plugins, if use_config_file_for_plugins is enabled. + +Default value: `[]` + +##### `auth_backends` Data type: `Optional[Array]` @@ -213,39 +354,39 @@ rabbit_auth_backend_ldap]. Default value: `undef` -##### `cluster` +##### `cluster` Data type: `Hash` Join cluster and change name of cluster. -Default value: $rabbitmq::cluster +Default value: `$rabbitmq::cluster` -##### `cluster_node_type` +##### `cluster_node_type` Data type: `Enum['ram', 'disc']` Choose between disc and ram nodes. -Default value: 'disc' +Default value: `'disc'` -##### `cluster_nodes` +##### `cluster_nodes` Data type: `Array` An array of nodes for clustering. -Default value: [] +Default value: `[]` -##### `cluster_partition_handling` +##### `cluster_partition_handling` Data type: `String` Value to set for `cluster_partition_handling` RabbitMQ configuration variable. -Default value: 'ignore' +Default value: `'ignore'` -##### `collect_statistics_interval` +##### `collect_statistics_interval` Data type: `Optional[Integer]` @@ -253,23 +394,23 @@ Set the collect_statistics_interval in rabbitmq.config Default value: `undef` -##### `config` +##### `config` Data type: `String` The file to use as the rabbitmq.config template. -Default value: 'rabbitmq/rabbitmq.config.erb' +Default value: `'rabbitmq/rabbitmq.config.epp'` -##### `config_additional_variables` +##### `config_additional_variables` Data type: `Hash` Additional config variables in rabbitmq.config -Default value: {} +Default value: `{}` -##### `config_cluster` +##### `config_cluster` Data type: `Boolean` @@ -277,23 +418,31 @@ Enable or disable clustering support. Default value: `false` -##### `config_kernel_variables` +##### `config_cowboy_opts` + +Data type: `Hash` + +Hash of additional configs (key / value) for `cowboy_opts` in rabbitmq.config. + +Default value: `{}` + +##### `config_kernel_variables` Data type: `Hash` Hash of Erlang kernel configuration variables to set (see [Variables Configurable in rabbitmq.config](#variables-configurable-in-rabbitmq.config)). -Default value: {} +Default value: `{}` -##### `config_path` +##### `config_path` Data type: `Stdlib::Absolutepath` The path to write the RabbitMQ configuration file to. -Default value: '/etc/rabbitmq/rabbitmq.config' +Default value: `'/etc/rabbitmq/rabbitmq.config'` -##### `config_ranch` +##### `config_ranch` Data type: `Boolean` @@ -301,15 +450,15 @@ When true, suppress config directives needed for older (<3.6) RabbitMQ versions. Default value: `true` -##### `config_management_variables` +##### `config_management_variables` Data type: `Hash` Hash of configuration variables for the [Management Plugin](https://www.rabbitmq.com/management.html). -Default value: {} +Default value: `{}` -##### `config_stomp` +##### `config_stomp` Data type: `Boolean` @@ -317,7 +466,7 @@ Enable or disable stomp. Default value: `false` -##### `config_shovel` +##### `config_shovel` Data type: `Boolean` @@ -325,39 +474,39 @@ Enable or disable shovel. Default value: `false` -##### `config_shovel_statics` +##### `config_shovel_statics` Data type: `Hash` Hash of static shovel configurations -Default value: {} +Default value: `{}` -##### `config_variables` +##### `config_variables` Data type: `Hash` To set config variables in rabbitmq.config -Default value: {} +Default value: `{}` -##### `default_user` +##### `default_user` Data type: `String` Username to set for the `default_user` in rabbitmq.config. -Default value: 'guest' +Default value: `'guest'` -##### `default_pass` +##### `default_pass` Data type: `String` Password to set for the `default_user` in rabbitmq.config. -Default value: 'guest' +Default value: `'guest'` -##### `delete_guest_user` +##### `delete_guest_user` Data type: `Boolean` @@ -365,31 +514,40 @@ Controls whether default guest user is deleted. Default value: `false` -##### `env_config` +##### `enable_centos_release` + +Data type: `Boolean` + +Enable the `centos-release-rabbitmq-38` if set to `true` and if the OS is in the +RedHat family and `repos_ensure` is `false`. Defaults to true on CentOS. + +Default value: `false` + +##### `env_config` Data type: `String` The template file to use for rabbitmq_env.config. -Default value: 'rabbitmq/rabbitmq-env.conf.erb' +Default value: `'rabbitmq/rabbitmq-env.conf.epp'` -##### `env_config_path` +##### `env_config_path` Data type: `Stdlib::Absolutepath` The path to write the rabbitmq_env.config file to. -Default value: '/etc/rabbitmq/rabbitmq-env.conf' +Default value: `'/etc/rabbitmq/rabbitmq-env.conf'` -##### `environment_variables` +##### `environment_variables` Data type: `Hash` RabbitMQ Environment Variables in rabbitmq_env.config -Default value: { 'LC_ALL' => 'en_US.UTF-8' } +Default value: `{ 'LC_ALL' => 'en_US.UTF-8' }` -##### `erlang_cookie` +##### `erlang_cookie` Data type: `Optional[String]` @@ -399,23 +557,23 @@ to 'False' and set 'erlang_cookie'. Default value: `undef` -##### `file_limit` +##### `file_limit` Data type: `Variant[Integer[-1],Enum['unlimited'],Pattern[/^(infinity|\d+(:(infinity|\d+))?)$/]]` -Set rabbitmq file ulimit. Defaults to 16384. Only available on systems with `$::osfamily == 'Debian'` or `$::osfamily == 'RedHat'`. +Set rabbitmq file ulimit. Defaults to 16384. Only available on Linux -Default value: 16384 +Default value: `16384` -##### `oom_score_adj` +##### `oom_score_adj` Data type: `Integer[-1000, 1000]` Set rabbitmq-server process OOM score. Defaults to 0. -Default value: 0 +Default value: `0` -##### `heartbeat` +##### `heartbeat` Data type: `Optional[Integer]` @@ -423,23 +581,23 @@ Set the heartbeat timeout interval, default is unset which uses the builtin serv Default value: `undef` -##### `inetrc_config` +##### `inetrc_config` Data type: `String` Template to use for the inetrc config -Default value: 'rabbitmq/inetrc.erb' +Default value: `'rabbitmq/inetrc.erb'` -##### `inetrc_config_path` +##### `inetrc_config_path` Data type: `Stdlib::Absolutepath` Path of the file to push the inetrc config to. -Default value: '/etc/rabbitmq/inetrc' +Default value: `'/etc/rabbitmq/inetrc'` -##### `ipv6` +##### `ipv6` Data type: `Boolean` @@ -447,7 +605,7 @@ Whether to listen on ipv6 Default value: `false` -##### `interface` +##### `interface` Data type: `Optional[String]` @@ -456,7 +614,7 @@ to `0` will disable heartbeats. Default value: `undef` -##### `key_content` +##### `key_content` Data type: `Optional[String]` @@ -465,7 +623,7 @@ behavior, if enabled. Undefined by default. Default value: `undef` -##### `ldap_auth` +##### `ldap_auth` Data type: `Boolean` @@ -473,15 +631,15 @@ Set to true to enable LDAP auth. Default value: `false` -##### `ldap_server` +##### `ldap_server` Data type: `Variant[String[1],Array[String[1]]]` LDAP server or servers to use for auth. -Default value: 'ldap' +Default value: `'ldap'` -##### `ldap_user_dn_pattern` +##### `ldap_user_dn_pattern` Data type: `Optional[String]` @@ -489,23 +647,23 @@ User DN pattern for LDAP auth. Default value: `undef` -##### `ldap_other_bind` +##### `ldap_other_bind` Data type: `String` How to bind to the LDAP server. Defaults to 'anon'. -Default value: 'anon' +Default value: `'anon'` -##### `ldap_config_variables` +##### `ldap_config_variables` Data type: `Hash` Hash of other LDAP config variables. -Default value: {} +Default value: `{}` -##### `ldap_use_ssl` +##### `ldap_use_ssl` Data type: `Boolean` @@ -513,15 +671,15 @@ Set to true to use SSL for the LDAP server. Default value: `false` -##### `ldap_port` +##### `ldap_port` Data type: `Integer[1, 65535]` Numeric port for LDAP server. -Default value: 389 +Default value: `389` -##### `ldap_log` +##### `ldap_log` Data type: `Boolean` @@ -529,7 +687,7 @@ Set to true to log LDAP auth. Default value: `false` -##### `manage_python` +##### `manage_python` Data type: `Boolean` @@ -538,7 +696,7 @@ installed (for rabbitmqadmin). This will only apply if `admin_enable` and `servi Default value: `true` -##### `management_hostname` +##### `management_hostname` Data type: `Optional[String]` @@ -546,15 +704,15 @@ The hostname for the RabbitMQ management interface. Default value: `undef` -##### `management_port` +##### `management_port` Data type: `Integer[1, 65535]` The port for the RabbitMQ management interface. -Default value: 15672 +Default value: `15672` -##### `management_ip_address` +##### `management_ip_address` Data type: `Optional[String]` @@ -563,7 +721,7 @@ localhost only, or 0.0.0.0 to bind to all interfaces. Default value: `undef` -##### `management_ssl` +##### `management_ssl` Data type: `Boolean` @@ -571,7 +729,7 @@ Enable/Disable SSL for the management port. Has an effect only if ssl => true. Default value: `true` -##### `node_ip_address` +##### `node_ip_address` Data type: `Optional[String]` @@ -580,23 +738,49 @@ to bind to all interfaces. Default value: `undef` -##### `package_apt_pin` +##### `package_apt_pin` -Data type: `Optional[Variant[Numeric, String]]` +Data type: `Optional[Variant[Numeric, String[1]]]` Whether to pin the package to a particular source Default value: `undef` -##### `package_ensure` +##### `package_ensure` Data type: `String` Determines the ensure state of the package. Set to installed by default, but could be changed to latest. -Default value: 'installed' +Default value: `'installed'` -##### `package_gpg_key` +##### `package_gpg_key` + +Data type: `Optional[String]` + +RPM package GPG key to import. Uses source method. Should be a URL for Debian/RedHat OS family, or a file name for +RedHat OS family. Set to https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc +for Debian/RedHat OS Family by default. + +Default value: `undef` + +##### `package_source` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `package_provider` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `repo_gpg_key` Data type: `Optional[String]` @@ -606,50 +790,99 @@ default. Note, that `key_content`, if specified, would override this parameter f Default value: `undef` -##### `package_name` +##### `package_name` Data type: `Variant[String, Array]` Name(s) of the package(s) to install -Default value: 'rabbitmq' +Default value: `'rabbitmq'` -##### `port` +##### `port` Data type: `Integer` The RabbitMQ port. -Default value: 5672 +Default value: `5672` -##### `python_package` +##### `python_package` Data type: `String` Name of the package required by rabbitmqadmin. -Default value: 'python' +Default value: `'python'` + +##### `quorum_membership_reconciliation_enabled` + +Data type: `Optional[Boolean]` + +Enables or disables continuous membership reconciliation. +This REQUIRES RabbitMQ 3.13 or higher to be set to true. More information on this configuration +can be found here: https://www.rabbitmq.com/docs/quorum-queues + +Default value: `undef` + +##### `quorum_membership_reconciliation_auto_remove` + +Data type: `Optional[Boolean]` + +Enables or disables automatic removal of member nodes that are no longer part of the cluster, +but still a member of the quorum queue. +Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. + +Default value: `undef` + +##### `quorum_membership_reconciliation_interval` + +Data type: `Optional[Integer]` + +The default evaluation interval in milliseconds. +Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. + +Default value: `undef` + +##### `quorum_membership_reconciliation_trigger_interval` + +Data type: `Optional[Integer]` + +The reconciliation delay in milliseconds, used when a trigger event occurs, +for example, a node is added or removed from the cluster or an applicable policy changes. +This delay will be applied only once, then the regular interval will be used again. +Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. + +Default value: `undef` + +##### `quorum_membership_reconciliation_target_group_size` + +Data type: `Optional[Integer]` + +Controls the target group size for a quorum queue +Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. -##### `repos_ensure` +Default value: `undef` + +##### `repos_ensure` Data type: `Boolean` Ensure that a repo with the official (and newer) RabbitMQ package is configured, along with its signing key. -Defaults to false (use system packages). This does not ensure that soft dependencies (like EPEL on RHEL systems) are present. -It also does not solve the erlang dependency. See https://www.rabbitmq.com/which-erlang.html for a good breakdown of the -different ways of handling the erlang deps. See also https://github.com/voxpupuli/puppet-rabbitmq/issues/788 +Defaults to false (use system packages). This does not ensure that soft dependencies are present. +It also does not solve the erlang dependency. See https://www.rabbitmq.com/which-erlang.html for a good breakdown of the +different ways of handling the erlang deps. See also https://github.com/voxpupuli/puppet-rabbitmq/issues/788 Default value: `false` -##### `service_ensure` +##### `service_ensure` Data type: `Enum['running', 'stopped']` The state of the service. -Default value: 'running' +Default value: `'running'` -##### `service_manage` +##### `service_manage` Data type: `Boolean` @@ -657,15 +890,15 @@ Determines if the service is managed. Default value: `true` -##### `service_name` +##### `service_name` Data type: `String` The name of the service to manage. -Default value: 'rabbitmq' +Default value: `'rabbitmq'` -##### `service_restart` +##### `service_restart` Data type: `Boolean` @@ -673,7 +906,7 @@ Default defined in param.pp. Whether to restart the service on config change. Default value: `true` -##### `ssl` +##### `ssl` Data type: `Boolean` @@ -681,7 +914,7 @@ Configures the service for using SSL. Default value: `false` -##### `ssl_cacert` +##### `ssl_cacert` Data type: `Optional[Stdlib::Absolutepath]` @@ -689,7 +922,7 @@ CA cert path to use for SSL. Default value: `undef` -##### `ssl_cert` +##### `ssl_cert` Data type: `Optional[Stdlib::Absolutepath]` @@ -697,7 +930,7 @@ Cert to use for SSL. Default value: `undef` -##### `ssl_cert_password` +##### `ssl_cert_password` Data type: `Optional[String]` @@ -705,7 +938,15 @@ Password used when generating CSR. Default value: `undef` -##### `ssl_depth` +##### `ssl_client_renegotiation` + +Data type: `Optional[Boolean]` + +Allow ssl client renegotiation + +Default value: `undef` + +##### `ssl_depth` Data type: `Optional[Integer]` @@ -713,7 +954,7 @@ SSL verification depth. Default value: `undef` -##### `ssl_dhfile` +##### `ssl_dhfile` Data type: `Optional[Stdlib::Absolutepath]` @@ -721,7 +962,7 @@ Use this dhparam file [example: generate with `openssl dhparam -out /etc/rabbitm Default value: `undef` -##### `ssl_erl_dist` +##### `ssl_erl_dist` Data type: `Boolean` @@ -729,7 +970,7 @@ Whether to use the erlang package's SSL (relies on the ssl_erl_path fact) Default value: `false` -##### `ssl_honor_cipher_order` +##### `ssl_honor_cipher_order` Data type: `Boolean` @@ -737,7 +978,7 @@ Force use of server cipher order Default value: `true` -##### `ssl_interface` +##### `ssl_interface` Data type: `Optional[String]` @@ -745,7 +986,7 @@ Interface for SSL listener to bind to Default value: `undef` -##### `ssl_key` +##### `ssl_key` Data type: `Optional[Stdlib::Absolutepath]` @@ -753,7 +994,7 @@ Key to use for SSL. Default value: `undef` -##### `ssl_only` +##### `ssl_only` Data type: `Boolean` @@ -762,47 +1003,55 @@ port => undef Default value: `false` -##### `ssl_management_port` +##### `ssl_management_port` Data type: `Integer[1, 65535]` SSL management port. -Default value: 15671 +Default value: `15671` -##### `ssl_management_cacert` +##### `ssl_management_cacert` Data type: `Optional[Stdlib::Absolutepath]` SSL management cacert. If unset set to ssl_cacert for backwards compatibility. -Default value: $ssl_cacert +Default value: `$ssl_cacert` -##### `ssl_management_cert` +##### `ssl_management_cert` Data type: `Optional[Stdlib::Absolutepath]` SSL management cert. If unset set to ssl_cert for backwards compatibility. -Default value: $ssl_cert +Default value: `$ssl_cert` -##### `ssl_management_key` +##### `ssl_management_key` Data type: `Optional[Stdlib::Absolutepath]` SSL management key. If unset set to ssl_key for backwards compatibility. -Default value: $ssl_key +Default value: `$ssl_key` -##### `ssl_port` +##### `ssl_management_fail_if_no_peer_cert` + +Data type: `Boolean` + + + +Default value: `false` + +##### `ssl_port` Data type: `Integer[1, 65535]` SSL port for RabbitMQ -Default value: 5671 +Default value: `5671` -##### `ssl_reuse_sessions` +##### `ssl_reuse_sessions` Data type: `Boolean` @@ -810,7 +1059,7 @@ Reuse ssl sessions Default value: `true` -##### `ssl_secure_renegotiate` +##### `ssl_secure_renegotiate` Data type: `Boolean` @@ -818,23 +1067,23 @@ Use ssl secure renegotiate Default value: `true` -##### `ssl_stomp_port` +##### `ssl_stomp_port` Data type: `Integer[1, 65535]` SSL stomp port. -Default value: 6164 +Default value: `6164` -##### `ssl_verify` +##### `ssl_verify` Data type: `Enum['verify_none','verify_peer']` rabbitmq.config SSL verify setting. -Default value: 'verify_none' +Default value: `'verify_none'` -##### `ssl_fail_if_no_peer_cert` +##### `ssl_fail_if_no_peer_cert` Data type: `Boolean` @@ -842,15 +1091,15 @@ rabbitmq.config `fail_if_no_peer_cert` setting. Default value: `false` -##### `ssl_management_verify` +##### `ssl_management_verify` Data type: `Enum['verify_none','verify_peer']` rabbitmq.config SSL verify setting for rabbitmq_management. -Default value: 'verify_none' +Default value: `'verify_none'` -##### `ssl_versions` +##### `ssl_versions` Data type: `Optional[Array]` @@ -861,7 +1110,7 @@ POODLE and BEAST attacks. Please see the Default value: `undef` -##### `ssl_ciphers` +##### `ssl_ciphers` Data type: `Array` @@ -871,18 +1120,18 @@ Functionality can be tested with cipherscan or similar tool: https://github.com/ * Erlang style: `['ecdhe_rsa,aes_256_cbc,sha', 'dhe_rsa,aes_256_cbc,sha']` * OpenSSL style: `['ECDHE-RSA-AES256-SHA', 'DHE-RSA-AES256-SHA']` -Default value: [] +Default value: `[]` -##### `ssl_crl_check` +##### `ssl_crl_check` Data type: `Enum['true','false','peer','best_effort']` Perform CRL (Certificate Revocation List) verification Please see the [Erlang SSL](https://erlang.org/doc/man/ssl.html#type-crl_check) module documentation for more information. -Default value: 'false' +Default value: `'false'` -##### `ssl_crl_cache_hash_dir` +##### `ssl_crl_cache_hash_dir` Data type: `Optional[Stdlib::Absolutepath]` @@ -891,7 +1140,7 @@ Please see the [Erlang SSL](https://erlang.org/doc/man/ssl.html#type-crl_cache_o Default value: `undef` -##### `ssl_crl_cache_http_timeout` +##### `ssl_crl_cache_http_timeout` Data type: `Optional[Integer]` @@ -900,15 +1149,15 @@ Please see the [Erlang SSL](https://erlang.org/doc/man/ssl.html#type-crl_cache_o Default value: `undef` -##### `stomp_port` +##### `stomp_port` Data type: `Integer[1, 65535]` The port to use for Stomp. -Default value: 6163 +Default value: `6163` -##### `stomp_ssl_only` +##### `stomp_ssl_only` Data type: `Boolean` @@ -916,7 +1165,7 @@ Configures STOMP to only use SSL. No cleartext STOMP TCP listeners will be creat Default value: `false` -##### `stomp_ensure` +##### `stomp_ensure` Data type: `Boolean` @@ -924,15 +1173,15 @@ Enable to install the stomp plugin. Default value: `false` -##### `tcp_backlog` +##### `tcp_backlog` Data type: `Integer` The size of the backlog on TCP connections. -Default value: 128 +Default value: `128` -##### `tcp_keepalive` +##### `tcp_keepalive` Data type: `Boolean` @@ -940,7 +1189,7 @@ Enable TCP connection keepalive for RabbitMQ service. Default value: `false` -##### `tcp_recbuf` +##### `tcp_recbuf` Data type: `Optional[Integer]` @@ -948,7 +1197,7 @@ Corresponds to recbuf in RabbitMQ `tcp_listen_options` Default value: `undef` -##### `tcp_sndbuf` +##### `tcp_sndbuf` Data type: `Optional[Integer]` @@ -956,7 +1205,7 @@ Integer, corresponds to sndbuf in RabbitMQ `tcp_listen_options` Default value: `undef` -##### `wipe_db_on_cookie_change` +##### `wipe_db_on_cookie_change` Data type: `Boolean` @@ -964,31 +1213,31 @@ Boolean to determine if we should DESTROY AND DELETE the RabbitMQ database. Default value: `false` -##### `rabbitmq_user` +##### `rabbitmq_user` Data type: `String` OS dependent The system user the rabbitmq daemon runs as. -Default value: 'rabbitmq' +Default value: `'rabbitmq'` -##### `rabbitmq_group` +##### `rabbitmq_group` Data type: `String` OS dependent The system group the rabbitmq daemon runs as. -Default value: 'rabbitmq' +Default value: `'rabbitmq'` -##### `rabbitmq_home` +##### `rabbitmq_home` Data type: `Stdlib::Absolutepath` OS dependent The home directory of the rabbitmq deamon. -Default value: '/var/lib/rabbitmq' +Default value: `'/var/lib/rabbitmq'` -##### `rabbitmqadmin_package` +##### `rabbitmqadmin_package` Data type: `Optional[String]` @@ -996,49 +1245,25 @@ OS dependent If undef: install rabbitmqadmin via archive, otherwise via package Default value: `undef` -##### `archive_options` +##### `archive_options` Data type: `Array` Extra options to Archive resource to download rabbitmqadmin file -Default value: [] +Default value: `[]` -##### `loopback_users` +##### `loopback_users` Data type: `Array` This option configures a list of users to allow access via the loopback interfaces -Default value: ['guest'] - -##### `package_source` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `package_provider` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ssl_management_fail_if_no_peer_cert` - -Data type: `Boolean` - - - -Default value: `false` +Default value: `['guest']` ## Resource types -### rabbitmq_binding +### `rabbitmq_binding` Native type for managing rabbitmq bindings @@ -1091,89 +1316,99 @@ rabbitmq_binding { 'myexchange@myqueue@myvhost': The following properties are available in the `rabbitmq_binding` type. -##### `ensure` - -Valid values: present, absent +##### `arguments` -The basic property that the resource should be in. +binding arguments -Default value: present +Default value: `{}` -##### `source` +##### `destination` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` namevar -source of binding - -##### `destination` +destination of binding -Valid values: %r{^\S+$} +##### `destination_type` -namevar +Valid values: `%r{queue|exchange}` -destination of binding +binding destination_type -##### `vhost` +Default value: `queue` -Valid values: %r{^\S+$} +##### `ensure` -namevar +Valid values: `present`, `absent` -vhost +Whether the resource should be present or absent -Default value: / +Default value: `present` ##### `routing_key` -Valid values: %r{^\S*$} +Valid values: `%r{^\S*$}` namevar binding routing_key -##### `destination_type` +##### `source` -Valid values: %r{queue|exchange} +Valid values: `%r{^\S+$}` -binding destination_type +namevar -Default value: queue +source of binding -##### `arguments` +##### `vhost` -binding arguments +Valid values: `%r{^\S+$}` -Default value: {} +namevar + +vhost + +Default value: `/` #### Parameters The following parameters are available in the `rabbitmq_binding` type. -##### `name` +* [`name`](#-rabbitmq_binding--name) +* [`password`](#-rabbitmq_binding--password) +* [`provider`](#-rabbitmq_binding--provider) +* [`user`](#-rabbitmq_binding--user) + +##### `name` namevar resource name, either source@destination@vhost or arbitrary name with params -##### `user` +##### `password` -Valid values: %r{^\S+$} +Valid values: `%r{\S+}` -The user to use to connect to rabbitmq +The password to use to connect to rabbitmq -Default value: guest +Default value: `guest` -##### `password` +##### `provider` -Valid values: %r{\S+} +The specific backend to use for this `rabbitmq_binding` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. -The password to use to connect to rabbitmq +##### `user` + +Valid values: `%r{^\S+$}` -Default value: guest +The user to use to connect to rabbitmq + +Default value: `guest` -### rabbitmq_cluster +### `rabbitmq_cluster` Native type for managing rabbitmq cluster @@ -1203,35 +1438,52 @@ The following properties are available in the `rabbitmq_cluster` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` -The basic property that the resource should be in. +Whether the resource should be present or absent -Default value: present +Default value: `present` #### Parameters The following parameters are available in the `rabbitmq_cluster` type. -##### `name` +* [`init_node`](#-rabbitmq_cluster--init_node) +* [`local_node`](#-rabbitmq_cluster--local_node) +* [`name`](#-rabbitmq_cluster--name) +* [`node_disc_type`](#-rabbitmq_cluster--node_disc_type) +* [`provider`](#-rabbitmq_cluster--provider) + +##### `init_node` + +Name of which cluster node to join. + +##### `local_node` + +Name of the local node + +Default value: `undef` + +##### `name` namevar The cluster name -##### `init_node` +##### `node_disc_type` -Name of which cluster node to join. +Valid values: `%r{disc|ram}` -##### `node_disc_type` +Storage type of node, default disc. -Valid values: %r{disc|ram} +Default value: `disc` -Storage type of node, default disc. +##### `provider` -Default value: disc +The specific backend to use for this `rabbitmq_cluster` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. -### rabbitmq_erlang_cookie +### `rabbitmq_erlang_cookie` Type to manage the rabbitmq erlang cookie securely @@ -1249,7 +1501,7 @@ The following properties are available in the `rabbitmq_erlang_cookie` type. ##### `content` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` Content of cookie @@ -1257,43 +1509,56 @@ Content of cookie The following parameters are available in the `rabbitmq_erlang_cookie` type. -##### `path` - +* [`force`](#-rabbitmq_erlang_cookie--force) +* [`path`](#-rabbitmq_erlang_cookie--path) +* [`provider`](#-rabbitmq_erlang_cookie--provider) +* [`rabbitmq_group`](#-rabbitmq_erlang_cookie--rabbitmq_group) +* [`rabbitmq_home`](#-rabbitmq_erlang_cookie--rabbitmq_home) +* [`rabbitmq_user`](#-rabbitmq_erlang_cookie--rabbitmq_user) +* [`service_name`](#-rabbitmq_erlang_cookie--service_name) - -##### `force` +##### `force` Valid values: `true`, `false` - +Force parameter Default value: `false` -##### `rabbitmq_user` +##### `path` +Path of the erlang cookie +##### `provider` -Default value: rabbitmq +The specific backend to use for this `rabbitmq_erlang_cookie` resource. You will seldom need to specify this --- Puppet +will usually discover the appropriate provider for your platform. -##### `rabbitmq_group` +##### `rabbitmq_group` +Rabbitmq Group +Default value: `rabbitmq` -Default value: rabbitmq +##### `rabbitmq_home` -##### `rabbitmq_home` +Path to the rabbitmq home directory +Default value: `/var/lib/rabbitmq` +##### `rabbitmq_user` -Default value: /var/lib/rabbitmq +Rabbitmq User -##### `service_name` +Default value: `rabbitmq` -Valid values: %r{^\S+$} +##### `service_name` +Valid values: `%r{^\S+$}` +Name of the service -### rabbitmq_exchange +### `rabbitmq_exchange` Native type for managing rabbitmq exchanges @@ -1322,77 +1587,92 @@ The following properties are available in the `rabbitmq_exchange` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` -The basic property that the resource should be in. +Whether the resource should be present or absent -Default value: present +Default value: `present` #### Parameters The following parameters are available in the `rabbitmq_exchange` type. -##### `name` +* [`arguments`](#-rabbitmq_exchange--arguments) +* [`auto_delete`](#-rabbitmq_exchange--auto_delete) +* [`durable`](#-rabbitmq_exchange--durable) +* [`internal`](#-rabbitmq_exchange--internal) +* [`name`](#-rabbitmq_exchange--name) +* [`password`](#-rabbitmq_exchange--password) +* [`provider`](#-rabbitmq_exchange--provider) +* [`type`](#-rabbitmq_exchange--type) +* [`user`](#-rabbitmq_exchange--user) -Valid values: %r{^\S*@\S+$} +##### `arguments` -namevar +Exchange arguments example: {"hash-header": "message-distribution-hash"} -Name of exchange +Default value: `{}` -##### `type` +##### `auto_delete` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` -Exchange type to be set *on creation* +Exchange auto delete option to be set *on creation* + +Default value: `false` -##### `durable` +##### `durable` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` Exchange durability to be set *on creation* Default value: `false` -##### `auto_delete` +##### `internal` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` -Exchange auto delete option to be set *on creation* +Exchange internal option to be set *on creation* Default value: `false` -##### `internal` +##### `name` -Valid values: %r{^\S+$} +Valid values: `%r{^\S*@\S+$}` -Exchange internal option to be set *on creation* +namevar -Default value: `false` +Name of exchange -##### `arguments` +##### `password` -Exchange arguments example: {"hash-header": "message-distribution-hash"} +Valid values: `%r{\S+}` -Default value: {} +The password to use to connect to rabbitmq -##### `user` +Default value: `guest` -Valid values: %r{^\S+$} +##### `provider` -The user to use to connect to rabbitmq +The specific backend to use for this `rabbitmq_exchange` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. -Default value: guest +##### `type` -##### `password` +Valid values: `%r{^\S+$}` -Valid values: %r{\S+} +Exchange type to be set *on creation* -The password to use to connect to rabbitmq +##### `user` -Default value: guest +Valid values: `%r{^\S+$}` -### rabbitmq_parameter +The user to use to connect to rabbitmq + +Default value: `guest` + +### `rabbitmq_parameter` Type for managing rabbitmq parameters @@ -1435,17 +1715,17 @@ rabbitmq_parameter { 'documentumShovelNoMunging@/': The following properties are available in the `rabbitmq_parameter` type. -##### `ensure` +##### `component_name` -Valid values: present, absent +The component_name to use when setting parameter, eg: shovel or federation -The basic property that the resource should be in. +##### `ensure` -Default value: present +Valid values: `present`, `absent` -##### `component_name` +Whether the resource should be present or absent -The component_name to use when setting parameter, eg: shovel or federation +Default value: `present` ##### `value` @@ -1455,15 +1735,11 @@ A hash of values to use with the component name you are setting The following parameters are available in the `rabbitmq_parameter` type. -##### `name` - -Valid values: %r{^\S+@\S+$} - -namevar - -combination of name@vhost to set parameter for +* [`autoconvert`](#-rabbitmq_parameter--autoconvert) +* [`name`](#-rabbitmq_parameter--name) +* [`provider`](#-rabbitmq_parameter--provider) -##### `autoconvert` +##### `autoconvert` Valid values: `true`, `false` @@ -1471,7 +1747,20 @@ whether numeric strings from `value` should be converted to int automatically Default value: `true` -### rabbitmq_plugin +##### `name` + +Valid values: `%r{^\S+@\S+$}` + +namevar + +combination of name@vhost to set parameter for + +##### `provider` + +The specific backend to use for this `rabbitmq_parameter` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `rabbitmq_plugin` manages rabbitmq plugins @@ -1506,39 +1795,49 @@ The following properties are available in the `rabbitmq_plugin` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` -The basic property that the resource should be in. +Whether the resource should be present or absent -Default value: present +Default value: `present` #### Parameters The following parameters are available in the `rabbitmq_plugin` type. -##### `name` +* [`mode`](#-rabbitmq_plugin--mode) +* [`name`](#-rabbitmq_plugin--name) +* [`provider`](#-rabbitmq_plugin--provider) +* [`umask`](#-rabbitmq_plugin--umask) -Valid values: %r{^\S+$} +##### `mode` -namevar +Valid values: `online`, `offline`, `best` -The name of the plugin to enable +Define how the plugin should be enabled regarding node status. -##### `mode` +Default value: `best` -Valid values: online, offline, best +##### `name` -Define how the plugin should be enabled regarding node status. +Valid values: `%r{^\S+$}` -Default value: best +namevar -##### `umask` +The name of the plugin to enable + +##### `provider` + +The specific backend to use for this `rabbitmq_plugin` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +##### `umask` Sets the octal umask to be used while creating this resource -Default value: 0022 +Default value: `0022` -### rabbitmq_policy +### `rabbitmq_policy` Type for managing rabbitmq policies @@ -1562,51 +1861,59 @@ rabbitmq_policy { 'ha-all@myvhost': The following properties are available in the `rabbitmq_policy` type. -##### `ensure` +##### `applyto` -Valid values: present, absent +Valid values: `all`, `classic_queues`, `exchanges`, `queues`, `quorum_queues`, `streams` -The basic property that the resource should be in. +policy apply to -Default value: present +Default value: `all` -##### `pattern` +##### `definition` -policy pattern +policy definition -##### `applyto` +##### `ensure` -Valid values: all, exchanges, queues +Valid values: `present`, `absent` -policy apply to +Whether the resource should be present or absent -Default value: all +Default value: `present` -##### `definition` +##### `pattern` -policy definition +policy pattern ##### `priority` -Valid values: %r{^\d+$} +Valid values: `%r{^\d+$}` policy priority -Default value: 0 +Default value: `0` #### Parameters The following parameters are available in the `rabbitmq_policy` type. -##### `name` +* [`name`](#-rabbitmq_policy--name) +* [`provider`](#-rabbitmq_policy--provider) -Valid values: %r{^\S+@\S+$} +##### `name` + +Valid values: `%r{^\S+@\S+$}` namevar combination of policy@vhost to create policy for -### rabbitmq_queue +##### `provider` + +The specific backend to use for this `rabbitmq_policy` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `rabbitmq_queue` Native type for managing rabbitmq queue @@ -1634,63 +1941,76 @@ The following properties are available in the `rabbitmq_queue` type. ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` -The basic property that the resource should be in. +Whether the resource should be present or absent -Default value: present +Default value: `present` #### Parameters The following parameters are available in the `rabbitmq_queue` type. -##### `name` +* [`arguments`](#-rabbitmq_queue--arguments) +* [`auto_delete`](#-rabbitmq_queue--auto_delete) +* [`durable`](#-rabbitmq_queue--durable) +* [`name`](#-rabbitmq_queue--name) +* [`password`](#-rabbitmq_queue--password) +* [`provider`](#-rabbitmq_queue--provider) +* [`user`](#-rabbitmq_queue--user) -Valid values: %r{^\S*@\S+$} +##### `arguments` -namevar +Queue arguments example: {x-message-ttl => 60, x-expires => 10} -Name of queue +Default value: `{}` -##### `durable` +##### `auto_delete` -Valid values: %r{true|false} +Valid values: `%r{true|false}` + +Queue will be auto deleted + +Default value: `false` + +##### `durable` + +Valid values: `%r{true|false}` Queue is durable Default value: `true` -##### `auto_delete` - -Valid values: %r{true|false} +##### `name` -Queue will be auto deleted +Valid values: `%r{^\S*@\S+$}` -Default value: `false` +namevar -##### `arguments` +Name of queue -Queue arguments example: {x-message-ttl => 60, x-expires => 10} +##### `password` -Default value: {} +Valid values: `%r{\S+}` -##### `user` +The password to use to connect to rabbitmq -Valid values: %r{^\S+$} +Default value: `guest` -The user to use to connect to rabbitmq +##### `provider` -Default value: guest +The specific backend to use for this `rabbitmq_queue` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. -##### `password` +##### `user` -Valid values: %r{\S+} +Valid values: `%r{^\S+$}` -The password to use to connect to rabbitmq +The user to use to connect to rabbitmq -Default value: guest +Default value: `guest` -### rabbitmq_user +### `rabbitmq_user` Native type for managing rabbitmq users @@ -1726,45 +2046,53 @@ rabbitmq_user { 'dan': The following properties are available in the `rabbitmq_user` type. -##### `ensure` +##### `admin` -Valid values: present, absent +Valid values: `%r{true|false}` -The basic property that the resource should be in. +whether or not user should be an admin -Default value: present +Default value: `false` -##### `password` +##### `ensure` -User password to be set *on creation* and validated each run +Valid values: `present`, `absent` -##### `admin` +Whether the resource should be present or absent -Valid values: %r{true|false} +Default value: `present` -whether or not user should be an admin +##### `password` -Default value: false +User password to be set *on creation* and validated each run ##### `tags` additional tags for the user -Default value: [] +Default value: `[]` #### Parameters The following parameters are available in the `rabbitmq_user` type. -##### `name` +* [`name`](#-rabbitmq_user--name) +* [`provider`](#-rabbitmq_user--provider) + +##### `name` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` namevar Name of user -### rabbitmq_user_permissions +##### `provider` + +The specific backend to use for this `rabbitmq_user` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### `rabbitmq_user_permissions` Type for managing rabbitmq user permissions @@ -1784,17 +2112,17 @@ rabbitmq_user_permissions { 'dan@myvhost': The following properties are available in the `rabbitmq_user_permissions` type. -##### `ensure` +##### `configure_permission` -Valid values: present, absent +regexp representing configuration permissions -The basic property that the resource should be in. +##### `ensure` -Default value: present +Valid values: `present`, `absent` -##### `configure_permission` +Whether the resource should be present or absent -regexp representing configuration permissions +Default value: `present` ##### `read_permission` @@ -1808,15 +2136,23 @@ regexp representing write permissions The following parameters are available in the `rabbitmq_user_permissions` type. -##### `name` +* [`name`](#-rabbitmq_user_permissions--name) +* [`provider`](#-rabbitmq_user_permissions--provider) + +##### `name` -Valid values: %r{^\S+@\S+$} +Valid values: `%r{^\S+@\S+$}` namevar combination of user@vhost to grant privileges to -### rabbitmq_vhost +##### `provider` + +The specific backend to use for this `rabbitmq_user_permissions` resource. You will seldom need to specify this --- +Puppet will usually discover the appropriate provider for your platform. + +### `rabbitmq_vhost` Native type for managing rabbitmq vhosts @@ -1832,7 +2168,10 @@ $ puppet resource rabbitmq_vhost` ```puppet rabbitmq_vhost { 'myvhost': - ensure => present, + ensure => present, + description => 'myvhost description', + tags => ['tag1', 'tag2'], + default_queue_type => 'quorum', } ``` @@ -1840,23 +2179,47 @@ rabbitmq_vhost { 'myvhost': The following properties are available in the `rabbitmq_vhost` type. +##### `default_queue_type` + +Valid values: `classic`, `quorum`, `stream` + +The default queue type for queues in this vhost + +##### `description` + +A description of the vhost + ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` + +Whether the resource should be present or absent -The basic property that the resource should be in. +Default value: `present` + +##### `tags` -Default value: present +additional tags for the vhost + +Default value: `[]` #### Parameters The following parameters are available in the `rabbitmq_vhost` type. -##### `name` +* [`name`](#-rabbitmq_vhost--name) +* [`provider`](#-rabbitmq_vhost--provider) + +##### `name` -Valid values: %r{^\S+$} +Valid values: `%r{^\S+$}` namevar The name of the vhost to add +##### `provider` + +The specific backend to use for this `rabbitmq_vhost` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + diff --git a/Rakefile b/Rakefile index f92f05164..b1bc23c83 100644 --- a/Rakefile +++ b/Rakefile @@ -24,6 +24,10 @@ end begin require 'voxpupuli/release/rake_tasks' rescue LoadError + # voxpupuli-release not present +else + GCGConfig.user = 'voxpupuli' + GCGConfig.project = 'puppet-rabbitmq' end desc "Run main 'test' task and report merged results to coveralls" @@ -37,36 +41,4 @@ task test_with_coveralls: [:test] do end end -desc 'Generate REFERENCE.md' -task :reference, [:debug, :backtrace] do |t, args| - patterns = '' - Rake::Task['strings:generate:reference'].invoke(patterns, args[:debug], args[:backtrace]) -end - -begin - require 'github_changelog_generator/task' - require 'puppet_blacksmith' - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - metadata = Blacksmith::Modulefile.new - config.future_release = "v#{metadata.version}" if metadata.version =~ /^\d+\.\d+.\d+$/ - config.header = "# Changelog\n\nAll notable changes to this project will be documented in this file.\nEach new release typically also includes the latest modulesync defaults.\nThese should not affect the functionality of the module." - config.exclude_labels = %w{duplicate question invalid wontfix wont-fix modulesync skip-changelog} - config.user = 'voxpupuli' - config.project = metadata.metadata['name'] - end - - # Workaround for https://github.com/github-changelog-generator/github-changelog-generator/issues/715 - require 'rbconfig' - if RbConfig::CONFIG['host_os'] =~ /linux/ - task :changelog do - puts 'Fixing line endings...' - changelog_file = File.join(__dir__, 'CHANGELOG.md') - changelog_txt = File.read(changelog_file) - new_contents = changelog_txt.gsub(%r{\r\n}, "\n") - File.open(changelog_file, "w") {|file| file.puts new_contents } - end - end - -rescue LoadError -end # vim: syntax=ruby diff --git a/data/common.yaml b/data/common.yaml index f130e56a4..4803c767c 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -5,7 +5,7 @@ rabbitmq::use_config_file_for_plugins: false rabbitmq::cluster: {} rabbitmq::cluster_node_type: 'disc' rabbitmq::cluster_nodes: [] -rabbitmq::config: 'rabbitmq/rabbitmq.config.erb' +rabbitmq::config: 'rabbitmq/rabbitmq.config.epp' rabbitmq::config_cluster: false rabbitmq::config_path: '/etc/rabbitmq/rabbitmq.config' rabbitmq::config_ranch: true @@ -15,7 +15,7 @@ rabbitmq::config_shovel_statics: {} rabbitmq::default_user: 'guest' rabbitmq::default_pass: 'guest' rabbitmq::delete_guest_user: false -rabbitmq::env_config: 'rabbitmq/rabbitmq-env.conf.erb' +rabbitmq::env_config: 'rabbitmq/rabbitmq-env.conf.epp' rabbitmq::env_config_path: '/etc/rabbitmq/rabbitmq-env.conf' rabbitmq::erlang_cookie: ~ rabbitmq::interface: ~ @@ -27,6 +27,7 @@ rabbitmq::node_ip_address: ~ rabbitmq::package_apt_pin: ~ rabbitmq::package_ensure: 'installed' rabbitmq::package_gpg_key: ~ +rabbitmq::repo_gpg_key: ~ rabbitmq::package_name: 'rabbitmq' rabbitmq::package_source: ~ rabbitmq::package_provider: ~ diff --git a/data/family/Archlinux.yaml b/data/family/Archlinux.yaml index 62f41ffe8..3613ab2bc 100644 --- a/data/family/Archlinux.yaml +++ b/data/family/Archlinux.yaml @@ -1,3 +1,2 @@ --- -rabbitmq::python_package: 'python2' -rabbitmq::rabbitmqadmin_package: 'rabbitmqadmin' +rabbitmq::python_package: 'python' diff --git a/data/family/Debian.yaml b/data/family/Debian.yaml index 77d8d0f03..055c368c7 100644 --- a/data/family/Debian.yaml +++ b/data/family/Debian.yaml @@ -1,4 +1,5 @@ --- +rabbitmq::python_package: 'python3' rabbitmq::package_name: 'rabbitmq-server' rabbitmq::service_name: 'rabbitmq-server' rabbitmq::package_gpg_key: 'https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey' diff --git a/data/family/RedHat.yaml b/data/family/RedHat.yaml index 77d8d0f03..347c23261 100644 --- a/data/family/RedHat.yaml +++ b/data/family/RedHat.yaml @@ -1,4 +1,5 @@ --- rabbitmq::package_name: 'rabbitmq-server' rabbitmq::service_name: 'rabbitmq-server' -rabbitmq::package_gpg_key: 'https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey' +rabbitmq::package_gpg_key: 'https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc' +rabbitmq::repo_gpg_key: 'https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey' \ No newline at end of file diff --git a/data/os/CentOS.yaml b/data/os/CentOS.yaml new file mode 100644 index 000000000..87c18e4a0 --- /dev/null +++ b/data/os/CentOS.yaml @@ -0,0 +1 @@ +rabbitmq::enable_centos_release: true diff --git a/lib/facter/rabbitmq_nodename.rb b/lib/facter/rabbitmq_nodename.rb index 812443cbf..0ab1606a8 100644 --- a/lib/facter/rabbitmq_nodename.rb +++ b/lib/facter/rabbitmq_nodename.rb @@ -5,7 +5,7 @@ if Facter::Util::Resolution.which('rabbitmqctl') rabbitmq_nodename = Facter::Core::Execution.execute('rabbitmqctl status 2>&1') begin - %r{^Status of node '?([\w.\-]+@[\w.\-]+)'?}.match(rabbitmq_nodename)[1] + %r{^Status of node '?([\w.-]+@[\w.-]+)'?}.match(rabbitmq_nodename)[1] rescue StandardError Facter.debug("Error: rabbitmq_nodename facter failed. Output was #{rabbitmq_nodename}") end diff --git a/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb b/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb index 91be82579..8cbe5a860 100644 --- a/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb +++ b/lib/puppet/provider/rabbitmq_binding/rabbitmqadmin.rb @@ -6,6 +6,7 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_binding).provide(:rabbitmqadmin, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqadmin provider for rabbitmq binding' confine feature: :posix # Without this, the composite namevar stuff doesn't work properly. diff --git a/lib/puppet/provider/rabbitmq_cli.rb b/lib/puppet/provider/rabbitmq_cli.rb index 5421ae514..18eb67c7e 100644 --- a/lib/puppet/provider/rabbitmq_cli.rb +++ b/lib/puppet/provider/rabbitmq_cli.rb @@ -54,6 +54,14 @@ def self.rabbitmqctl_list(resource, *opts) ['-q'] end rabbitmqctl("list_#{resource}", *list_opts, *opts) + rescue Puppet::MissingCommand + # rabbitmqctl is not present. Normally we would have installed a package + # that provides rabbitmqctl by now, but if we're running under --noop or + # with a restrictive set of tags, the package may not have been installed. + # Return an empty string to avoid error. This may give false positives for + # resources under --noop! + Puppet.debug('rabbitmqctl command not found; assuming rabbitmq is not installed') + '' end def self.rabbitmq_running diff --git a/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb index a64677e9e..1d529f831 100644 --- a/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_cluster/rabbitmqctl.rb @@ -5,6 +5,7 @@ :rabbitmqctl, parent: Puppet::Provider::RabbitmqCli ) do + desc 'Rabbitmqctl provider for rabbitmq cluster' confine feature: :posix def exists? @@ -15,8 +16,9 @@ def create storage_type = @resource[:node_disc_type].to_s init_node = @resource[:init_node].to_s.gsub(%r{^.*@}, '') + local_node = @resource[:local_node].to_s.gsub(%r{^.*@}, '') - if [Facter.value(:hostname), Facter.value(:fqdn)].include? init_node + if local_node == init_node || [Facter.value(:networking)['hostname'], Facter.value(:networking)['fqdn']].include?(init_node) return rabbitmqctl('set_cluster_name', @resource[:name]) unless cluster_name == resource[:name].to_s else rabbitmqctl('stop_app') diff --git a/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb b/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb index 71637cb1e..b5938ab11 100644 --- a/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb +++ b/lib/puppet/provider/rabbitmq_erlang_cookie/ruby.rb @@ -3,6 +3,7 @@ require 'puppet' require 'set' Puppet::Type.type(:rabbitmq_erlang_cookie).provide(:ruby) do + desc 'Ruby provider for rabbitmq erlang cookie' confine feature: :posix def exists? diff --git a/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb b/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb index 86300e069..c28b01211 100644 --- a/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb +++ b/lib/puppet/provider/rabbitmq_exchange/rabbitmqadmin.rb @@ -3,6 +3,7 @@ require 'puppet' require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_exchange).provide(:rabbitmqadmin, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqadmin provider for rabbitmq exchange' confine feature: :posix def should_vhost diff --git a/lib/puppet/provider/rabbitmq_parameter/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_parameter/rabbitmqctl.rb index 1cb74d508..84621f3d5 100644 --- a/lib/puppet/provider/rabbitmq_parameter/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_parameter/rabbitmqctl.rb @@ -5,6 +5,7 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_parameter).provide(:rabbitmqctl, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqctl provider for rabbitmq parameter' confine feature: :posix mk_resource_methods @@ -69,7 +70,7 @@ def set_parameter key = resource[:name].rpartition('@').first if @property_flush[:ensure] == :absent - rabbitmqctl('clear_parameter', '-p', vhost, resource[:component_name], key) + rabbitmqctl('clear_parameter', '-p', vhost, resource[:component_name] || component_name, key) else rabbitmqctl('set_parameter', '-p', vhost, resource[:component_name], key, resource[:value].to_json) end diff --git a/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb b/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb index af04e91a6..3bfa41d24 100644 --- a/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb +++ b/lib/puppet/provider/rabbitmq_plugin/rabbitmqplugins.rb @@ -4,14 +4,38 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_plugin).provide(:rabbitmqplugins, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqplugins provider for rabbitmq plugin' confine feature: :posix - def self.instances - plugin_list = run_with_retries do - rabbitmqplugins('list', '-E', '-m') + def self.plugin_list + list_str = run_with_retries do + # Pass in -e to list both implicitly and explicitly enabled plugins. + # If you pass in -E instead, then only explicitly enabled plugins are listed. + # Implicitly enabled plugins are those that were enabled as a dependency of another plugin/ + # If we do not pass in -e then the order if plugin installation matters within the puppet + # code. Example, if Plugin A depends on Plugin B and we install Plugin B first it will + # implicitly enable Plugin A. Then when we go to run Puppet a second time without the + # -e parameter, we won't see Plugin A as being enabled so we'll try to install it again. + # To preserve idempotency we should get all enabled plugins regardless of implicitly or + # explicitly enabled. + rabbitmqplugins('list', '-e', '-m') + rescue Puppet::MissingCommand + # See note about Puppet::MissingCommand in: + # lib/puppet/provider/rabbitmq_cli.rb + Puppet.debug('rabbitmqplugins command not found; assuming rabbitmq is not installed') + '' end + # Split by newline. + lines = list_str.split(%r{\n}) + # Return only lines that are single words because sometimes RabbitMQ likes to output + # information messages. Suppressing those messages via CLI flags is inconsistent between + # versions, so this this regex removes those message without having to use painful + # version switches. + lines.grep(%r{^(\S+)$}) + end - plugin_list.split(%r{\n}).map do |line| + def self.instances + plugin_list.map do |line| raise Puppet::Error, "Cannot parse invalid plugins line: #{line}" unless line =~ %r{^(\S+)$} new(name: Regexp.last_match(1)) @@ -35,6 +59,6 @@ def destroy end def exists? - run_with_retries { rabbitmqplugins('list', '-E', '-m') }.split(%r{\n}).include? resource[:name] + self.class.plugin_list.include? resource[:name] end end diff --git a/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb index ffd7b6b07..8e39d46d4 100644 --- a/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_policy/rabbitmqctl.rb @@ -5,6 +5,7 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_policy).provide(:rabbitmqctl, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqctl provider for rabbitmq policy' confine feature: :posix # cache policies @@ -21,7 +22,7 @@ def self.policies(vhost, name) # / ha-all all .* {"ha-mode":"all","ha-sync-mode":"automatic"} 0 << This is for RabbitMQ v < 3.7.0 # / ha-all .* all {"ha-mode":"all","ha-sync-mode":"automatic"} 0 << This is for RabbitMQ v >= 3.7.0 if Puppet::Util::Package.versioncmp(rabbitmq_version, '3.7') >= 0 - regex = %r{^(\S+)\s+(\S+)\s+(\S+)\s+(all|exchanges|queues)?\s+(\S+)\s+(\d+)$} + regex = %r{^(\S+)\s+(\S+)\s+(\S+)\s+(all|exchanges|(?:classic_|quorum_)?queues|streams)?\s+(\S+)\s+(\d+)$} applyto_index = 4 pattern_index = 3 else diff --git a/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb b/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb index 8a4118b51..b24b6e3a3 100644 --- a/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb +++ b/lib/puppet/provider/rabbitmq_queue/rabbitmqadmin.rb @@ -5,6 +5,7 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_queue).provide(:rabbitmqadmin, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqadmin provider for rabbitmq queue' confine feature: :posix def should_vhost diff --git a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb index f0c5efb71..8f624a388 100644 --- a/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_user/rabbitmqctl.rb @@ -5,6 +5,7 @@ :rabbitmqctl, parent: Puppet::Provider::RabbitmqCli ) do + desc 'Rabbitmqctl provider for rabbitmq user' confine feature: :posix def initialize(value = {}) diff --git a/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb index 13abe7e42..baf7ee104 100644 --- a/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb @@ -2,6 +2,7 @@ require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) Puppet::Type.type(:rabbitmq_user_permissions).provide(:rabbitmqctl, parent: Puppet::Provider::RabbitmqCli) do + desc 'Rabbitmqctl provider for rabbitmq user permissions' confine feature: :posix # cache users permissions diff --git a/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb b/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb index 668b9bb47..03807c134 100644 --- a/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb +++ b/lib/puppet/provider/rabbitmq_vhost/rabbitmqctl.rb @@ -1,23 +1,110 @@ # frozen_string_literal: true require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmq_cli')) -Puppet::Type.type(:rabbitmq_vhost).provide(:rabbitmqctl, parent: Puppet::Provider::RabbitmqCli) do +Puppet::Type.type(:rabbitmq_vhost).provide( + :rabbitmqctl, + parent: Puppet::Provider::RabbitmqCli +) do + desc 'Rabbitmqctl provider for rabbitmq vhost' confine feature: :posix - def self.instances - vhost_list = run_with_retries do - rabbitmqctl_list('vhosts') + def self.prefetch(resources) + instances.each do |prov| + if (resource = resources[prov.name]) + resource.provider = prov + end end + end + + # To maintain compatibility with older versions of RabbitMQ, + # we only deal with vhost metadata >= version 3.11.0 + def self.supports_metadata? + Puppet::Util::Package.versioncmp(rabbitmq_version, '3.11') >= 0 + rescue Puppet::MissingCommand + # See comment on the definition of rabbitmqctl_list in rabbitmqctl_cli.rb; + # the same rationale applies here. + Puppet.debug('supports_metadata?: rabbitmqctl command not found; assuming rabbitmq is not installed') + false + end + def supports_metadata? + self.class.supports_metadata? + end + + def self.vhost_list + run_with_retries do + if supports_metadata? + rabbitmqctl_list('vhosts', 'name,description,default_queue_type,tags', '-s') + else + rabbitmqctl_list('vhosts') + end + end + end + + def self.instances vhost_list.split(%r{\n}).map do |line| - raise Puppet::Error, "Cannot parse invalid vhost line: #{line}" unless line =~ %r{^(\S+)$} + if supports_metadata? + raise Puppet::Error, "Cannot parse invalid vhost line: #{line}" unless \ + (matches = line.match(%r{^(\S+)\t+(.*?)\t+(undefined|quorum|classic|stream)?\t+\[(.*?)\]$}i)) - new(name: Regexp.last_match(1)) + name, description, default_queue_type, tags = matches.captures + # RMQ returns 'undefined' as default_queue_type if it has never been set + default_queue_type = nil if default_queue_type == 'undefined' + new(ensure: :present, name: name, description: description, default_queue_type: default_queue_type, tags: tags.split(%r{,\s*})) + else + raise Puppet::Error, "Cannot parse invalid vhost line: #{line}" unless line =~ %r{^(\S+)$} + + new(ensure: :present, name: Regexp.last_match(1)) + end end end def create - rabbitmqctl('add_vhost', resource[:name]) + rabbitmqctl('add_vhost', *params) + end + + def params + params = [resource[:name]] + if supports_metadata? + params << ['--description', resource[:description]] if resource[:description] + params << ['--default-queue-type', resource[:default_queue_type]] if resource[:default_queue_type] && resource[:default_queue_type] != 'undefined' + params << ['--tags', resource[:tags].join(',')] if resource[:tags] + end + params + end + + def description + @property_hash[:description] + end + + def tags + @property_hash[:tags] + end + + def default_queue_type + @property_hash[:default_queue_type] + end + + def tags=(tags) + @property_hash[:tags] = tags + end + + def description=(value) + @property_hash[:description] = value + end + + def default_queue_type=(value) + @property_hash[:default_queue_type] = value + end + + def flush + return if @property_hash.empty? || !supports_metadata? || !exists? + + params = [resource[:name]] + params << ['--description', @property_hash[:description]] if @property_hash[:description] + params << ['--default-queue-type', @property_hash[:default_queue_type]] if @property_hash[:default_queue_type] + params << ['--tags', @property_hash[:tags].join(',')] if @property_hash[:tags] + rabbitmqctl('update_vhost_metadata', *params) end def destroy diff --git a/lib/puppet/type/rabbitmq_binding.rb b/lib/puppet/type/rabbitmq_binding.rb index d7cffd350..4a3bf5a3f 100644 --- a/lib/puppet/type/rabbitmq_binding.rb +++ b/lib/puppet/type/rabbitmq_binding.rb @@ -41,6 +41,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_cluster.rb b/lib/puppet/type/rabbitmq_cluster.rb index b215cf023..211e7cde7 100644 --- a/lib/puppet/type/rabbitmq_cluster.rb +++ b/lib/puppet/type/rabbitmq_cluster.rb @@ -18,6 +18,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create @@ -40,6 +41,11 @@ end end + newparam(:local_node) do + desc 'Name of the local node' + defaultto(:undef) + end + newparam(:node_disc_type) do desc 'Storage type of node, default disc.' newvalues(%r{disc|ram}) diff --git a/lib/puppet/type/rabbitmq_erlang_cookie.rb b/lib/puppet/type/rabbitmq_erlang_cookie.rb index 1daf369ef..0ecf3a90f 100644 --- a/lib/puppet/type/rabbitmq_erlang_cookie.rb +++ b/lib/puppet/type/rabbitmq_erlang_cookie.rb @@ -13,7 +13,9 @@ this type directly. DESC - newparam(:path, namevar: true) + newparam(:path, namevar: true) do + desc 'Path of the erlang cookie' + end newproperty(:content) do desc 'Content of cookie' @@ -33,23 +35,28 @@ def should_to_s(_value) end newparam(:force) do + desc 'Force parameter' defaultto(:false) newvalues(:true, :false) end newparam(:rabbitmq_user) do + desc 'Rabbitmq User' defaultto('rabbitmq') end newparam(:rabbitmq_group) do + desc 'Rabbitmq Group' defaultto('rabbitmq') end newparam(:rabbitmq_home) do + desc 'Path to the rabbitmq home directory' defaultto('/var/lib/rabbitmq') end newparam(:service_name) do + desc 'Name of the service' newvalues(%r{^\S+$}) end end diff --git a/lib/puppet/type/rabbitmq_exchange.rb b/lib/puppet/type/rabbitmq_exchange.rb index 820a588ea..057f05e9e 100644 --- a/lib/puppet/type/rabbitmq_exchange.rb +++ b/lib/puppet/type/rabbitmq_exchange.rb @@ -20,6 +20,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_parameter.rb b/lib/puppet/type/rabbitmq_parameter.rb index 502ba25ed..8e7c4f689 100644 --- a/lib/puppet/type/rabbitmq_parameter.rb +++ b/lib/puppet/type/rabbitmq_parameter.rb @@ -36,6 +36,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create @@ -84,7 +85,7 @@ [self[:name].split('@')[1]] end - def set_parameters(hash) # rubocop:disable Style/AccessorMethodName + def set_parameters(hash) # rubocop:disable Naming/AccessorMethodName # Hack to ensure :autoconvert is initialized before :value self[:autoconvert] = hash[:autoconvert] if hash.key?(:autoconvert) super @@ -105,9 +106,12 @@ def validate_value(value) def munge_value(value) return value if value(:autoconvert) == :false - value.each do |k, v| - value[k] = v.to_i if v =~ %r{\A[-+]?[0-9]+\z} + value.transform_values do |v| + if v.is_a?(String) && v.match?(%r{\A[-+]?[0-9]+\z}) + v.to_i + else + v + end end - value end end diff --git a/lib/puppet/type/rabbitmq_plugin.rb b/lib/puppet/type/rabbitmq_plugin.rb index 4ca83c312..af08cc785 100644 --- a/lib/puppet/type/rabbitmq_plugin.rb +++ b/lib/puppet/type/rabbitmq_plugin.rb @@ -20,6 +20,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_policy.rb b/lib/puppet/type/rabbitmq_policy.rb index f85f1ca8c..33f35f0b2 100644 --- a/lib/puppet/type/rabbitmq_policy.rb +++ b/lib/puppet/type/rabbitmq_policy.rb @@ -1,5 +1,20 @@ # frozen_string_literal: true +# See below; these are variables that we want to auto-convert to integer +# values +CONVERT_TO_INT_VARS = %w[ + consumer-timeout + delivery-limit + expires + ha-sync-batch-size + initial-cluster-size + max-length + max-length-bytes + message-ttl + queue-version + shards-per-node +].freeze + Puppet::Type.newtype(:rabbitmq_policy) do desc <<~DESC Type for managing rabbitmq policies @@ -17,6 +32,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create @@ -48,8 +64,11 @@ newproperty(:applyto) do desc 'policy apply to' newvalue(:all) + newvalue(:classic_queues) newvalue(:exchanges) newvalue(:queues) + newvalue(:quorum_queues) + newvalue(:streams) defaultto :all end @@ -93,45 +112,22 @@ def validate_definition(definition) ha_params = definition['ha-params'] raise ArgumentError, "Invalid ha-params '#{ha_params}' for ha-mode 'exactly'" unless ha_params.to_i.to_s == ha_params end - if definition.key? 'expires' - expires_val = definition['expires'] - raise ArgumentError, "Invalid expires value '#{expires_val}'" unless expires_val.to_i.to_s == expires_val - end - if definition.key? 'message-ttl' - message_ttl_val = definition['message-ttl'] - raise ArgumentError, "Invalid message-ttl value '#{message_ttl_val}'" unless message_ttl_val.to_i.to_s == message_ttl_val - end - if definition.key? 'max-length' - max_length_val = definition['max-length'] - raise ArgumentError, "Invalid max-length value '#{max_length_val}'" unless max_length_val.to_i.to_s == max_length_val - end - if definition.key? 'max-length-bytes' - max_length_bytes_val = definition['max-length-bytes'] - raise ArgumentError, "Invalid max-length-bytes value '#{max_length_bytes_val}'" unless max_length_bytes_val.to_i.to_s == max_length_bytes_val - end - if definition.key? 'shards-per-node' - shards_per_node_val = definition['shards-per-node'] - raise ArgumentError, "Invalid shards-per-node value '#{shards_per_node_val}'" unless shards_per_node_val.to_i.to_s == shards_per_node_val - end - if definition.key? 'ha-sync-batch-size' - ha_sync_batch_size_val = definition['ha-sync-batch-size'] - raise ArgumentError, "Invalid ha-sync-batch-size value '#{ha_sync_batch_size_val}'" unless ha_sync_batch_size_val.to_i.to_s == ha_sync_batch_size_val - end - if definition.key? 'delivery-limit' # rubocop:disable Style/GuardClause - delivery_limit_val = definition['delivery-limit'] - raise ArgumentError, "Invalid delivery-limit value '#{delivery_limit_val}'" unless delivery_limit_val.to_i.to_s == delivery_limit_val + + # Since this pattern is repeated, use a constant to track all the types + # where we need to convert a string value to an unquoted integer explicitly + definition.each do |k, v| + raise ArgumentError, "Invalid #{k} value '#{v}'" if CONVERT_TO_INT_VARS.include?(k) && v.to_i.to_s != v end end def munge_definition(definition) definition['ha-params'] = definition['ha-params'].to_i if definition['ha-mode'] == 'exactly' - definition['expires'] = definition['expires'].to_i if definition.key? 'expires' - definition['message-ttl'] = definition['message-ttl'].to_i if definition.key? 'message-ttl' - definition['max-length'] = definition['max-length'].to_i if definition.key? 'max-length' - definition['max-length-bytes'] = definition['max-length-bytes'].to_i if definition.key? 'max-length-bytes' - definition['shards-per-node'] = definition['shards-per-node'].to_i if definition.key? 'shards-per-node' - definition['ha-sync-batch-size'] = definition['ha-sync-batch-size'].to_i if definition.key? 'ha-sync-batch-size' - definition['delivery-limit'] = definition['delivery-limit'].to_i if definition.key? 'delivery-limit' + + # Again, use a list of types to convert vs. hard-coding each one + definition.each do |k, v| + definition[k] = v.to_i if CONVERT_TO_INT_VARS.include? k + end + definition end end diff --git a/lib/puppet/type/rabbitmq_queue.rb b/lib/puppet/type/rabbitmq_queue.rb index da3395fc7..2a4672487 100644 --- a/lib/puppet/type/rabbitmq_queue.rb +++ b/lib/puppet/type/rabbitmq_queue.rb @@ -19,6 +19,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_user.rb b/lib/puppet/type/rabbitmq_user.rb index 643c69f6e..71c5d5081 100644 --- a/lib/puppet/type/rabbitmq_user.rb +++ b/lib/puppet/type/rabbitmq_user.rb @@ -23,6 +23,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_user_permissions.rb b/lib/puppet/type/rabbitmq_user_permissions.rb index 7ec46a375..ffae93e92 100644 --- a/lib/puppet/type/rabbitmq_user_permissions.rb +++ b/lib/puppet/type/rabbitmq_user_permissions.rb @@ -13,6 +13,7 @@ DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create diff --git a/lib/puppet/type/rabbitmq_vhost.rb b/lib/puppet/type/rabbitmq_vhost.rb index 16809b008..9d00c781d 100644 --- a/lib/puppet/type/rabbitmq_vhost.rb +++ b/lib/puppet/type/rabbitmq_vhost.rb @@ -9,11 +9,15 @@ @example Create a rabbitmq_vhost rabbitmq_vhost { 'myvhost': - ensure => present, + ensure => present, + description => 'myvhost description', + tags => ['tag1', 'tag2'], + default_queue_type => 'quorum', } DESC ensurable do + desc 'Whether the resource should be present or absent' defaultto(:present) newvalue(:present) do provider.create @@ -29,4 +33,22 @@ desc 'The name of the vhost to add' newvalues(%r{^\S+$}) end + + newproperty(:description) do + desc 'A description of the vhost' + end + + newproperty(:default_queue_type) do + desc 'The default queue type for queues in this vhost' + newvalues(:classic, :quorum, :stream) + munge(&:to_s) + end + + newproperty(:tags, array_matching: :all) do + desc 'additional tags for the vhost' + validate do |value| + raise ArgumentError, "Invalid tag: #{value.inspect}" unless value =~ %r{^\S+$} + end + defaultto [] + end end diff --git a/manifests/config.pp b/manifests/config.pp index a2f83a8aa..4abfa78d1 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -3,91 +3,99 @@ # # @api private class rabbitmq::config { - $admin_enable = $rabbitmq::admin_enable - $management_enable = $rabbitmq::management_enable - $use_config_file_for_plugins = $rabbitmq::use_config_file_for_plugins - $cluster_node_type = $rabbitmq::cluster_node_type - $cluster_nodes = $rabbitmq::cluster_nodes - $config = $rabbitmq::config - $config_cluster = $rabbitmq::config_cluster - $config_path = $rabbitmq::config_path - $config_ranch = $rabbitmq::config_ranch - $config_stomp = $rabbitmq::config_stomp - $stomp_ensure = $rabbitmq::stomp_ensure - $config_shovel = $rabbitmq::config_shovel - $config_shovel_statics = $rabbitmq::config_shovel_statics - $default_user = $rabbitmq::default_user - $default_pass = $rabbitmq::default_pass - $env_config = $rabbitmq::env_config - $env_config_path = $rabbitmq::env_config_path - $erlang_cookie = $rabbitmq::erlang_cookie - $interface = $rabbitmq::interface - $management_port = $rabbitmq::management_port - $management_ssl = $rabbitmq::management_ssl - $management_hostname = $rabbitmq::management_hostname - $node_ip_address = $rabbitmq::node_ip_address - $rabbitmq_user = $rabbitmq::rabbitmq_user - $rabbitmq_group = $rabbitmq::rabbitmq_group - $rabbitmq_home = $rabbitmq::rabbitmq_home - $port = $rabbitmq::port - $tcp_keepalive = $rabbitmq::tcp_keepalive - $tcp_backlog = $rabbitmq::tcp_backlog - $tcp_sndbuf = $rabbitmq::tcp_sndbuf - $tcp_recbuf = $rabbitmq::tcp_recbuf - $heartbeat = $rabbitmq::heartbeat - $service_name = $rabbitmq::service_name - $ssl = $rabbitmq::ssl - $ssl_only = $rabbitmq::ssl_only - $ssl_cacert = $rabbitmq::ssl_cacert - $ssl_cert = $rabbitmq::ssl_cert - $ssl_key = $rabbitmq::ssl_key - $ssl_depth = $rabbitmq::ssl_depth - $ssl_cert_password = $rabbitmq::ssl_cert_password - $ssl_port = $rabbitmq::ssl_port - $ssl_interface = $rabbitmq::ssl_interface - $ssl_management_port = $rabbitmq::ssl_management_port - $ssl_management_cacert = $rabbitmq::ssl_management_cacert - $ssl_management_cert = $rabbitmq::ssl_management_cert - $ssl_management_key = $rabbitmq::ssl_management_key - $ssl_management_verify = $rabbitmq::ssl_management_verify - $ssl_management_fail_if_no_peer_cert = $rabbitmq::ssl_management_fail_if_no_peer_cert - $ssl_stomp_port = $rabbitmq::ssl_stomp_port - $ssl_verify = $rabbitmq::ssl_verify - $ssl_fail_if_no_peer_cert = $rabbitmq::ssl_fail_if_no_peer_cert - $ssl_secure_renegotiate = $rabbitmq::ssl_secure_renegotiate - $ssl_reuse_sessions = $rabbitmq::ssl_reuse_sessions - $ssl_honor_cipher_order = $rabbitmq::ssl_honor_cipher_order - $ssl_dhfile = $rabbitmq::ssl_dhfile - $ssl_versions = $rabbitmq::ssl_versions - $ssl_ciphers = $rabbitmq::ssl_ciphers - $ssl_crl_check = $rabbitmq::ssl_crl_check - $ssl_crl_cache_hash_dir = $rabbitmq::ssl_crl_cache_hash_dir - $ssl_crl_cache_http_timeout = $rabbitmq::ssl_crl_cache_http_timeout - $stomp_port = $rabbitmq::stomp_port - $stomp_ssl_only = $rabbitmq::stomp_ssl_only - $ldap_auth = $rabbitmq::ldap_auth - $ldap_server = $rabbitmq::ldap_server - $ldap_user_dn_pattern = $rabbitmq::ldap_user_dn_pattern - $ldap_other_bind = $rabbitmq::ldap_other_bind - $ldap_use_ssl = $rabbitmq::ldap_use_ssl - $ldap_port = $rabbitmq::ldap_port - $ldap_log = $rabbitmq::ldap_log - $ldap_config_variables = $rabbitmq::ldap_config_variables - $wipe_db_on_cookie_change = $rabbitmq::wipe_db_on_cookie_change - $config_variables = $rabbitmq::config_variables - $config_kernel_variables = $rabbitmq::config_kernel_variables - $config_management_variables = $rabbitmq::config_management_variables - $config_additional_variables = $rabbitmq::config_additional_variables - $auth_backends = $rabbitmq::auth_backends - $cluster_partition_handling = $rabbitmq::cluster_partition_handling - $file_limit = $rabbitmq::file_limit - $oom_score_adj = $rabbitmq::oom_score_adj - $collect_statistics_interval = $rabbitmq::collect_statistics_interval - $ipv6 = $rabbitmq::ipv6 - $inetrc_config = $rabbitmq::inetrc_config - $inetrc_config_path = $rabbitmq::inetrc_config_path - $ssl_erl_dist = $rabbitmq::ssl_erl_dist - $loopback_users = $rabbitmq::loopback_users + $admin_enable = $rabbitmq::admin_enable + $management_enable = $rabbitmq::management_enable + $use_config_file_for_plugins = $rabbitmq::use_config_file_for_plugins + $plugins = $rabbitmq::plugins + $cluster_node_type = $rabbitmq::cluster_node_type + $cluster_nodes = $rabbitmq::cluster_nodes + $config = $rabbitmq::config + $config_cluster = $rabbitmq::config_cluster + $config_cowboy_opts = $rabbitmq::config_cowboy_opts + $config_path = $rabbitmq::config_path + $config_ranch = $rabbitmq::config_ranch + $config_stomp = $rabbitmq::config_stomp + $stomp_ensure = $rabbitmq::stomp_ensure + $config_shovel = $rabbitmq::config_shovel + $config_shovel_statics = $rabbitmq::config_shovel_statics + $default_user = $rabbitmq::default_user + $default_pass = $rabbitmq::default_pass + $env_config = $rabbitmq::env_config + $env_config_path = $rabbitmq::env_config_path + $erlang_cookie = $rabbitmq::erlang_cookie + $interface = $rabbitmq::interface + $management_port = $rabbitmq::management_port + $management_ssl = $rabbitmq::management_ssl + $management_hostname = $rabbitmq::management_hostname + $node_ip_address = $rabbitmq::node_ip_address + $quorum_membership_reconciliation_enabled = $rabbitmq::quorum_membership_reconciliation_enabled + $quorum_membership_reconciliation_auto_remove = $rabbitmq::quorum_membership_reconciliation_auto_remove + $quorum_membership_reconciliation_interval = $rabbitmq::quorum_membership_reconciliation_interval + $quorum_membership_reconciliation_trigger_interval = $rabbitmq::quorum_membership_reconciliation_trigger_interval + $quorum_membership_reconciliation_target_group_size = $rabbitmq::quorum_membership_reconciliation_target_group_size + $rabbitmq_user = $rabbitmq::rabbitmq_user + $rabbitmq_group = $rabbitmq::rabbitmq_group + $rabbitmq_home = $rabbitmq::rabbitmq_home + $port = $rabbitmq::port + $tcp_keepalive = $rabbitmq::tcp_keepalive + $tcp_backlog = $rabbitmq::tcp_backlog + $tcp_sndbuf = $rabbitmq::tcp_sndbuf + $tcp_recbuf = $rabbitmq::tcp_recbuf + $heartbeat = $rabbitmq::heartbeat + $service_name = $rabbitmq::service_name + $ssl = $rabbitmq::ssl + $ssl_only = $rabbitmq::ssl_only + $ssl_cacert = $rabbitmq::ssl_cacert + $ssl_cert = $rabbitmq::ssl_cert + $ssl_key = $rabbitmq::ssl_key + $ssl_depth = $rabbitmq::ssl_depth + $ssl_cert_password = $rabbitmq::ssl_cert_password + $ssl_port = $rabbitmq::ssl_port + $ssl_interface = $rabbitmq::ssl_interface + $ssl_management_port = $rabbitmq::ssl_management_port + $ssl_management_cacert = $rabbitmq::ssl_management_cacert + $ssl_management_cert = $rabbitmq::ssl_management_cert + $ssl_management_key = $rabbitmq::ssl_management_key + $ssl_management_verify = $rabbitmq::ssl_management_verify + $ssl_management_fail_if_no_peer_cert = $rabbitmq::ssl_management_fail_if_no_peer_cert + $ssl_stomp_port = $rabbitmq::ssl_stomp_port + $ssl_verify = $rabbitmq::ssl_verify + $ssl_fail_if_no_peer_cert = $rabbitmq::ssl_fail_if_no_peer_cert + $ssl_client_renegotiation = $rabbitmq::ssl_client_renegotiation + $ssl_secure_renegotiate = $rabbitmq::ssl_secure_renegotiate + $ssl_reuse_sessions = $rabbitmq::ssl_reuse_sessions + $ssl_honor_cipher_order = $rabbitmq::ssl_honor_cipher_order + $ssl_dhfile = $rabbitmq::ssl_dhfile + $ssl_versions = $rabbitmq::ssl_versions + $ssl_ciphers = $rabbitmq::ssl_ciphers + $ssl_crl_check = $rabbitmq::ssl_crl_check + $ssl_crl_cache_hash_dir = $rabbitmq::ssl_crl_cache_hash_dir + $ssl_crl_cache_http_timeout = $rabbitmq::ssl_crl_cache_http_timeout + $stomp_port = $rabbitmq::stomp_port + $stomp_ssl_only = $rabbitmq::stomp_ssl_only + $ldap_auth = $rabbitmq::ldap_auth + $ldap_server = $rabbitmq::ldap_server + $ldap_user_dn_pattern = $rabbitmq::ldap_user_dn_pattern + $ldap_other_bind = $rabbitmq::ldap_other_bind + $ldap_use_ssl = $rabbitmq::ldap_use_ssl + $ldap_port = $rabbitmq::ldap_port + $ldap_log = $rabbitmq::ldap_log + $ldap_config_variables = $rabbitmq::ldap_config_variables + $wipe_db_on_cookie_change = $rabbitmq::wipe_db_on_cookie_change + $config_variables = $rabbitmq::config_variables + $config_kernel_variables = $rabbitmq::config_kernel_variables + $config_management_variables = $rabbitmq::config_management_variables + $config_additional_variables = $rabbitmq::config_additional_variables + $auth_backends = $rabbitmq::auth_backends + $cluster_partition_handling = $rabbitmq::cluster_partition_handling + $file_limit = $rabbitmq::file_limit + $oom_score_adj = $rabbitmq::oom_score_adj + $collect_statistics_interval = $rabbitmq::collect_statistics_interval + $ipv6 = $rabbitmq::ipv6 + $inetrc_config = $rabbitmq::inetrc_config + $inetrc_config_path = $rabbitmq::inetrc_config_path + $ssl_erl_dist = $rabbitmq::ssl_erl_dist + $loopback_users = $rabbitmq::loopback_users if $ssl_only { $default_ssl_env_variables = {} @@ -128,7 +136,7 @@ $proto_dist = 'inet6_tcp' $ssl_path = '' } - $ipv6_or_tls_env = ['SERVER_ADDITIONAL', 'CTL'].reduce( {}) |$memo, $item| { + $ipv6_or_tls_env = ['SERVER_ADDITIONAL', 'CTL'].reduce({}) |$memo, $item| { $orig = $_environment_variables["RABBITMQ_${item}_ERL_ARGS"] $munged = $orig ? { # already quoted, keep quoting @@ -164,7 +172,7 @@ file { 'rabbitmq.config': ensure => file, path => $config_path, - content => template($config), + content => epp($config), owner => $rabbitmq_user, group => $rabbitmq_group, mode => '0640', @@ -173,7 +181,7 @@ file { 'rabbitmq-env.config': ensure => file, path => $env_config_path, - content => template($env_config), + content => epp($env_config), owner => $rabbitmq_user, group => $rabbitmq_group, mode => '0640', @@ -189,10 +197,17 @@ } if $use_config_file_for_plugins { + $management_plugin = if ($admin_enable or $management_enable) { 'rabbitmq_management' } else { undef } + $stomp_plugin = if $stomp_ensure { 'rabbitmq_stomp' } else { undef } + $auth_backend_ldap_plugin = if $ldap_auth { 'rabbitmq_auth_backend_ldap' } else { undef } + $shovel_plugin = if $config_shovel { 'rabbitmq_shovel' } else { undef } + $shovel_management_plugin = if ($config_shovel and ($admin_enable or $management_enable)) { 'rabbitmq_shovel_management' } else { undef } + + $_plugins = delete_undef_values($plugins + [$management_plugin, $stomp_plugin, $auth_backend_ldap_plugin, $shovel_plugin, $shovel_management_plugin]) file { 'enabled_plugins': ensure => file, path => '/etc/rabbitmq/enabled_plugins', - content => template('rabbitmq/enabled_plugins.erb'), + content => epp('rabbitmq/enabled_plugins.epp'), owner => $rabbitmq_user, group => $rabbitmq_group, mode => '0640', @@ -204,7 +219,7 @@ file { 'rabbitmqadmin.conf': ensure => file, path => '/etc/rabbitmq/rabbitmqadmin.conf', - content => template('rabbitmq/rabbitmqadmin.conf.erb'), + content => epp('rabbitmq/rabbitmqadmin.conf.epp'), owner => $rabbitmq_user, group => $rabbitmq_group, mode => '0640', @@ -212,36 +227,14 @@ } } - case $facts['os']['family'] { - 'Debian': { - file { '/etc/default/rabbitmq-server': - ensure => file, - content => template('rabbitmq/default.erb'), - mode => '0644', - owner => '0', - group => '0', - } - } - 'RedHat': { - file { '/etc/security/limits.d/rabbitmq-server.conf': - content => template('rabbitmq/limits.conf'), - owner => '0', - group => '0', - mode => '0644', - } - } - default: {} - } - - if $facts['systemd'] { # systemd fact provided by systemd module - systemd::service_limits { "${service_name}.service": + if $facts['kernel'] == 'Linux' { + systemd::manage_dropin { 'service-90-limits.conf': + unit => "${service_name}.service", selinux_ignore_defaults => ($facts['os']['family'] == 'RedHat'), - limits => { + service_entry => { 'LimitNOFILE' => $file_limit, 'OOMScoreAdjust' => $oom_score_adj, }, - # The service will be notified when config changes - restart_service => false, } } diff --git a/manifests/init.pp b/manifests/init.pp index 2fc033afb..01b64cb93 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,6 +22,17 @@ # package_gpg_key => 'http://www.some_site.some_domain/some_key.pub.key', # } # +# @example Offline installation from local mirror: +# class { 'rabbitmq': +# key_content => template('openstack/rabbit.pub.key'), +# repo_gpg_key => '/tmp/rabbit.pub.key', +# } +# +# @example Use external package key source for any (apt/rpm) package provider: +# class { 'rabbitmq': +# repo_gpg_key => 'http://www.some_site.some_domain/some_key.pub.key', +# } +# # @example To use RabbitMQ Environment Variables, use the parameters `environment_variables` e.g.: # class { 'rabbitmq': # port => '5672', @@ -98,13 +109,15 @@ # # @param admin_enable # If enabled sets up the management interface/plugin for RabbitMQ. -# This also install the rabbitmqadmin command line tool. +# This will also install the rabbitmqadmin command line tool. # @param management_enable # If enabled sets up the management interface/plugin for RabbitMQ. # NOTE: This does not install the rabbitmqadmin command line tool. # @param use_config_file_for_plugins # If enabled the /etc/rabbitmq/enabled_plugins config file is created, # replacing the use of the rabbitmqplugins provider to enable plugins. +# @param plugins +# Additional list of plugins to start, or to add to /etc/rabbitmq/enabled_plugins, if use_config_file_for_plugins is enabled. # @param auth_backends # An array specifying authorization/authentication backend to use. Single quotes should be placed around array entries, # ex. `['{foo, baz}', 'baz']` Defaults to [rabbit_auth_backend_internal], and if using LDAP defaults to [rabbit_auth_backend_internal, @@ -124,6 +137,8 @@ # Additional config variables in rabbitmq.config # @param config_cluster # Enable or disable clustering support. +# @param config_cowboy_opts +# Hash of additional configs (key / value) for `cowboy_opts` in rabbitmq.config. # @param config_kernel_variables # Hash of Erlang kernel configuration variables to set (see [Variables Configurable in rabbitmq.config](#variables-configurable-in-rabbitmq.config)). # @param config_path @@ -146,6 +161,9 @@ # Password to set for the `default_user` in rabbitmq.config. # @param delete_guest_user # Controls whether default guest user is deleted. +# @param enable_centos_release +# Enable the `centos-release-rabbitmq-38` if set to `true` and if the OS is in the +# RedHat family and `repos_ensure` is `false`. Defaults to true on CentOS. # @param env_config # The template file to use for rabbitmq_env.config. # @param env_config_path @@ -157,7 +175,7 @@ # set explicitly if using clustering. If you run Pacemaker and you don't want to use RabbitMQ buildin cluster, you can set config_cluster # to 'False' and set 'erlang_cookie'. # @param file_limit -# Set rabbitmq file ulimit. Defaults to 16384. Only available on systems with `$::osfamily == 'Debian'` or `$::osfamily == 'RedHat'`. +# Set rabbitmq file ulimit. Defaults to 16384. Only available on Linux # @param oom_score_adj # Set rabbitmq-server process OOM score. Defaults to 0. # @param heartbeat @@ -211,6 +229,12 @@ # Determines the ensure state of the package. Set to installed by default, but could be changed to latest. # @param package_gpg_key # RPM package GPG key to import. Uses source method. Should be a URL for Debian/RedHat OS family, or a file name for +# RedHat OS family. Set to https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc +# for Debian/RedHat OS Family by default. +# @param package_source +# @param package_provider +# @param repo_gpg_key +# RPM package GPG key to import. Uses source method. Should be a URL for Debian/RedHat OS family, or a file name for # RedHat OS family. Set to https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey for Debian/RedHat OS Family by # default. Note, that `key_content`, if specified, would override this parameter for Debian OS family. # @param package_name @@ -219,11 +243,30 @@ # The RabbitMQ port. # @param python_package # Name of the package required by rabbitmqadmin. +# @param quorum_membership_reconciliation_enabled +# Enables or disables continuous membership reconciliation. +# This REQUIRES RabbitMQ 3.13 or higher to be set to true. More information on this configuration +# can be found here: https://www.rabbitmq.com/docs/quorum-queues +# @param quorum_membership_reconciliation_auto_remove +# Enables or disables automatic removal of member nodes that are no longer part of the cluster, +# but still a member of the quorum queue. +# Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. +# @param quorum_membership_reconciliation_interval +# The default evaluation interval in milliseconds. +# Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. +# @param quorum_membership_reconciliation_trigger_interval +# The reconciliation delay in milliseconds, used when a trigger event occurs, +# for example, a node is added or removed from the cluster or an applicable policy changes. +# This delay will be applied only once, then the regular interval will be used again. +# Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. +# @param quorum_membership_reconciliation_target_group_size +# Controls the target group size for a quorum queue +# Important Note: This only takes affect if quorum_membership_reconciliation_enabled is set to true. # @param repos_ensure # Ensure that a repo with the official (and newer) RabbitMQ package is configured, along with its signing key. -# Defaults to false (use system packages). This does not ensure that soft dependencies (like EPEL on RHEL systems) are present. -# It also does not solve the erlang dependency. See https://www.rabbitmq.com/which-erlang.html for a good breakdown of the -# different ways of handling the erlang deps. See also https://github.com/voxpupuli/puppet-rabbitmq/issues/788 +# Defaults to false (use system packages). This does not ensure that soft dependencies are present. +# It also does not solve the erlang dependency. See https://www.rabbitmq.com/which-erlang.html for a good breakdown of the +# different ways of handling the erlang deps. See also https://github.com/voxpupuli/puppet-rabbitmq/issues/788 # @param service_ensure # The state of the service. # @param service_manage @@ -240,6 +283,8 @@ # Cert to use for SSL. # @param ssl_cert_password # Password used when generating CSR. +# @param ssl_client_renegotiation +# Allow ssl client renegotiation # @param ssl_depth # SSL verification depth. # @param ssl_dhfile @@ -263,6 +308,7 @@ # SSL management cert. If unset set to ssl_cert for backwards compatibility. # @param ssl_management_key # SSL management key. If unset set to ssl_key for backwards compatibility. +# @param ssl_management_fail_if_no_peer_cert # @param ssl_port # SSL port for RabbitMQ # @param ssl_reuse_sessions @@ -330,10 +376,12 @@ Boolean $admin_enable = true, Boolean $management_enable = false, Boolean $use_config_file_for_plugins = false, + Array $plugins = [], Hash $cluster = $rabbitmq::cluster, Enum['ram', 'disc'] $cluster_node_type = 'disc', Array $cluster_nodes = [], - String $config = 'rabbitmq/rabbitmq.config.erb', + String $config = 'rabbitmq/rabbitmq.config.epp', + Hash $config_cowboy_opts = {}, Boolean $config_cluster = false, Stdlib::Absolutepath $config_path = '/etc/rabbitmq/rabbitmq.config', Boolean $config_ranch = true, @@ -343,7 +391,8 @@ String $default_user = 'guest', String $default_pass = 'guest', Boolean $delete_guest_user = false, - String $env_config = 'rabbitmq/rabbitmq-env.conf.erb', + Boolean $enable_centos_release = false, + String $env_config = 'rabbitmq/rabbitmq-env.conf.epp', Stdlib::Absolutepath $env_config_path = '/etc/rabbitmq/rabbitmq-env.conf', Optional[String] $erlang_cookie = undef, Optional[String] $interface = undef, @@ -352,9 +401,15 @@ Boolean $management_ssl = true, Optional[String] $management_hostname = undef, Optional[String] $node_ip_address = undef, - Optional[Variant[Numeric, String]] $package_apt_pin = undef, + Optional[Variant[Numeric, String[1]]] $package_apt_pin = undef, String $package_ensure = 'installed', Optional[String] $package_gpg_key = undef, + Optional[Boolean] $quorum_membership_reconciliation_enabled = undef, + Optional[Boolean] $quorum_membership_reconciliation_auto_remove = undef, + Optional[Integer] $quorum_membership_reconciliation_interval = undef, + Optional[Integer] $quorum_membership_reconciliation_trigger_interval = undef, + Optional[Integer] $quorum_membership_reconciliation_target_group_size = undef, + Optional[String] $repo_gpg_key = undef, Variant[String, Array] $package_name = 'rabbitmq', Optional[String] $package_source = undef, Optional[String] $package_provider = undef, @@ -392,13 +447,14 @@ Enum['verify_none','verify_peer'] $ssl_management_verify = 'verify_none', Boolean $ssl_management_fail_if_no_peer_cert = false, Optional[Array] $ssl_versions = undef, + Optional[Boolean] $ssl_client_renegotiation = undef, Boolean $ssl_secure_renegotiate = true, Boolean $ssl_reuse_sessions = true, Boolean $ssl_honor_cipher_order = true, Optional[Stdlib::Absolutepath] $ssl_dhfile = undef, Array $ssl_ciphers = [], Enum['true','false','peer','best_effort'] $ssl_crl_check = 'false', - Optional[Stdlib::Absolutepath] $ssl_crl_cache_hash_dir = undef, + Optional[Stdlib::Absolutepath] $ssl_crl_cache_hash_dir = undef, Optional[Integer] $ssl_crl_cache_http_timeout = undef, Boolean $stomp_ensure = false, Boolean $ldap_auth = false, @@ -470,6 +526,8 @@ } } + # when repos_ensure is true, we configure externel repos + # CentOS 7 doesn't contain rabbitmq. It's only in EPEL. if $repos_ensure { case $facts['os']['family'] { 'RedHat': { @@ -483,6 +541,10 @@ default: { } } + } elsif $facts['os']['family'] == 'RedHat' and $enable_centos_release { + package { 'centos-release-rabbitmq-38': + ensure => 'present', + } } contain rabbitmq::install @@ -492,7 +554,7 @@ unless $use_config_file_for_plugins { # NOTE(hjensas): condition on $service_manage to keep current behaviour. - # The condition is likely not required because installiton of rabbitmqadmin + # The condition is likely not required because installation of rabbitmqadmin # is no longer handled here. # TODO: Remove the condition on $service_manage if ($management_enable or $admin_enable) and $service_manage { @@ -534,6 +596,14 @@ } } } + # Start anything else listed on the plugins array, if it was not started already by the other booleans + $plugins.each | $plugin | { + rabbitmq_plugin { $plugin: + ensure => present, + notify => Class['rabbitmq::service'], + provider => 'rabbitmqplugins', + } + } } if $admin_enable and $service_manage { @@ -551,6 +621,7 @@ $cluster['name'] => { 'init_node' => $cluster['init_node'], 'node_disc_type' => $cluster_node_type, + 'local_node' => $cluster['local_node'], } }) } diff --git a/manifests/install/rabbitmqadmin.pp b/manifests/install/rabbitmqadmin.pp index f90aa0b94..f49d926d0 100644 --- a/manifests/install/rabbitmqadmin.pp +++ b/manifests/install/rabbitmqadmin.pp @@ -11,7 +11,7 @@ $python_package = $rabbitmq::python_package # Some systems (e.g., Ubuntu 16.04) don't ship Python 2 by default if $rabbitmq::manage_python { - ensure_packages([$python_package]) + stdlib::ensure_packages([$python_package]) $rabbitmqadmin_require = [Archive['rabbitmqadmin'], Package[$python_package]] } else { $rabbitmqadmin_require = Archive['rabbitmqadmin'] @@ -27,13 +27,19 @@ $default_user = $rabbitmq::default_user $default_pass = $rabbitmq::default_pass - $management_ip_address = $rabbitmq::management_ip_address $archive_options = $rabbitmq::archive_options + # This should be consistent with rabbitmq::config + if $rabbitmq::management_ip_address { + $management_ip_address = $rabbitmq::management_ip_address + } else { + $management_ip_address = $rabbitmq::node_ip_address + } + if !($management_ip_address) { # Pull from localhost if we don't have an explicit bind address $sanitized_ip = '127.0.0.1' - } elsif $management_ip_address =~ Stdlib::Compat::Ipv6 { + } elsif $management_ip_address =~ Stdlib::IP::Address::V6::Nosubnet { $sanitized_ip = join(enclose_ipv6(any2array($management_ip_address)), ',') } else { $sanitized_ip = $management_ip_address diff --git a/manifests/repo/apt.pp b/manifests/repo/apt.pp index 97de0bc67..52fb4c11b 100644 --- a/manifests/repo/apt.pp +++ b/manifests/repo/apt.pp @@ -3,14 +3,23 @@ # puppetlabs-stdlib # # @api private +# +# @param location +# @param repos +# @param include_src +# @param key +# @param key_source +# @param key_content +# @param architecture +# class rabbitmq::repo::apt ( - String $location = 'https://packagecloud.io/rabbitmq/rabbitmq-server', - String $repos = 'main', + String[1] $location = 'https://packagecloud.io/rabbitmq/rabbitmq-server', + String[1] $repos = 'main', Boolean $include_src = false, - String $key = '8C695B0219AFDEB04A058ED8F4E789204D206F89', - String $key_source = $rabbitmq::package_gpg_key, - Optional[String] $key_content = $rabbitmq::key_content, - Optional[String] $architecture = undef, + String[1] $key = '8C695B0219AFDEB04A058ED8F4E789204D206F89', + String[1] $key_source = $rabbitmq::package_gpg_key, + Optional[String[1]] $key_content = $rabbitmq::key_content, + Optional[String[1]] $architecture = undef, ) { $osname = downcase($facts['os']['name']) $pin = $rabbitmq::package_apt_pin diff --git a/manifests/repo/rhel.pp b/manifests/repo/rhel.pp index 5000df38b..0edb63169 100644 --- a/manifests/repo/rhel.pp +++ b/manifests/repo/rhel.pp @@ -1,23 +1,40 @@ # Makes sure that the Packagecloud repo is installed # # @api private +# +# @param location +# @param repo_key_source +# @param package_key_source +# class rabbitmq::repo::rhel ( - $location = "https://packagecloud.io/rabbitmq/rabbitmq-server/el/${facts['os'][release][major]}/\$basearch", - String $key_source = $rabbitmq::package_gpg_key, + String[1] $location = "https://packagecloud.io/rabbitmq/rabbitmq-server/el/${facts['os'][release][major]}/\$basearch", + String[1] $repo_key_source = $rabbitmq::repo_gpg_key, + String[1] $package_key_source = $rabbitmq::package_gpg_key, ) { + # Import package key from rabbitmq to be able to + # sign the package and the repo. + # rabbitmq key is gpg-pubkey-6026dfca-573adfde + exec { "rpm --import ${package_key_source}": + path => ['/bin','/usr/bin','/sbin','/usr/sbin'], + unless => 'rpm -q gpg-pubkey-6026dfca-573adfde 2>/dev/null', + before => YumRepo['rabbitmq'], + } + yumrepo { 'rabbitmq': - ensure => present, - name => 'rabbitmq_rabbitmq-server', - baseurl => $location, - gpgkey => $key_source, - enabled => 1, - gpgcheck => 1, + ensure => present, + name => 'rabbitmq_rabbitmq-server', + baseurl => $location, + gpgkey => $repo_key_source, + enabled => 1, + gpgcheck => 1, + repo_gpgcheck => 1, } # This may still be needed to prevent warnings - # packagecloud key is gpg-pubkey-d59097ab-52d46e88 - exec { "rpm --import ${key_source}": - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - unless => 'rpm -q gpg-pubkey-6026dfca-573adfde 2>/dev/null', + # packagecloud key is gpg-pubkey-4d206f89-5bbb8d59 + exec { "rpm --import ${repo_key_source}": + path => ['/bin','/usr/bin','/sbin','/usr/sbin'], + unless => 'rpm -q gpg-pubkey-4d206f89-5bbb8d59 2>/dev/null', + require => YumRepo['rabbitmq'], } } diff --git a/manifests/service.pp b/manifests/service.pp index 55c090a66..52b4623b4 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -1,10 +1,15 @@ # This class manages the rabbitmq server service itself. # # @api private +# +# @param service_ensure +# @param service_manage +# @param service_name +# class rabbitmq::service ( - Enum['running', 'stopped'] $service_ensure = $rabbitmq::service_ensure, - Boolean $service_manage = $rabbitmq::service_manage, - $service_name = $rabbitmq::service_name, + Enum['running', 'stopped'] $service_ensure = $rabbitmq::service_ensure, + Boolean $service_manage = $rabbitmq::service_manage, + String[1] $service_name = $rabbitmq::service_name, ) inherits rabbitmq { if ($service_manage) { if $service_ensure == 'running' { @@ -22,8 +27,5 @@ hasrestart => true, name => $service_name, } - if $facts['systemd'] and defined(Class['systemd::systemctl::daemon_reload']) { - Class['systemd::systemctl::daemon_reload'] -> Service['rabbitmq-server'] - } } } diff --git a/metadata.json b/metadata.json index e23ff0209..80e62ba8b 100644 --- a/metadata.json +++ b/metadata.json @@ -1,7 +1,7 @@ { "name": "puppet-rabbitmq", - "version": "12.0.1-rc0", - "author": "voxpupuli", + "version": "14.2.1-rc0", + "author": "Vox Pupuli", "summary": "Installs, configures, and manages RabbitMQ.", "license": "Apache-2.0", "source": "https://github.com/voxpupuli/puppet-rabbitmq", @@ -11,26 +11,26 @@ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "7" + "9" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "7" + "9" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ - "9" + "11" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "16.04", - "18.04" + "20.04", + "22.04" ] }, { @@ -40,33 +40,34 @@ ] }, { - "operatingsystem": "FreeBSD" + "operatingsystem": "FreeBSD", + "operatingsystemrelease": [ + "13", + "14" + ] }, { "operatingsystem": "OpenBSD" - }, - { - "operatingsystem": "Archlinux" } ], "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.1.0 < 8.0.0" + "version_requirement": ">= 7.0.0 < 9.0.0" } ], "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 4.13.1 < 9.0.0" + "version_requirement": ">= 4.25.0 < 10.0.0" }, { "name": "puppet/archive", - "version_requirement": ">= 2.0.0 < 7.0.0" + "version_requirement": ">= 2.0.0 < 8.0.0" }, { "name": "puppet/systemd", - "version_requirement": ">= 2.10.0 < 4.0.0" + "version_requirement": ">= 6.0.0 < 9.0.0" } ], "tags": [ diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 009b35b08..9198c1889 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -15,11 +15,7 @@ context 'default class inclusion' do let(:pp) do <<-EOS - class { 'rabbitmq': } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } + include rabbitmq EOS end @@ -54,10 +50,6 @@ class { 'erlang': epel_enable => true} class { 'rabbitmq': service_ensure => 'stopped', } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS end @@ -72,11 +64,7 @@ class { 'erlang': epel_enable => true} context 'service is unmanaged' do it 'runs successfully' do pp_pre = <<-EOS - class { 'rabbitmq': } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } + include rabbitmq EOS pp = <<-EOS @@ -84,10 +72,6 @@ class { 'rabbitmq': service_manage => false, service_ensure => 'stopped', } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS apply_manifest(pp_pre, catch_failures: true) diff --git a/spec/acceptance/clustering_spec.rb b/spec/acceptance/clustering_spec.rb index bf0452c46..a3b205614 100644 --- a/spec/acceptance/clustering_spec.rb +++ b/spec/acceptance/clustering_spec.rb @@ -7,18 +7,13 @@ it 'runs successfully' do pp = <<-EOS class { 'rabbitmq': - cluster => { 'name' => 'rabbit_cluster', 'init_node' => $facts['fqdn'] }, + cluster => { 'name' => 'rabbit_cluster', 'init_node' => $facts['networking']['fqdn'] }, config_cluster => true, cluster_nodes => ['rabbit1', 'rabbit2'], cluster_node_type => 'ram', - environment_variables => { 'RABBITMQ_USE_LONGNAME' => true }, erlang_cookie => 'TESTCOOKIE', wipe_db_on_cookie_change => false, } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS apply_manifest(pp, expect_failures: true) @@ -33,18 +28,13 @@ class { 'erlang': epel_enable => true} it 'runs successfully' do pp = <<-EOS class { 'rabbitmq': - cluster => { 'name' => 'rabbit_cluster', 'init_node' => $facts['fqdn'] }, + cluster => { 'name' => 'rabbit_cluster', 'init_node' => $facts['networking']['fqdn'] }, config_cluster => true, cluster_nodes => ['rabbit1', 'rabbit2'], cluster_node_type => 'ram', - environment_variables => { 'RABBITMQ_USE_LONGNAME' => true }, erlang_cookie => 'TESTCOOKIE', wipe_db_on_cookie_change => true, } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS apply_manifest(pp, catch_failures: true) @@ -74,4 +64,25 @@ class { 'erlang': epel_enable => true} end end end + + context 'rabbitmq::cluster[:local_node] = foobar' do + it 'runs successfully' do + pp = <<-EOS + # Needed to avoid nxdomain error + host { 'foobar': + ip => '127.0.0.1', + } + class { 'rabbitmq': + cluster => { 'name' => 'rabbit_cluster', 'init_node' => 'foobar', 'local_node' => 'foobar' }, + config_cluster => true, + cluster_nodes => ['foobar', 'rabbit2'], + cluster_node_type => 'ram', + environment_variables => { 'NODENAME' => 'rabbit@foobar' }, + erlang_cookie => 'TESTCOOKIE', + } + EOS + + apply_manifest(pp, catch_failures: true) + end + end end diff --git a/spec/acceptance/delete_guest_user_spec.rb b/spec/acceptance/delete_guest_user_spec.rb index 15bdff93f..faa9ca957 100644 --- a/spec/acceptance/delete_guest_user_spec.rb +++ b/spec/acceptance/delete_guest_user_spec.rb @@ -10,10 +10,6 @@ class { 'rabbitmq': port => 5672, delete_guest_user => true, } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS apply_manifest(pp, catch_failures: true) diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index dba339c46..000000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - roles: - - agent - - default - platform: ubuntu-14.04-amd64 - hypervisor: vagrant - box: puppetlabs/ubuntu-14.04-64-nocm -CONFIG: - type: foss diff --git a/spec/acceptance/parameter_spec.rb b/spec/acceptance/parameter_spec.rb index e7ac8773d..59c5bc50d 100644 --- a/spec/acceptance/parameter_spec.rb +++ b/spec/acceptance/parameter_spec.rb @@ -6,10 +6,6 @@ context 'create parameter resource' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, @@ -45,4 +41,23 @@ class { 'rabbitmq': end end end + + context 'destroy parameter resource' do + it 'runs successfully' do + pp = <<-EOS + rabbitmq_parameter { 'documentumFed@fedhost': + ensure => absent, + } + EOS + + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: true) + end + + it 'does not have the parameter' do + shell('rabbitmqctl list_parameters -q') do |r| + expect(r.stdout).not_to match(%r{documentumFed\s+}) + end + end + end end diff --git a/spec/acceptance/policy_spec.rb b/spec/acceptance/policy_spec.rb index 1cd126344..857c0a698 100644 --- a/spec/acceptance/policy_spec.rb +++ b/spec/acceptance/policy_spec.rb @@ -6,10 +6,6 @@ context 'create policy resource' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, diff --git a/spec/acceptance/queue_spec.rb b/spec/acceptance/queue_spec.rb index 2934796e9..cb2c4efba 100644 --- a/spec/acceptance/queue_spec.rb +++ b/spec/acceptance/queue_spec.rb @@ -6,10 +6,6 @@ context 'create binding and queue resources when using default management port' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, @@ -80,10 +76,6 @@ class { 'rabbitmq': context 'create multiple bindings when same source / destination / vhost but different routing keys' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, @@ -168,10 +160,6 @@ class { 'rabbitmq': context 'create binding and queue resources when using a non-default management port' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, diff --git a/spec/acceptance/rabbitmqadmin_spec.rb b/spec/acceptance/rabbitmqadmin_spec.rb index fa127f1b4..fb7a6334e 100644 --- a/spec/acceptance/rabbitmqadmin_spec.rb +++ b/spec/acceptance/rabbitmqadmin_spec.rb @@ -10,10 +10,6 @@ class { 'rabbitmq': admin_enable => true, service_manage => true, } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS apply_manifest(pp, catch_failures: true) @@ -31,10 +27,6 @@ class { 'rabbitmq': admin_enable => true, service_manage => false, } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS shell('rm -f /var/lib/rabbitmq/rabbitmqadmin') @@ -55,10 +47,6 @@ class { 'rabbitmq': default_user => 'foobar', default_pass => 'bazblam', } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS pp = <<-EOS @@ -68,10 +56,6 @@ class { 'rabbitmq': default_user => 'foobar', default_pass => 'bazblam', } - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true} - Class['erlang'] -> Class['rabbitmq'] - } EOS shell('rm -f /var/lib/rabbitmq/rabbitmqadmin') diff --git a/spec/acceptance/user_spec.rb b/spec/acceptance/user_spec.rb index a8d369218..63b22baf7 100644 --- a/spec/acceptance/user_spec.rb +++ b/spec/acceptance/user_spec.rb @@ -6,10 +6,6 @@ context 'create user resource' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 782e33df9..0a7e466a4 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -6,18 +6,14 @@ context 'create vhost resource' do it 'runs successfully' do pp = <<-EOS - if $facts['os']['family'] == 'RedHat' { - class { 'erlang': epel_enable => true } - Class['erlang'] -> Class['rabbitmq'] - } class { 'rabbitmq': service_manage => true, port => 5672, delete_guest_user => true, admin_enable => true, - } -> + } - rabbitmq_vhost { 'myhost': + -> rabbitmq_vhost { 'myhost': ensure => present, } EOS diff --git a/spec/classes/rabbitmq_spec.rb b/spec/classes/rabbitmq_spec.rb index 8d1711825..306b2917d 100644 --- a/spec/classes/rabbitmq_spec.rb +++ b/spec/classes/rabbitmq_spec.rb @@ -1,38 +1,46 @@ # frozen_string_literal: true -# rubocop:disable RSpec/RepeatedExampleGroupDescription -# rubocop:disable RSpec/RepeatedExampleGroupBody - require 'spec_helper' describe 'rabbitmq' do - on_supported_os.each do |os, facts| + on_supported_os.each do |os, os_facts| context "on #{os}" do let :facts do - facts + os_facts end - name = case facts[:osfamily] + name = case os_facts['os']['family'] when 'Archlinux', 'OpenBSD', 'FreeBSD' 'rabbitmq' else 'rabbitmq-server' end + rabbitmq_home = case os_facts['os']['family'] + when 'FreeBSD' + '/var/db/rabbitmq' + else + '/var/lib/rabbitmq' + end + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_class('rabbitmq::install') } it { is_expected.to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') } it { is_expected.to contain_class('rabbitmq::service') } + it { is_expected.to contain_class('rabbitmq::management') } it { is_expected.to contain_package(name).with_ensure('installed').with_name(name) } - it { is_expected.to contain_package('rabbitmq-server-plugins') } if facts[:os]['family'] == 'Suse' + it { is_expected.to contain_package('rabbitmq-server-plugins') } if os_facts['os']['family'] == 'Suse' context 'with default params' do it { is_expected.not_to contain_class('rabbitmq::repo::apt') } it { is_expected.not_to contain_apt__source('rabbitmq') } it { is_expected.not_to contain_class('rabbitmq::repo::rhel') } it { is_expected.not_to contain_yumrepo('rabbitmq') } + + it { is_expected.to contain_package('centos-release-rabbitmq-38') } if os_facts['os']['name'] == 'CentOS' + it { is_expected.not_to contain_package('centos-release-rabbitmq-38') } if os_facts['os']['name'] == 'RedHat' end context 'with service_restart => false' do @@ -41,10 +49,16 @@ it { is_expected.not_to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') } end + context 'with enable_centos_release set to false' do + let(:params) { { enable_centos_release: false } } + + it { is_expected.not_to contain_package('centos-release-rabbitmq-38') } if os_facts['os']['family'] == 'RedHat' + end + context 'with repos_ensure => true' do let(:params) { { repos_ensure: true } } - if facts[:os]['family'] == 'Debian' + if os_facts['os']['family'] == 'Debian' it 'includes rabbitmq::repo::apt' do is_expected.to contain_class('rabbitmq::repo::apt'). with_key_source('https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey'). @@ -54,7 +68,7 @@ it 'adds a repo with default values' do is_expected.to contain_apt__source('rabbitmq'). with_ensure('present'). - with_location("https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}"). + with_location("https://packagecloud.io/rabbitmq/rabbitmq-server/#{os_facts['os']['name'].downcase}"). with_release(nil). with_repos('main') end @@ -63,7 +77,7 @@ it { is_expected.not_to contain_apt__souce('rabbitmq') } end - if facts[:os]['family'] == 'RedHat' + if os_facts['os']['family'] == 'RedHat' it { is_expected.to contain_class('rabbitmq::repo::rhel') } it 'the repo should be present, and contain the expected values' do @@ -72,47 +86,48 @@ with_baseurl(%r{https://packagecloud.io/rabbitmq/rabbitmq-server/el/\d+/\$basearch$}). with_gpgkey('https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey') end + + it { + is_expected.to contain_exec('rpm --import https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc').with( + unless: 'rpm -q gpg-pubkey-6026dfca-573adfde 2>/dev/null' + ) + } + + it { + is_expected.to contain_exec('rpm --import https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey').with( + unless: 'rpm -q gpg-pubkey-4d206f89-5bbb8d59 2>/dev/null' + ) + } + else it { is_expected.not_to contain_class('rabbitmq::repo::rhel') } it { is_expected.not_to contain_yumrepo('rabbitmq') } end end - context 'with no pin', if: facts[:os]['family'] == 'Debian' do - let(:params) { { repos_ensure: true, package_apt_pin: '' } } - - if Puppet.version =~ %r{^[6,7]} # https://tickets.puppetlabs.com/browse/PUP-9112 and https://tickets.puppetlabs.com/browse/PUP-9180 - let(:expected_key_apt_source_key_content) { 'nil' } - else - let(:expected_key_apt_source_key_content) { ':undef' } - end + context 'with no pin', if: os_facts['os']['family'] == 'Debian' do + let(:params) { { repos_ensure: true, package_apt_pin: nil } } describe 'it sets up an apt::source' do it { is_expected.to contain_apt__source('rabbitmq').with( - 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}", + 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{os_facts['os']['name'].downcase}", 'repos' => 'main', - 'key' => "{\"id\"=>\"8C695B0219AFDEB04A058ED8F4E789204D206F89\", \"source\"=>\"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey\", \"content\"=>#{expected_key_apt_source_key_content}}" + 'key' => '{"id"=>"8C695B0219AFDEB04A058ED8F4E789204D206F89", "source"=>"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey", "content"=>nil}' ) } end end - context 'with pin', if: facts[:os]['family'] == 'Debian' do + context 'with pin', if: os_facts['os']['family'] == 'Debian' do let(:params) { { repos_ensure: true, package_apt_pin: '700' } } - if Puppet.version =~ %r{^[6,7]} # https://tickets.puppetlabs.com/browse/PUP-9112 and https://tickets.puppetlabs.com/browse/PUP-9180 - let(:expected_key_apt_source_key_content) { 'nil' } - else - let(:expected_key_apt_source_key_content) { ':undef' } - end - describe 'it sets up an apt::source and pin' do it { is_expected.to contain_apt__source('rabbitmq').with( - 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}", + 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{os_facts['os']['name'].downcase}", 'repos' => 'main', - 'key' => "{\"id\"=>\"8C695B0219AFDEB04A058ED8F4E789204D206F89\", \"source\"=>\"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey\", \"content\"=>#{expected_key_apt_source_key_content}}" + 'key' => '{"id"=>"8C695B0219AFDEB04A058ED8F4E789204D206F89", "source"=>"https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey", "content"=>nil}' ) } @@ -127,39 +142,15 @@ end ['infinity', -1, 1234].each do |value| - context "with file_limit => '#{value}'" do + context "with file_limit => '#{value}'", if: os_facts['kernel'] == 'Linux' do let(:params) { { file_limit: value } } - if facts[:os]['family'] == 'RedHat' - it do - is_expected.to contain_file('/etc/security/limits.d/rabbitmq-server.conf'). - with_owner('0'). - with_group('0'). - with_mode('0644'). - that_notifies('Class[Rabbitmq::Service]'). - with_content("rabbitmq soft nofile #{value}\nrabbitmq hard nofile #{value}\n") - end - else - it { is_expected.not_to contain_file('/etc/security/limits.d/rabbitmq-server.conf') } - end - - if facts[:os]['family'] == 'Debian' - it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{ulimit -n #{value}}) } - else - it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') } - end - - if facts[:systemd] - selinux_ignore_defaults = facts[:os]['family'] == 'RedHat' + selinux_ignore_defaults = os_facts['os']['family'] == 'RedHat' - it do - is_expected.to contain_systemd__service_limits("#{name}.service"). - with_selinux_ignore_defaults(selinux_ignore_defaults). - with_limits('LimitNOFILE' => value). - with_restart_service(false) - end - else - it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } + it do + is_expected.to contain_systemd__manage_dropin('service-90-limits.conf'). + with_selinux_ignore_defaults(selinux_ignore_defaults). + with_service_entry({ 'LimitNOFILE' => value, 'OOMScoreAdjust' => 0 }) end end end @@ -175,24 +166,10 @@ end [-1000, 0, 1000].each do |value| - context "with oom_score_adj => '#{value}'" do + context "with oom_score_adj => '#{value}'", if: os_facts['kernel'] == 'Linux' do let(:params) { { oom_score_adj: value } } - if facts[:os]['family'] == 'Debian' - it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{^echo #{value} > /proc/\$\$/oom_score_adj$}) } - else - it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') } - end - - if facts[:systemd] - it do - is_expected.to contain_systemd__service_limits("#{name}.service"). - with_limits('OOMScoreAdjust' => value). - with_restart_service(false) - end - else - it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } - end + it { is_expected.to contain_systemd__manage_dropin('service-90-limits.conf').with_service_entry({ 'LimitNOFILE' => 16_384, 'OOMScoreAdjust' => value }) } end end @@ -206,15 +183,12 @@ end end - context 'on systems with systemd', if: facts[:systemd] do - it do - is_expected.to contain_systemd__service_limits("#{name}.service"). - with_restart_service(false) - end + context 'on Linux', if: os_facts['kernel'] == 'Linux' do + it { is_expected.to contain_systemd__manage_dropin('service-90-limits.conf') } end - context 'on systems without systemd', unless: facts[:systemd] do - it { is_expected.not_to contain_systemd__service_limits("#{name}.service") } + context 'on non-Linux', unless: os_facts['kernel'] == 'Linux' do + it { is_expected.not_to contain_systemd__manage_dropin('service-90-limits.conf') } end context 'with admin_enable set to true' do @@ -231,21 +205,22 @@ end end - if facts[:os]['family'] == 'Archlinux' - it 'installs a package called rabbitmqadmin' do - is_expected.to contain_package('rabbitmqadmin').with_name('rabbitmqadmin') - end - else - it 'we enable the admin interface by default' do - is_expected.to contain_class('rabbitmq::install::rabbitmqadmin') - is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with( - notify: 'Class[Rabbitmq::Service]' - ) - is_expected.to contain_archive('rabbitmqadmin').with_source('http://1.1.1.1:15672/cli/rabbitmqadmin') - end + it 'we enable the admin interface by default' do + is_expected.to contain_class('rabbitmq::install::rabbitmqadmin') + is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with( + notify: 'Class[Rabbitmq::Service]' + ) + is_expected.to contain_archive('rabbitmqadmin').with_source('http://1.1.1.1:15672/cli/rabbitmqadmin') + is_expected.to contain_file('/usr/local/bin/rabbitmqadmin').with( + owner: 'root', + mode: '0755' + ) + is_expected.to contain_exec('remove_old_rabbitmqadmin_on_upgrade').with_command("rm #{rabbitmq_home}/rabbitmqadmin") end - it { is_expected.to contain_package('python') } if %w[RedHat Debian SUSE].include?(facts[:os]['family']) - it { is_expected.to contain_package('python2') } if %w[FreeBSD OpenBSD].include?(facts[:os]['family']) + + it { is_expected.to contain_package('python') } if %w[RedHat SUSE Archlinux].include?(os_facts['os']['family']) + it { is_expected.to contain_package('python3') } if %w[Debian].include?(os_facts['os']['family']) + it { is_expected.to contain_package('python38') } if %w[FreeBSD].include?(os_facts['os']['family']) end context 'with manage_python false' do @@ -258,7 +233,7 @@ end end - context 'with $management_ip_address undef and service_manage set to true', unless: facts[:osfamily] == 'Archlinux' do + context 'with $management_ip_address undef and service_manage set to true', unless: os_facts['os']['family'] == 'Archlinux' do let(:params) { { admin_enable: true, management_ip_address: :undef } } it 'we enable the admin interface by default' do @@ -270,7 +245,7 @@ end end - context 'with service_manage set to true, node_ip_address = undef, and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do + context 'with service_manage set to true, node_ip_address = undef, and default user/pass specified', unless: os_facts['os']['family'] == 'Archlinux' do let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', node_ip_address: :undef } } it 'we use the correct URL to rabbitmqadmin' do @@ -282,7 +257,7 @@ end end - context 'with service_manage set to true and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do + context 'with service_manage set to true and default user/pass specified', unless: os_facts['os']['family'] == 'Archlinux' do let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', management_ip_address: '1.1.1.1' } } it 'we use the correct URL to rabbitmqadmin' do @@ -294,7 +269,7 @@ end end - context 'with service_manage set to true and archive_options set', unless: facts[:osfamily] == 'Archlinux' do + context 'with service_manage set to true and archive_options set', unless: os_facts['os']['family'] == 'Archlinux' do let(:params) do { admin_enable: true, @@ -311,7 +286,7 @@ end end - context 'with service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do + context 'with service_manage set to true and management port specified', unless: os_facts['os']['family'] == 'Archlinux' do # NOTE: that the 2.x management port is 55672 not 15672 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '1.1.1.1' } } @@ -324,7 +299,7 @@ end end - context 'with ipv6, service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do + context 'with ipv6, service_manage set to true and management port specified', unless: os_facts['os']['family'] == 'Archlinux' do # NOTE: that the 2.x management port is 55672 not 15672 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '::1' } } @@ -382,7 +357,7 @@ describe 'does not contain pre-ranch settings with default config' do it do is_expected.to contain_file('rabbitmq.config'). \ - without_content(%r{binary,}). \ + without_content(%r{binary,}). \ without_content(%r{\{packet, raw\},}). \ without_content(%r{\{reuseaddr, true\},}) end @@ -393,7 +368,7 @@ it do is_expected.to contain_file('rabbitmq.config'). \ - with_content(%r{binary,}). \ + with_content(%r{binary,}). \ with_content(%r{\{packet, raw\},}). \ with_content(%r{\{reuseaddr, true\},}) end @@ -421,7 +396,7 @@ end it 'contains the rabbitmq_erlang_cookie' do - is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') + is_expected.to contain_rabbitmq_erlang_cookie("#{rabbitmq_home}/.erlang.cookie") end end @@ -434,7 +409,7 @@ end it 'contains the rabbitmq_erlang_cookie' do - is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') + is_expected.to contain_rabbitmq_erlang_cookie("#{rabbitmq_home}/.erlang.cookie") end end @@ -445,8 +420,8 @@ } end - it 'contains the rabbitmq_erlang_cookie' do - is_expected.not_to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie') + it 'does not contains the rabbitmq_erlang_cookie' do + is_expected.not_to contain_rabbitmq_erlang_cookie("#{rabbitmq_home}/.erlang.cookie") end end @@ -462,7 +437,66 @@ end it 'for cluster_nodes' do - is_expected.to contain_file('rabbitmq.config').with('content' => %r{cluster_nodes.*\['rabbit@hare-1', 'rabbit@hare-2'\], ram}) + is_expected.to contain_file('rabbitmq.config').with('content' => %r{^ {4}\{cluster_nodes, \{\['rabbit@hare-1', 'rabbit@hare-2'\], ram}) + end + end + + describe 'without cluster_nodes and sets appropriate configuration' do + let(:params) do + { + config_cluster: true, + cluster_node_type: 'ram', + erlang_cookie: 'ORIGINAL', + wipe_db_on_cookie_change: true + } + end + + it 'for cluster_nodes' do + is_expected.to contain_file('rabbitmq.config').with('content' => %r{^ {4}\{cluster_nodes, \{\[\], ram}) + end + end + end + + describe 'with config_cowboy_opts' do + context 'without SSL' do + let(:params) do + { + config_cowboy_opts: { + 'max_request_line_length' => 16_000, + 'max_keepalive' => 1000, + }, + } + end + + it 'sets expected cowboy config variables' do + is_expected.to contain_file('rabbitmq.config'). \ + with_content( + %r{\{cowboy_opts, \[\n\s+\{max_keepalive, 1000\},\n\s+\{max_request_line_length, 16000\}} + ) + end + end + + context 'withSSL' do + let(:params) do + { + config_cowboy_opts: { + 'max_request_line_length' => 16_003, + 'max_keepalive' => 1002, + }, + ssl: true, + ssl_port: 3141, + ssl_cacert: '/path/to/cacert', + ssl_cert: '/path/to/cert', + ssl_key: '/path/to/key', + ssl_versions: ['tlsv1.2', 'tlsv1.1'], + } + end + + it 'sets expected cowboy config variables' do + is_expected.to contain_file('rabbitmq.config'). \ + with_content( + %r{\{cowboy_opts, \[\n\s+\{max_keepalive, 1002\},\n\s+\{max_request_line_length, 16003\}} + ) end end end @@ -470,8 +504,13 @@ describe 'rabbitmq-env configuration' do context 'with default params' do it 'sets environment variables' do - is_expected.to contain_file('rabbitmq-env.config'). \ - with_content(%r{ERL_INETRC=/etc/rabbitmq/inetrc}) + if %w[FreeBSD OpenBSD].include?(os_facts['os']['family']) + is_expected.to contain_file('rabbitmq-env.config'). \ + with_content(%r{ERL_INETRC=/usr/local/etc/rabbitmq/inetrc}) + else + is_expected.to contain_file('rabbitmq-env.config'). \ + with_content(%r{ERL_INETRC=/etc/rabbitmq/inetrc}) + end end end @@ -687,7 +726,7 @@ end context 'use config file for plugins' do - describe 'config_plugins_file: true' do + describe 'config_plugins_file: true and default list of enabled plugins' do let :params do { use_config_file_for_plugins: true } end @@ -705,6 +744,26 @@ end end + describe 'config_plugins_file: true and custom list of enabled plugins' do + let :params do + { + use_config_file_for_plugins: true, + admin_enable: false, + plugins: %w[rabbitmq_stomp rabbitmq_shovel rabbitmq_prometheus] + } + end + + it 'does not use rabbitmqplugin provider' do + is_expected.not_to contain_rabbitmq_plugin('rabbitmq_stomp') + is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel') + is_expected.not_to contain_rabbitmq_plugin('rabbitmq_prometheus') + end + + it 'configures enabled_plugins' do + is_expected.to contain_file('enabled_plugins').with_content(%r{\[rabbitmq_stomp,rabbitmq_shovel,rabbitmq_prometheus\]\.}) + end + end + describe 'with all plugins enabled admin_enable: false, manamgent_enable: true' do let :params do { @@ -1163,6 +1222,34 @@ end end + # tlsv1.3 not supported on older RMQ/Erlang with this distro + describe 'ssl options with ssl version tlsv1.3' do + let(:params) do + { ssl: true, + ssl_port: 3141, + ssl_cacert: '/path/to/cacert', + ssl_cert: '/path/to/cert', + ssl_key: '/path/to/key', + ssl_versions: ['tlsv1.3'] } + end + + it 'sets ssl options to specified values' do + is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.3'\]\}\]}) + is_expected.to contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.3'\]}) + end + + it 'does not set ssl negotiation options with tlsv1.3' do + is_expected.to contain_file('rabbitmq.config'). \ + without_content(%r{client_renegotiation}). \ + without_content(%r{secure_renegotiate}) + end + end + describe 'ssl options with ssl_versions and not ssl' do let(:params) do { ssl: false, @@ -1348,6 +1435,16 @@ it { is_expected.to contain_file('rabbitmq.config').without_content(%r{dhfile,}) } end + describe 'ssl with ssl_client_renegotiation false' do + let(:params) do + { ssl: true, + ssl_interface: '0.0.0.0', + ssl_client_renegotiation: false } + end + + it { is_expected.to contain_file('rabbitmq.config').with_content(%r{client_renegotiation,false}) } + end + describe 'ssl with ssl_secure_renegotiate false' do let(:params) do { ssl: true, @@ -1698,12 +1795,83 @@ describe 'rabbitmq-heartbeat options' do let(:params) { { heartbeat: 60 } } - it 'sets heartbeat paramter in config file' do + it 'sets heartbeat parameter in config file' do is_expected.to contain_file('rabbitmq.config'). \ with_content(%r{\{heartbeat, 60\}}) end end + # Ensure that whenever Param quorum_membership_reconciliation_enabled is unset - none of the + # other quorum_membership_reconciliation paramaters are set at all + # This ensures full backward compatibility with PRE RabbitMQ 3.13 + describe 'rabbitmq-quorum_membership_reconciliation_enabled undef options' do + let(:params) { { quorum_membership_reconciliation_enabled: :undef } } + + it 'sets quorum_membership_reconciliation_enabled parameter undef in config file' do + is_expected.to contain_file('rabbitmq.config'). \ + without_content(%r{\{quorum_membership_reconciliation_enabled, }). \ + without_content(%r{\{quorum_membership_reconciliation_auto_remove, }). \ + without_content(%r{\{quorum_membership_reconciliation_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_trigger_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_target_group_size, }) + end + end + + # Ensure that whenever Param quorum_membership_reconciliation_enabled is false - none of the + # other quorum_membership_reconciliation paramaters are set at all + # This ensures full backward compatibility with PRE RabbitMQ 3.13 + describe 'rabbitmq-quorum_membership_reconciliation_enabled false options' do + let(:params) { { quorum_membership_reconciliation_enabled: false } } + + it 'sets quorum_membership_reconciliation_enabled parameter false in config file' do + is_expected.to contain_file('rabbitmq.config'). \ + without_content(%r{\{quorum_membership_reconciliation_enabled, }). \ + without_content(%r{\{quorum_membership_reconciliation_auto_remove, }). \ + without_content(%r{\{quorum_membership_reconciliation_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_trigger_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_target_group_size, }) + end + end + + # Ensure that whenever Param quorum_membership_reconciliation_enabled is true - the defaults + # of all other quorum_membership_reconciliation parameters ensure they are UNSET until + # explicitly set. + describe 'rabbitmq-quorum_membership_reconciliation_enabled true options' do + let(:params) { { quorum_membership_reconciliation_enabled: true } } + + it 'sets quorum_membership_reconciliation_enabled parameter true in config file' do + is_expected.to contain_file('rabbitmq.config'). \ + with_content(%r{\{quorum_membership_reconciliation_enabled, true\}}). \ + without_content(%r{\{quorum_membership_reconciliation_auto_remove, }). \ + without_content(%r{\{quorum_membership_reconciliation_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_trigger_interval, }). \ + without_content(%r{\{quorum_membership_reconciliation_target_group_size, }) + end + end + + # Ensure that whenever Param quorum_membership_reconciliation_enabled is true + # and the other parameters are set - they pass as expected. + describe 'rabbitmq-quorum_membership_reconciliation_enabled true options' do + let(:params) do + { + quorum_membership_reconciliation_enabled: true, + quorum_membership_reconciliation_auto_remove: true, + quorum_membership_reconciliation_interval: 36_000, + quorum_membership_reconciliation_trigger_interval: 3_600, + quorum_membership_reconciliation_target_group_size: 2 + } + end + + it 'sets quorum_membership_reconciliation_enabled parameter true in config file' do + is_expected.to contain_file('rabbitmq.config'). \ + with_content(%r{\{quorum_membership_reconciliation_enabled, true\}}). \ + with_content(%r{\{quorum_membership_reconciliation_auto_remove, true\}}). \ + with_content(%r{\{quorum_membership_reconciliation_interval, 36000\}}). \ + with_content(%r{\{quorum_membership_reconciliation_trigger_interval, 3600\}}). \ + with_content(%r{\{quorum_membership_reconciliation_target_group_size, 2\}}) + end + end + context 'delete_guest_user' do describe 'should do nothing by default' do it { is_expected.not_to contain_rabbitmq_user('guest') } @@ -1761,13 +1929,6 @@ } end - context 'on systems with systemd', if: facts[:systemd] do - it do - is_expected.to contain_service('rabbitmq-server'). - that_requires('Class[systemd::systemctl::daemon_reload]') - end - end - describe 'service with ensure stopped' do let :params do { service_ensure: 'stopped' } @@ -1791,6 +1952,3 @@ end end end - -# rubocop:enable RSpec/RepeatedExampleGroupDescription -# rubocop:enable RSpec/RepeatedExampleGroupBody diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 67cc04489..5ce539df6 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -3,16 +3,19 @@ # Managed by modulesync - DO NOT EDIT # https://voxpupuli.org/docs/updating-files-managed-with-modulesync/ -RSpec.configure do |c| - c.mock_with :mocha -end - # puppetlabs_spec_helper will set up coverage if the env variable is set. # We want to do this if lib exists and it hasn't been explicitly set. ENV['COVERAGE'] ||= 'yes' if Dir.exist?(File.expand_path('../lib', __dir__)) require 'voxpupuli/test/spec_helper' +RSpec.configure do |c| + c.facterdb_string_keys = true + c.mock_with :mocha +end + +add_mocked_facts! + if File.exist?(File.join(__dir__, 'default_module_facts.yml')) facts = YAML.safe_load(File.read(File.join(__dir__, 'default_module_facts.yml'))) facts&.each do |name, value| @@ -21,3 +24,4 @@ end require 'spec_helper_local' +Dir['./spec/support/spec/**/*.rb'].sort.each { |f| require f } diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 94706e396..a251656ec 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -5,17 +5,14 @@ configure_beaker do |host| case fact_on(host, 'os.family') when 'Debian' - install_module_from_forge_on(host, 'puppetlabs-apt', '>= 4.1.0 < 9.0.0') + install_puppet_module_via_pmt_on(host, 'puppetlabs-apt', '>= 9.0.0 < 10.0.0') when 'RedHat' - install_module_from_forge_on(host, 'garethr-erlang', '>= 0.3.0 < 1.0.0') if fact_on(host, 'os.selinux.enabled') # Make sure selinux is disabled so the tests work. on host, puppet('resource', 'exec', 'setenforce 0', 'path=/bin:/sbin:/usr/bin:/usr/sbin', 'onlyif=which setenforce && getenforce | grep Enforcing') end end - install_package(host, 'iproute2') if fact('os.release.major').to_i == 18 || fact('os.release.major') == 'buster/sid' - # Fake certs on host, 'echo "-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDw1uXI+EAgxk4dOxArPqMNnnCQqmXeQ61XQQXoAgWWjRvY4LAJ diff --git a/spec/unit/facter/util/fact_rabbitmq_plugins_dirs_spec.rb b/spec/unit/facter/util/fact_rabbitmq_plugins_dirs_spec.rb index 04a10e358..55888dec4 100644 --- a/spec/unit/facter/util/fact_rabbitmq_plugins_dirs_spec.rb +++ b/spec/unit/facter/util/fact_rabbitmq_plugins_dirs_spec.rb @@ -10,12 +10,7 @@ it do Facter::Util::Resolution.expects(:which).with('rabbitmqctl').returns(true) Facter::Core::Execution.expects(:execute).with("rabbitmqctl eval 'application:get_env(rabbit, plugins_dir).'").returns('{ok,"/usr/lib/rabbitmq/plugins:/usr/lib/rabbitmq/lib/rabbitmq_server-3.7.10/plugins"}') - expect(Facter.fact(:rabbitmq_plugins_dirs).value).to match_array( - [ - '/usr/lib/rabbitmq/plugins', - '/usr/lib/rabbitmq/lib/rabbitmq_server-3.7.10/plugins' - ] - ) + expect(Facter.fact(:rabbitmq_plugins_dirs).value).to contain_exactly('/usr/lib/rabbitmq/plugins', '/usr/lib/rabbitmq/lib/rabbitmq_server-3.7.10/plugins') end end @@ -23,11 +18,7 @@ it do Facter::Util::Resolution.expects(:which).with('rabbitmqctl').returns(true) Facter::Core::Execution.expects(:execute).with("rabbitmqctl eval 'application:get_env(rabbit, plugins_dir).'").returns('{ok,"/usr/lib/rabbitmq/lib/rabbitmq_server-0.0.0/plugins"}') - expect(Facter.fact(:rabbitmq_plugins_dirs).value).to match_array( - [ - '/usr/lib/rabbitmq/lib/rabbitmq_server-0.0.0/plugins' - ] - ) + expect(Facter.fact(:rabbitmq_plugins_dirs).value).to contain_exactly('/usr/lib/rabbitmq/lib/rabbitmq_server-0.0.0/plugins') end end diff --git a/spec/unit/puppet/provider/rabbitmq_cli_spec.rb b/spec/unit/puppet/provider/rabbitmq_cli_spec.rb index d710a40b0..c4bfa13dc 100644 --- a/spec/unit/puppet/provider/rabbitmq_cli_spec.rb +++ b/spec/unit/puppet/provider/rabbitmq_cli_spec.rb @@ -13,18 +13,23 @@ end it 'gets the RabbitMQ version' do - provider_class.expects(:rabbitmqctl).with('-q', 'status').returns '{rabbit,"RabbitMQ","3.1.5"}' - expect(provider_class.rabbitmq_version).to eq('3.1.5') + provider_class.expects(:rabbitmqctl).with('-q', 'status').returns ' [{rabbit,"RabbitMQ","3.7.28"},' + expect(provider_class.rabbitmq_version).to eq('3.7.28') end it 'caches the RabbitMQ version' do - provider_class.expects(:rabbitmqctl).with('-q', 'status').returns '{rabbit,"RabbitMQ","3.7.10"}' + provider_class.expects(:rabbitmqctl).with('-q', 'status').returns ' [{rabbit,"RabbitMQ","3.7.28"},' v1 = provider_class.rabbitmq_version # No second expects for rabbitmqctl as it shouldn't be called again expect(provider_class.rabbitmq_version).to eq(v1) end + it 'gets the RabbitMQ version with version >= 3.8' do + provider_class.expects(:rabbitmqctl).with('-q', 'status').returns 'RabbitMQ version: 3.10.6' + expect(provider_class.rabbitmq_version).to eq('3.10.6') + end + it 'uses correct list options with RabbitMQ < 3.7.9' do provider_class.expects(:rabbitmq_version).returns '3.7.8' provider_class.expects(:rabbitmqctl).with('list_vhost', '-q').returns '' diff --git a/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb b/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb index ec2e7a4f1..bd06e2564 100644 --- a/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb +++ b/spec/unit/puppet/provider/rabbitmq_plugin/rabbitmqctl_spec.rb @@ -11,17 +11,68 @@ end let(:provider) { provider_class.new(resource) } - it 'matches plugins' do - provider.expects(:rabbitmqplugins).with('list', '-E', '-m').returns("foo\n") - expect(provider.exists?).to eq(true) - end - it 'calls rabbitmqplugins to enable when node not running' do provider.class.expects(:rabbitmq_running).returns false provider.expects(:rabbitmqplugins).with('enable', 'foo') provider.create end + describe '#instances' do + it 'exists' do + expect(provider_class).to respond_to :instances + end + + it 'retrieves instances' do + provider.class.expects(:plugin_list).returns(%w[foo bar]) + instances = provider_class.instances + instances_cmp = instances.map { |prov| { name: prov.get(:name) } } + expect(instances_cmp).to eq( + [ + { name: 'foo' }, + { name: 'bar' } + ] + ) + end + + it 'raises error on invalid line' do + provider_class.expects(:plugin_list).returns([' ']) + expect { provider_class.instances }.to raise_error Puppet::Error, %r{Cannot parse invalid plugins line} + end + end + + describe '#plugin_list' do + it 'exists' do + expect(provider_class).to respond_to :instances + end + + it 'returns a list of plugins' do + provider.class.expects(:rabbitmqplugins).with('list', '-e', '-m').returns("foo\nbar\nbaz\n") + expect(provider.class.plugin_list).to eq(%w[foo bar baz]) + end + + it 'handles no training newline properly' do + provider.class.expects(:rabbitmqplugins).with('list', '-e', '-m').returns("foo\nbar") + expect(provider.class.plugin_list).to eq(%w[foo bar]) + end + + it 'handles lines that are not plugins' do + provider.class.expects(:rabbitmqplugins).with('list', '-e', '-m').returns("Listing plugins with pattern \".*\" ...\nfoo\nbar") + expect(provider.class.plugin_list).to eq(%w[foo bar]) + end + end + + describe '#exists?' do + it 'matches existing plugins' do + provider_class.expects(:plugin_list).returns(%w[foo]) + expect(provider.exists?).to eq(true) + end + + it 'returns false for missing plugins' do + provider_class.expects(:plugin_list).returns(%w[bar]) + expect(provider.exists?).to eq(false) + end + end + context 'with RabbitMQ version >=3.4.0' do it 'calls rabbitmqplugins to enable' do provider.class.expects(:rabbitmq_version).returns '3.4.0' diff --git a/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb b/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb index 91bf5aaa1..ec1d96fed 100644 --- a/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb +++ b/spec/unit/puppet/provider/rabbitmq_policy/rabbitmqctl_spec.rb @@ -61,6 +61,23 @@ 'ha-sync-mode' => 'automatic' }) end + + it 'matches policies from list targeting quorum queues' do + provider.class.expects(:rabbitmq_version).returns '3.7.0' + provider.class.expects(:rabbitmqctl_list).with('policies', '-p', '/').returns <<~EOT + / ha-all ^.*$ quorum_queues {"delivery-limit":10,"initial-cluster-size":3,"max-length":100000000,"overflow":"reject-publish-dlx"} 0 + / test .* exchanges {"ha-mode":"all"} 0 + EOT + expect(provider.exists?).to eq(applyto: 'quorum_queues', + pattern: '^.*$', + priority: '0', + definition: { + 'delivery-limit' => 10, + 'initial-cluster-size' => 3, + 'max-length' => 100_000_000, + 'overflow' => 'reject-publish-dlx' + }) + end end context 'with RabbitMQ version >=3.2.0 and < 3.7.0' do diff --git a/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb b/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb index 77fcc2789..cca62c64d 100644 --- a/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb +++ b/spec/unit/puppet/provider/rabbitmq_user_permissions/rabbitmqctl_spec.rb @@ -37,8 +37,7 @@ end it 'does not match an empty list' do - provider.class.expects(:rabbitmqctl_list).with('user_permissions', 'foo').returns <<-EOT - EOT + provider.class.expects(:rabbitmqctl_list).with('user_permissions', 'foo').returns '' expect(provider.exists?).to eq(nil) end diff --git a/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb b/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb index b87a9f877..f0fb6e0f2 100644 --- a/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb +++ b/spec/unit/puppet/provider/rabbitmq_vhost/rabbitmqctl_spec.rb @@ -1,15 +1,16 @@ # frozen_string_literal: true require 'spec_helper' - -provider_class = Puppet::Type.type(:rabbitmq_vhost).provider(:rabbitmqctl) -describe provider_class do +describe Puppet::Type.type(:rabbitmq_vhost).provider(:rabbitmqctl) do let(:resource) do Puppet::Type::Rabbitmq_vhost.new( - name: 'foo' + name: 'foo', + description: 'foo description', + default_queue_type: 'quorum', + tags: %w[foo bar] ) end - let(:provider) { provider_class.new(resource) } + let(:provider) { described_class.new(resource) } it 'matches vhost names' do provider.expects(:rabbitmqctl_list).with('vhosts').returns <<~EOT @@ -37,12 +38,96 @@ expect(provider.exists?).to eq(false) end - it 'calls rabbitmqctl to create' do - provider.expects(:rabbitmqctl).with('add_vhost', 'foo') - provider.create + context 'with RabbitMQ version <3.11.0 (no metadata support)' do + it 'calls rabbitmqctl to create' do + provider.expects(:supports_metadata?).at_least_once.returns false + provider.expects(:rabbitmqctl).with('add_vhost', 'foo') + provider.create + end + end + + context 'with RabbitMQ version >=3.11.0 (metadata support)' do + it 'parses vhost list with valid metadata' do + provider.class.expects(:supports_metadata?).at_least_once.returns true + provider.class.expects(:vhost_list).returns <<~EOT + inventory classic [] + / Default virtual host undefined [] + search quorum [] + testing My cool vhost undefined [tag1, tag2] + EOT + instances = provider.class.instances + expect(instances.size).to eq(4) + expect(instances.map do |prov| + { + name: prov.get(:name), + description: prov.get(:description), + default_queue_type: prov.get(:default_queue_type), + tags: prov.get(:tags) + } + end).to eq( + [ + { + name: 'inventory', + description: '', + default_queue_type: 'classic', + tags: [] + }, + { + name: '/', + description: 'Default virtual host', + default_queue_type: :absent, + tags: [] + }, + { + name: 'search', + description: '', + default_queue_type: 'quorum', + tags: [] + }, + { + name: 'testing', + description: 'My cool vhost', + default_queue_type: :absent, + tags: %w[tag1 tag2] + } + ] + ) + end + + it 'throws error when parsing invalid vhost metadata' do + provider.class.expects(:supports_metadata?).at_least_once.returns true + provider.class.expects(:vhost_list).returns <<~EOT + inventory undefined [] + / Default virtual host undefined + EOT + expect { print provider.class.instances }.to raise_error(Puppet::Error, %r{Cannot parse invalid vhost line: / Default virtual host undefined}) + end + + it 'calls rabbitmqctl to create with metadata' do + provider.expects(:supports_metadata?).at_least_once.returns true + provider.expects(:rabbitmqctl).with('add_vhost', 'foo', ['--description', 'foo description'], \ + ['--default-queue-type', 'quorum'], ['--tags', 'foo,bar']) + provider.create + end + + it 'updates tags' do + provider.set(tags: %w[tag1 tag2]) + provider.expects(:exists?).at_least_once.returns true + provider.expects(:supports_metadata?).at_least_once.returns true + provider.expects(:rabbitmqctl).with('update_vhost_metadata', 'foo', ['--tags', 'tag1,tag2']) + provider.flush + end + + it 'updates description' do + provider.set(description: 'this is the new description') + provider.expects(:exists?).at_least_once.returns true + provider.expects(:supports_metadata?).at_least_once.returns true + provider.expects(:rabbitmqctl).with('update_vhost_metadata', 'foo', ['--description', 'this is the new description']) + provider.flush + end end - it 'calls rabbitmqctl to create' do + it 'calls rabbitmqctl to delete' do provider.expects(:rabbitmqctl).with('delete_vhost', 'foo') provider.destroy end diff --git a/spec/unit/puppet/type/rabbitmq_cluster_spec.rb b/spec/unit/puppet/type/rabbitmq_cluster_spec.rb index e71b283a7..ab404e062 100644 --- a/spec/unit/puppet/type/rabbitmq_cluster_spec.rb +++ b/spec/unit/puppet/type/rabbitmq_cluster_spec.rb @@ -22,6 +22,16 @@ expect(rabbitmq_cluster[:init_node]).to eq('host1') end + it 'check if local_node set to host1' do + rabbitmq_cluster[:local_node] = 'host1' + expect(rabbitmq_cluster[:local_node]).to eq('host1') + end + + it 'local_node not set should default to undef' do + rabbitmq_cluster[:init_node] = 'host1' + expect(rabbitmq_cluster[:local_node]).to eq(:undef) + end + it 'try to set node_disc_type to ram' do rabbitmq_cluster[:node_disc_type] = 'ram' expect(rabbitmq_cluster[:node_disc_type]).to eq('ram') diff --git a/spec/unit/puppet/type/rabbitmq_parameter_spec.rb b/spec/unit/puppet/type/rabbitmq_parameter_spec.rb index f03b2c42e..5b9586db8 100644 --- a/spec/unit/puppet/type/rabbitmq_parameter_spec.rb +++ b/spec/unit/puppet/type/rabbitmq_parameter_spec.rb @@ -44,9 +44,8 @@ end it 'accepts a valid hash for value' do - value = { 'message-ttl' => '1800000' } - parameter[:value] = value - expect(parameter[:value]).to eq(value) + parameter[:value] = { 'message-ttl' => '1800000' } + expect(parameter[:value]).to eq({ 'message-ttl' => 1_800_000 }) end it 'does not accept an empty string for definition' do @@ -97,7 +96,7 @@ it 'does not convert numeric string to integer' do expect(parameter[:value]['myparameter']).to eq('1800000') - expect(parameter[:value]['myparameter']).to be_kind_of(String) + expect(parameter[:value]['myparameter']).to be_a(String) end end end diff --git a/spec/unit/puppet/type/rabbitmq_policy_spec.rb b/spec/unit/puppet/type/rabbitmq_policy_spec.rb index 0506ea136..46742aef0 100644 --- a/spec/unit/puppet/type/rabbitmq_policy_spec.rb +++ b/spec/unit/puppet/type/rabbitmq_policy_spec.rb @@ -46,7 +46,7 @@ end it 'accepts valid value for applyto' do - %i[all exchanges queues].each do |v| + %i[all classic_queues exchanges queues quorum_queues streams].each do |v| policy[:applyto] = v expect(policy[:applyto]).to eq(v) end @@ -91,7 +91,7 @@ end end - it 'accepts and convert ha-params for ha-mode exactly' do + it 'accepts and converts ha-params for ha-mode exactly' do definition = { 'ha-mode' => 'exactly', 'ha-params' => '2' } policy[:definition] = definition expect(policy[:definition]['ha-params']).to eq(2) @@ -104,7 +104,20 @@ end.to raise_error(Puppet::Error, %r{Invalid ha-params.*nonnumeric.*exactly}) end - it 'accepts and convert the expires value' do + it 'accepts and converts the consumer-timeout value' do + definition = { 'consumer-timeout' => '86400000' } + policy[:definition] = definition + expect(policy[:definition]['consumer-timeout']).to eq(86_400_000) + end + + it 'does not accept non-numeric consumer-timeout value' do + definition = { 'consumer-timeout' => 'bogus' } + expect do + policy[:definition] = definition + end.to raise_error(Puppet::Error, %r{Invalid consumer-timeout value.*bogus}) + end + + it 'accepts and converts the expires value' do definition = { 'expires' => '1800000' } policy[:definition] = definition expect(policy[:definition]['expires']).to eq(1_800_000) @@ -117,7 +130,7 @@ end.to raise_error(Puppet::Error, %r{Invalid expires value.*future}) end - it 'accepts and convert the message-ttl value' do + it 'accepts and converts the message-ttl value' do definition = { 'message-ttl' => '1800000' } policy[:definition] = definition expect(policy[:definition]['message-ttl']).to eq(1_800_000) @@ -130,7 +143,7 @@ end.to raise_error(Puppet::Error, %r{Invalid message-ttl value.*future}) end - it 'accepts and convert the max-length value' do + it 'accepts and converts the max-length value' do definition = { 'max-length' => '1800000' } policy[:definition] = definition expect(policy[:definition]['max-length']).to eq(1_800_000) @@ -143,7 +156,7 @@ end.to raise_error(Puppet::Error, %r{Invalid max-length value.*future}) end - it 'accepts and convert the max-length-bytes value' do + it 'accepts and converts the max-length-bytes value' do definition = { 'max-length-bytes' => '1800000' } policy[:definition] = definition expect(policy[:definition]['max-length-bytes']).to eq(1_800_000) @@ -156,7 +169,7 @@ end.to raise_error(Puppet::Error, %r{Invalid max-length-bytes value.*future}) end - it 'accepts and convert the shards-per-node value' do + it 'accepts and converts the shards-per-node value' do definition = { 'shards-per-node' => '1800000' } policy[:definition] = definition expect(policy[:definition]['shards-per-node']).to eq(1_800_000) @@ -169,7 +182,7 @@ end.to raise_error(Puppet::Error, %r{Invalid shards-per-node value.*future}) end - it 'accepts and convert the ha-sync-batch-size value' do + it 'accepts and converts the ha-sync-batch-size value' do definition = { 'ha-sync-batch-size' => '1800000' } policy[:definition] = definition expect(policy[:definition]['ha-sync-batch-size']).to eq(1_800_000) @@ -195,6 +208,32 @@ end.to raise_error(Puppet::Error, %r{Invalid delivery-limit value.*future}) end + it 'accepts and converts the initial-cluster-size value' do + definition = { 'initial-cluster-size' => '3' } + policy[:definition] = definition + expect(policy[:definition]['initial-cluster-size']).to eq(3) + end + + it 'does not accept non-numeric initial-cluster-size value' do + definition = { 'initial-cluster-size' => 'impressive' } + expect do + policy[:definition] = definition + end.to raise_error(Puppet::Error, %r{Invalid initial-cluster-size value 'impressive}) + end + + it 'accepts and converts the queue-version value' do + definition = { 'queue-version' => '2' } + policy[:definition] = definition + expect(policy[:definition]['queue-version']).to eq(2) + end + + it 'does not accept non-numeric queue-version value' do + definition = { 'queue-version' => 'oogabooga' } + expect do + policy[:definition] = definition + end.to raise_error(Puppet::Error, %r{Invalid queue-version value.*oogabooga}) + end + context 'accepts list value in ha-params when ha-mode = nodes' do before do policy[:definition] = definition diff --git a/templates/default.erb b/templates/default.erb deleted file mode 100644 index 461f08315..000000000 --- a/templates/default.erb +++ /dev/null @@ -1,14 +0,0 @@ -# File managed by Puppet. - -# This file is sourced by /etc/init.d/rabbitmq-server. Its primary -# reason for existing is to allow adjustment of system limits for the -# rabbitmq-server process. -# -# Maximum number of open file handles. This will need to be increased -# to handle many simultaneous connections. Refer to the system -# documentation for ulimit (in man bash) for more information. -ulimit -n <%= @file_limit %> - -# OOM score. It sets the score of the init script, but as this value is -# inherited, it also applies to the rabbitmq-server. -echo <%= @oom_score_adj %> > /proc/$$/oom_score_adj diff --git a/templates/enabled_plugins.epp b/templates/enabled_plugins.epp new file mode 100644 index 000000000..817fd3e65 --- /dev/null +++ b/templates/enabled_plugins.epp @@ -0,0 +1,3 @@ +% This file managed by Puppet +% Template Path: <%= $rabbitmq::config::module_name %>/templates/enabled_plugins +[<%= ($::rabbitmq::config::_plugins.unique).join(',')%>]. diff --git a/templates/enabled_plugins.erb b/templates/enabled_plugins.erb deleted file mode 100644 index 6d1dfac6a..000000000 --- a/templates/enabled_plugins.erb +++ /dev/null @@ -1,19 +0,0 @@ -% This file managed by Puppet -% Template Path: <%= @module_name %>/templates/enabled_plugins -<%- @_plugins = [] -%> -<%- if @admin_enable or @management_enable -%> - <%- @_plugins << 'rabbitmq_management' -%> -<%- end -%> -<%- if @stomp_ensure -%> - <%- @_plugins << 'rabbitmq_stomp' -%> -<%- end -%> -<%- if @ldap_auth -%> - <%- @_plugins << 'rabbitmq_auth_backend_ldap' -%> -<%- end -%> -<%- if @config_shovel -%> - <%- @_plugins << 'rabbitmq_shovel' -%> - <%- if @admin_enable or @management_enable -%> - <%- @_plugins << 'rabbitmq_shovel_management' -%> - <%- end -%> -<%- end -%> -[<%= @_plugins.join(',')%>]. diff --git a/templates/rabbitmq-env.conf.epp b/templates/rabbitmq-env.conf.epp new file mode 100644 index 000000000..f86e08888 --- /dev/null +++ b/templates/rabbitmq-env.conf.epp @@ -0,0 +1,5 @@ +<% $rabbitmq::config::environment_variables.keys.sort.each |$k| { -%> + <%- unless $rabbitmq::config::environment_variables[$k] == Undef {-%> +<%= $k %>=<%= $rabbitmq::config::environment_variables[$k] %> + <%-} -%> +<% } -%> diff --git a/templates/rabbitmq-env.conf.erb b/templates/rabbitmq-env.conf.erb deleted file mode 100644 index dabeef0e9..000000000 --- a/templates/rabbitmq-env.conf.erb +++ /dev/null @@ -1,5 +0,0 @@ -<% @environment_variables.sort.each do |key, value| -%> - <%- unless value.nil? -%> -<%= key %>=<%= value %> - <%- end -%> -<% end -%> diff --git a/templates/rabbitmq.config.epp b/templates/rabbitmq.config.epp new file mode 100644 index 000000000..7f93431e9 --- /dev/null +++ b/templates/rabbitmq.config.epp @@ -0,0 +1,265 @@ +% This file managed by Puppet +% Template Path: <%= $rabbitmq::config::module_name %>/templates/rabbitmq.config +[ +<%- if $rabbitmq::config::ssl and $rabbitmq::config::ssl_versions { -%> + {ssl, [{versions, ['<%= $rabbitmq::config::ssl_versions.sort.join("', '") %>']}]}, +<%- } -%> + {rabbit, [ +<%- if $rabbitmq::config::heartbeat {-%> + {heartbeat, <%=$rabbitmq::config::heartbeat%>}, +<% } -%> +<% if $rabbitmq::config::loopback_users.size > 0 {-%> + {loopback_users, [<<"<%= $rabbitmq::config::loopback_users.join('">>, <<"') %>">>]}, +<% } else {-%> + {loopback_users, []}, +<% } -%> +<% if $rabbitmq::config::auth_backends {-%> + {auth_backends, [<%= $rabbitmq::config::auth_backends.join(', ') %>]}, +<% } elsif $rabbitmq::config::ldap_auth {-%> + {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]}, +<% } -%> +<% if $rabbitmq::config::config_cluster {-%> + <%- if !$rabbitmq::config::cluster_nodes.empty {-%> + {cluster_nodes, {['rabbit@<%= $rabbitmq::config::cluster_nodes.join("', 'rabbit@") %>'], <%= $rabbitmq::config::cluster_node_type %>}}, + <%- } else {-%> + {cluster_nodes, {[], <%= $rabbitmq::config::cluster_node_type %>}}, + <%- } -%> + {cluster_partition_handling, <%= $rabbitmq::config::cluster_partition_handling %>}, +<% } -%> +<% if $rabbitmq::config::quorum_membership_reconciliation_enabled {-%> + {quorum_membership_reconciliation_enabled, <%= $rabbitmq::config::quorum_membership_reconciliation_enabled %>}, + <%- unless $rabbitmq::config::quorum_membership_reconciliation_auto_remove =~ Undef {-%> + {quorum_membership_reconciliation_auto_remove, <%= $rabbitmq::config::quorum_membership_reconciliation_auto_remove %>}, + <%- } -%> + <%- unless $rabbitmq::config::quorum_membership_reconciliation_interval =~ Undef {-%> + {quorum_membership_reconciliation_interval, <%= $rabbitmq::config::quorum_membership_reconciliation_interval %>}, + <%- } -%> + <%- unless $rabbitmq::config::quorum_membership_reconciliation_trigger_interval =~ Undef {-%> + {quorum_membership_reconciliation_trigger_interval, <%= $rabbitmq::config::quorum_membership_reconciliation_trigger_interval %>}, + <%- } -%> + <%- unless $rabbitmq::config::quorum_membership_reconciliation_target_group_size =~ Undef {-%> + {quorum_membership_reconciliation_target_group_size, <%= $rabbitmq::config::quorum_membership_reconciliation_target_group_size %>}, + <%- } -%> +<% } -%> + {tcp_listen_options, [ + <%- unless $rabbitmq::config::config_ranch {-%> + binary, + {packet, raw}, + {reuseaddr, true}, + <%- } -%> + <%- if $rabbitmq::config::tcp_keepalive {-%> + {keepalive, true}, + <%- } -%> + <%- if $rabbitmq::config::tcp_backlog {-%> + {backlog, <%= $rabbitmq::config::tcp_backlog %>}, + <%- } -%> + <%- if $rabbitmq::config::tcp_sndbuf {-%> + {sndbuf, <%= $rabbitmq::config::tcp_sndbuf %>}, + <%- } -%> + <%- if $rabbitmq::config::tcp_recbuf {-%> + {recbuf, <%= $rabbitmq::config::tcp_recbuf %>}, + <%- } -%> + {nodelay, true}, + {linger, {true, 0}}, + {exit_on_close, false} + ]}, +<%- if $rabbitmq::config::collect_statistics_interval {-%> + {collect_statistics_interval, <%= $rabbitmq::config::collect_statistics_interval %>}, +<%- } -%> +<%- if $rabbitmq::config::ssl_only {-%> + {tcp_listeners, []}, +<%-} elsif $rabbitmq::config::interface {-%> + {tcp_listeners, [{"<%= $rabbitmq::config::interface%>", <%= $rabbitmq::config::port %>}]}, +<%- } -%> +<%- if $rabbitmq::config::ssl {-%> + <%- if $rabbitmq::config::ssl_interface {-%> + {ssl_listeners, [{"<%= $rabbitmq::config::ssl_interface%>", <%= $rabbitmq::config::ssl_port %>}]}, + <%-} else {-%> + {ssl_listeners, [<%= $rabbitmq::config::ssl_port %>]}, + <%- } -%> + {ssl_options, [ + <%- if $rabbitmq::config::ssl_cacert {-%> + {cacertfile,"<%= $rabbitmq::config::ssl_cacert %>"}, + <%- } -%> + {certfile,"<%= $rabbitmq::config::ssl_cert %>"}, + {keyfile,"<%= $rabbitmq::config::ssl_key %>"}, + <%- if $rabbitmq::config::ssl_cert_password {-%> + {password, "<%= $rabbitmq::config::ssl_cert_password %>"}, + <%- } -%> + <%- if $rabbitmq::config::ssl_depth {-%> + {depth,<%= $rabbitmq::config::ssl_depth %>}, + <%- } -%> + <%- if $rabbitmq::config::ssl_dhfile {-%> + {dhfile, "<%= $rabbitmq::config::ssl_dhfile %>"}, + <%- } -%> + <%- if !$rabbitmq::config::ssl_versions or !('tlsv1.3' in $rabbitmq::config::ssl_versions) {-%> + <%- if $rabbitmq::config::ssl_client_renegotiation != undef {-%> + {client_renegotiation,<%= $rabbitmq::config::ssl_client_renegotiation %>}, + <%- } -%> + {secure_renegotiate,<%= $rabbitmq::config::ssl_secure_renegotiate %>}, + <%- } -%> + {reuse_sessions,<%= $rabbitmq::config::ssl_reuse_sessions %>}, + {honor_cipher_order,<%= $rabbitmq::config::ssl_honor_cipher_order %>}, + {verify,<%= $rabbitmq::config::ssl_verify %>}, + {fail_if_no_peer_cert,<%= $rabbitmq::config::ssl_fail_if_no_peer_cert %>} + <%- if $rabbitmq::config::ssl_versions {-%> + ,{versions, ['<%= $rabbitmq::config::ssl_versions.sort.join("', '") %>']} + <%- } -%> + <%- if $rabbitmq::config::ssl_ciphers and $rabbitmq::config::ssl_ciphers.size > 0 {-%> + ,{ciphers,[ + <%- $rabbitmq::config::ssl_ciphers.each |$k| { -%> + <%- if $k.split(',').size > 1 {-%> + {<%= $k %>}<%- if $k != $rabbitmq::config::ssl_ciphers[-1] { -%>,<%- } %> + <%-} else {-%> + "<%= $k %>"<%- if $k != $rabbitmq::config::ssl_ciphers[-1] { -%>,<%- } %> + <%-} -%> + <%-} -%> + ]} + <%- } -%> + <%- if $rabbitmq::config::ssl_crl_check != 'false' {-%> + ,{crl_check,<%= $rabbitmq::config::ssl_crl_check %>} + <%- } -%> + <%- if $rabbitmq::config::ssl_crl_cache_hash_dir {-%> + ,{crl_cache, {ssl_crl_hash_dir, {internal, [{dir, "<%= $rabbitmq::config::ssl_crl_cache_hash_dir %>"}]}}} + <%- } -%> + <%- if $rabbitmq::config::ssl_crl_cache_http_timeout {-%> + ,{crl_cache, {ssl_crl_cache, {internal, [{http, <%= $rabbitmq::config::ssl_crl_cache_http_timeout %>}]}}} + <%- } -%> + ]}, +<%- } -%> +<% if $rabbitmq::config::config_variables {-%> +<%- $rabbitmq::config::config_variables.keys.sort.each |$key| {-%> + {<%= $key %>, <%= $rabbitmq::config::config_variables[$key] %>}, +<%- } -%> +<%- } -%> + {default_user, <<"<%= $rabbitmq::config::default_user %>">>}, + {default_pass, <<"<%= $rabbitmq::config::default_pass %>">>} + ]}<% if $rabbitmq::config::config_kernel_variables {-%>, + {kernel, [ + <%- $rabbitmq::config::config_kernel_variables.keys.sort.each |$k| { -%> + {<%= $k %>, <%= $rabbitmq::config::config_kernel_variables[$k] %>}<%- if $k != $rabbitmq::config::config_kernel_variables.keys.sort[-1] { -%>,<%- } %> + <%-} -%> + ]} +<%- } -%> +<%- if $rabbitmq::config::admin_enable or $rabbitmq::config::management_enable or ! $rabbitmq::config::config_management_variables.empty {-%>, + {rabbitmq_management, [ + <%- if !$rabbitmq::config::config_management_variables.empty {-%> + <%- $rabbitmq::config::config_management_variables.keys.sort.each |$k| { -%> + {<%= $k %>, <%= $rabbitmq::config::config_management_variables[$k] %>}<%- if $k != $rabbitmq::config::config_management_variables.keys.sort[-1] { -%>,<%- } %> + <%-} -%> + <%-} -%> +<%- if $rabbitmq::config::admin_enable or $rabbitmq::config::management_enable {-%> +<%- if !$rabbitmq::config::config_management_variables.empty {-%>,<%-}-%> + {listener, [ +<%- if $rabbitmq::config::ssl and $rabbitmq::config::management_ssl {-%> + <%- if $rabbitmq::config::management_ip_address {-%> + {ip, "<%= $rabbitmq::config::management_ip_address %>"}, + <%- } -%> + {port, <%= $rabbitmq::config::ssl_management_port %>}, + <%- if !$rabbitmq::config::config_cowboy_opts.empty {-%> + {cowboy_opts, [ + <%- $rabbitmq::config::config_cowboy_opts.keys.sort.each |$k| { -%> + {<%= $k %>, <%= $rabbitmq::config::config_cowboy_opts[$k] %>}<% if $k != $rabbitmq::config::config_cowboy_opts.keys.sort[-1] { %>,<%- } %> + <%- } -%> + ]}, + <%- } -%> + {ssl, true}, + {ssl_opts, [ + <%- if $rabbitmq::config::ssl_management_cacert {-%> + {cacertfile, "<%= $rabbitmq::config::ssl_management_cacert %>"}, + <%- } -%> + {certfile, "<%= $rabbitmq::config::ssl_management_cert %>"}, + {keyfile, "<%= $rabbitmq::config::ssl_management_key %>"}, + <%- if !$rabbitmq::config::ssl_versions or !('tlsv1.3' in $rabbitmq::config::ssl_versions) {-%> + <%- if $rabbitmq::config::ssl_client_renegotiation != undef {-%> + {client_renegotiation,<%= $rabbitmq::config::ssl_client_renegotiation %>}, + <%- } -%> + {secure_renegotiate,<%= $rabbitmq::config::ssl_secure_renegotiate %>}, + <%- } -%> + {reuse_sessions,<%= $rabbitmq::config::ssl_reuse_sessions %>}, + {honor_cipher_order,<%= $rabbitmq::config::ssl_honor_cipher_order %>}, + {verify,<%= $rabbitmq::config::ssl_management_verify %>}, + {fail_if_no_peer_cert,<%= $rabbitmq::config::ssl_management_fail_if_no_peer_cert %>} + <%- if $rabbitmq::config::ssl_versions {-%> + ,{versions, ['<%= $rabbitmq::config::ssl_versions.sort.join("', '") %>']} + <%- } -%> + <%- if $rabbitmq::config::ssl_ciphers and $rabbitmq::config::ssl_ciphers.size > 0 {-%> + ,{ciphers,[ + <%- $rabbitmq::config::ssl_ciphers.each |$k| { -%> + <%- if $k.split(',').size > 1 {-%> + {<%= $k %>}<%- if $k != $rabbitmq::config::ssl_ciphers[-1] { -%>,<%- } %> + <%-} else {-%> + "<%= $k %>"<%- if $k != $rabbitmq::config::ssl_ciphers[-1] { -%>,<%- } %> + <%-} -%> + <%-} -%> + ]} + <%- } -%> + ]} +<%- } else {-%> + <%- if $rabbitmq::config::management_ip_address {-%> + {ip, "<%= $rabbitmq::config::management_ip_address %>"}, + <%- } -%> + {port, <%= $rabbitmq::config::management_port %>}<% if !$rabbitmq::config::config_cowboy_opts.empty {%>, + {cowboy_opts, [<%- $rabbitmq::config::config_cowboy_opts.keys.sort.each |$k| { %> + {<%= $k %>, <%= $rabbitmq::config::config_cowboy_opts[$k] %>}<% if $k != $rabbitmq::config::config_cowboy_opts.keys.sort[-1] { %>,<%- }} %> + ]}<%- } %> +<%- } -%> + ]} +<%- } -%> + ]} +<%- } -%> +<% if $rabbitmq::config::config_stomp {-%>, +% Configure the Stomp Plugin listening port + {rabbitmq_stomp, [ + <%- if $rabbitmq::config::stomp_ssl_only {-%> + {tcp_listeners, []} + <%-} else {-%> + {tcp_listeners, [<%= $rabbitmq::config::stomp_port %>]} + <%- } -%> + <%- if $rabbitmq::config::ssl and $rabbitmq::config::ssl_stomp_port {-%> + , + {ssl_listeners, [<%= $rabbitmq::config::ssl_stomp_port %>]} + <%- } -%> + ]} +<% } -%> +<%- if $rabbitmq::config::ldap_auth {-%>, +% Configure the LDAP authentication plugin + {rabbitmq_auth_backend_ldap, [ + {other_bind, <%= $rabbitmq::config::ldap_other_bind %>}, + +<% if $rabbitmq::config::ldap_server =~ Array {-%> + {servers, ["<%= $rabbitmq::config::ldap_server.join('", "') %>"]}, +<% } else {-%> + {servers, ["<%= $rabbitmq::config::ldap_server %>"]}, +<% } -%> +<% if $rabbitmq::config::ldap_user_dn_pattern {-%> + {user_dn_pattern, "<%= $rabbitmq::config::ldap_user_dn_pattern %>"}, +<%- } -%> + {use_ssl, <%= $rabbitmq::config::ldap_use_ssl %>}, + {port, <%= $rabbitmq::config::ldap_port %>}, +<% if $rabbitmq::config::ldap_config_variables {-%> +<%- $rabbitmq::config::ldap_config_variables.keys.sort.each |$key| {-%> + {<%= $key %>, <%= $rabbitmq::config::ldap_config_variables[$key] %>}, +<%- } -%> +<%- } -%> + {log, <%= $rabbitmq::config::ldap_log %>} + ]} +<%- } -%> +<%- if $rabbitmq::config::config_shovel and !$rabbitmq::config::config_shovel_statics.empty {-%>, + {rabbitmq_shovel, + [{shovels,[ + <%- $rabbitmq::config::config_shovel_statics.keys.sort.each |$key| { -%> + {<%= $key %>,[<%= $rabbitmq::config::config_shovel_statics[$key] %>]}<%- if $key != $rabbitmq::config::config_shovel_statics.keys.sort[-1] {-%>,<%- } %> + <%- } -%> + ]}]} +<%- } -%> +<%- if $rabbitmq::config::config_additional_variables and !$rabbitmq::config::config_additional_variables.empty {-%>, +% Additional config +<%- $rabbitmq::config::config_additional_variables.keys.sort.each |$key| {-%> + {<%= $key %>, <%= $rabbitmq::config::config_additional_variables[$key] %>}<%- if $key != $rabbitmq::config::config_additional_variables.keys.sort[-1] {%>,<% } %> +<%- } -%> +<%- } -%> +]. +% EOF + + diff --git a/templates/rabbitmq.config.erb b/templates/rabbitmq.config.erb deleted file mode 100644 index 5ba4db2e3..000000000 --- a/templates/rabbitmq.config.erb +++ /dev/null @@ -1,210 +0,0 @@ -% This file managed by Puppet -% Template Path: <%= @module_name %>/templates/rabbitmq.config -[ -<%- -if @ssl_ciphers && @ssl_ciphers.size > 0 - ssl_ciphers = @ssl_ciphers.map do |cipher| - if cipher.split(',').size > 1 - "{#{cipher}}" - else - "\"#{cipher}\"" - end - end.join(",\n ") -else - ssl_ciphers = nil -end --%> -<%- if @ssl and @ssl_versions -%> - {ssl, [{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]}]}, -<%- end -%> - {rabbit, [ -<%- if @heartbeat -%> - {heartbeat, <%=@heartbeat%>}, -<% end -%> - {loopback_users, [<%= @loopback_users.map { |u| "<<\"#{u}\">>" }.join(', ') %>]}, -<% if @auth_backends -%> - {auth_backends, [<%= @auth_backends.map { |v| "#{v}" }.join(', ') %>]}, -<% elsif @ldap_auth -%> - {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]}, -<% end -%> -<% if @config_cluster -%> - {cluster_nodes, {[<%= @cluster_nodes.map { |n| "\'rabbit@#{n}\'" }.join(', ') %>], <%= @cluster_node_type %>}}, - {cluster_partition_handling, <%= @cluster_partition_handling %>}, -<% end -%> - {tcp_listen_options, [ - <%- unless @config_ranch -%> - binary, - {packet, raw}, - {reuseaddr, true}, - <%- end -%> - <%- if @tcp_keepalive -%> - {keepalive, true}, - <%- end -%> - <%- if @tcp_backlog -%> - {backlog, <%= @tcp_backlog %>}, - <%- end -%> - <%- if @tcp_sndbuf -%> - {sndbuf, <%= @tcp_sndbuf %>}, - <%- end -%> - <%- if @tcp_recbuf -%> - {recbuf, <%= @tcp_recbuf %>}, - <%- end -%> - {nodelay, true}, - {linger, {true, 0}}, - {exit_on_close, false} - ]}, -<%- if @collect_statistics_interval -%> - {collect_statistics_interval, <%= @collect_statistics_interval %>}, -<%- end -%> -<%- if @ssl_only -%> - {tcp_listeners, []}, -<%- elsif @interface -%> - {tcp_listeners, [{"<%= @interface%>", <%= @port %>}]}, -<%- end -%> -<%- if @ssl -%> - <%- if @ssl_interface -%> - {ssl_listeners, [{"<%= @ssl_interface%>", <%= @ssl_port %>}]}, - <%- else -%> - {ssl_listeners, [<%= @ssl_port %>]}, - <%- end -%> - {ssl_options, [ - <%- if @ssl_cacert -%> - {cacertfile,"<%= @ssl_cacert %>"}, - <%- end -%> - {certfile,"<%= @ssl_cert %>"}, - {keyfile,"<%= @ssl_key %>"}, - <%- if @ssl_cert_password -%> - {password, "<%= @ssl_cert_password %>"}, - <%- end -%> - <%- if @ssl_depth -%> - {depth,<%= @ssl_depth %>}, - <%- end -%> - <%- if @ssl_dhfile -%> - {dhfile, "<%= @ssl_dhfile %>"}, - <%- end -%> - {secure_renegotiate,<%= @ssl_secure_renegotiate %>}, - {reuse_sessions,<%= @ssl_reuse_sessions %>}, - {honor_cipher_order,<%= @ssl_honor_cipher_order %>}, - {verify,<%= @ssl_verify %>}, - {fail_if_no_peer_cert,<%= @ssl_fail_if_no_peer_cert %>} - <%- if @ssl_versions -%> - ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} - <%- end -%> - <%- if @ssl_ciphers and @ssl_ciphers.size > 0 -%> - ,{ciphers,[ - <%= ssl_ciphers %> - ]} - <%- end -%> - <%- if @ssl_crl_check != 'false' -%> - ,{crl_check,<%= @ssl_crl_check %>} - <%- end -%> - <%- if @ssl_crl_cache_hash_dir -%> - ,{crl_cache, {ssl_crl_hash_dir, {internal, [{dir, "<%= @ssl_crl_cache_hash_dir %>"}]}}} - <%- end -%> - <%- if @ssl_crl_cache_http_timeout -%> - ,{crl_cache, {ssl_crl_cache, {internal, [{http, <%= @ssl_crl_cache_http_timeout %>}]}}} - <%- end -%> - ]}, -<%- end -%> -<% if scope['rabbitmq::config_variables'] -%> -<%- scope['rabbitmq::config_variables'].keys.sort.each do |key| -%> - {<%= key %>, <%= scope['rabbitmq::config_variables'][key] %>}, -<%- end -%> -<%- end -%> - {default_user, <<"<%= @default_user %>">>}, - {default_pass, <<"<%= @default_pass %>">>} - ]}<% if @config_kernel_variables -%>, - {kernel, [ - <%= @config_kernel_variables.sort.map{|k,v| "{#{k}, #{v}}"}.join(",\n ") %> - ]} -<%- end -%> -<%- if @admin_enable or @management_enable or !@config_management_variables.empty? -%>, - {rabbitmq_management, [ - <%- if !@config_management_variables.empty? -%> - <%= @config_management_variables.sort.map{|k,v| "{#{k}, #{v}}"}.join(",\n ") %> - <%- end -%> -<%- if @admin_enable or @management_enable -%> -<%- if !@config_management_variables.empty? -%>,<%-end-%> - {listener, [ -<%- if @ssl && @management_ssl -%> - <%- if @management_ip_address -%> - {ip, "<%= @management_ip_address %>"}, - <%- end -%> - {port, <%= @ssl_management_port %>}, - {ssl, true}, - {ssl_opts, [<%- if @ssl_management_cacert %> - {cacertfile, "<%= @ssl_management_cacert %>"}, - <%- end -%> - {certfile, "<%= @ssl_management_cert %>"}, - {keyfile, "<%= @ssl_management_key %>"}, - {verify,<%= @ssl_management_verify %>}, - {fail_if_no_peer_cert,<%= @ssl_management_fail_if_no_peer_cert %>} - <%- if @ssl_versions -%> - ,{versions, [<%= @ssl_versions.sort.map { |v| "'#{v}'" }.join(', ') %>]} - <%- end -%> - <%- if @ssl_ciphers and @ssl_ciphers.size > 0 -%> - ,{ciphers,[ - <%= ssl_ciphers %> - ]} - <%- end -%> - ]} -<%- else -%> - <%- if @management_ip_address -%> - {ip, "<%= @management_ip_address %>"}, - <%- end -%> - {port, <%= @management_port %>} -<%- end -%> - ]} -<%- end -%> - ]} -<%- end -%> -<% if @config_stomp -%>, -% Configure the Stomp Plugin listening port - {rabbitmq_stomp, [ - <%- if @stomp_ssl_only -%> - {tcp_listeners, []} - <%- else -%> - {tcp_listeners, [<%= @stomp_port %>]} - <%- end -%> - <%- if @ssl && @ssl_stomp_port -%> - , - {ssl_listeners, [<%= @ssl_stomp_port %>]} - <%- end -%> - ]} -<% end -%> -<%- if @ldap_auth -%>, -% Configure the LDAP authentication plugin - {rabbitmq_auth_backend_ldap, [ - {other_bind, <%= @ldap_other_bind %>}, -<% if @ldap_server.class == Array -%> - {servers, <%= @ldap_server %>}, -<% else -%> - {servers, ["<%= @ldap_server %>"]}, -<% end -%> -<% if @ldap_user_dn_pattern -%> - {user_dn_pattern, "<%= @ldap_user_dn_pattern %>"}, -<%- end -%> - {use_ssl, <%= @ldap_use_ssl %>}, - {port, <%= @ldap_port %>}, -<% if @ldap_config_variables -%> -<%- @ldap_config_variables.keys.sort.each do |key| -%> - {<%= key %>, <%= @ldap_config_variables[key] %>}, -<%- end -%> -<%- end -%> - {log, <%= @ldap_log %>} - ]} -<%- end -%> -<%- if @config_shovel and not @config_shovel_statics.empty? -%>, - {rabbitmq_shovel, - [{shovels,[ - <%= @config_shovel_statics.sort.map{|k,v| "{#{k},[#{v}]}"}.join(",\n ") %> - ]}]} -<%- end -%> -<%- if @config_additional_variables and not @config_additional_variables.empty? -%>, -% Additional config -<%- @config_additional_variables.keys.sort.each do |key| -%> - {<%= key %>, <%= @config_additional_variables[key] %>}<%- if key != @config_additional_variables.keys.sort.last %>,<% end %> -<%- end -%> -<%- end -%> -]. -% EOF diff --git a/templates/rabbitmqadmin.conf.epp b/templates/rabbitmqadmin.conf.epp new file mode 100644 index 000000000..7ec543d3d --- /dev/null +++ b/templates/rabbitmqadmin.conf.epp @@ -0,0 +1,16 @@ +[default] +<% if $rabbitmq::config::ssl and $rabbitmq::config::management_ssl {-%> +ssl = True +ssl_ca_cert_file = <%= $rabbitmq::config::ssl_management_cacert %> +ssl_cert_file = <%= $rabbitmq::config::ssl_management_cert %> +ssl_key_file = <%= $rabbitmq::config::ssl_management_key %> +port = <%= $rabbitmq::config::ssl_management_port %> +<% unless $rabbitmq::config::management_hostname {-%> +hostname = <%= $facts['networking']['fqdn'] %> +<% } -%> +<% } else {-%> +port = <%= $rabbitmq::config::management_port %> +<% } -%> +<% if $rabbitmq::config::management_hostname { %> +hostname = <%= $rabbitmq::config::management_hostname %> +<% } -%> diff --git a/templates/rabbitmqadmin.conf.erb b/templates/rabbitmqadmin.conf.erb deleted file mode 100644 index 2665f22bc..000000000 --- a/templates/rabbitmqadmin.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ -[default] -<% if @ssl && @management_ssl -%> -ssl = True -ssl_ca_cert_file = <%= @ssl_management_cacert %> -ssl_cert_file = <%= @ssl_management_cert %> -ssl_key_file = <%= @ssl_management_key %> -port = <%= @ssl_management_port %> -<% unless @management_hostname -%> -hostname = <%= @fqdn %> -<% end -%> -<% else -%> -port = <%= @management_port %> -<% end -%> -<% if @management_hostname %> -hostname = <%= @management_hostname %> -<% end -%>