puppet/ssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix style issues

Browse Source
This commit is contained in:
Garrett Honeycutt 2015-05-31 15:19:10 -04:00
parent fb935f39bc
commit ab8d700a6a
2 changed files with 135 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
manifests/init.pp
View File

@ -6,7 +6,7 @@ class ssh (
$hiera_merge = false, $hiera_merge = false,
$packages = 'USE_DEFAULTS', $packages = 'USE_DEFAULTS',
$permit_root_login = 'yes', $permit_root_login = 'yes',
$purge_keys = 'true', $purge_keys = true,
$manage_firewall = false, $manage_firewall = false,
$ssh_package_source = 'USE_DEFAULTS', $ssh_package_source = 'USE_DEFAULTS',
$ssh_package_adminfile = 'USE_DEFAULTS', $ssh_package_adminfile = 'USE_DEFAULTS',
@ -76,18 +76,18 @@ class ssh (
$sshd_listen_address = undef, $sshd_listen_address = undef,
$service_ensure = 'running', $service_ensure = 'running',
$service_name = 'USE_DEFAULTS', $service_name = 'USE_DEFAULTS',
$service_enable = 'true', $service_enable = true,
$service_hasrestart = 'true', $service_hasrestart = true,
$service_hasstatus = 'USE_DEFAULTS', $service_hasstatus = 'USE_DEFAULTS',
$ssh_key_ensure = 'present', $ssh_key_ensure = 'present',
$ssh_key_import = 'true', $ssh_key_import = true,
$ssh_key_type = 'ssh-rsa', $ssh_key_type = 'ssh-rsa',
$ssh_config_global_known_hosts_file = '/etc/ssh/ssh_known_hosts', $ssh_config_global_known_hosts_file = '/etc/ssh/ssh_known_hosts',
$ssh_config_global_known_hosts_owner = 'root', $ssh_config_global_known_hosts_owner = 'root',
$ssh_config_global_known_hosts_group = 'root', $ssh_config_global_known_hosts_group = 'root',
$ssh_config_global_known_hosts_mode = '0644', $ssh_config_global_known_hosts_mode = '0644',
$keys = undef, $keys = undef,
$manage_root_ssh_config = 'false', $manage_root_ssh_config = false,
$root_ssh_config_content = "# This file is being maintained by Puppet.\n# DO NOT EDIT\n", $root_ssh_config_content = "# This file is being maintained by Puppet.\n# DO NOT EDIT\n",
) { ) {
@ -495,18 +495,12 @@ class ssh (
} }
} }
case type($ssh_key_import) { if type($ssh_key_import) == 'string' {
'string': {
validate_re($ssh_key_import, '^(true|false)$', "ssh::ssh_key_import may be either 'true' or 'false' and is set to <${ssh_key_import}>.")
$ssh_key_import_real = str2bool($ssh_key_import) $ssh_key_import_real = str2bool($ssh_key_import)
} } else {
'boolean': {
$ssh_key_import_real = $ssh_key_import $ssh_key_import_real = $ssh_key_import
} }
default: { validate_bool($ssh_key_import_real)
fail('ssh::ssh_key_import type must be true or false.')
}
}
case type($ssh_config_sendenv_xmodifiers) { case type($ssh_config_sendenv_xmodifiers) {
'string': { 'string': {
@ -547,14 +541,33 @@ class ssh (
validate_re($ssh_config_global_known_hosts_mode, '^[0-7]{4}$', validate_re($ssh_config_global_known_hosts_mode, '^[0-7]{4}$',
"ssh::ssh_config_global_known_hosts_mode must be a valid 4 digit mode in octal notation. Detected value is <${ssh_config_global_known_hosts_mode}>.") "ssh::ssh_config_global_known_hosts_mode must be a valid 4 digit mode in octal notation. Detected value is <${ssh_config_global_known_hosts_mode}>.")
case $purge_keys { if type($purge_keys) == 'string' {
'true','false': { $purge_keys_real = str2bool($purge_keys)
# noop } else {
$purge_keys_real = $purge_keys
} }
default: { validate_bool($purge_keys_real)
fail("ssh::purge_keys must be 'true' or 'false' and is <${purge_keys}>.")
if type($service_enable) == 'string' {
$service_enable_real = str2bool($service_enable)
} else {
$service_enable_real = $service_enable
} }
validate_bool($service_enable_real)
if type($service_hasrestart) == 'string' {
$service_hasrestart_real = str2bool($service_hasrestart)
} else {
$service_hasrestart_real = $service_hasrestart
} }
validate_bool($service_hasrestart_real)
if type($manage_root_ssh_config) == 'string' {
$manage_root_ssh_config_real = str2bool($manage_root_ssh_config)
} else {
$manage_root_ssh_config_real = $manage_root_ssh_config
}
validate_bool($manage_root_ssh_config_real)
#ssh_config template #ssh_config template
validate_string($ssh_config_template) validate_string($ssh_config_template)
@ -579,20 +592,20 @@ class ssh (
$sshd_config_allowusers_real = $sshd_config_allowusers $sshd_config_allowusers_real = $sshd_config_allowusers
} }
if $real_sshd_config_denyusers != undef { if $sshd_config_denyusers_real != undef {
validate_array($real_sshd_config_denyusers) validate_array($sshd_config_denyusers_real)
} }
if $real_sshd_config_denygroups != undef { if $sshd_config_denygroups_real != undef {
validate_array($real_sshd_config_denygroups) validate_array($sshd_config_denygroups_real)
} }
if $real_sshd_config_allowusers != undef { if $sshd_config_allowusers_real != undef {
validate_array($real_sshd_config_allowusers) validate_array($sshd_config_allowusers_real)
} }
if $real_sshd_config_allowgroups != undef { if $sshd_config_allowgroups_real != undef {
validate_array($real_sshd_config_allowgroups) validate_array($sshd_config_allowgroups_real)
} }
package { $packages_real: package { $packages_real:
@ -633,8 +646,7 @@ class ssh (
} }
} }
case $manage_root_ssh_config { if $manage_root_ssh_config_real == true {
'true': {
include common include common
@ -658,19 +670,12 @@ class ssh (
mode => '0600', mode => '0600',
} }
} }
'false': {
# noop
}
default: {
fail("ssh::manage_root_ssh_config is <${manage_root_ssh_config}> and must be \'true\' or \'false\'.")
}
}
service { 'sshd_service' : service { 'sshd_service' :
ensure => $service_ensure, ensure => $service_ensure,
name => $service_name_real, name => $service_name_real,
enable => $service_enable, enable => $service_enable_real,
hasrestart => $service_hasrestart, hasrestart => $service_hasrestart_real,
hasstatus => $service_hasstatus_real, hasstatus => $service_hasstatus_real,
subscribe => File['sshd_config'], subscribe => File['sshd_config'],
} }
@ -707,7 +712,7 @@ class ssh (
# remove ssh key's not managed by puppet # remove ssh key's not managed by puppet
resources { 'sshkey': resources { 'sshkey':
purge => $purge_keys, purge => $purge_keys_real,
} }
# manage users' ssh authorized keys if present # manage users' ssh authorized keys if present

43
spec/classes/init_spec.rb
View File

@ -1342,7 +1342,8 @@ describe 'ssh' do
end end
end end
context 'with manage_root_ssh_config set to \'true\' on valid osfamily' do ['true',true].each do |value|
context "with manage_root_ssh_config set to #{value} on valid osfamily" do
let :facts do let :facts do
{ {
:fqdn => 'monkey.example.com', :fqdn => 'monkey.example.com',
@ -1352,7 +1353,7 @@ describe 'ssh' do
} }
end end
let :params do let :params do
{ :manage_root_ssh_config => 'true' } { :manage_root_ssh_config => value }
end end
it { should compile.with_all_deps } it { should compile.with_all_deps }
@ -1382,6 +1383,33 @@ describe 'ssh' do
}) })
} }
end end
end
['false',false].each do |value|
context "with manage_root_ssh_config set to #{value} on valid osfamily" do
let :facts do
{
:fqdn => 'monkey.example.com',
:osfamily => 'RedHat',
:root_home => '/root',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{ :manage_root_ssh_config => value }
end
it { should compile.with_all_deps }
it { should contain_class('ssh')}
it { should_not contain_class('common')}
it { should_not contain_file('root_ssh_dir') }
it { should_not contain_file('root_ssh_config') }
end
end
[true,'invalid'].each do |ciphers| [true,'invalid'].each do |ciphers|
context "with ssh_config_ciphers set to invalid value #{ciphers}" do context "with ssh_config_ciphers set to invalid value #{ciphers}" do
@ -1477,7 +1505,7 @@ describe 'ssh' do
it 'should fail' do it 'should fail' do
expect { expect {
should contain_class('ssh') should contain_class('ssh')
}.to raise_error(Puppet::Error) }.to raise_error(Puppet::Error,/is not an Array/)
end end
end end
end end
@ -1497,7 +1525,7 @@ describe 'ssh' do
it 'should fail' do it 'should fail' do
expect { expect {
should contain_class('ssh') should contain_class('ssh')
}.to raise_error(Puppet::Error) }.to raise_error(Puppet::Error,/is not an Array/)
end end
end end
end end
@ -1517,7 +1545,7 @@ describe 'ssh' do
it 'should fail' do it 'should fail' do
expect { expect {
should contain_class('ssh') should contain_class('ssh')
}.to raise_error(Puppet::Error) }.to raise_error(Puppet::Error,/is not an Array/)
end end
end end
end end
@ -1537,7 +1565,7 @@ describe 'ssh' do
it 'should fail' do it 'should fail' do
expect { expect {
should contain_class('ssh') should contain_class('ssh')
}.to raise_error(Puppet::Error) }.to raise_error(Puppet::Error,/is not an Array/)
end end
end end
end end
@ -1597,7 +1625,7 @@ describe 'ssh' do
it 'should fail' do it 'should fail' do
expect { expect {
should contain_class('ssh') should contain_class('ssh')
}.to raise_error(Puppet::Error,/^ssh::manage_root_ssh_config is <invalid> and must be \'true\' or \'false\'\./) }.to raise_error(Puppet::Error,/Unknown type of boolean/)
end end
end end
@ -2931,7 +2959,6 @@ describe 'ssh' do
'mode' => '0644', 'mode' => '0644',
}) })
} }
end end
end end