4 context 'on unsupported distributions' do
7 os: { family: 'Unsupported' }
12 expect { catalogue }.to raise_error(Puppet::Error, %r{not supported on an Unsupported})
16 # TODO: get Archlinux & OpenBSD facts from facterdb
18 on_supported_os.each do |os, facts|
22 packagename = case facts[:osfamily]
29 (facts[:os]['family'] == 'RedHat' && facts[:os]['release']['major'].to_i >= 7) ||
30 (facts[:os]['family'] == 'Debian' && facts[:os]['release']['full'] == '16.04') ||
31 (facts[:os]['family'] == 'Archlinux')
34 it { is_expected.to compile.with_all_deps }
35 it { is_expected.to contain_class('rabbitmq::install') }
36 it { is_expected.to contain_class('rabbitmq::config') }
37 it { is_expected.to contain_class('rabbitmq::service') }
39 it { is_expected.to contain_package(packagename).with_ensure('installed').with_name(packagename) }
40 if facts[:os]['family'] == 'Suse'
41 it { is_expected.to contain_package('rabbitmq-server-plugins') }
44 context 'with default params' do
45 it { is_expected.not_to contain_class('rabbitmq::repo::apt') }
46 it { is_expected.not_to contain_apt__source('rabbitmq') }
47 it { is_expected.not_to contain_class('rabbitmq::repo::rhel') }
48 it { is_expected.not_to contain_yumrepo('rabbitmq') }
51 context 'with repos_ensure => true' do
52 let(:params) { { repos_ensure: true } }
54 if facts[:os]['family'] == 'Debian'
55 it 'includes rabbitmq::repo::apt' do
56 is_expected.to contain_class('rabbitmq::repo::apt').
57 with_key_source('https://packagecloud.io/gpg.key').
61 it 'adds a repo with default values' do
62 is_expected.to contain_apt__source('rabbitmq').
63 with_ensure('present').
64 with_location("https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}").
69 it { is_expected.not_to contain_class('rabbitmq::repo::apt') }
70 it { is_expected.not_to contain_apt__souce('rabbitmq') }
73 if facts[:os]['family'] == 'RedHat'
74 it { is_expected.to contain_class('rabbitmq::repo::rhel') }
76 it 'the repo should be present, and contain the expected values' do
77 is_expected.to contain_yumrepo('rabbitmq').
78 with_ensure('present').
79 with_baseurl(%r{https://packagecloud.io/rabbitmq/rabbitmq-server/el/\d+/\$basearch$}).
80 with_gpgkey('https://www.rabbitmq.com/rabbitmq-release-signing-key.asc')
83 it { is_expected.not_to contain_class('rabbitmq::repo::rhel') }
84 it { is_expected.not_to contain_yumrepo('rabbitmq') }
88 context 'with no pin', if: facts[:os]['family'] == 'Debian' do
89 let(:params) { { repos_ensure: true, package_apt_pin: '' } }
91 describe 'it sets up an apt::source' do
93 is_expected.to contain_apt__source('rabbitmq').with(
94 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}",
96 'key' => '{"id"=>"418A7F2FB0E1E6E7EABF6FE8C2E73424D59097AB", "source"=>"https://packagecloud.io/gpg.key", "content"=>:undef}'
102 context 'with pin', if: facts[:os]['family'] == 'Debian' do
103 let(:params) { { repos_ensure: true, package_apt_pin: '700' } }
105 describe 'it sets up an apt::source and pin' do
107 is_expected.to contain_apt__source('rabbitmq').with(
108 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}",
110 'key' => '{"id"=>"418A7F2FB0E1E6E7EABF6FE8C2E73424D59097AB", "source"=>"https://packagecloud.io/gpg.key", "content"=>:undef}'
115 is_expected.to contain_apt__pin('rabbitmq').with(
118 'origin' => 'packagecloud.io'
124 ['unlimited', 'infinity', -1, 1234].each do |value|
125 context "with file_limit => '#{value}'" do
126 let(:params) { { file_limit: value } }
128 if facts[:os]['family'] == 'RedHat'
130 is_expected.to contain_file('/etc/security/limits.d/rabbitmq-server.conf').
134 that_notifies('Class[Rabbitmq::Service]').
135 with_content("rabbitmq soft nofile #{value}\nrabbitmq hard nofile #{value}\n")
138 it { is_expected.not_to contain_file('/etc/security/limits.d/rabbitmq-server.conf') }
141 if facts[:os]['family'] == 'Debian'
142 it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{ulimit -n #{value}}) }
144 it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') }
149 is_expected.to contain_file("/etc/systemd/system/#{packagename}.service.d/limits.conf").
153 that_notifies('Exec[rabbitmq-systemd-reload]').
154 with_content("[Service]\nLimitNOFILE=#{value}\n")
157 it { is_expected.not_to contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf') }
162 [-42, '-42', 'foo', '42'].each do |value|
163 context "with file_limit => '#{value}'" do
164 let(:params) { { file_limit: value } }
166 it 'does not compile' do
167 expect { catalogue }.to raise_error(Puppet::PreformattedError, %r{Error while evaluating a Resource Statement})
172 context 'on systems with systemd', if: has_systemd do
174 is_expected.to contain_file("/etc/systemd/system/#{packagename}.service.d").with(
175 'ensure' => 'directory',
179 'selinux_ignore_defaults' => true
183 it { is_expected.to contain_file("/etc/systemd/system/#{packagename}.service.d/limits.conf") }
186 is_expected.to contain_exec('rabbitmq-systemd-reload').with(
187 command: '/bin/systemctl daemon-reload',
188 notify: 'Class[Rabbitmq::Service]',
194 context 'on systems without systemd', unless: has_systemd do
195 it { is_expected.not_to contain_file('/etc/systemd/system/rabbitmq-server.service.d') }
196 it { is_expected.not_to contain_file('/etc/systemd/system/rabbitmq-server.service.d/limits.conf') }
197 it { is_expected.not_to contain_exec('rabbitmq-systemd-reload') }
200 context 'with admin_enable set to true' do
201 let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1' } }
203 context 'with service_manage set to true' do
204 let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1', service_manage: true } }
206 context 'with rabbitmqadmin_package set to blub' do
207 let(:params) { { rabbitmqadmin_package: 'blub' } }
209 it 'installs a package called blub' do
210 is_expected.to contain_package('rabbitmqadmin').with_name('blub')
213 if facts[:os]['family'] == 'Archlinux'
214 it 'installs a package called rabbitmqadmin' do
215 is_expected.to contain_package('rabbitmqadmin').with_name('rabbitmqadmin')
218 it 'we enable the admin interface by default' do
219 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
220 is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with(
221 notify: 'Class[Rabbitmq::Service]'
223 is_expected.to contain_archive('rabbitmqadmin').with_source('http://1.1.1.1:15672/cli/rabbitmqadmin')
226 if %w[RedHat Debian SUSE].include?(facts[:os]['family'])
227 it { is_expected.to contain_package('python') }
229 if %w[FreeBSD OpenBSD].include?(facts[:os]['family'])
230 it { is_expected.to contain_package('python2') }
233 context 'with manage_python false' do
234 let(:params) { { manage_python: false } }
237 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
238 is_expected.not_to contain_package('python')
239 is_expected.not_to contain_package('python2')
243 context 'with $management_ip_address undef and service_manage set to true', unless: facts[:osfamily] == 'Archlinux' do
244 let(:params) { { admin_enable: true, management_ip_address: :undef } }
246 it 'we enable the admin interface by default' do
247 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
248 is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with(
249 notify: 'Class[Rabbitmq::Service]'
251 is_expected.to contain_archive('rabbitmqadmin').with_source('http://127.0.0.1:15672/cli/rabbitmqadmin')
254 context 'with service_manage set to true, node_ip_address = undef, and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do
255 let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', node_ip_address: :undef } }
257 it 'we use the correct URL to rabbitmqadmin' do
258 is_expected.to contain_archive('rabbitmqadmin').with(
259 source: 'http://127.0.0.1:15672/cli/rabbitmqadmin',
265 context 'with service_manage set to true and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do
266 let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', management_ip_address: '1.1.1.1' } }
268 it 'we use the correct URL to rabbitmqadmin' do
269 is_expected.to contain_archive('rabbitmqadmin').with(
270 source: 'http://1.1.1.1:15672/cli/rabbitmqadmin',
276 context 'with service_manage set to true and archive_options set', unless: facts[:osfamily] == 'Archlinux' do
280 management_ip_address: '1.1.1.1',
281 archive_options: %w[fizz pop]
285 it 'we use the correct archive_options to rabbitmqadmin' do
286 is_expected.to contain_archive('rabbitmqadmin').with(
287 source: 'http://1.1.1.1:15672/cli/rabbitmqadmin',
288 download_options: %w[fizz pop]
292 context 'with service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do
293 # note that the 2.x management port is 55672 not 15672
294 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '1.1.1.1' } }
296 it 'we use the correct URL to rabbitmqadmin' do
297 is_expected.to contain_archive('rabbitmqadmin').with(
298 source: 'http://1.1.1.1:55672/cli/rabbitmqadmin',
304 context 'with ipv6, service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do
305 # note that the 2.x management port is 55672 not 15672
306 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '::1' } }
308 it 'we use the correct URL to rabbitmqadmin' do
309 is_expected.to contain_archive('rabbitmqadmin').with(
310 source: 'http://[::1]:55672/cli/rabbitmqadmin',
316 context 'with service_manage set to false' do
317 let(:params) { { admin_enable: true, service_manage: false } }
320 is_expected.not_to contain_class('rabbitmq::install::rabbitmqadmin')
321 is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management')
326 describe 'manages configuration directory correctly' do
328 is_expected.to contain_file('/etc/rabbitmq').with(
329 'ensure' => 'directory',
335 describe 'manages configuration file correctly' do
337 is_expected.to contain_file('rabbitmq.config').with(
339 'group' => 'rabbitmq',
345 describe 'does not contain pre-ranch settings with default config' do
347 is_expected.to contain_file('rabbitmq.config'). \
348 without_content(%r{binary,}). \
349 without_content(%r{\{packet, raw\},}). \
350 without_content(%r{\{reuseaddr, true\},})
354 describe 'contains pre-ranch settings with config_ranch set to false' do
355 let(:params) { { config_ranch: false } }
358 is_expected.to contain_file('rabbitmq.config'). \
359 with_content(%r{binary,}). \
360 with_content(%r{\{packet, raw\},}). \
361 with_content(%r{\{reuseaddr, true\},})
365 context 'configures config_cluster' do
368 config_cluster: true,
369 cluster_nodes: ['hare-1', 'hare-2'],
370 cluster_node_type: 'ram',
371 wipe_db_on_cookie_change: false
375 describe 'with erlang_cookie set' do
378 config_cluster: true,
379 cluster_nodes: ['hare-1', 'hare-2'],
380 cluster_node_type: 'ram',
381 erlang_cookie: 'TESTCOOKIE',
382 wipe_db_on_cookie_change: true
386 it 'contains the rabbitmq_erlang_cookie' do
387 is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
391 describe 'with erlang_cookie set but without config_cluster' do
394 config_cluster: false,
395 erlang_cookie: 'TESTCOOKIE'
399 it 'contains the rabbitmq_erlang_cookie' do
400 is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
404 describe 'without erlang_cookie and without config_cluster' do
407 config_cluster: false
411 it 'contains the rabbitmq_erlang_cookie' do
412 is_expected.not_to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
416 describe 'and sets appropriate configuration' do
419 config_cluster: true,
420 cluster_nodes: ['hare-1', 'hare-2'],
421 cluster_node_type: 'ram',
422 erlang_cookie: 'ORIGINAL',
423 wipe_db_on_cookie_change: true
427 it 'for cluster_nodes' do
428 is_expected.to contain_file('rabbitmq.config').with('content' => %r{cluster_nodes.*\['rabbit@hare-1', 'rabbit@hare-2'\], ram})
433 describe 'rabbitmq-env configuration' do
434 context 'with default params' do
435 it 'sets environment variables' do
436 is_expected.to contain_file('rabbitmq-env.config'). \
437 with_content(%r{ERL_INETRC=/etc/rabbitmq/inetrc})
441 context 'with environment_variables set' do
443 { environment_variables: {
444 'NODE_IP_ADDRESS' => '1.1.1.1',
445 'NODE_PORT' => '5656',
446 'NODENAME' => 'HOSTNAME',
447 'SERVICENAME' => 'RabbitMQ',
448 'CONSOLE_LOG' => 'RabbitMQ.debug',
449 'CTL_ERL_ARGS' => 'verbose',
450 'SERVER_ERL_ARGS' => 'v',
451 'SERVER_START_ARGS' => 'debug'
455 it 'sets environment variables' do
456 is_expected.to contain_file('rabbitmq-env.config'). \
457 with_content(%r{NODE_IP_ADDRESS=1.1.1.1}). \
458 with_content(%r{NODE_PORT=5656}). \
459 with_content(%r{NODENAME=HOSTNAME}). \
460 with_content(%r{SERVICENAME=RabbitMQ}). \
461 with_content(%r{CONSOLE_LOG=RabbitMQ.debug}). \
462 with_content(%r{CTL_ERL_ARGS=verbose}). \
463 with_content(%r{SERVER_ERL_ARGS=v}). \
464 with_content(%r{SERVER_START_ARGS=debug})
469 context 'delete_guest_user' do
470 describe 'should do nothing by default' do
471 it { is_expected.not_to contain_rabbitmq_user('guest') }
474 describe 'delete user when delete_guest_user set' do
475 let(:params) { { delete_guest_user: true } }
477 it 'removes the user' do
478 is_expected.to contain_rabbitmq_user('guest').with(
479 'ensure' => 'absent',
480 'provider' => 'rabbitmqctl'
486 context 'configuration setting' do
487 describe 'node_ip_address when set' do
488 let(:params) { { node_ip_address: '172.0.0.1' } }
490 it 'sets NODE_IP_ADDRESS to specified value' do
491 is_expected.to contain_file('rabbitmq-env.config').
492 with_content(%r{NODE_IP_ADDRESS=172\.0\.0\.1})
496 describe 'stomp by default' do
497 it 'does not specify stomp parameters in rabbitmq.config' do
498 is_expected.to contain_file('rabbitmq.config').without('content' => %r{stomp})
501 describe 'stomp when set' do
502 let(:params) { { config_stomp: true, stomp_port: 5679 } }
504 it 'specifies stomp port in rabbitmq.config' do
505 is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\]}m)
508 describe 'stomp when set ssl port w/o ssl enabled' do
509 let(:params) { { config_stomp: true, stomp_port: 5679, ssl: false, ssl_stomp_port: 5680 } }
511 it 'does not configure ssl_listeners in rabbitmq.config' do
512 is_expected.to contain_file('rabbitmq.config').without('content' => %r{rabbitmq_stomp.*ssl_listeners, \[5680\]}m)
515 describe 'stomp when set with ssl' do
516 let(:params) { { config_stomp: true, stomp_port: 5679, ssl: true, ssl_stomp_port: 5680 } }
518 it 'specifies stomp port and ssl stomp port in rabbitmq.config' do
519 is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\].*ssl_listeners, \[5680\]}m)
524 describe 'configuring ldap authentication' do
526 { config_stomp: true,
528 ldap_server: 'ldap.example.com',
529 ldap_user_dn_pattern: 'ou=users,dc=example,dc=com',
530 ldap_other_bind: 'as_user',
534 ldap_config_variables: { 'foo' => 'bar' } }
537 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
539 it 'contains ldap parameters' do
540 verify_contents(catalogue, 'rabbitmq.config',
541 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
542 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
543 ' {servers, ["ldap.example.com"]},',
544 ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},',
545 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
549 describe 'configuring ldap authentication' do
551 { config_stomp: false,
553 ldap_server: 'ldap.example.com',
554 ldap_user_dn_pattern: 'ou=users,dc=example,dc=com',
555 ldap_other_bind: 'as_user',
559 ldap_config_variables: { 'foo' => 'bar' } }
562 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
564 it 'contains ldap parameters' do
565 verify_contents(catalogue, 'rabbitmq.config',
566 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
567 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
568 ' {servers, ["ldap.example.com"]},',
569 ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},',
570 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
574 describe 'configuring ldap authentication' do
576 { config_stomp: false,
578 ldap_server: 'ldap.example.com',
579 ldap_other_bind: 'as_user',
583 ldap_config_variables: { 'foo' => 'bar' } }
586 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
588 it 'does not set user_dn_pattern when none is specified' do
589 verify_contents(catalogue, 'rabbitmq.config',
590 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
591 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
592 ' {servers, ["ldap.example.com"]},',
593 ' {use_ssl, false},',
594 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
595 content = catalogue.resource('file', 'rabbitmq.config').send(:parameters)[:content]
596 expect(content).not_to include 'user_dn_pattern'
600 describe 'configuring auth_backends' do
602 { auth_backends: ['{baz, foo}', 'bar'] }
605 it 'contains auth_backends' do
606 verify_contents(catalogue, 'rabbitmq.config',
607 [' {auth_backends, [{baz, foo}, bar]},'])
611 describe 'auth_backends overrides ldap_auth' do
613 { auth_backends: ['{baz, foo}', 'bar'],
617 it 'contains auth_backends' do
618 verify_contents(catalogue, 'rabbitmq.config',
619 [' {auth_backends, [{baz, foo}, bar]},'])
623 describe 'configuring shovel plugin' do
630 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') }
632 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
634 describe 'with admin_enable false' do
642 it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
645 describe 'with static shovels' do
649 config_shovel_statics: {
650 'shovel_first' => '{sources,[{broker,"amqp://"}]},
651 {destinations,[{broker,"amqp://site1.example.com"}]},
652 {queue,<<"source_one">>}',
653 'shovel_second' => '{sources,[{broker,"amqp://"}]},
654 {destinations,[{broker,"amqp://site2.example.com"}]},
655 {queue,<<"source_two">>}'
660 it 'generates correct configuration' do
661 verify_contents(catalogue, 'rabbitmq.config', [
662 ' {rabbitmq_shovel,',
664 ' {shovel_first,[{sources,[{broker,"amqp://"}]},',
665 ' {destinations,[{broker,"amqp://site1.example.com"}]},',
666 ' {queue,<<"source_one">>}]},',
667 ' {shovel_second,[{sources,[{broker,"amqp://"}]},',
668 ' {destinations,[{broker,"amqp://site2.example.com"}]},',
669 ' {queue,<<"source_two">>}]}',
676 describe 'configuring shovel plugin' do
683 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') }
685 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
687 describe 'with admin_enable false' do
695 it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
698 describe 'with static shovels' do
702 config_shovel_statics: {
703 'shovel_first' => '{sources,[{broker,"amqp://"}]},
704 {destinations,[{broker,"amqp://site1.example.com"}]},
705 {queue,<<"source_one">>}',
706 'shovel_second' => '{sources,[{broker,"amqp://"}]},
707 {destinations,[{broker,"amqp://site2.example.com"}]},
708 {queue,<<"source_two">>}'
713 it 'generates correct configuration' do
714 verify_contents(catalogue, 'rabbitmq.config', [
715 ' {rabbitmq_shovel,',
717 ' {shovel_first,[{sources,[{broker,"amqp://"}]},',
718 ' {destinations,[{broker,"amqp://site1.example.com"}]},',
719 ' {queue,<<"source_one">>}]},',
720 ' {shovel_second,[{sources,[{broker,"amqp://"}]},',
721 ' {destinations,[{broker,"amqp://site2.example.com"}]},',
722 ' {queue,<<"source_two">>}]}',
729 describe 'default_user and default_pass set' do
730 let(:params) { { default_user: 'foo', default_pass: 'bar' } }
732 it 'sets default_user and default_pass to specified values' do
733 is_expected.to contain_file('rabbitmq.config').with('content' => %r{default_user, <<"foo">>.*default_pass, <<"bar">>}m)
737 describe 'interfaces option with no ssl' do
739 { interface: '0.0.0.0' }
742 it 'sets ssl options to specified values' do
743 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\{"0.0.0.0", 5672\}\]})
747 describe 'ssl options and mangament_ssl false' do
751 ssl_cacert: '/path/to/cacert',
752 ssl_cert: '/path/to/cert',
753 ssl_key: '/path/to/key',
754 ssl_secure_renegotiate: true,
755 ssl_reuse_sessions: true,
756 ssl_honor_cipher_order: true,
758 management_ssl: false,
759 management_port: 13_142 }
762 it 'sets ssl options to specified values' do
763 is_expected.to contain_file('rabbitmq.config').with_content(
764 %r{ssl_listeners, \[3141\]}
766 is_expected.to contain_file('rabbitmq.config').with_content(
769 is_expected.to contain_file('rabbitmq.config').with_content(
770 %r{cacertfile,"/path/to/cacert"}
772 is_expected.to contain_file('rabbitmq.config').with_content(
773 %r{certfile,"/path/to/cert"}
775 is_expected.to contain_file('rabbitmq.config').with_content(
776 %r{keyfile,"/path/to/key"}
778 is_expected.to contain_file('rabbitmq.config').with_content(
779 %r{secure_renegotiate,true}
781 is_expected.to contain_file('rabbitmq.config').with_content(
782 %r{reuse_sessions,true}
784 is_expected.to contain_file('rabbitmq.config').with_content(
785 %r{honor_cipher_order,true}
787 is_expected.to contain_file('rabbitmq.config').without_content(
791 it 'sets non ssl port for management port' do
792 is_expected.to contain_file('rabbitmq.config').with_content(
795 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
801 describe 'ssl options and mangament_ssl true' do
805 ssl_cacert: '/path/to/cacert',
806 ssl_cert: '/path/to/cert',
807 ssl_key: '/path/to/key',
808 ssl_secure_renegotiate: true,
809 ssl_reuse_sessions: true,
810 ssl_honor_cipher_order: true,
813 management_ssl: true,
814 ssl_management_port: 13_141 }
817 it 'sets ssl options to specified values' do
818 is_expected.to contain_file('rabbitmq.config').with_content(
819 %r{ssl_listeners, \[3141\]}
821 is_expected.to contain_file('rabbitmq.config').with_content(
824 is_expected.to contain_file('rabbitmq.config').with_content(
827 is_expected.to contain_file('rabbitmq.config').with_content(
828 %r{cacertfile,"/path/to/cacert"}
830 is_expected.to contain_file('rabbitmq.config').with_content(
831 %r{certfile,"/path/to/cert"}
833 is_expected.to contain_file('rabbitmq.config').with_content(
834 %r{keyfile,"/path/to/key"}
836 is_expected.to contain_file('rabbitmq.config').with_content(
837 %r{secure_renegotiate,true}
839 is_expected.to contain_file('rabbitmq.config').with_content(
840 %r{reuse_sessions,true}
842 is_expected.to contain_file('rabbitmq.config').with_content(
843 %r{honor_cipher_order,true}
845 is_expected.to contain_file('rabbitmq.config').without_content(
849 it 'sets ssl managment port to specified values' do
850 is_expected.to contain_file('rabbitmq.config').with_content(
854 it 'sets ssl options in the rabbitmqadmin.conf' do
855 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
856 %r{ssl_ca_cert_file\s=\s/path/to/cacert}
858 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
859 %r{ssl_cert_file\s=\s/path/to/cert}
861 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
862 %r{ssl_key_file\s=\s/path/to/key}
864 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
867 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
873 describe 'ssl options' do
877 ssl_cacert: '/path/to/cacert',
878 ssl_cert: '/path/to/cert',
879 ssl_key: '/path/to/key',
880 ssl_secure_renegotiate: true,
881 ssl_reuse_sessions: true,
882 ssl_honor_cipher_order: true,
886 it 'sets ssl options to specified values' do
887 is_expected.to contain_file('rabbitmq.config').with_content(
888 %r{ssl_listeners, \[3141\]}
890 is_expected.to contain_file('rabbitmq.config').with_content(
893 is_expected.to contain_file('rabbitmq.config').with_content(
894 %r{cacertfile,"/path/to/cacert"}
896 is_expected.to contain_file('rabbitmq.config').with_content(
897 %r{certfile,"/path/to/cert"}
899 is_expected.to contain_file('rabbitmq.config').with_content(
900 %r{keyfile,"/path/to/key"}
902 is_expected.to contain_file('rabbitmq.config').with_content(
903 %r{secure_renegotiate,true}
905 is_expected.to contain_file('rabbitmq.config').with_content(
906 %r{reuse_sessions,true}
908 is_expected.to contain_file('rabbitmq.config').with_content(
909 %r{honor_cipher_order,true}
911 is_expected.to contain_file('rabbitmq.config').without_content(
917 describe 'ssl options with ssl_interfaces' do
921 ssl_interface: '0.0.0.0',
922 ssl_cacert: '/path/to/cacert',
923 ssl_cert: '/path/to/cert',
924 ssl_key: '/path/to/key' }
927 it 'sets ssl options to specified values' do
928 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]})
929 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
930 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
931 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
935 describe 'ssl options with ssl_only' do
940 ssl_cacert: '/path/to/cacert',
941 ssl_cert: '/path/to/cert',
942 ssl_key: '/path/to/key' }
945 it 'sets ssl options to specified values' do
946 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]})
947 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]})
948 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[})
949 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
950 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
951 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
953 it 'does not set TCP listener environment defaults' do
954 is_expected.to contain_file('rabbitmq-env.config'). \
955 without_content(%r{NODE_PORT=}). \
956 without_content(%r{NODE_IP_ADDRESS=})
960 describe 'ssl options with ssl_only and ssl_interfaces' do
965 ssl_interface: '0.0.0.0',
966 ssl_cacert: '/path/to/cacert',
967 ssl_cert: '/path/to/cert',
968 ssl_key: '/path/to/key' }
971 it 'sets ssl options to specified values' do
972 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]})
973 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]})
974 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
975 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
976 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
980 describe 'ssl options with specific ssl versions' do
984 ssl_cacert: '/path/to/cacert',
985 ssl_cert: '/path/to/cert',
986 ssl_key: '/path/to/key',
987 ssl_versions: ['tlsv1.2', 'tlsv1.1'] }
990 it 'sets ssl options to specified values' do
991 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]})
992 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[})
993 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
994 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
995 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
996 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]})
997 is_expected.to contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]})
1001 describe 'ssl options with ssl_versions and not ssl' do
1005 ssl_cacert: '/path/to/cacert',
1006 ssl_cert: '/path/to/cert',
1007 ssl_key: '/path/to/key',
1008 ssl_versions: ['tlsv1.2', 'tlsv1.1'] }
1012 expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_versions requires that \$ssl => true})
1016 describe 'ssl options with ssl ciphers' do
1020 ssl_cacert: '/path/to/cacert',
1021 ssl_cert: '/path/to/cert',
1022 ssl_key: '/path/to/key',
1023 ssl_ciphers: ['ecdhe_rsa,aes_256_cbc,sha', 'dhe_rsa,aes_256_cbc,sha'] }
1026 it 'sets ssl ciphers to specified values' do
1027 is_expected.to contain_file('rabbitmq.config').with_content(%r{ciphers,\[[[:space:]]+{dhe_rsa,aes_256_cbc,sha},[[:space:]]+{ecdhe_rsa,aes_256_cbc,sha}[[:space:]]+\]})
1031 describe 'ssl admin options with specific ssl versions' do
1034 ssl_management_port: 5926,
1035 ssl_cacert: '/path/to/cacert',
1036 ssl_cert: '/path/to/cert',
1037 ssl_key: '/path/to/key',
1038 ssl_versions: ['tlsv1.2', 'tlsv1.1'],
1039 admin_enable: true }
1042 it 'sets admin ssl opts to specified values' do
1043 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1044 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1045 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 5926\}})
1046 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
1047 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1048 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1049 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1050 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1051 is_expected.to contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}})
1055 describe 'ssl with ssl_dhfile' do
1058 ssl_interface: '0.0.0.0',
1059 ssl_dhfile: '/etc/pki/tls/dh-params.pem' }
1062 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{dhfile, "/etc/pki/tls/dh-params\.pem}) }
1065 describe 'ssl with ssl_dhfile unset' do
1068 ssl_interface: '0.0.0.0',
1069 ssl_dhfile: :undef }
1072 it { is_expected.to contain_file('rabbitmq.config').without_content(%r{dhfile,}) }
1075 describe 'ssl with ssl_secure_renegotiate false' do
1078 ssl_interface: '0.0.0.0',
1079 ssl_secure_renegotiate: false }
1082 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{secure_renegotiate,false}) }
1085 describe 'ssl with ssl_reuse_sessions false' do
1088 ssl_interface: '0.0.0.0',
1089 ssl_reuse_sessions: false }
1092 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{reuse_sessions,false}) }
1095 describe 'ssl with ssl_honor_cipher_order false' do
1098 ssl_interface: '0.0.0.0',
1099 ssl_honor_cipher_order: false }
1102 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{honor_cipher_order,false}) }
1105 describe 'ssl admin options' do
1108 ssl_management_port: 3141,
1109 ssl_cacert: '/path/to/cacert',
1110 ssl_cert: '/path/to/cert',
1111 ssl_key: '/path/to/key',
1112 ssl_management_verify: 'verify_peer',
1113 ssl_management_fail_if_no_peer_cert: true,
1114 admin_enable: true }
1117 it 'sets rabbitmq_management ssl options to specified values' do
1118 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1119 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1120 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}})
1121 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
1122 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1123 is_expected.to contain_file('rabbitmq.config').with_content(%r{verify,verify_peer\},})
1124 is_expected.to contain_file('rabbitmq.config').with_content(%r{fail_if_no_peer_cert,true\}})
1125 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1126 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1127 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1131 describe 'admin without ssl' do
1134 management_port: 3141,
1135 admin_enable: true }
1138 it 'sets rabbitmq_management options to specified values' do
1139 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1140 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1141 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}})
1145 describe 'ssl admin options' do
1148 ssl_management_port: 3141,
1149 ssl_cacert: '/path/to/cacert',
1150 ssl_cert: '/path/to/cert',
1151 ssl_key: '/path/to/key',
1152 admin_enable: true }
1155 it 'sets rabbitmq_management ssl options to specified values' do
1156 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1157 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1158 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\},})
1159 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\},})
1160 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1161 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1162 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1163 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1167 describe 'admin without ssl' do
1170 management_port: 3141,
1171 admin_enable: true }
1174 it 'sets rabbitmq_management options to specified values' do
1175 is_expected.to contain_file('rabbitmq.config'). \
1176 with_content(%r{\{rabbitmq_management, \[}). \
1177 with_content(%r{\{listener, \[}). \
1178 with_content(%r{\{port, 3141\}})
1182 describe 'ipv6 enabled' do
1183 let(:params) { { ipv6: true } }
1185 it 'enables resolver inet6 in inetrc' do
1186 is_expected.to contain_file('rabbitmq-inetrc').with_content(%r{{inet6, true}.})
1189 context 'without other erl args' do
1190 it 'enables inet6 distribution' do
1191 is_expected.to contain_file('rabbitmq-env.config'). \
1192 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="-proto_dist inet6_tcp"$}). \
1193 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="-proto_dist inet6_tcp"$})
1197 context 'with other quoted erl args' do
1200 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => '"some quoted args"',
1201 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } }
1204 it 'enables inet6 distribution and quote properly' do
1205 is_expected.to contain_file('rabbitmq-env.config'). \
1206 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="some quoted args -proto_dist inet6_tcp"$}). \
1207 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -proto_dist inet6_tcp"$})
1211 context 'with other unquoted erl args' do
1214 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => 'foo',
1215 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } }
1218 it 'enables inet6 distribution and quote properly' do
1219 is_expected.to contain_file('rabbitmq-env.config'). \
1220 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="foo -proto_dist inet6_tcp"$}). \
1221 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -proto_dist inet6_tcp"$})
1225 context 'with SSL and without other erl args' do
1228 ssl_erl_dist: true }
1231 it 'enables inet6 distribution' do
1232 is_expected.to contain_file('rabbitmq-env.config'). \
1233 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1234 with_content(%r{^RABBITMQ_CTL_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1238 context 'with SSL and other quoted erl args' do
1242 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => '"some quoted args"',
1243 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } }
1246 it 'enables inet6 distribution and quote properly' do
1247 is_expected.to contain_file('rabbitmq-env.config'). \
1248 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="some quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1249 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1253 context 'with SSL and with other unquoted erl args' do
1257 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => 'foo',
1258 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } }
1261 it 'enables inet6 distribution and quote properly' do
1262 is_expected.to contain_file('rabbitmq-env.config'). \
1263 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="foo -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1264 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1269 describe 'config_variables options' do
1271 { config_variables: {
1272 'hipe_compile' => true,
1273 'vm_memory_high_watermark' => 0.4,
1274 'frame_max' => 131_072,
1275 'collect_statistics' => 'none',
1276 'auth_mechanisms' => "['PLAIN', 'AMQPLAIN']"
1280 it 'sets environment variables' do
1281 is_expected.to contain_file('rabbitmq.config'). \
1282 with_content(%r{\{hipe_compile, true\}}). \
1283 with_content(%r{\{vm_memory_high_watermark, 0.4\}}). \
1284 with_content(%r{\{frame_max, 131072\}}). \
1285 with_content(%r{\{collect_statistics, none\}}). \
1286 with_content(%r{\{auth_mechanisms, \['PLAIN', 'AMQPLAIN'\]\}})
1290 describe 'config_kernel_variables options' do
1292 { config_kernel_variables: {
1293 'inet_dist_listen_min' => 9100,
1294 'inet_dist_listen_max' => 9105
1298 it 'sets config variables' do
1299 is_expected.to contain_file('rabbitmq.config'). \
1300 with_content(%r{\{inet_dist_listen_min, 9100\}}). \
1301 with_content(%r{\{inet_dist_listen_max, 9105\}})
1305 describe 'config_management_variables' do
1307 { config_management_variables: {
1308 'rates_mode' => 'none'
1312 it 'sets config variables' do
1313 is_expected.to contain_file('rabbitmq.config'). \
1314 with_content(%r{\{rates_mode, none\}})
1318 describe 'tcp_keepalive enabled' do
1319 let(:params) { { tcp_keepalive: true } }
1321 it 'sets tcp_listen_options keepalive true' do
1322 is_expected.to contain_file('rabbitmq.config'). \
1323 with_content(%r{\{keepalive, true\}})
1327 describe 'tcp_keepalive disabled (default)' do
1328 it 'does not set tcp_listen_options' do
1329 is_expected.to contain_file('rabbitmq.config'). \
1330 without_content(%r{\{keepalive, true\}})
1334 describe 'tcp_backlog with default value' do
1335 it 'sets tcp_listen_options backlog to 128' do
1336 is_expected.to contain_file('rabbitmq.config'). \
1337 with_content(%r{\{backlog, 128\}})
1341 describe 'tcp_backlog with non-default value' do
1343 { tcp_backlog: 256 }
1346 it 'sets tcp_listen_options backlog to 256' do
1347 is_expected.to contain_file('rabbitmq.config'). \
1348 with_content(%r{\{backlog, 256\}})
1352 describe 'tcp_sndbuf with default value' do
1353 it 'does not set tcp_listen_options sndbuf' do
1354 is_expected.to contain_file('rabbitmq.config'). \
1355 without_content(%r{sndbuf})
1359 describe 'tcp_sndbuf with non-default value' do
1364 it 'sets tcp_listen_options sndbuf to 128' do
1365 is_expected.to contain_file('rabbitmq.config'). \
1366 with_content(%r{\{sndbuf, 128\}})
1370 describe 'tcp_recbuf with default value' do
1371 it 'does not set tcp_listen_options recbuf' do
1372 is_expected.to contain_file('rabbitmq.config'). \
1373 without_content(%r{recbuf})
1377 describe 'tcp_recbuf with non-default value' do
1382 it 'sets tcp_listen_options recbuf to 128' do
1383 is_expected.to contain_file('rabbitmq.config'). \
1384 with_content(%r{\{recbuf, 128\}})
1388 describe 'rabbitmq-heartbeat options' do
1389 let(:params) { { heartbeat: 60 } }
1391 it 'sets heartbeat paramter in config file' do
1392 is_expected.to contain_file('rabbitmq.config'). \
1393 with_content(%r{\{heartbeat, 60\}})
1397 context 'delete_guest_user' do
1398 describe 'should do nothing by default' do
1399 it { is_expected.not_to contain_rabbitmq_user('guest') }
1402 describe 'delete user when delete_guest_user set' do
1403 let(:params) { { delete_guest_user: true } }
1405 it 'removes the user' do
1406 is_expected.to contain_rabbitmq_user('guest').with(
1407 'ensure' => 'absent',
1408 'provider' => 'rabbitmqctl'
1415 ## rabbitmq::service
1417 describe 'service with default params' do
1419 is_expected.to contain_service('rabbitmq-server').with(
1420 'ensure' => 'running',
1422 'hasstatus' => 'true',
1423 'hasrestart' => 'true'
1428 describe 'service with ensure stopped' do
1430 { service_ensure: 'stopped' }
1434 is_expected.to contain_service('rabbitmq-server').with(
1435 'ensure' => 'stopped',
1441 describe 'service with service_manage equal to false' do
1443 { service_manage: false }
1446 it { is_expected.not_to contain_service('rabbitmq-server') }