1 require 'spec_helper_system'
5 # Cleanup after tests have ran
6 puppet_apply("class { 'postgresql::server': ensure => absent }") do |r|
7 r.exit_code.should_not == 1
11 it 'test postgresql::server' do
13 class { 'postgresql::server': }
16 puppet_apply(pp) do |r|
17 r.exit_code.should_not == 1
20 puppet_apply(pp) do |r|
21 r.exit_code.should be_zero
25 describe 'postgresql::db' do
26 it 'should idempotently create a db that we can connect to' do
29 $db = 'postgresql_test_db'
30 include postgresql::server
34 password => postgresql_password($db, $db),
38 puppet_apply(pp) do |r|
39 r.exit_code.should_not == 1
42 puppet_apply(pp) do |r|
43 r.exit_code.should == 0
46 psql('--command="select datname from pg_database" postgresql_test_db') do |r|
47 r.stdout.should =~ /postgresql_test_db/
48 r.stderr.should be_empty
49 r.exit_code.should == 0
52 psql('--command="drop database postgresql_test_db" postgres')
56 it 'should take a locale parameter' do
57 pending('no support for locale parameter with centos 5', :if => (node.facts['osfamily'] == 'RedHat' and node.facts['lsbmajdistrelease'] == '5'))
60 class { 'postgresql::server': }
61 if($::operatingsystem == 'Debian') {
62 # Need to make sure the correct locale is installed first
63 file { '/etc/locale.gen':
64 content => "en_US ISO-8859-1\nen_NG UTF-8\n",
66 exec { '/usr/sbin/locale-gen':
71 postgresql::db { 'test1':
73 password => postgresql_password('test1', 'test1'),
79 puppet_apply(pp) do |r|
80 r.exit_code.should_not == 1
83 puppet_apply(pp) do |r|
84 r.exit_code.should == 0
87 psql('-c "show lc_ctype" test1') do |r|
88 r.stdout.should =~ /en_NG/
91 psql('-c "show lc_collate" test1') do |r|
92 r.stdout.should =~ /en_NG/
95 psql('--command="drop database test1" postgres')
99 it 'should take an istemplate parameter' do
103 include postgresql::server
105 postgresql::db { $db:
107 password => postgresql_password($db, $db),
112 puppet_apply(pp) do |r|
113 r.exit_code.should_not == 1
116 puppet_apply(pp) do |r|
117 r.exit_code.should == 0
120 psql('--command="select datname from pg_database" template2') do |r|
121 r.stdout.should =~ /template2/
122 r.stderr.should be_empty
123 r.exit_code.should == 0
126 psql('--command="drop database template2" postgres') do |r|
127 r.stdout.should be_empty
128 r.stderr.should =~ /cannot drop a template database/
129 r.exit_code.should_not == 0
134 it 'should update istemplate parameter' do
138 include postgresql::server
140 postgresql::db { $db:
142 password => postgresql_password($db, $db),
147 puppet_apply(pp) do |r|
148 r.exit_code.should_not == 1
151 puppet_apply(pp) do |r|
152 r.exit_code.should == 0
155 psql('--command="select datname from pg_database" template2') do |r|
156 r.stdout.should =~ /template2/
157 r.stderr.should be_empty
158 r.exit_code.should == 0
161 psql('--command="drop database template2" postgres') do |r|
162 r.exit_code.should == 0
168 describe 'postgresql::psql' do
169 it 'should work but emit a deprecation warning' do
171 include postgresql::server
173 postgresql::psql { 'foobar':
176 command => 'select * from pg_database limit 1',
177 unless => 'select 1 where 1=1',
178 require => Class['postgresql::server'],
182 puppet_apply(pp) do |r|
183 r.exit_code.should_not == 1
184 r.stdout.should =~ /postgresql::psql is deprecated/
187 puppet_apply(pp) do |r|
188 r.exit_code.should == 2
189 r.stdout.should =~ /postgresql::psql is deprecated/
194 describe 'postgresql_psql' do
195 it 'should run some SQL when the unless query returns no rows' do
197 include postgresql::server
199 postgresql_psql { 'foobar':
201 psql_user => 'postgres',
202 command => 'select 1',
203 unless => 'select 1 where 1=2',
204 require => Class['postgresql::server'],
208 puppet_apply(pp) do |r|
209 r.exit_code.should_not == 1
212 puppet_apply(pp) do |r|
213 r.exit_code.should == 2
217 it 'should not run SQL when the unless query returns rows' do
219 include postgresql::server
221 postgresql_psql { 'foobar':
223 psql_user => 'postgres',
224 command => 'select * from pg_database limit 1',
225 unless => 'select 1 where 1=1',
226 require => Class['postgresql::server'],
230 puppet_apply(pp) do |r|
231 r.exit_code.should_not == 1
234 puppet_apply(pp) do |r|
235 r.exit_code.should be_zero
240 describe 'postgresql::user' do
241 it 'should idempotently create a user who can log in' do
243 $user = "postgresql_test_user"
244 $password = "postgresql_test_password"
246 include postgresql::server
248 # Since we are not testing pg_hba or any of that, make a local user for ident auth
253 postgresql::database_user { $user:
254 password_hash => postgresql_password($user, $password),
255 require => [ Class['postgresql::server'],
260 puppet_apply(pp) do |r|
261 r.exit_code.should_not == 1
264 puppet_apply(pp) do |r|
265 r.exit_code.should be_zero
268 # Check that the user can log in
269 psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r|
270 r.stdout.should =~ /template1/
271 r.stderr.should be_empty
272 r.exit_code.should == 0
276 it 'should idempotently alter a user who can log in' do
278 $user = "postgresql_test_user"
279 $password = "postgresql_test_password2"
281 include postgresql::server
283 # Since we are not testing pg_hba or any of that, make a local user for ident auth
288 postgresql::database_user { $user:
289 password_hash => postgresql_password($user, $password),
290 require => [ Class['postgresql::server'],
295 puppet_apply(pp) do |r|
296 r.exit_code.should_not == 1
299 puppet_apply(pp) do |r|
300 r.exit_code.should be_zero
303 # Check that the user can log in
304 psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r|
305 r.stdout.should =~ /template1/
306 r.stderr.should be_empty
307 r.exit_code.should == 0
312 describe 'postgresql::database_grant' do
313 it 'should grant access so a user can create in a database' do
317 $user = 'psql_grant_tester'
318 $password = 'psql_grant_pw'
320 include postgresql::server
322 # Since we are not testing pg_hba or any of that, make a local user for ident auth
327 postgresql::database_user { $user:
328 password_hash => postgresql_password($user, $password),
330 Class['postgresql::server'],
335 postgresql::database { $db:
336 require => Class['postgresql::server'],
339 postgresql::database_grant { 'grant create test':
340 privilege => 'CREATE',
344 Postgresql::Database[$db],
345 Postgresql::Database_user[$user],
350 puppet_apply(pp) do |r|
351 r.exit_code.should_not == 1
354 puppet_apply(pp) do |r|
355 r.exit_code.should be_zero
358 # Check that the user can create a table in the database
359 psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
360 r.stdout.should =~ /CREATE TABLE/
361 r.stderr.should be_empty
362 r.exit_code.should == 0
365 psql('--command="drop table foo" postgres', 'psql_grant_tester')
370 describe 'postgresql::table_grant' do
371 it 'should grant access so a user can insert in a table' do
375 $user = 'psql_table_tester'
376 $password = 'psql_table_pw'
378 include postgresql::server
380 # Since we are not testing pg_hba or any of that, make a local user for ident auth
385 postgresql::database_user { $user:
386 password_hash => postgresql_password($user, $password),
388 Class['postgresql::server'],
393 postgresql::database { $db:
394 require => Class['postgresql::server'],
397 postgresql_psql { 'Create testing table':
398 command => 'CREATE TABLE "test_table" (field integer NOT NULL)',
400 unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'",
401 require => Postgresql::Database[$db],
404 postgresql::table_grant { 'grant insert test':
405 privilege => 'INSERT',
406 table => 'test_table',
410 Postgresql::Database[$db],
411 Postgresql::Database_user[$user],
412 Postgresql_psql['Create testing table'],
417 puppet_apply(pp) do |r|
418 r.exit_code.should_not == 1
421 puppet_apply(pp) do |r|
422 r.exit_code.should be_zero
425 ## Check that the user can create a table in the database
426 #psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r|
427 # r.stdout.should =~ /CREATE TABLE/
428 # r.stderr.should be_empty
429 # r.exit_code.should == 0
432 #psql('--command="drop table foo" postgres', 'psql_grant_tester')
437 describe 'postgresql::validate_db_connections' do
438 it 'should run puppet with no changes declared if database connectivity works' do
441 include postgresql::server
443 postgresql::db { $db:
445 password => postgresql_password($db, $db),
449 puppet_apply(pp) do |r|
450 r.exit_code.should_not == 1
453 puppet_apply(pp) do |r|
454 r.exit_code.should be_zero
458 postgresql::validate_db_connection { 'foo':
459 database_host => 'localhost',
460 database_name => 'foo',
461 database_username => 'foo',
462 database_password => 'foo',
466 puppet_apply(pp) do |r|
467 r.exit_code.should be_zero
471 it 'should fail catalogue if database connectivity fails' do
473 postgresql::validate_db_connection { 'foobarbaz':
474 database_host => 'localhost',
475 database_name => 'foobarbaz',
476 database_username => 'foobarbaz',
477 database_password => 'foobarbaz',
481 puppet_apply(pp) do |r|
482 r.exit_code.should == 4
487 describe 'postgresql::tablespace' do
488 it 'should idempotently create tablespaces and databases that are using them' do
490 include postgresql::server
492 file { '/tmp/pg_tablespaces':
493 ensure => 'directory',
498 # This works around rubies that lack Selinux support, I'm looking at you RHEL5
499 exec { "chcon -u system_u -r object_r -t postgresql_db_t /tmp/pg_tablespaces":
501 path => "/bin:/usr/bin",
502 onlyif => "which chcon",
503 before => File["/tmp/pg_tablespaces/space1", "/tmp/pg_tablespaces/space2"]
506 postgresql::tablespace{ 'tablespace1':
507 location => '/tmp/pg_tablespaces/space1',
508 require => [Class['postgresql::server'], File['/tmp/pg_tablespaces']],
510 postgresql::database{ 'tablespacedb1':
512 tablespace => 'tablespace1',
513 require => Postgresql::Tablespace['tablespace1'],
515 postgresql::db{ 'tablespacedb2':
517 password => postgresql_password('dbuser2', 'dbuser2'),
518 tablespace => 'tablespace1',
519 require => Postgresql::Tablespace['tablespace1'],
522 postgresql::database_user{ 'spcuser':
523 password_hash => postgresql_password('spcuser', 'spcuser'),
524 require => Class['postgresql::server'],
526 postgresql::tablespace{ 'tablespace2':
527 location => '/tmp/pg_tablespaces/space2',
529 require => [Postgresql::Database_user['spcuser'], File['/tmp/pg_tablespaces']],
531 postgresql::database{ 'tablespacedb3':
533 tablespace => 'tablespace2',
534 require => Postgresql::Tablespace['tablespace2'],
538 puppet_apply(pp) do |r|
539 r.exit_code.should_not == 1
542 puppet_apply(pp) do |r|
543 r.exit_code.should == 0
546 # Check that databases use correct tablespaces
547 psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb1\'"\'"') do |r|
548 r.stdout.should =~ /tablespace1/
549 r.stderr.should be_empty
550 r.exit_code.should == 0
553 psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb3\'"\'"') do |r|
554 r.stdout.should =~ /tablespace2/
555 r.stderr.should be_empty
556 r.exit_code.should == 0
561 describe 'postgresql::pg_hba_rule' do
562 it 'should create a ruleset in pg_hba.conf' do
564 include postgresql::server
565 postgresql::pg_hba_rule { "allow application network to access app database":
569 address => "200.1.2.0/24",
574 puppet_apply(pp) do |r|
575 r.exit_code.should_not == 1
578 puppet_apply(pp) do |r|
579 r.exit_code.should be_zero
582 shell("grep '200.1.2.0/24' /etc/postgresql/*/*/pg_hba.conf || grep '200.1.2.0/24' /var/lib/pgsql/data/pg_hba.conf") do |r|
583 r.exit_code.should be_zero
587 it 'should create a ruleset in pg_hba.conf that denies db access to db test1' do
589 include postgresql::server
590 postgresql::db { "test1":
592 password => postgresql_password('test1', 'test1'),
595 postgresql::pg_hba_rule { "allow anyone to have access to db test1":
599 auth_method => reject,
603 shell => "/bin/bash",
607 puppet_apply(pp) do |r|
608 r.exit_code.should_not == 1
611 shell('su - test1 -c \'psql -U test1 -c "\q" test1\'') do |r|
612 r.exit_code.should == 2
617 describe 'postgresql.conf include' do
618 it "should support an 'include' directive at the end of postgresql.conf" do
619 pending('no support for include directive with centos 5/postgresql 8.1', :if => (node.facts['osfamily'] == 'RedHat' and node.facts['lsbmajdistrelease'] == '5'))
622 class { 'postgresql::server': }
624 $pg_conf_include_file = "${postgresql::params::confdir}/postgresql_puppet_extras.conf"
626 file { $pg_conf_include_file :
627 content => 'max_connections = 123',
628 notify => Service['postgresqld'],
634 puppet_apply(pp) do |r|
635 r.exit_code.should_not == 1
638 puppet_apply(pp) do |r|
639 r.exit_code.should be_zero
642 psql('--command="show max_connections" -t') do |r|
643 r.stdout.should =~ /123/
644 r.stderr.should be_empty
645 r.exit_code.should be_zero
650 require postgresql::params
652 $pg_conf_include_file = "${postgresql::params::confdir}/postgresql_puppet_extras.conf"
654 file { $pg_conf_include_file :