4 context 'on unsupported distributions' do
7 os: { family: 'Unsupported' }
12 expect { catalogue }.to raise_error(Puppet::Error, %r{not supported on an Unsupported})
16 on_supported_os.each do |os, facts|
18 systemd_facts = os_specific_facts(facts)
19 facts = facts.merge(systemd_facts)
24 name = case facts[:osfamily]
25 when 'Archlinux', 'OpenBSD', 'FreeBSD'
31 it { is_expected.to compile.with_all_deps }
32 it { is_expected.to contain_class('rabbitmq::install') }
33 it { is_expected.to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') }
34 it { is_expected.to contain_class('rabbitmq::service') }
36 it { is_expected.to contain_package(name).with_ensure('installed').with_name(name) }
37 if facts[:os]['family'] == 'Suse'
38 it { is_expected.to contain_package('rabbitmq-server-plugins') }
41 context 'with default params' do
42 it { is_expected.not_to contain_class('rabbitmq::repo::apt') }
43 it { is_expected.not_to contain_apt__source('rabbitmq') }
44 it { is_expected.not_to contain_class('rabbitmq::repo::rhel') }
45 it { is_expected.not_to contain_yumrepo('rabbitmq') }
48 context 'with service_restart => false' do
49 let(:params) { { service_restart: false } }
51 it { is_expected.not_to contain_class('rabbitmq::config').that_notifies('Class[rabbitmq::service]') }
54 context 'with repos_ensure => true' do
55 let(:params) { { repos_ensure: true } }
57 if facts[:os]['family'] == 'Debian'
58 it 'includes rabbitmq::repo::apt' do
59 is_expected.to contain_class('rabbitmq::repo::apt').
60 with_key_source('https://packagecloud.io/gpg.key').
64 it 'adds a repo with default values' do
65 is_expected.to contain_apt__source('rabbitmq').
66 with_ensure('present').
67 with_location("https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}").
72 it { is_expected.not_to contain_class('rabbitmq::repo::apt') }
73 it { is_expected.not_to contain_apt__souce('rabbitmq') }
76 if facts[:os]['family'] == 'RedHat'
77 it { is_expected.to contain_class('rabbitmq::repo::rhel') }
79 it 'the repo should be present, and contain the expected values' do
80 is_expected.to contain_yumrepo('rabbitmq').
81 with_ensure('present').
82 with_baseurl(%r{https://packagecloud.io/rabbitmq/rabbitmq-server/el/\d+/\$basearch$}).
83 with_gpgkey('https://www.rabbitmq.com/rabbitmq-release-signing-key.asc')
86 it { is_expected.not_to contain_class('rabbitmq::repo::rhel') }
87 it { is_expected.not_to contain_yumrepo('rabbitmq') }
91 context 'with no pin', if: facts[:os]['family'] == 'Debian' do
92 let(:params) { { repos_ensure: true, package_apt_pin: '' } }
94 describe 'it sets up an apt::source' do
96 is_expected.to contain_apt__source('rabbitmq').with(
97 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}",
99 'key' => '{"id"=>"418A7F2FB0E1E6E7EABF6FE8C2E73424D59097AB", "source"=>"https://packagecloud.io/gpg.key", "content"=>:undef}'
105 context 'with pin', if: facts[:os]['family'] == 'Debian' do
106 let(:params) { { repos_ensure: true, package_apt_pin: '700' } }
108 describe 'it sets up an apt::source and pin' do
110 is_expected.to contain_apt__source('rabbitmq').with(
111 'location' => "https://packagecloud.io/rabbitmq/rabbitmq-server/#{facts[:os]['name'].downcase}",
113 'key' => '{"id"=>"418A7F2FB0E1E6E7EABF6FE8C2E73424D59097AB", "source"=>"https://packagecloud.io/gpg.key", "content"=>:undef}'
118 is_expected.to contain_apt__pin('rabbitmq').with(
121 'origin' => 'packagecloud.io'
127 ['infinity', -1, 1234].each do |value|
128 context "with file_limit => '#{value}'" do
129 let(:params) { { file_limit: value } }
131 if facts[:os]['family'] == 'RedHat'
133 is_expected.to contain_file('/etc/security/limits.d/rabbitmq-server.conf').
137 that_notifies('Class[Rabbitmq::Service]').
138 with_content("rabbitmq soft nofile #{value}\nrabbitmq hard nofile #{value}\n")
141 it { is_expected.not_to contain_file('/etc/security/limits.d/rabbitmq-server.conf') }
144 if facts[:os]['family'] == 'Debian'
145 it { is_expected.to contain_file('/etc/default/rabbitmq-server').with_content(%r{ulimit -n #{value}}) }
147 it { is_expected.not_to contain_file('/etc/default/rabbitmq-server') }
152 is_expected.to contain_systemd__service_limits("#{name}.service").
153 with_limits('LimitNOFILE' => value).
154 with_restart_service(false)
157 it { is_expected.not_to contain_systemd__service_limits("#{name}.service") }
162 [-42, '-42', 'foo'].each do |value|
163 context "with file_limit => '#{value}'" do
164 let(:params) { { file_limit: value } }
166 it 'does not compile' do
167 expect { catalogue }.to raise_error(Puppet::PreformattedError, %r{Error while evaluating a Resource Statement})
172 context 'on systems with systemd', if: facts[:systemd] do
174 is_expected.to contain_systemd__service_limits("#{name}.service").
175 with_restart_service(false)
179 context 'on systems without systemd', unless: facts[:systemd] do
180 it { is_expected.not_to contain_systemd__service_limits("#{name}.service") }
183 context 'with admin_enable set to true' do
184 let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1' } }
186 context 'with service_manage set to true' do
187 let(:params) { { admin_enable: true, management_ip_address: '1.1.1.1', service_manage: true } }
189 context 'with rabbitmqadmin_package set to blub' do
190 let(:params) { { rabbitmqadmin_package: 'blub' } }
192 it 'installs a package called blub' do
193 is_expected.to contain_package('rabbitmqadmin').with_name('blub')
196 if facts[:os]['family'] == 'Archlinux'
197 it 'installs a package called rabbitmqadmin' do
198 is_expected.to contain_package('rabbitmqadmin').with_name('rabbitmqadmin')
201 it 'we enable the admin interface by default' do
202 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
203 is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with(
204 notify: 'Class[Rabbitmq::Service]'
206 is_expected.to contain_archive('rabbitmqadmin').with_source('http://1.1.1.1:15672/cli/rabbitmqadmin')
209 if %w[RedHat Debian SUSE].include?(facts[:os]['family'])
210 it { is_expected.to contain_package('python') }
212 if %w[FreeBSD OpenBSD].include?(facts[:os]['family'])
213 it { is_expected.to contain_package('python2') }
216 context 'with manage_python false' do
217 let(:params) { { manage_python: false } }
220 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
221 is_expected.not_to contain_package('python')
222 is_expected.not_to contain_package('python2')
226 context 'with $management_ip_address undef and service_manage set to true', unless: facts[:osfamily] == 'Archlinux' do
227 let(:params) { { admin_enable: true, management_ip_address: :undef } }
229 it 'we enable the admin interface by default' do
230 is_expected.to contain_class('rabbitmq::install::rabbitmqadmin')
231 is_expected.to contain_rabbitmq_plugin('rabbitmq_management').with(
232 notify: 'Class[Rabbitmq::Service]'
234 is_expected.to contain_archive('rabbitmqadmin').with_source('http://127.0.0.1:15672/cli/rabbitmqadmin')
237 context 'with service_manage set to true, node_ip_address = undef, and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do
238 let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', node_ip_address: :undef } }
240 it 'we use the correct URL to rabbitmqadmin' do
241 is_expected.to contain_archive('rabbitmqadmin').with(
242 source: 'http://127.0.0.1:15672/cli/rabbitmqadmin',
248 context 'with service_manage set to true and default user/pass specified', unless: facts[:osfamily] == 'Archlinux' do
249 let(:params) { { admin_enable: true, default_user: 'foobar', default_pass: 'hunter2', management_ip_address: '1.1.1.1' } }
251 it 'we use the correct URL to rabbitmqadmin' do
252 is_expected.to contain_archive('rabbitmqadmin').with(
253 source: 'http://1.1.1.1:15672/cli/rabbitmqadmin',
259 context 'with service_manage set to true and archive_options set', unless: facts[:osfamily] == 'Archlinux' do
263 management_ip_address: '1.1.1.1',
264 archive_options: %w[fizz pop]
268 it 'we use the correct archive_options to rabbitmqadmin' do
269 is_expected.to contain_archive('rabbitmqadmin').with(
270 source: 'http://1.1.1.1:15672/cli/rabbitmqadmin',
271 download_options: %w[fizz pop]
275 context 'with service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do
276 # note that the 2.x management port is 55672 not 15672
277 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '1.1.1.1' } }
279 it 'we use the correct URL to rabbitmqadmin' do
280 is_expected.to contain_archive('rabbitmqadmin').with(
281 source: 'http://1.1.1.1:55672/cli/rabbitmqadmin',
287 context 'with ipv6, service_manage set to true and management port specified', unless: facts[:osfamily] == 'Archlinux' do
288 # note that the 2.x management port is 55672 not 15672
289 let(:params) { { admin_enable: true, management_port: 55_672, management_ip_address: '::1' } }
291 it 'we use the correct URL to rabbitmqadmin' do
292 is_expected.to contain_archive('rabbitmqadmin').with(
293 source: 'http://[::1]:55672/cli/rabbitmqadmin',
299 context 'with service_manage set to false' do
300 let(:params) { { admin_enable: true, service_manage: false } }
303 is_expected.not_to contain_class('rabbitmq::install::rabbitmqadmin')
304 is_expected.not_to contain_rabbitmq_plugin('rabbitmq_management')
309 describe 'manages configuration directory correctly' do
311 is_expected.to contain_file('/etc/rabbitmq').with(
312 'ensure' => 'directory',
318 describe 'manages configuration file correctly' do
320 is_expected.to contain_file('rabbitmq.config').with(
322 'group' => 'rabbitmq',
328 describe 'does not contain pre-ranch settings with default config' do
330 is_expected.to contain_file('rabbitmq.config'). \
331 without_content(%r{binary,}). \
332 without_content(%r{\{packet, raw\},}). \
333 without_content(%r{\{reuseaddr, true\},})
337 describe 'contains pre-ranch settings with config_ranch set to false' do
338 let(:params) { { config_ranch: false } }
341 is_expected.to contain_file('rabbitmq.config'). \
342 with_content(%r{binary,}). \
343 with_content(%r{\{packet, raw\},}). \
344 with_content(%r{\{reuseaddr, true\},})
348 context 'configures config_cluster' do
351 config_cluster: true,
352 cluster_nodes: ['hare-1', 'hare-2'],
353 cluster_node_type: 'ram',
354 wipe_db_on_cookie_change: false
358 describe 'with erlang_cookie set' do
361 config_cluster: true,
362 cluster_nodes: ['hare-1', 'hare-2'],
363 cluster_node_type: 'ram',
364 erlang_cookie: 'TESTCOOKIE',
365 wipe_db_on_cookie_change: true
369 it 'contains the rabbitmq_erlang_cookie' do
370 is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
374 describe 'with erlang_cookie set but without config_cluster' do
377 config_cluster: false,
378 erlang_cookie: 'TESTCOOKIE'
382 it 'contains the rabbitmq_erlang_cookie' do
383 is_expected.to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
387 describe 'without erlang_cookie and without config_cluster' do
390 config_cluster: false
394 it 'contains the rabbitmq_erlang_cookie' do
395 is_expected.not_to contain_rabbitmq_erlang_cookie('/var/lib/rabbitmq/.erlang.cookie')
399 describe 'and sets appropriate configuration' do
402 config_cluster: true,
403 cluster_nodes: ['hare-1', 'hare-2'],
404 cluster_node_type: 'ram',
405 erlang_cookie: 'ORIGINAL',
406 wipe_db_on_cookie_change: true
410 it 'for cluster_nodes' do
411 is_expected.to contain_file('rabbitmq.config').with('content' => %r{cluster_nodes.*\['rabbit@hare-1', 'rabbit@hare-2'\], ram})
416 describe 'rabbitmq-env configuration' do
417 context 'with default params' do
418 it 'sets environment variables' do
419 is_expected.to contain_file('rabbitmq-env.config'). \
420 with_content(%r{ERL_INETRC=/etc/rabbitmq/inetrc})
424 context 'with environment_variables set' do
426 { environment_variables: {
427 'NODE_IP_ADDRESS' => '1.1.1.1',
428 'NODE_PORT' => '5656',
429 'NODENAME' => 'HOSTNAME',
430 'SERVICENAME' => 'RabbitMQ',
431 'CONSOLE_LOG' => 'RabbitMQ.debug',
432 'CTL_ERL_ARGS' => 'verbose',
433 'SERVER_ERL_ARGS' => 'v',
434 'SERVER_START_ARGS' => 'debug'
438 it 'sets environment variables' do
439 is_expected.to contain_file('rabbitmq-env.config'). \
440 with_content(%r{NODE_IP_ADDRESS=1.1.1.1}). \
441 with_content(%r{NODE_PORT=5656}). \
442 with_content(%r{NODENAME=HOSTNAME}). \
443 with_content(%r{SERVICENAME=RabbitMQ}). \
444 with_content(%r{CONSOLE_LOG=RabbitMQ.debug}). \
445 with_content(%r{CTL_ERL_ARGS=verbose}). \
446 with_content(%r{SERVER_ERL_ARGS=v}). \
447 with_content(%r{SERVER_START_ARGS=debug})
452 context 'delete_guest_user' do
453 describe 'should do nothing by default' do
454 it { is_expected.not_to contain_rabbitmq_user('guest') }
457 describe 'delete user when delete_guest_user set' do
458 let(:params) { { delete_guest_user: true } }
460 it 'removes the user' do
461 is_expected.to contain_rabbitmq_user('guest').with(
462 'ensure' => 'absent',
463 'provider' => 'rabbitmqctl'
469 context 'configuration setting' do
470 describe 'node_ip_address when set' do
471 let(:params) { { node_ip_address: '172.0.0.1' } }
473 it 'sets NODE_IP_ADDRESS to specified value' do
474 is_expected.to contain_file('rabbitmq-env.config').
475 with_content(%r{NODE_IP_ADDRESS=172\.0\.0\.1})
479 describe 'stomp by default' do
480 it 'does not specify stomp parameters in rabbitmq.config' do
481 is_expected.to contain_file('rabbitmq.config').without('content' => %r{stomp})
484 describe 'stomp when set' do
485 let(:params) { { config_stomp: true, stomp_port: 5679 } }
487 it 'specifies stomp port in rabbitmq.config' do
488 is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\]}m)
491 describe 'stomp when set ssl port w/o ssl enabled' do
492 let(:params) { { config_stomp: true, stomp_port: 5679, ssl: false, ssl_stomp_port: 5680 } }
494 it 'does not configure ssl_listeners in rabbitmq.config' do
495 is_expected.to contain_file('rabbitmq.config').without('content' => %r{rabbitmq_stomp.*ssl_listeners, \[5680\]}m)
498 describe 'stomp when set with ssl' do
499 let(:params) { { config_stomp: true, stomp_port: 5679, ssl: true, ssl_stomp_port: 5680 } }
501 it 'specifies stomp port and ssl stomp port in rabbitmq.config' do
502 is_expected.to contain_file('rabbitmq.config').with('content' => %r{rabbitmq_stomp.*tcp_listeners, \[5679\].*ssl_listeners, \[5680\]}m)
507 describe 'configuring ldap authentication' do
509 { config_stomp: true,
511 ldap_server: 'ldap.example.com',
512 ldap_user_dn_pattern: 'ou=users,dc=example,dc=com',
513 ldap_other_bind: 'as_user',
517 ldap_config_variables: { 'foo' => 'bar' } }
520 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
522 it 'contains ldap parameters' do
523 verify_contents(catalogue, 'rabbitmq.config',
524 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
525 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
526 ' {servers, ["ldap.example.com"]},',
527 ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},',
528 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
532 describe 'configuring ldap authentication' do
534 { config_stomp: false,
536 ldap_server: 'ldap.example.com',
537 ldap_user_dn_pattern: 'ou=users,dc=example,dc=com',
538 ldap_other_bind: 'as_user',
542 ldap_config_variables: { 'foo' => 'bar' } }
545 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
547 it 'contains ldap parameters' do
548 verify_contents(catalogue, 'rabbitmq.config',
549 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
550 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
551 ' {servers, ["ldap.example.com"]},',
552 ' {user_dn_pattern, "ou=users,dc=example,dc=com"},', ' {use_ssl, false},',
553 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
557 describe 'configuring ldap authentication' do
559 { config_stomp: false,
561 ldap_server: 'ldap.example.com',
562 ldap_other_bind: 'as_user',
566 ldap_config_variables: { 'foo' => 'bar' } }
569 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_auth_backend_ldap') }
571 it 'does not set user_dn_pattern when none is specified' do
572 verify_contents(catalogue, 'rabbitmq.config',
573 ['[', ' {rabbit, [', ' {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_ldap]},', ' ]}',
574 ' {rabbitmq_auth_backend_ldap, [', ' {other_bind, as_user},',
575 ' {servers, ["ldap.example.com"]},',
576 ' {use_ssl, false},',
577 ' {port, 389},', ' {foo, bar},', ' {log, true}'])
578 content = catalogue.resource('file', 'rabbitmq.config').send(:parameters)[:content]
579 expect(content).not_to include 'user_dn_pattern'
583 describe 'configuring auth_backends' do
585 { auth_backends: ['{baz, foo}', 'bar'] }
588 it 'contains auth_backends' do
589 verify_contents(catalogue, 'rabbitmq.config',
590 [' {auth_backends, [{baz, foo}, bar]},'])
594 describe 'auth_backends overrides ldap_auth' do
596 { auth_backends: ['{baz, foo}', 'bar'],
600 it 'contains auth_backends' do
601 verify_contents(catalogue, 'rabbitmq.config',
602 [' {auth_backends, [{baz, foo}, bar]},'])
606 describe 'configuring shovel plugin' do
613 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') }
615 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
617 describe 'with admin_enable false' do
625 it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
628 describe 'with static shovels' do
632 config_shovel_statics: {
633 'shovel_first' => '{sources,[{broker,"amqp://"}]},
634 {destinations,[{broker,"amqp://site1.example.com"}]},
635 {queue,<<"source_one">>}',
636 'shovel_second' => '{sources,[{broker,"amqp://"}]},
637 {destinations,[{broker,"amqp://site2.example.com"}]},
638 {queue,<<"source_two">>}'
643 it 'generates correct configuration' do
644 verify_contents(catalogue, 'rabbitmq.config', [
645 ' {rabbitmq_shovel,',
647 ' {shovel_first,[{sources,[{broker,"amqp://"}]},',
648 ' {destinations,[{broker,"amqp://site1.example.com"}]},',
649 ' {queue,<<"source_one">>}]},',
650 ' {shovel_second,[{sources,[{broker,"amqp://"}]},',
651 ' {destinations,[{broker,"amqp://site2.example.com"}]},',
652 ' {queue,<<"source_two">>}]}',
659 describe 'configuring shovel plugin' do
666 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel') }
668 it { is_expected.to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
670 describe 'with admin_enable false' do
678 it { is_expected.not_to contain_rabbitmq_plugin('rabbitmq_shovel_management') }
681 describe 'with static shovels' do
685 config_shovel_statics: {
686 'shovel_first' => '{sources,[{broker,"amqp://"}]},
687 {destinations,[{broker,"amqp://site1.example.com"}]},
688 {queue,<<"source_one">>}',
689 'shovel_second' => '{sources,[{broker,"amqp://"}]},
690 {destinations,[{broker,"amqp://site2.example.com"}]},
691 {queue,<<"source_two">>}'
696 it 'generates correct configuration' do
697 verify_contents(catalogue, 'rabbitmq.config', [
698 ' {rabbitmq_shovel,',
700 ' {shovel_first,[{sources,[{broker,"amqp://"}]},',
701 ' {destinations,[{broker,"amqp://site1.example.com"}]},',
702 ' {queue,<<"source_one">>}]},',
703 ' {shovel_second,[{sources,[{broker,"amqp://"}]},',
704 ' {destinations,[{broker,"amqp://site2.example.com"}]},',
705 ' {queue,<<"source_two">>}]}',
712 describe 'default_user and default_pass set' do
713 let(:params) { { default_user: 'foo', default_pass: 'bar' } }
715 it 'sets default_user and default_pass to specified values' do
716 is_expected.to contain_file('rabbitmq.config').with('content' => %r{default_user, <<"foo">>.*default_pass, <<"bar">>}m)
720 describe 'interfaces option with no ssl' do
722 { interface: '0.0.0.0' }
725 it 'sets ssl options to specified values' do
726 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\{"0.0.0.0", 5672\}\]})
730 describe 'ssl options and mangament_ssl false' do
734 ssl_cacert: '/path/to/cacert',
735 ssl_cert: '/path/to/cert',
736 ssl_key: '/path/to/key',
737 ssl_secure_renegotiate: true,
738 ssl_reuse_sessions: true,
739 ssl_honor_cipher_order: true,
741 management_ssl: false,
742 management_port: 13_142 }
745 it 'sets ssl options to specified values' do
746 is_expected.to contain_file('rabbitmq.config').with_content(
747 %r{ssl_listeners, \[3141\]}
749 is_expected.to contain_file('rabbitmq.config').with_content(
752 is_expected.to contain_file('rabbitmq.config').with_content(
753 %r{cacertfile,"/path/to/cacert"}
755 is_expected.to contain_file('rabbitmq.config').with_content(
756 %r{certfile,"/path/to/cert"}
758 is_expected.to contain_file('rabbitmq.config').with_content(
759 %r{keyfile,"/path/to/key"}
761 is_expected.to contain_file('rabbitmq.config').with_content(
762 %r{secure_renegotiate,true}
764 is_expected.to contain_file('rabbitmq.config').with_content(
765 %r{reuse_sessions,true}
767 is_expected.to contain_file('rabbitmq.config').with_content(
768 %r{honor_cipher_order,true}
770 is_expected.to contain_file('rabbitmq.config').without_content(
774 it 'sets non ssl port for management port' do
775 is_expected.to contain_file('rabbitmq.config').with_content(
778 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
784 describe 'ssl options and mangament_ssl true' do
788 ssl_cacert: '/path/to/cacert',
789 ssl_cert: '/path/to/cert',
790 ssl_key: '/path/to/key',
791 ssl_secure_renegotiate: true,
792 ssl_reuse_sessions: true,
793 ssl_honor_cipher_order: true,
796 management_ssl: true,
797 ssl_management_port: 13_141 }
800 it 'sets ssl options to specified values' do
801 is_expected.to contain_file('rabbitmq.config').with_content(
802 %r{ssl_listeners, \[3141\]}
804 is_expected.to contain_file('rabbitmq.config').with_content(
807 is_expected.to contain_file('rabbitmq.config').with_content(
810 is_expected.to contain_file('rabbitmq.config').with_content(
811 %r{cacertfile,"/path/to/cacert"}
813 is_expected.to contain_file('rabbitmq.config').with_content(
814 %r{certfile,"/path/to/cert"}
816 is_expected.to contain_file('rabbitmq.config').with_content(
817 %r{keyfile,"/path/to/key"}
819 is_expected.to contain_file('rabbitmq.config').with_content(
820 %r{secure_renegotiate,true}
822 is_expected.to contain_file('rabbitmq.config').with_content(
823 %r{reuse_sessions,true}
825 is_expected.to contain_file('rabbitmq.config').with_content(
826 %r{honor_cipher_order,true}
828 is_expected.to contain_file('rabbitmq.config').without_content(
832 it 'sets ssl managment port to specified values' do
833 is_expected.to contain_file('rabbitmq.config').with_content(
837 it 'sets ssl options in the rabbitmqadmin.conf' do
838 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
839 %r{ssl_ca_cert_file\s=\s/path/to/cacert}
841 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
842 %r{ssl_cert_file\s=\s/path/to/cert}
844 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
845 %r{ssl_key_file\s=\s/path/to/key}
847 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
850 is_expected.to contain_file('rabbitmqadmin.conf').with_content(
856 describe 'ssl options' do
860 ssl_cacert: '/path/to/cacert',
861 ssl_cert: '/path/to/cert',
862 ssl_key: '/path/to/key',
863 ssl_secure_renegotiate: true,
864 ssl_reuse_sessions: true,
865 ssl_honor_cipher_order: true,
869 it 'sets ssl options to specified values' do
870 is_expected.to contain_file('rabbitmq.config').with_content(
871 %r{ssl_listeners, \[3141\]}
873 is_expected.to contain_file('rabbitmq.config').with_content(
876 is_expected.to contain_file('rabbitmq.config').with_content(
877 %r{cacertfile,"/path/to/cacert"}
879 is_expected.to contain_file('rabbitmq.config').with_content(
880 %r{certfile,"/path/to/cert"}
882 is_expected.to contain_file('rabbitmq.config').with_content(
883 %r{keyfile,"/path/to/key"}
885 is_expected.to contain_file('rabbitmq.config').with_content(
886 %r{secure_renegotiate,true}
888 is_expected.to contain_file('rabbitmq.config').with_content(
889 %r{reuse_sessions,true}
891 is_expected.to contain_file('rabbitmq.config').with_content(
892 %r{honor_cipher_order,true}
894 is_expected.to contain_file('rabbitmq.config').without_content(
900 describe 'ssl options with ssl_interfaces' do
904 ssl_interface: '0.0.0.0',
905 ssl_cacert: '/path/to/cacert',
906 ssl_cert: '/path/to/cert',
907 ssl_key: '/path/to/key' }
910 it 'sets ssl options to specified values' do
911 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]})
912 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
913 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
914 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
918 describe 'ssl options with ssl_only' do
923 ssl_cacert: '/path/to/cacert',
924 ssl_cert: '/path/to/cert',
925 ssl_key: '/path/to/key' }
928 it 'sets ssl options to specified values' do
929 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]})
930 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]})
931 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[})
932 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
933 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
934 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
936 it 'does not set TCP listener environment defaults' do
937 is_expected.to contain_file('rabbitmq-env.config'). \
938 without_content(%r{NODE_PORT=}). \
939 without_content(%r{NODE_IP_ADDRESS=})
943 describe 'ssl options with ssl_only and ssl_interfaces' do
948 ssl_interface: '0.0.0.0',
949 ssl_cacert: '/path/to/cacert',
950 ssl_cert: '/path/to/cert',
951 ssl_key: '/path/to/key' }
954 it 'sets ssl options to specified values' do
955 is_expected.to contain_file('rabbitmq.config').with_content(%r{tcp_listeners, \[\]})
956 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[\{"0.0.0.0", 3141\}\]})
957 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
958 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
959 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
963 describe 'ssl options with specific ssl versions' do
967 ssl_cacert: '/path/to/cacert',
968 ssl_cert: '/path/to/cert',
969 ssl_key: '/path/to/key',
970 ssl_versions: ['tlsv1.2', 'tlsv1.1'] }
973 it 'sets ssl options to specified values' do
974 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_listeners, \[3141\]})
975 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_options, \[})
976 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile,"/path/to/cacert"})
977 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile,"/path/to/cert"})
978 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile,"/path/to/key})
979 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, \[\{versions, \['tlsv1.1', 'tlsv1.2'\]\}\]})
980 is_expected.to contain_file('rabbitmq.config').with_content(%r{versions, \['tlsv1.1', 'tlsv1.2'\]})
984 describe 'ssl options with ssl_versions and not ssl' do
988 ssl_cacert: '/path/to/cacert',
989 ssl_cert: '/path/to/cert',
990 ssl_key: '/path/to/key',
991 ssl_versions: ['tlsv1.2', 'tlsv1.1'] }
995 expect { catalogue }.to raise_error(Puppet::Error, %r{\$ssl_versions requires that \$ssl => true})
999 describe 'ssl options with ssl ciphers' do
1003 ssl_cacert: '/path/to/cacert',
1004 ssl_cert: '/path/to/cert',
1005 ssl_key: '/path/to/key',
1006 ssl_ciphers: ['ecdhe_rsa,aes_256_cbc,sha', 'dhe_rsa,aes_256_cbc,sha'] }
1009 it 'sets ssl ciphers to specified values' do
1010 is_expected.to contain_file('rabbitmq.config').with_content(%r{ciphers,\[[[:space:]]+{dhe_rsa,aes_256_cbc,sha},[[:space:]]+{ecdhe_rsa,aes_256_cbc,sha}[[:space:]]+\]})
1014 describe 'ssl admin options with specific ssl versions' do
1017 ssl_management_port: 5926,
1018 ssl_cacert: '/path/to/cacert',
1019 ssl_cert: '/path/to/cert',
1020 ssl_key: '/path/to/key',
1021 ssl_versions: ['tlsv1.2', 'tlsv1.1'],
1022 admin_enable: true }
1025 it 'sets admin ssl opts to specified values' do
1026 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1027 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1028 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 5926\}})
1029 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
1030 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1031 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1032 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1033 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1034 is_expected.to contain_file('rabbitmq.config').with_content(%r{,\{versions, \['tlsv1.1', 'tlsv1.2'\]\}})
1038 describe 'ssl with ssl_dhfile' do
1041 ssl_interface: '0.0.0.0',
1042 ssl_dhfile: '/etc/pki/tls/dh-params.pem' }
1045 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{dhfile, "/etc/pki/tls/dh-params\.pem}) }
1048 describe 'ssl with ssl_dhfile unset' do
1051 ssl_interface: '0.0.0.0',
1052 ssl_dhfile: :undef }
1055 it { is_expected.to contain_file('rabbitmq.config').without_content(%r{dhfile,}) }
1058 describe 'ssl with ssl_secure_renegotiate false' do
1061 ssl_interface: '0.0.0.0',
1062 ssl_secure_renegotiate: false }
1065 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{secure_renegotiate,false}) }
1068 describe 'ssl with ssl_reuse_sessions false' do
1071 ssl_interface: '0.0.0.0',
1072 ssl_reuse_sessions: false }
1075 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{reuse_sessions,false}) }
1078 describe 'ssl with ssl_honor_cipher_order false' do
1081 ssl_interface: '0.0.0.0',
1082 ssl_honor_cipher_order: false }
1085 it { is_expected.to contain_file('rabbitmq.config').with_content(%r{honor_cipher_order,false}) }
1088 describe 'ssl admin options' do
1091 ssl_management_port: 3141,
1092 ssl_cacert: '/path/to/cacert',
1093 ssl_cert: '/path/to/cert',
1094 ssl_key: '/path/to/key',
1095 ssl_management_verify: 'verify_peer',
1096 ssl_management_fail_if_no_peer_cert: true,
1097 admin_enable: true }
1100 it 'sets rabbitmq_management ssl options to specified values' do
1101 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1102 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1103 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}})
1104 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\}})
1105 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1106 is_expected.to contain_file('rabbitmq.config').with_content(%r{verify,verify_peer\},})
1107 is_expected.to contain_file('rabbitmq.config').with_content(%r{fail_if_no_peer_cert,true\}})
1108 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1109 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1110 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1114 describe 'admin without ssl' do
1117 management_port: 3141,
1118 admin_enable: true }
1121 it 'sets rabbitmq_management options to specified values' do
1122 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1123 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1124 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\}})
1128 describe 'ssl admin options' do
1131 ssl_management_port: 3141,
1132 ssl_cacert: '/path/to/cacert',
1133 ssl_cert: '/path/to/cert',
1134 ssl_key: '/path/to/key',
1135 admin_enable: true }
1138 it 'sets rabbitmq_management ssl options to specified values' do
1139 is_expected.to contain_file('rabbitmq.config').with_content(%r{rabbitmq_management, \[})
1140 is_expected.to contain_file('rabbitmq.config').with_content(%r{listener, \[})
1141 is_expected.to contain_file('rabbitmq.config').with_content(%r{port, 3141\},})
1142 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl, true\},})
1143 is_expected.to contain_file('rabbitmq.config').with_content(%r{ssl_opts, \[})
1144 is_expected.to contain_file('rabbitmq.config').with_content(%r{cacertfile, "/path/to/cacert"\},})
1145 is_expected.to contain_file('rabbitmq.config').with_content(%r{certfile, "/path/to/cert"\},})
1146 is_expected.to contain_file('rabbitmq.config').with_content(%r{keyfile, "/path/to/key"\}})
1150 describe 'admin without ssl' do
1153 management_port: 3141,
1154 admin_enable: true }
1157 it 'sets rabbitmq_management options to specified values' do
1158 is_expected.to contain_file('rabbitmq.config'). \
1159 with_content(%r{\{rabbitmq_management, \[}). \
1160 with_content(%r{\{listener, \[}). \
1161 with_content(%r{\{port, 3141\}})
1165 describe 'ipv6 enabled' do
1166 let(:params) { { ipv6: true } }
1168 it 'enables resolver inet6 in inetrc' do
1169 is_expected.to contain_file('rabbitmq-inetrc').with_content(%r{{inet6, true}.})
1172 context 'without other erl args' do
1173 it 'enables inet6 distribution' do
1174 is_expected.to contain_file('rabbitmq-env.config'). \
1175 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="-proto_dist inet6_tcp"$}). \
1176 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="-proto_dist inet6_tcp"$})
1180 context 'with other quoted erl args' do
1183 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => '"some quoted args"',
1184 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } }
1187 it 'enables inet6 distribution and quote properly' do
1188 is_expected.to contain_file('rabbitmq-env.config'). \
1189 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="some quoted args -proto_dist inet6_tcp"$}). \
1190 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -proto_dist inet6_tcp"$})
1194 context 'with other unquoted erl args' do
1197 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => 'foo',
1198 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } }
1201 it 'enables inet6 distribution and quote properly' do
1202 is_expected.to contain_file('rabbitmq-env.config'). \
1203 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="foo -proto_dist inet6_tcp"$}). \
1204 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -proto_dist inet6_tcp"$})
1208 context 'with SSL and without other erl args' do
1211 ssl_erl_dist: true }
1214 it 'enables inet6 distribution' do
1215 is_expected.to contain_file('rabbitmq-env.config'). \
1216 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1217 with_content(%r{^RABBITMQ_CTL_ERL_ARGS=" -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1221 context 'with SSL and other quoted erl args' do
1225 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => '"some quoted args"',
1226 'RABBITMQ_CTL_ERL_ARGS' => '"other quoted args"' } }
1229 it 'enables inet6 distribution and quote properly' do
1230 is_expected.to contain_file('rabbitmq-env.config'). \
1231 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="some quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1232 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="other quoted args -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1236 context 'with SSL and with other unquoted erl args' do
1240 environment_variables: { 'RABBITMQ_SERVER_ERL_ARGS' => 'foo',
1241 'RABBITMQ_CTL_ERL_ARGS' => 'bar' } }
1244 it 'enables inet6 distribution and quote properly' do
1245 is_expected.to contain_file('rabbitmq-env.config'). \
1246 with_content(%r{^RABBITMQ_SERVER_ERL_ARGS="foo -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$}). \
1247 with_content(%r{^RABBITMQ_CTL_ERL_ARGS="bar -pa /usr/lib64/erlang/lib/ssl-7.3.3.1/ebin -proto_dist inet6_tls"$})
1252 describe 'config_variables options' do
1254 { config_variables: {
1255 'hipe_compile' => true,
1256 'vm_memory_high_watermark' => 0.4,
1257 'frame_max' => 131_072,
1258 'collect_statistics' => 'none',
1259 'auth_mechanisms' => "['PLAIN', 'AMQPLAIN']"
1263 it 'sets environment variables' do
1264 is_expected.to contain_file('rabbitmq.config'). \
1265 with_content(%r{\{hipe_compile, true\}}). \
1266 with_content(%r{\{vm_memory_high_watermark, 0.4\}}). \
1267 with_content(%r{\{frame_max, 131072\}}). \
1268 with_content(%r{\{collect_statistics, none\}}). \
1269 with_content(%r{\{auth_mechanisms, \['PLAIN', 'AMQPLAIN'\]\}})
1273 describe 'config_kernel_variables options' do
1275 { config_kernel_variables: {
1276 'inet_dist_listen_min' => 9100,
1277 'inet_dist_listen_max' => 9105
1281 it 'sets config variables' do
1282 is_expected.to contain_file('rabbitmq.config'). \
1283 with_content(%r{\{inet_dist_listen_min, 9100\}}). \
1284 with_content(%r{\{inet_dist_listen_max, 9105\}})
1288 describe 'config_management_variables' do
1290 { config_management_variables: {
1291 'rates_mode' => 'none'
1295 it 'sets config variables' do
1296 is_expected.to contain_file('rabbitmq.config'). \
1297 with_content(%r{\{rates_mode, none\}})
1301 describe 'tcp_keepalive enabled' do
1302 let(:params) { { tcp_keepalive: true } }
1304 it 'sets tcp_listen_options keepalive true' do
1305 is_expected.to contain_file('rabbitmq.config'). \
1306 with_content(%r{\{keepalive, true\}})
1310 describe 'tcp_keepalive disabled (default)' do
1311 it 'does not set tcp_listen_options' do
1312 is_expected.to contain_file('rabbitmq.config'). \
1313 without_content(%r{\{keepalive, true\}})
1317 describe 'tcp_backlog with default value' do
1318 it 'sets tcp_listen_options backlog to 128' do
1319 is_expected.to contain_file('rabbitmq.config'). \
1320 with_content(%r{\{backlog, 128\}})
1324 describe 'tcp_backlog with non-default value' do
1326 { tcp_backlog: 256 }
1329 it 'sets tcp_listen_options backlog to 256' do
1330 is_expected.to contain_file('rabbitmq.config'). \
1331 with_content(%r{\{backlog, 256\}})
1335 describe 'tcp_sndbuf with default value' do
1336 it 'does not set tcp_listen_options sndbuf' do
1337 is_expected.to contain_file('rabbitmq.config'). \
1338 without_content(%r{sndbuf})
1342 describe 'tcp_sndbuf with non-default value' do
1347 it 'sets tcp_listen_options sndbuf to 128' do
1348 is_expected.to contain_file('rabbitmq.config'). \
1349 with_content(%r{\{sndbuf, 128\}})
1353 describe 'tcp_recbuf with default value' do
1354 it 'does not set tcp_listen_options recbuf' do
1355 is_expected.to contain_file('rabbitmq.config'). \
1356 without_content(%r{recbuf})
1360 describe 'tcp_recbuf with non-default value' do
1365 it 'sets tcp_listen_options recbuf to 128' do
1366 is_expected.to contain_file('rabbitmq.config'). \
1367 with_content(%r{\{recbuf, 128\}})
1371 describe 'rabbitmq-heartbeat options' do
1372 let(:params) { { heartbeat: 60 } }
1374 it 'sets heartbeat paramter in config file' do
1375 is_expected.to contain_file('rabbitmq.config'). \
1376 with_content(%r{\{heartbeat, 60\}})
1380 context 'delete_guest_user' do
1381 describe 'should do nothing by default' do
1382 it { is_expected.not_to contain_rabbitmq_user('guest') }
1385 describe 'delete user when delete_guest_user set' do
1386 let(:params) { { delete_guest_user: true } }
1388 it 'removes the user' do
1389 is_expected.to contain_rabbitmq_user('guest').with(
1390 'ensure' => 'absent',
1391 'provider' => 'rabbitmqctl'
1397 describe 'rabbitmq-loopback_users by default' do
1398 it 'sets the loopback_users parameter in the config file' do
1399 is_expected.to contain_file('rabbitmq.config'). \
1400 with_content(%r{\{loopback_users, \[<<"guest">>\]\}})
1404 describe 'rabbitmq-loopback_users allow connections via loopback interfaces' do
1405 let(:params) { { loopback_users: [] } }
1407 it 'sets the loopback_users parameter in the config file' do
1408 is_expected.to contain_file('rabbitmq.config'). \
1409 with_content(%r{\{loopback_users, \[\]\}})
1413 describe 'rabbitmq-loopback_users allow connections via loopback interfaces to a group of users' do
1414 let(:params) { { loopback_users: %w[user1 user2] } }
1416 it 'sets the loopback_users parameter in the config file' do
1417 is_expected.to contain_file('rabbitmq.config'). \
1418 with_content(%r{\{loopback_users, \[<<\"user1\">>, <<\"user2\">>\]\}})
1423 ## rabbitmq::service
1425 describe 'service with default params' do
1427 is_expected.to contain_service('rabbitmq-server').with(
1428 'ensure' => 'running',
1430 'hasstatus' => 'true',
1431 'hasrestart' => 'true',
1437 context 'on systems with systemd', if: facts[:systemd] do
1439 is_expected.to contain_service('rabbitmq-server').
1440 that_requires('Class[systemd::systemctl::daemon_reload]')
1444 describe 'service with ensure stopped' do
1446 { service_ensure: 'stopped' }
1450 is_expected.to contain_service('rabbitmq-server').with(
1451 'ensure' => 'stopped',
1457 describe 'service with service_manage equal to false' do
1459 { service_manage: false }
1462 it { is_expected.not_to contain_service('rabbitmq-server') }