Fix self requiring on role resource

hasegeli · hasegeli · commit 5c1c51e71ca4 · 2018-03-07T17:10:49.000+01:00
This was causing chaining statements with resource collectors not to work
for some reason.
diff --git a/manifests/server/role.pp b/manifests/server/role.pp
@@ -47,10 +47,6 @@
     psql_path  => $psql_path,
     connect_settings => $connect_settings,
     cwd        => $module_workdir,
-    require    => [
-      Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
-      Class['postgresql::server'],
-    ],
   }
 
   if $ensure == 'present' {
@@ -76,39 +72,47 @@
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     if(versioncmp($version, '9.1') >= 0) {
       if $replication_sql == '' {
         postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION":
-          unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",
+          unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",
+          require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
         }
       } else {
         postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}":
-          unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",
+          unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",
+          require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
         }
       }
     }
 
     postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}":
-      unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}",
+      unless  => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}",
+      require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
     }
 
     if $password_hash and $update_password {
@@ -122,6 +126,7 @@
         command     => "ALTER ROLE \"${username}\" ${password_sql}",
         unless      => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'",
         environment => $environment,
+        require     => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],
       }
     }
   } else {

Original file line number	Diff line number	Diff line change
`@@ -47,10 +47,6 @@`
`47`	`47`	`psql_path => $psql_path,`
`48`	`48`	`connect_settings => $connect_settings,`
`49`	`49`	`cwd => $module_workdir,`
`50`		`- require => [`
`51`		`- Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`52`		`- Class['postgresql::server'],`
`53`		`- ],`
`54`	`50`	`}`
`55`	`51`
`56`	`52`	`if $ensure == 'present' {`
`@@ -76,39 +72,47 @@`
`76`	`72`	`}`
`77`	`73`
`78`	`74`	`postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}":`
`79`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}",`
	`75`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolsuper = ${superuser}",`
	`76`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`80`	`77`	`}`
`81`	`78`
`82`	`79`	`postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}":`
`83`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}",`
	`80`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreatedb = ${createdb}",`
	`81`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`84`	`82`	`}`
`85`	`83`
`86`	`84`	`postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}":`
`87`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}",`
	`85`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcreaterole = ${createrole}",`
	`86`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`88`	`87`	`}`
`89`	`88`
`90`	`89`	`postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}":`
`91`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}",`
	`90`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolcanlogin = ${login}",`
	`91`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`92`	`92`	`}`
`93`	`93`
`94`	`94`	`postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}":`
`95`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}",`
	`95`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolinherit = ${inherit}",`
	`96`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`96`	`97`	`}`
`97`	`98`
`98`	`99`	`if(versioncmp($version, '9.1') >= 0) {`
`99`	`100`	`if $replication_sql == '' {`
`100`	`101`	`postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION":`
`101`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",`
	`102`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",`
	`103`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`102`	`104`	`}`
`103`	`105`	`} else {`
`104`	`106`	`postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}":`
`105`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",`
	`107`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolreplication = ${replication}",`
	`108`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`106`	`109`	`}`
`107`	`110`	`}`
`108`	`111`	`}`
`109`	`112`
`110`	`113`	`postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}":`
`111`		`- unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}",`
	`114`	`+ unless => "SELECT 1 FROM pg_roles WHERE rolname = '${username}' AND rolconnlimit = ${connection_limit}",`
	`115`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`112`	`116`	`}`
`113`	`117`
`114`	`118`	`if $password_hash and $update_password {`
`@@ -122,6 +126,7 @@`
`122`	`126`	`command => "ALTER ROLE \"${username}\" ${password_sql}",`
`123`	`127`	`unless => "SELECT 1 FROM pg_shadow WHERE usename = '${username}' AND passwd = '${pwd_hash_sql}'",`
`124`	`128`	`environment => $environment,`
	`129`	`+ require => Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"],`
`125`	`130`	`}`
`126`	`131`	`}`
`127`	`132`	`} else {`