From 700d2c5bb54b7ea91d518de96e2c7a22318d0afa Mon Sep 17 00:00:00 2001 From: Alexander Fisher Date: Mon, 13 Apr 2020 11:55:15 +0100 Subject: [PATCH] Finish conversion of `postgresql_password` function In https://github.com/puppetlabs/puppetlabs-postgresql/pull/1129 the 3 functions from this module were ported to the modern function API and namespaced. None of the boilerplate was fixed up, tests weren't updated, documentation wasn't updated etc. This commit finishes the work for the `postgresql_password` function. * Remove old API `puppet/parser/functions` version. * Create a replacement non-namespaced, (but deprecated), new API shim that calls the namespaced version. * Replace argument validation in the function code with data-type based validation for the individual function parameters. * Update the README and REFERENCE.md files. * Test both shim and namespaced version of the function. --- README.md | 4 +- REFERENCE.md | 97 +++++++++++++++---- .../postgresql/postgresql_password.rb | 47 ++------- lib/puppet/functions/postgresql_password.rb | 10 ++ .../parser/functions/postgresql_password.rb | 22 ----- spec/functions/postgresql_password_spec.rb | 5 + .../postgresql_postgresql_password_spec.rb | 37 +------ spec/spec_helper_local.rb | 14 +++ .../functions/postgresql_password_spec.rb | 16 --- 9 files changed, 121 insertions(+), 131 deletions(-) create mode 100644 lib/puppet/functions/postgresql_password.rb delete mode 100644 lib/puppet/parser/functions/postgresql_password.rb create mode 100644 spec/functions/postgresql_password_spec.rb delete mode 100644 spec/unit/functions/postgresql_password_spec.rb diff --git a/README.md b/README.md index c004a59251..d8470d61a0 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ class { 'postgresql::server': postgresql::server::db { 'mydatabasename': user => 'mydatabaseuser', - password => postgresql_password('mydatabaseuser', 'mypassword'), + password => postgresql::postgresql_password('mydatabaseuser', 'mypassword'), } ``` @@ -94,7 +94,7 @@ class { 'postgresql::server': } postgresql::server::role { 'marmot': - password_hash => postgresql_password('marmot', 'mypasswd'), + password_hash => postgresql::postgresql_password('marmot', 'mypasswd'), } postgresql::server::database_grant { 'test1': diff --git a/REFERENCE.md b/REFERENCE.md index 41f820d532..f4698b385e 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -67,7 +67,7 @@ _Private Classes_ * [`postgresql::postgresql_password`](#postgresqlpostgresql_password): This function returns the postgresql password hash from the clear text username / password * [`postgresql_acls_to_resources_hash`](#postgresql_acls_to_resources_hash): This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outsid * [`postgresql_escape`](#postgresql_escape): This function safely escapes a string using a consistent random tag -* [`postgresql_password`](#postgresql_password): This function returns the postgresql password hash from the clear text username / password +* [`postgresql_password`](#postgresql_password): DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. **Tasks** @@ -1097,6 +1097,14 @@ Sets PostgreSQL version Default value: `undef` +##### `extra_systemd_config` + +Data type: `Any` + +Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string + +Default value: $postgresql::params::extra_systemd_config + ##### `manage_selinux` Data type: `Boolean` @@ -1667,6 +1675,22 @@ Specifies whether to grant or revoke the privilege. Default is to grant the priv Default value: 'present' +##### `group` + +Data type: `String` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `String` + +Sets the path to psql command + +Default value: $postgresql::server::psql_path + ##### `object_arguments` Data type: `Array[String[1],0]` @@ -2181,6 +2205,38 @@ Specify whether to create or drop the role. Specifying 'present' creates the rol Default value: 'present' +##### `psql_user` + +Data type: `Any` + +Sets the OS user to run psql + +Default value: $postgresql::server::user + +##### `psql_group` + +Data type: `Any` + +Sets the OS group to run psql + +Default value: $postgresql::server::group + +##### `psql_path` + +Data type: `Any` + +Sets path to psql command + +Default value: $postgresql::server::psql_path + +##### `module_workdir` + +Data type: `Any` + +Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option. + +Default value: $postgresql::server::module_workdir + ### postgresql::server::schema Create a new schema. @@ -2815,26 +2871,25 @@ to get the full benefit of the modern function API. Type: Ruby 4.x API -postgresql_password.rb ----- original file header ---- +This function returns the postgresql password hash from the clear text username / password - @return Returns the postgresql password hash from the clear text username / password. +#### `postgresql::postgresql_password(Variant[String[1],Integer] $username, Variant[String[1],Integer] $password)` -#### `postgresql::postgresql_password(Any *$args)` +The postgresql::postgresql_password function. -postgresql_password.rb ----- original file header ---- +Returns: `String` The postgresql password hash from the clear text username / password. - @return Returns the postgresql password hash from the clear text username / password. +##### `username` -Returns: `Data type` Describe what the function returns here +Data type: `Variant[String[1],Integer]` -##### `*args` +The clear text `username` -Data type: `Any` +##### `password` -The original array of arguments. Port this to individually managed params -to get the full benefit of the modern function API. +Data type: `Variant[String[1],Integer]` + +The clear text `password` ### postgresql_acls_to_resources_hash @@ -2884,15 +2939,21 @@ Returns: `Any` Safely escapes a string using $$ using a random tag which should ### postgresql_password -Type: Ruby 3.x API +Type: Ruby 4.x API -This function returns the postgresql password hash from the clear text username / password +DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. -#### `postgresql_password()` +#### `postgresql_password(Any *$args)` + +The postgresql_password function. + +Returns: `Any` + +##### `*args` + +Data type: `Any` -This function returns the postgresql password hash from the clear text username / password -Returns: `Any` Returns the postgresql password hash from the clear text username / password. ## Tasks diff --git a/lib/puppet/functions/postgresql/postgresql_password.rb b/lib/puppet/functions/postgresql/postgresql_password.rb index ee6c7ace7d..43b8bf8969 100644 --- a/lib/puppet/functions/postgresql/postgresql_password.rb +++ b/lib/puppet/functions/postgresql/postgresql_password.rb @@ -1,45 +1,18 @@ -# This is an autogenerated function, ported from the original legacy version. -# It /should work/ as is, but will not have all the benefits of the modern -# function API. You should see the function docs to learn how to add function -# signatures for type safety and to document this function using puppet-strings. -# -# https://puppet.com/docs/puppet/latest/custom_functions_ruby.html -# -# ---- original file header ---- -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/md5' - -# postgresql_password.rb -# ---- original file header ---- -# -# @summary -# This function returns the postgresql password hash from the clear text username / password -# @return Returns the postgresql password hash from the clear text username / password. -# -# +# @summary This function returns the postgresql password hash from the clear text username / password Puppet::Functions.create_function(:'postgresql::postgresql_password') do - # @param args - # The original array of arguments. Port this to individually managed params - # to get the full benefit of the modern function API. - # - # @return [Data type] - # Describe what the function returns here + # @param username + # The clear text `username` + # @param password + # The clear text `password` # + # @return [String] + # The postgresql password hash from the clear text username / password. dispatch :default_impl do - # Call the method named 'default_impl' when this is matched - # Port this to match individual params for better type safety - repeated_param 'Any', :args + param 'Variant[String[1],Integer]', :username + param 'Variant[String[1],Integer]', :password end - def default_impl(*args) - if args.size != 2 - raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ - "given (#{args.size} for 2)") - end - - username = args[0] - password = args[1] - + def default_impl(username, password) 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) end end diff --git a/lib/puppet/functions/postgresql_password.rb b/lib/puppet/functions/postgresql_password.rb new file mode 100644 index 0000000000..e098ebe8d5 --- /dev/null +++ b/lib/puppet/functions/postgresql_password.rb @@ -0,0 +1,10 @@ +# @summary DEPRECATED. Use the namespaced function [`postgresql::postgresql_password`](#postgresqlpostgresql_password) instead. +Puppet::Functions.create_function(:postgresql_password) do + dispatch :deprecation_gen do + repeated_param 'Any', :args + end + def deprecation_gen(*args) + call_function('deprecation', 'postgresql_password', 'This method is deprecated, please use postgresql::postgresql_password instead.') + call_function('postgresql::postgresql_password', *args) + end +end diff --git a/lib/puppet/parser/functions/postgresql_password.rb b/lib/puppet/parser/functions/postgresql_password.rb deleted file mode 100644 index d32791a5ec..0000000000 --- a/lib/puppet/parser/functions/postgresql_password.rb +++ /dev/null @@ -1,22 +0,0 @@ -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/md5' - -# postgresql_password.rb -module Puppet::Parser::Functions - newfunction(:postgresql_password, type: :rvalue, doc: <<-EOS - This function returns the postgresql password hash from the clear text username / password - @return Returns the postgresql password hash from the clear text username / password. - EOS - ) do |args| - - if args.size != 2 - raise(Puppet::ParseError, 'postgresql_password(): Wrong number of arguments ' \ - "given (#{args.size} for 2)") - end - - username = args[0] - password = args[1] - - 'md5' + Digest::MD5.hexdigest(password.to_s + username.to_s) - end -end diff --git a/spec/functions/postgresql_password_spec.rb b/spec/functions/postgresql_password_spec.rb new file mode 100644 index 0000000000..7133c004d3 --- /dev/null +++ b/spec/functions/postgresql_password_spec.rb @@ -0,0 +1,5 @@ +require 'spec_helper' + +describe 'postgresql_password' do + it_behaves_like 'postgresql_password function' +end diff --git a/spec/functions/postgresql_postgresql_password_spec.rb b/spec/functions/postgresql_postgresql_password_spec.rb index 9678193dfb..ac24fe43ed 100644 --- a/spec/functions/postgresql_postgresql_password_spec.rb +++ b/spec/functions/postgresql_postgresql_password_spec.rb @@ -1,40 +1,5 @@ require 'spec_helper' describe 'postgresql::postgresql_password' do - # without knowing details about the implementation, this is the only test - # case that we can autogenerate. You should add more examples below! - it { is_expected.not_to eq(nil) } - - ################################# - # Below are some example test cases. You may uncomment and modify them to match - # your needs. Notice that they all expect the base error class of `StandardError`. - # This is because the autogenerated function uses an untyped array for parameters - # and relies on your implementation to do the validation. As you convert your - # function to proper dispatches and typed signatures, you should change the - # expected error of the argument validation examples to `ArgumentError`. - # - # Other error types you might encounter include - # - # * StandardError - # * ArgumentError - # * Puppet::ParseError - # - # Read more about writing function unit tests at https://rspec-puppet.com/documentation/functions/ - # - # it 'raises an error if called with no argument' do - # is_expected.to run.with_params.and_raise_error(StandardError) - # end - # - # it 'raises an error if there is more than 1 arguments' do - # is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(StandardError) - # end - # - # it 'raises an error if argument is not the proper type' do - # is_expected.to run.with_params('foo').and_raise_error(StandardError) - # end - # - # it 'returns the proper output' do - # is_expected.to run.with_params(123).and_return('the expected output') - # end - ################################# + it_behaves_like 'postgresql_password function' end diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index bb02c5a232..ba834774b1 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -41,3 +41,17 @@ def param(type, title, param) param_value(catalogue, type, title, param) end + +shared_examples 'postgresql_password function' do + it { is_expected.not_to eq(nil) } + + it { + is_expected.to run.with_params('foo', 'bar').and_return('md596948aad3fcae80c08a35c9b5958cd89') + } + it { + is_expected.to run.with_params('foo', 1234).and_return('md539a0e1b308278a8de5e007cd1f795920') + } + it 'raises an error if there is only 1 argument' do + is_expected.to run.with_params('foo').and_raise_error(StandardError) + end +end diff --git a/spec/unit/functions/postgresql_password_spec.rb b/spec/unit/functions/postgresql_password_spec.rb deleted file mode 100644 index 446f93fb78..0000000000 --- a/spec/unit/functions/postgresql_password_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_password', type: :puppet_function do - it { - is_expected.to run.with_params('foo', 'bar') - .and_return('md596948aad3fcae80c08a35c9b5958cd89') - } - it { - is_expected.to run.with_params('foo', 1234) - .and_return('md539a0e1b308278a8de5e007cd1f795920') - } - it { - is_expected.to run.with_params('foo') - .and_raise_error(%r{Wrong number of arguments}) - } -end