(MODULES-11567): Enhance validation methods to resolve deferred values for validation in sqlserver_instance type

.github/workflows/ci.yml

@@ -69,10 +69,10 @@ jobs:
       with:
         ref: ${{ github.event.pull_request.head.sha }}
 
-    - name: Activate Ruby 2.7
+    - name: Activate Ruby 3.2
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: "2.7"
+        ruby-version: "3.2"
         bundler-cache: true
 
     - name: Print bundle environment
@@ -93,7 +93,7 @@ jobs:
       run: |
         bundle exec rake 'litmus:install_module'
 
-    - name: Authenitcate with GCP
+    - name: Authenticate with GCP
       run: |
         echo '${{ secrets.GCP_CONNECTION }}' >> creds.json
         bundle exec bolt file upload creds.json C:\\creds.json --targets ssh_nodes --inventoryfile spec/fixtures/litmus_inventory.yaml
@@ -114,7 +114,7 @@ jobs:
 
     - name: Run acceptance tests
       run: |
-        bundle exec rake 'litmus:acceptance:parallel'
+        bundle exec rake 'litmus:acceptance:parallel' --trace 
 
     - name: Remove test environment
       if: ${{ always() }}

.github/workflows/nightly.yml

@@ -67,10 +67,10 @@ jobs:
       with:
         ref: ${{ github.event.pull_request.head.sha }}
 
-    - name: Activate Ruby 2.7
+    - name: Activate Ruby 3.2
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: "2.7"
+        ruby-version: "3.2"
         bundler-cache: true
 
     - name: Print bundle environment

lib/puppet/type/sqlserver_instance.rb

@@ -131,7 +131,8 @@ def validate
   end
 
   def set?(key)
-    !self[key].nil? && !self[key].empty?
+    self_key = resolve_deferred_value(self[key])
+    !self_key.nil? && !self_key.empty?
   end
 
   def validate_user_password_required(account, pass)
@@ -144,11 +145,11 @@ def validate_user_password_required(account, pass)
   end
 
   def domain_or_local_user?(user)
-    PuppetX::Sqlserver::ServerHelper.is_domain_or_local_user?(user, Facter.value(:hostname))
+    PuppetX::Sqlserver::ServerHelper.is_domain_or_local_user?(resolve_deferred_value(user), Facter.value(:hostname))
   end
 
   def strong_password?(key)
-    password = self[key]
+    password = resolve_deferred_value(self[key])
     return unless password
 
     message_start = "Password for #{key} is not strong"
@@ -162,4 +163,12 @@ def strong_password?(key)
 
     true
   end
+
+  # When preprocess_deferred is false, deferred values remain unresolved at the time of validation, causing it to fail.
+  # To address this, following logic is added to explicitly resolve deferred values during validation
+  def resolve_deferred_value(value)
+    return value unless value.is_a?(Puppet::Pops::Evaluator::DeferredValue)
+
+    value.resolve
+  end
 end

spec/acceptance/sqlserver_instance_spec.rb

@@ -134,4 +134,35 @@ def sql_query_is_user_sysadmin(username)
       end
     end
   end
+
+  # Ensure that the instance can be created with deferred values
+  # for service account and password, which are resolved at the time of
+  # the instance creation.
+  # This is useful for scenarios where the values are not known at the time
+  # of the Puppet run, such as when using Hiera to fetch values from a
+  # secure vault or when the values are dynamically generated.
+  def ensure_sqlserver_instance_with_deferred_values
+    inst_name = new_random_instance_name
+
+    pp = <<-MANIFEST
+    sqlserver_instance{'#{inst_name}':
+      agt_svc_account       => Deferred('pick', ['nexus\\travis']),
+      agt_svc_password      => Deferred('pick', ['Hunter-2']),
+    }
+    MANIFEST
+
+    idempotent_apply(pp)
+  end
+
+  context 'Deferred values' do
+    it 'validate deferred values' do
+      expect { ensure_sqlserver_instance_with_deferred_values }.not_to raise_error
+    end
+
+    it 'apply deferred values' do
+      ensure_sqlserver_instance_with_deferred_values
+
+      run_sql_query(run_sql_query_opts('MSSQLSERVER', sql_query_is_user_sysadmin('nexus\\travis'), 1))
+    end
+  end
 end

spec/spec_helper_acceptance_local.rb

@@ -65,6 +65,7 @@ def node_vars?
 
 def sql_version?
   vars = node_vars?
+  puts "-----------------------Vars: #{vars}------------------------"
   return vars['sqlversion'].match(%r{sqlserver_(.*)})[1] if !vars.nil? && (vars['sqlversion'])
 
   # Return's a default version if none was given
@@ -75,6 +76,7 @@ def sql_version?
 # OS iso mounts to I drive
 # SQL iso mounts to H drive
 def mount_iso(opts = {})
+  puts "--------------------opts: #{opts}--------------------"
   folder = opts[:folder]
   file = opts[:file]
   drive_letter = opts[:drive_letter]
@@ -99,6 +101,7 @@ def mount_iso(opts = {})
 end
 
 def base_install(sql_version)
+  puts "--------------SQL version: #{sql_version.to_i}-----------------"
   case sql_version.to_i
   when 2014
     iso_opts = {

spec/unit/puppet/type/sqlserver_instance_spec.rb

@@ -84,4 +84,28 @@
       end
     end
   end
+
+  describe 'agt_svc_account' do
+    context 'when value is a deferred value' do
+      let(:args) do
+        basic_args.merge({ agt_svc_account: Puppet::Pops::Evaluator::DeferredValue.new(proc { 'nexus\\travis' }) })
+      end
+
+      it 'validate' do
+        subject = Puppet::Type.type(:sqlserver_instance).new(args)
+        expect(subject.resolve_deferred_value(subject[:agt_svc_account])).to eq('nexus\\travis')
+      end
+    end
+
+    context 'when value is not a deferred value' do
+      let(:args) do
+        basic_args.merge({ agt_svc_account: 'nexus\\travis' })
+      end
+
+      it 'validate' do
+        subject = Puppet::Type.type(:sqlserver_instance).new(args)
+        expect(subject.resolve_deferred_value(subject[:agt_svc_account])).to eq('nexus\\travis')
+      end
+    end
+  end
 end