diff --git a/.github/workflows/unit.yaml b/.github/workflows/unit.yaml index 10484832fd..c3d9e901a8 100644 --- a/.github/workflows/unit.yaml +++ b/.github/workflows/unit.yaml @@ -46,6 +46,6 @@ jobs: bundler-cache: true bundler: '2.1.0' - name: Validate - run: bundle exec rake validate lint strings:generate reference + run: bundle exec rake sensu_validate lint strings:generate reference - name: Run tests run: bundle exec rake parallel_spec diff --git a/README.md b/README.md index a382fa85fb..b3bbd15850 100644 --- a/README.md +++ b/README.md @@ -484,6 +484,20 @@ sensu::agent::annotation { 'ec2_access_key': } ``` +### Advanced agent - Disable validations + +In some cases it might be desired to disable API and entity validations when agents are managing their own entity. + +```puppet +class { 'sensu': + validate_api => false, +} +class { 'sensu::agent': + agent_managed_entity => true, + validate_entity => false, +} +``` + ### Advanced agent - Custom config entries It is possible to define config entries for `agent.yml` in many locations in Puppet: @@ -648,7 +662,7 @@ The following example will add a PostgreSQL server and database to the sensu-bac ```puppet class { 'postgresql::globals': manage_package_repo => true, - version => '9.6', + version => '11', } class { 'postgresql::server': } class { 'sensu::backend': diff --git a/Rakefile b/Rakefile index 4ccc65edce..5481f8614a 100644 --- a/Rakefile +++ b/Rakefile @@ -24,7 +24,7 @@ RSpec::Core::RakeTask.new(:acceptance) do |t| end desc 'Validate manifests, templates, ruby files and shell scripts' -task :validate do +task :sensu_validate do # lib/* gets checked by puppetlabs_spec_helper, though it skips spec entirely puts "\nValidating ruby files ignored by puppetlabs_spec_helper (Vagrantfile', 'spec/**/*.rb)" Dir['Vagrantfile', 'spec/**/*.rb'].each do |ruby_file| diff --git a/examples/postgresql-replication/README.md b/examples/postgresql-replication/README.md index 7b933d2485..6de1f64029 100644 --- a/examples/postgresql-replication/README.md +++ b/examples/postgresql-replication/README.md @@ -9,9 +9,9 @@ Adjustments will have to be made for IP addresses and password. Once the primary and standby have applied their Puppet catalog you must bootstrap the standby: ``` -systemctl stop postgresql-9.6.service -rm -rf /var/lib/pgsql/9.6/data/* -sudo -u postgres pg_basebackup -h 192.168.52.11 -D /var/lib/pgsql/9.6/data -P -U repl -R --xlog-method=stream +systemctl stop postgresql-11.service +rm -rf /var/lib/pgsql/11/data/* +sudo -u postgres pg_basebackup -h 192.168.52.11 -D /var/lib/pgsql/11/data -P -U repl -R --xlog-method=stream ``` Once the bootstrap is done, re-run Puppet. diff --git a/examples/postgresql-replication/postgresql.pp b/examples/postgresql-replication/postgresql.pp index a7bd3c50df..18027c1642 100644 --- a/examples/postgresql-replication/postgresql.pp +++ b/examples/postgresql-replication/postgresql.pp @@ -14,7 +14,7 @@ class { 'postgresql::globals': manage_package_repo => true, - version => '9.6', + version => '11', } class { 'postgresql::server': listen_addresses => '*', diff --git a/examples/postgresql-ssl/postgresql.pp b/examples/postgresql-ssl/postgresql.pp index 07bb5b8688..f441302913 100644 --- a/examples/postgresql-ssl/postgresql.pp +++ b/examples/postgresql-ssl/postgresql.pp @@ -6,7 +6,7 @@ class { 'postgresql::globals': manage_package_repo => true, - version => '9.6', + version => '11', } class { 'postgresql::server': diff --git a/manifests/agent.pp b/manifests/agent.pp index 9714ce5666..5c4886c8e3 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -74,6 +74,9 @@ # Defaults to `C:\ProgramData\sensu\log\sensu-agent.log` # @param agent_entity_config_provider # The provider to use when managing sensu_agent_entity_config resources +# @param validate_entity +# Sets whether to validate the agent's entity before attempting +# to configure the entity # class sensu::agent ( Optional[String] $version = undef, @@ -98,6 +101,7 @@ Boolean $show_diff = true, Optional[Stdlib::Absolutepath] $log_file = undef, Enum['sensuctl','sensu_api'] $agent_entity_config_provider = 'sensu_api', + Boolean $validate_entity = true, ) { include sensu @@ -295,9 +299,11 @@ subscribe => $service_subscribe, } - sensu_agent_entity_validator { $config['name']: - ensure => 'present', - namespace => $config['namespace'], - provider => 'sensu_api', + if $validate_entity { + sensu_agent_entity_validator { $config['name']: + ensure => 'present', + namespace => $config['namespace'], + provider => 'sensu_api', + } } } diff --git a/manifests/api.pp b/manifests/api.pp index 39b615fcd6..08bfc2a83b 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -15,10 +15,12 @@ validate_namespaces => $sensu::validate_namespaces, } - sensu_api_validator { 'sensu': - ensure => 'present', - sensu_api_server => $sensu::api_host, - sensu_api_port => $sensu::api_port, - use_ssl => $sensu::use_ssl, + if $sensu::validate_api { + sensu_api_validator { 'sensu': + ensure => 'present', + sensu_api_server => $sensu::api_host, + sensu_api_port => $sensu::api_port, + use_ssl => $sensu::use_ssl, + } } } diff --git a/manifests/init.pp b/manifests/init.pp index d653f90aae..fd7b0a2d21 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -60,6 +60,8 @@ # Defaults to value used for `agent_password`. # @param validate_namespaces # Determines if sensuctl and sensu_api types will validate their namespace exists +# @param validate_api +# Determines if Sensu API is validated class sensu ( String $version = 'installed', Stdlib::Absolutepath $etc_dir = '/etc/sensu', @@ -80,6 +82,7 @@ String $agent_password = 'P@ssw0rd!', Optional[String] $agent_entity_config_password = undef, Boolean $validate_namespaces = true, + Boolean $validate_api = true, ) { if $ssl_ca_content { diff --git a/spec/acceptance/06_postgresql_spec.rb b/spec/acceptance/06_postgresql_spec.rb index f5be7f6024..f9fa925ff2 100644 --- a/spec/acceptance/06_postgresql_spec.rb +++ b/spec/acceptance/06_postgresql_spec.rb @@ -15,7 +15,7 @@ class { 'sensu::agent': pp = <<-EOS class { 'postgresql::globals': manage_package_repo => true, - version => '9.6', + version => '11', } class { 'postgresql::server':} class { 'sensu::backend': diff --git a/spec/acceptance/nodesets/centos-7-cluster.yml b/spec/acceptance/nodesets/centos-7-cluster.yml index 71287eac70..91f83a1877 100644 --- a/spec/acceptance/nodesets/centos-7-cluster.yml +++ b/spec/acceptance/nodesets/centos-7-cluster.yml @@ -14,6 +14,8 @@ HOSTS: docker_image_commands: - "sed -i -r '/^tsflags/d' /etc/yum.conf" - 'yum install -y wget which iproute' + - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' + - 'yum update -y systemd' docker_container_name: 'sensu-backend1-el7' sensu-backend2: roles: @@ -28,6 +30,8 @@ HOSTS: docker_image_commands: - "sed -i -r '/^tsflags/d' /etc/yum.conf" - 'yum install -y wget which iproute' + - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' + - 'yum update -y systemd' docker_container_name: 'sensu-backend2-el7' sensu-backend3: roles: @@ -42,6 +46,8 @@ HOSTS: docker_image_commands: - "sed -i -r '/^tsflags/d' /etc/yum.conf" - 'yum install -y wget which iproute' + - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' + - 'yum update -y systemd' docker_container_name: 'sensu-backend3-el7' CONFIG: log_level: debug diff --git a/spec/acceptance/nodesets/centos-7.yml b/spec/acceptance/nodesets/centos-7.yml index 5e8e0f4188..9c60726f51 100644 --- a/spec/acceptance/nodesets/centos-7.yml +++ b/spec/acceptance/nodesets/centos-7.yml @@ -12,6 +12,8 @@ HOSTS: docker_image_commands: - "sed -i -r '/^tsflags/d' /etc/yum.conf" - 'yum install -y wget which iproute' + - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' + - 'yum update -y systemd' docker_env: - LANG=en_US.UTF-8 - LANGUAGE=en_US.UTF-8 @@ -32,6 +34,8 @@ HOSTS: docker_image_commands: - "sed -i -r '/^tsflags/d' /etc/yum.conf" - 'yum install -y wget which initscripts iproute' + - 'wget --no-check-certificate https://copr.fedorainfracloud.org/coprs/jsynacek/systemd-backports-for-centos-7/repo/epel-7/jsynacek-systemd-backports-for-centos-7-epel-7.repo -O /etc/yum.repos.d/jsynacek-systemd-centos-7.repo' + - 'yum update -y systemd' docker_env: - LANG=en_US.UTF-8 - LANGUAGE=en_US.UTF-8 diff --git a/spec/acceptance/windows_spec.rb b/spec/acceptance/windows_spec.rb index 38039c3a3a..227809db3a 100644 --- a/spec/acceptance/windows_spec.rb +++ b/spec/acceptance/windows_spec.rb @@ -18,7 +18,8 @@ context 'default' do pp = <<-EOS class { '::sensu': - api_host => 'localhost', + api_host => 'localhost', + validate_api => false, } class { 'sensu::cli': install_source => 'https://s3-us-west-2.amazonaws.com/sensu.io/sensu-go/5.20.1/sensu-go_5.20.1_windows_amd64.zip', @@ -65,14 +66,17 @@ class { 'sensu::cli': context 'default' do pp = <<-EOS - class { '::sensu': } + class { '::sensu': + validate_api => false, + } class { 'sensu::agent': backends => ['sensu-backend:8081'], entity_name => 'sensu-agent', service_env_vars => { 'SENSU_API_PORT' => '4041' }, config_hash => { 'log-level' => 'info', - } + }, + validate_entity => false, } EOS @@ -117,15 +121,18 @@ class { 'sensu::agent': context 'using package_source' do pp = <<-EOS - class { '::sensu': } + class { '::sensu': + validate_api => false, + } class { 'sensu::agent': - package_name => 'Sensu Agent', - package_source => 'https://s3-us-west-2.amazonaws.com/sensu.io/sensu-go/5.20.1/sensu-go-agent_5.20.1.12427_en-US.x64.msi', - backends => ['sensu-backend:8081'], - entity_name => 'sensu-agent', - config_hash => { + package_name => 'Sensu Agent', + package_source => 'https://s3-us-west-2.amazonaws.com/sensu.io/sensu-go/5.20.1/sensu-go-agent_5.20.1.12427_en-US.x64.msi', + backends => ['sensu-backend:8081'], + entity_name => 'sensu-agent', + config_hash => { 'log-level' => 'info', - } + }, + validate_entity => false, } EOS diff --git a/spec/classes/agent_spec.rb b/spec/classes/agent_spec.rb index 50cb3888ba..403f9ef2d4 100644 --- a/spec/classes/agent_spec.rb +++ b/spec/classes/agent_spec.rb @@ -117,8 +117,7 @@ it { should_not contain_file('sensu-agent_env_vars') } end - context 'systemd systems deploy dropin', if: facts[:kernel] == 'Linux' do - let(:facts) { facts.merge({:service_provider => 'systemd'}) } + if facts[:service_provider] == 'systemd' it { should contain_systemd__dropin_file('sensu-agent-start.conf').with({ 'unit' => 'sensu-agent.service', @@ -127,7 +126,11 @@ }) } end - it { should_not contain_systemd__dropin_file('sensu-agent-start.conf') } + + context 'when not systemd', if: facts[:kernel] == 'Linux' do + let(:facts) { facts.merge({:service_provider => 'sysvinit'}) } + it { should_not contain_systemd__dropin_file('sensu-agent-start.conf') } + end it { should contain_service('sensu-agent').with({ @@ -328,6 +331,16 @@ it { should contain_package('sensu-go-agent').without_require } end + context 'when validate_entity => false' do + let(:params) do + { + validate_entity: false + } + end + + it { is_expected.not_to contain_sensu_agent_entity_validator('localhost') } + end + context 'with service_env_vars defined' do let(:params) {{ :service_env_vars => { 'SENSU_API_PORT' => '4041' } }} let(:service_env_vars_content) do diff --git a/spec/classes/api_spec.rb b/spec/classes/api_spec.rb index 28ae9bce92..b0c123cf78 100644 --- a/spec/classes/api_spec.rb +++ b/spec/classes/api_spec.rb @@ -38,6 +38,18 @@ } end + + context 'when validate_api => false' do + let(:pre_condition) do + <<-PP + class { 'sensu': + validate_api => false, + } + PP + end + + it { is_expected.not_to contain_sensu_api_validator('sensu') } + end end end end diff --git a/spec/classes/backend_datastore_postgresql_spec.rb b/spec/classes/backend_datastore_postgresql_spec.rb index f195e91910..7ce95942b5 100644 --- a/spec/classes/backend_datastore_postgresql_spec.rb +++ b/spec/classes/backend_datastore_postgresql_spec.rb @@ -9,7 +9,7 @@ let(:facts) { facts } let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': } EOS @@ -56,7 +56,7 @@ class { 'sensu::backend': } context 'sslmode defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_sslmode => 'disable' } EOS @@ -74,7 +74,7 @@ class { 'sensu::backend': postgresql_sslmode => 'disable' } context 'ssl ca source defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_ca_source => 'foo' } EOS @@ -97,7 +97,7 @@ class { 'sensu::backend': postgresql_ssl_ca_source => 'foo' } context 'ssl ca content defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_ca_content => 'foo' } EOS @@ -120,7 +120,7 @@ class { 'sensu::backend': postgresql_ssl_ca_content => 'foo' } context 'ssl crl source defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_crl_source => 'foo' } EOS @@ -143,7 +143,7 @@ class { 'sensu::backend': postgresql_ssl_crl_source => 'foo' } context 'ssl crl content defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_crl_content => 'foo' } EOS @@ -166,7 +166,7 @@ class { 'sensu::backend': postgresql_ssl_crl_content => 'foo' } context 'ssl cert source defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_cert_source => 'foo' } EOS @@ -189,7 +189,7 @@ class { 'sensu::backend': postgresql_ssl_cert_source => 'foo' } context 'ssl cert content defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_cert_content => 'foo' } EOS @@ -212,7 +212,7 @@ class { 'sensu::backend': postgresql_ssl_cert_content => 'foo' } context 'ssl key source defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_key_source => 'foo' } EOS @@ -235,7 +235,7 @@ class { 'sensu::backend': postgresql_ssl_key_source => 'foo' } context 'ssl key content defined' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } class { 'sensu::backend': postgresql_ssl_key_content => 'foo' } EOS diff --git a/spec/classes/backend_spec.rb b/spec/classes/backend_spec.rb index 892201ec2e..f7a574f62e 100644 --- a/spec/classes/backend_spec.rb +++ b/spec/classes/backend_spec.rb @@ -146,8 +146,7 @@ it { should_not contain_file('sensu-backend_env_vars') } end - context 'systemd systems deploy dropin', if: facts[:kernel] == 'Linux' do - let(:facts) { facts.merge({:service_provider => 'systemd'}) } + if facts[:service_provider] == 'systemd' it { should contain_systemd__dropin_file('sensu-backend-start.conf').with({ 'unit' => 'sensu-backend.service', @@ -156,7 +155,12 @@ }) } end - it { should_not contain_systemd__dropin_file('sensu-backend-start.conf') } + + context 'when not systemd', if: facts[:kernel] == 'Linux' do + let(:facts) { facts.merge({:service_provider => 'sysvinit'}) } + + it { should_not contain_systemd__dropin_file('sensu-backend-start.conf') } + end it { should contain_service('sensu-backend').with({ @@ -365,7 +369,7 @@ context 'datastore => postgresql' do let(:pre_condition) do <<-EOS - class { '::postgresql::globals': version => '9.6' } + class { '::postgresql::globals': version => '11' } class { '::postgresql::server': } EOS end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 7dc75238ee..d06716d102 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -50,6 +50,7 @@ }, :operatingsystem => 'RedHat', :operatingsystemmajrelease => '7', + :service_provider => 'systemd', :fqdn => 'testfqdn.example.com', :puppet_hostcert => '/dne/cert.pem', :puppet_hostprivkey => '/dne/key.pem', diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 2cdab5bfac..ee9ecc46cb 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -98,8 +98,8 @@ sensu::api_host: sensu-backend postgresql::globals::encoding: UTF8 postgresql::globals::locale: C -postgresql::server::service_status: 'systemctl status postgresql-9.6 1>/dev/null 2>&1' -postgresql::server::service_reload: 'systemctl reload postgresql-9.6 1>/dev/null 2>&1' +postgresql::server::service_status: 'systemctl status postgresql-11 1>/dev/null 2>&1' +postgresql::server::service_reload: 'systemctl reload postgresql-11 1>/dev/null 2>&1' EOS create_remote_file(setup_nodes, '/etc/puppetlabs/puppet/hiera.yaml', hiera_yaml) on setup_nodes, 'mkdir -p -m 0755 /etc/puppetlabs/puppet/data'