Provider updates

lib/puppet/functions/influxdb/retrieve_token.rb

@@ -2,32 +2,45 @@
 require 'json'
 
 Puppet::Functions.create_function(:'influxdb::retrieve_token') do
-  dispatch :retrieve_token do
+  dispatch :retrieve_token_file do
     param 'String', :uri
     param 'String', :token_name
     param 'String', :admin_token_file
   end
 
-  def retrieve_token(uri, token_name, admin_token_file)
-    return unless File.file?(admin_token_file)
-    begin
-      admin_token = File.read(admin_token_file)
+  dispatch :retrieve_token do
+    param 'String', :uri
+    param 'String', :token_name
+    param 'Sensitive', :admin_token
+  end
+
+  def retrieve_token_file(uri, token_name, admin_token_file)
+    admin_token = File.read(admin_token_file)
+    retrieve_token(uri, token_name, admin_token)
+  rescue Errno::EISDIR, Errno::EACCESS, Errno::ENOENT => e
+    Puppet.err("Unable to retrieve #{token_name}": e.message)
+    nil
+  end
+
+  def retrieve_token(uri, token_name, admin_token)
+    if admin_token.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive)
+      admin_token = admin_token.unwrap
+    end
 
-      client = Puppet.runtime[:http]
-      response = client.get(URI(uri + '/api/v2/authorizations'),
-                             headers: { 'Authorization' => "Token #{admin_token}" })
+    client = Puppet.runtime[:http]
+    response = client.get(URI(uri + '/api/v2/authorizations'),
+                           headers: { 'Authorization' => "Token #{admin_token}" })
 
-      if response.success?
-        body = JSON.parse(response.body)
-        token = body['authorizations'].find { |auth| auth['description'] == token_name }
-        token ? token['token'] : nil
-      else
-        Puppet.err("Unable to retrieve #{token_name}": response.body)
-        nil
-      end
-    rescue StandardError => e
-      Puppet.err("Unable to retrieve #{token_name}": e.message)
+    if response.success?
+      body = JSON.parse(response.body)
+      token = body['authorizations'].find { |auth| auth['description'] == token_name }
+      token ? token['token'] : nil
+    else
+      Puppet.err("Unable to retrieve #{token_name}": response.body)
       nil
     end
+  rescue StandardError => e
+    Puppet.err("Unable to retrieve #{token_name}": e.message)
+    nil
   end
 end

lib/puppet/provider/influxdb_auth/influxdb_auth.rb

@@ -13,7 +13,7 @@ def initialize
     super
   end
 
-  def canonicalize(_context, resources)
+  def canonicalize(context, resources)
     init_attrs(resources)
     resources
   rescue StandardError => e
@@ -22,7 +22,7 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(_context)
+  def get(context, names = nil)
     init_auth if @auth.empty?
     get_org_info if @org_hash.empty?
 
@@ -33,7 +33,12 @@ def get(_context)
     response.each do |r|
       next unless r['authorizations']
 
-      r['authorizations'].each do |auth|
+      r['authorizations'].select { |s| names.nil? || names.include?(s['description']) }.each do |auth|
+        permissions = auth['permissions'].map do |p|
+          p['resource'].delete_if { |k, _| ['id', 'orgID'].include?(k) }
+          p
+        end
+
         val = {
           name: auth['description'],
           ensure: 'present',
@@ -42,7 +47,7 @@ def get(_context)
           port: @port,
           token: @token,
           token_file: @token_file,
-          permissions: auth['permissions'],
+          permissions: permissions,
           status: auth['status'],
           user: auth['user'],
           org: auth['org'],
@@ -62,14 +67,32 @@ def get(_context)
   def create(context, name, should)
     context.debug("Creating '#{name}' with #{should.inspect}")
 
+    permissions = should[:permissions].map do |p|
+      if p['resource'].key?('name') && !p['resource'].key?('id')
+        resname = p['resource']['name']
+        restype = p['resource']['type']
+        response = influx_get("/api/v2/#{restype}", params: { 'name': resname })
+        if response.key?(restype)
+          p['resource']['id'] = response[restype][0]['id']
+        else
+          context.error("failed to find id for #{restype} #{resname}")
+        end
+      end
+      p
+    end
+
     body = {
       orgID: id_from_name(@org_hash, should[:org]),
-      permissions: should[:permissions],
+      permissions: permissions,
       description: name,
       status: should[:status],
-      user: should[:user] ? should[:user] : 'admin'
     }
 
+    if should[:user]
+      get_user_info if @user_map.empty?
+      body['userID'] = id_from_name(@user_map, should[:user])
+    end
+
     influx_post('/api/v2/authorizations', JSON.dump(body))
   rescue StandardError => e
     context.err("Error creating auth state: #{e.message}")
@@ -83,7 +106,12 @@ def update(context, name, should)
 
     # If the status property is unchanged, then a different, immutable property has been changed.
     if self_token['status'] == should[:status]
-      context.warning("Unable to update properties other than 'status'.  Please delete and recreate resource with the desired properties")
+      if should[:force]
+        create(context, name, should)
+        delete(context, name)
+      else
+        context.warning("Unable to update properties other than 'status'.  Please delete and recreate resource with the desired properties")
+      end
     else
       auth_id = self_token['id']
       body = {

lib/puppet/provider/influxdb_bucket/influxdb_bucket.rb

@@ -20,7 +20,7 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(context)
+  def get(context, names = nil)
     init_auth if @auth.empty?
     get_org_info if @org_hash.empty?
     get_bucket_info if @bucket_hash.empty?
@@ -32,7 +32,7 @@ def get(context)
     ret = []
     response.each do |r|
       next unless r['buckets']
-      r['buckets'].select { |bucket| bucket['type'] == 'user' }.each do |bucket|
+      r['buckets'].select { |s| s['type'] == 'user' && (names.nil? || names.include?(s['name'])) }.each do |bucket|
         dbrp = @dbrp_hash.find { |d| d['bucketID'] == bucket['id'] }
 
         links_hash = @bucket_hash.find { |b| b['name'] == bucket['name'] }

lib/puppet/provider/influxdb_dbrp/influxdb_dbrp.rb

@@ -22,13 +22,13 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(_context)
+  def get(_context, names = nil)
     init_auth if @auth.empty?
     get_org_info if @org_hash.empty?
     get_bucket_info if @bucket_hash.empty?
     get_dbrp_info if @dbrp_hash.empty?
 
-    @dbrp_hash.reduce([]) do |memo, value|
+    @dbrp_hash.select { |s| names.nil? || names.include?(s['database']) }.reduce([]) do |memo, value|
       memo + [
         {
           ensure: 'present',

lib/puppet/provider/influxdb_label/influxdb_label.rb

@@ -20,7 +20,7 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(_context)
+  def get(_context, names = nil)
     init_auth if @auth.empty?
     get_org_info if @org_hash.empty?
     get_label_info if @label_hash.empty?
@@ -30,7 +30,7 @@ def get(_context)
 
     response.each do |r|
       next unless r['labels']
-      r['labels'].each do |label|
+      r['labels'].select { |s| names.nil? || names.include?(s['name']) }.each do |label|
         ret << {
           name: label['name'],
           use_ssl: @use_ssl,

lib/puppet/provider/influxdb_org/influxdb_org.rb

@@ -11,7 +11,7 @@ def initialize
     super
   end
 
-  def canonicalize(_context, resources)
+  def canonicalize(context, resources)
     init_attrs(resources)
     resources
   rescue StandardError => e
@@ -20,7 +20,7 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(_context)
+  def get(context, names = nil)
     init_auth if @auth.empty?
     get_org_info if @org_hash.empty?
     get_user_info if @user_map.empty?
@@ -30,7 +30,7 @@ def get(_context)
     response.each do |r|
       next unless r['orgs']
 
-      r['orgs'].each do |value|
+      r['orgs'].select { |s| names.nil? || names.include?(s['name']) }.each do |value|
         org_members = @org_hash.find { |org| org['name'] == value['name'] }.dig('members', 0, 'users')
         ret << {
           name: value['name'],

lib/puppet/provider/influxdb_user/influxdb_user.rb

@@ -20,7 +20,7 @@ def canonicalize(_context, resources)
     nil
   end
 
-  def get(_context)
+  def get(_context, names = nil)
     init_auth if @auth.empty?
     get_user_info if @user_map.empty?
 
@@ -29,7 +29,7 @@ def get(_context)
     response.each do |r|
       next unless r['users']
 
-      r['users'].each do |value|
+      r['users'].select { |s| names.nil? || names.include?(s['name']) }.each do |value|
         ret << {
           name: value['name'],
           use_ssl: @use_ssl,

lib/puppet/type/influxdb_auth.rb

@@ -20,7 +20,7 @@
     ],
   }
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     name: {
       type: 'String',
@@ -75,6 +75,12 @@
       desc: 'Whether to enable SSL for the InfluxDB service',
       default: true,
       behavior: :parameter,
+    },
+    force: {
+      type: 'Boolean',
+      desc: 'Recreate resource if immutable property changes',
+      default: false,
+      behavior: :parameter,
     }
   },
 )

lib/puppet/type/influxdb_bucket.rb

@@ -14,7 +14,7 @@
     require => Influxdb_org['my_org'],
   }
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     ensure: {
       type: 'Enum[present, absent]',

lib/puppet/type/influxdb_dbrp.rb

@@ -17,7 +17,7 @@
 This type provides the ability to manage InfluxDB dbrps
 
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     ensure: {
       type: 'Enum[present, absent]',

lib/puppet/type/influxdb_label.rb

@@ -12,7 +12,7 @@
     org     => 'puppetlabs',
   }
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     ensure: {
       type: 'Enum[present, absent]',

lib/puppet/type/influxdb_org.rb

@@ -11,7 +11,7 @@
     ensure  => present,
   }
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     ensure: {
       type: 'Enum[present, absent]',

lib/puppet/type/influxdb_user.rb

@@ -17,7 +17,7 @@
     members  => ['bob'],
   }
 EOS
-  features: ['canonicalize'],
+  features: ['canonicalize', 'simple_get_filter'],
   attributes: {
     ensure: {
       type: 'Enum[present, absent]',

lib/puppet_x/puppetlabs/influxdb/influxdb.rb

@@ -86,7 +86,7 @@ def influx_get(name, results = [])
         elsif response.code == 404
           results
         else
-          raise Puppet::DevError, "Received HTTP code #{response.code} with message #{response.reason}"
+          raise Puppet::DevError, "Received HTTP code #{response.code} for get #{name} with message #{response.reason}"
         end
       rescue StandardError => e
         Puppet.err("Error in get call: #{e.message}")
@@ -100,14 +100,14 @@ def influx_get(name, results = [])
 
       def influx_post(name, body)
         response = @client.post(URI(@influxdb_uri + name), body, headers: @auth.merge({ 'Content-Type' => 'application/json' }))
-        raise Puppet::DevError, "Received HTTP code '#{response.code}' with message '#{response.reason}'" unless response.success?
+        raise Puppet::DevError, "Received HTTP code '#{response.code}' for post #{name} with message '#{response.reason}' '#{body}" unless response.success?
 
         JSON.parse(response.body ? response.body : '{}')
       end
 
       def influx_put(name, body)
         response = @client.put(URI(@influxdb_uri + name), body, headers: @auth.merge({ 'Content-Type' => 'application/json' }))
-        raise Puppet::DevError, "Received HTTP code #{response.code} with message #{response.reason}" unless response.success?
+        raise Puppet::DevError, "Received HTTP code #{response.code} for put #{name} with message #{response.reason}" unless response.success?
 
         JSON.parse(response.body ? response.body : '{}')
       end
@@ -122,15 +122,15 @@ def influx_patch(name, body)
 
           request.body = body
           response = conn.request(request)
-          raise Puppet::DevError, "Received HTTP code #{response.code} with message #{response.reason}" unless response.is_a?(Net::HTTPSuccess)
+          raise Puppet::DevError, "Received HTTP code #{response.code} for patch #{name} with message #{response.reason}" unless response.is_a?(Net::HTTPSuccess)
 
           JSON.parse(response.body ? response.body : '{}')
         end
       end
 
       def influx_delete(name)
         response = @client.delete(URI(@influxdb_uri + name), headers: @auth)
-        raise Puppet::DevError, "Received HTTP code #{response.code} with message #{response.reason}" unless response.success?
+        raise Puppet::DevError, "Received HTTP code #{response.code} for delete #{name} with message #{response.reason}" unless response.success?
 
         JSON.parse(response.body ? response.body : '{}')
       end

manifests/init.pp

@@ -85,7 +85,7 @@
       @("MSG")
                                                 Unable to manage InfluxDB installation on host: ${host}.
         Management of repos, packages and services etc is only possible on the local host (${facts['networking']['fqdn']}).
-      | MSG
+        | MSG
     )
   }
 

metadata.json

@@ -13,6 +13,10 @@
     {
       "name": "puppetlabs/apt",
       "version_requirement": ">= 8.0.0 <10.0.0"
+    },
+    {
+      "name": "puppetlabs/stdlib",
+      "version_requirement": ">= 4.13.0 < 9.0.0"
     }
   ],
   "operatingsystem_support": [