Skip to content

Commit

Permalink
Replace config template by conversion to yaml
Browse files Browse the repository at this point in the history
  • Loading branch information
lbetz authored and Lennart Betz committed Sep 23, 2024
1 parent 54fa582 commit 66712a0
Show file tree
Hide file tree
Showing 5 changed files with 68 additions and 144 deletions.
47 changes: 12 additions & 35 deletions manifests/config.pp
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,17 @@
class icingadb::config {
assert_private()

$stdlib_version = $icingadb::globals::stdlib_version
$conf_dir = $icingadb::globals::conf_dir
$user = $icingadb::globals::user
$group = $icingadb::globals::group
$redis_tls_files = $icingadb::redis_tls_files
$db_tls_files = $icingadb::db_tls_files
$config_content = if versioncmp($stdlib_version, '9.0.0') < 0 {
to_yaml($icingadb::config)
} else {
stdlib::to_yaml($icingadb::config)
}

icinga::cert { 'icingadb tls files for the database client connect':
owner => $user,
Expand All @@ -25,41 +31,12 @@
}

file { "${conf_dir}/config.yml":
ensure => file,
owner => $user,
group => $group,
mode => '0640',
content => epp(
'icingadb/config.yml.epp', {
redis_host => $icingadb::redis_host,
redis_port => $icingadb::redis_port,
redis_password => $icingadb::redis_password,
db_type => $icingadb::db_type,
db_host => $icingadb::db_host,
db_port => $icingadb::db_port,
db_name => $icingadb::db_name,
db_username => $icingadb::db_username,
db_password => $icingadb::db_password,
db_tls => $icingadb::db_use_tls,
db_tls_cert => $db_tls_files['cert_file'],
db_tls_key => $db_tls_files['key_file'],
db_tls_cacert => $db_tls_files['cacert_file'],
db_tls_insecure => $icingadb::db_tls_insecure,
db_options => $icingadb::db_options,
redis_tls => $icingadb::redis_use_tls,
redis_tls_cert => $redis_tls_files['cert_file'],
redis_tls_key => $redis_tls_files['key_file'],
redis_tls_cacert => $redis_tls_files['cacert_file'],
redis_tls_insecure => $icingadb::redis_tls_insecure,
logging_level => $icingadb::logging_level,
logging_output => $icingadb::logging_output,
logging_interval => $icingadb::logging_interval,
logging_options => $icingadb::logging_options,
retention_history_data => $icingadb::retention_history_data,
retention_sla_data => $icingadb::retention_sla_data,
retention_options => $icingadb::retention_options,
}
),
ensure => file,
show_diff => false,
owner => $user,
group => $group,
mode => '0640',
content => $config_content,
}

-> File <| ensure != 'directory' and tag == 'icingadb::config::file' |>
Expand Down
1 change: 1 addition & 0 deletions manifests/globals.pp
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,5 @@
Stdlib::Absolutepath $mysql_db_schema,
Stdlib::Absolutepath $pgsql_db_schema,
) {
$stdlib_version = load_module_metadata('stdlib')['version']
}
49 changes: 49 additions & 0 deletions manifests/init.pp
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,55 @@
$redis_tls_cacert,
)

#
# config file content
#
$retention = delete_undef_values({
history-days => $icingadb::retention_history_data,
sla-days => $icingadb::retention_sla_data,
options => if $icingadb::retention_options.empty { undef } else { $icingadb::retention_options },
})

$config = {
database => delete_undef_values({
type => $db_type,
host => $db_host,
port => $db_port,
database => $db_name,
user => $db_username,
password => unwrap($db_password),
tls => $db_use_tls,
cert => $db_tls_files['cert_file'],
key => $db_tls_files['key_file'],
ca => $db_tls_files['cacert_file'],
insecure => $db_tls_insecure,
options => if $db_options.empty { undef } else { $db_options },
}),
redis => delete_undef_values({
host => $redis_host,
port => $redis_port,
password => unwrap($redis_password),
tls => $redis_use_tls,
cert => $redis_tls_files['cert_file'],
key => $redis_tls_files['key_file'],
ca => $redis_tls_files['cacert_file'],
insecure => $redis_tls_insecure,
}),
logging => delete_undef_values({
level => $logging_level,
output => $logging_output,
interval => $logging_interval,
options => if $logging_options.empty { undef } else { $logging_options },
}),
} + unless $retention.empty {
{ retention => $retention }
} else {
{}
}

#
# declarations
#
class { 'icingadb::install': }
-> class { 'icingadb::config':
notify => Class['icingadb::service'],
Expand Down
9 changes: 4 additions & 5 deletions spec/classes/icingadb_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,10 @@
'group' => 'icingadb',
'mode' => '0640'
},
).with_content(%r{database:\n type: mysql\n host: localhost\n database: icingadb\n user: icingadb\n password: supersecret\n\nredis:\n host: localhost\n port: 6380\n\n})
).with_content(%r{database:\n type: mysql\n host: localhost\n database: icingadb\n user: icingadb\n password: supersecret\nredis:\n host: localhost\n port: 6380\n})
}

it { is_expected.not_to contain_file('/etc/icingadb/config.yml').with_content(%r{^retention:}) }
it { is_expected.not_to contain_exec('icingadb-mysql-import-schema') }
it { is_expected.to contain_service('icingadb').with('ensure' => 'running', 'enable' => true) }
end
Expand Down Expand Up @@ -79,10 +80,9 @@
end

it { is_expected.not_to contain_exec('icingadb-mysql-import-schema') }
it { is_expected.not_to contain_file('/etc/icingadb/config.yml').with_content(%r{tls}) }
it {
is_expected.to contain_file('/etc/icingadb/config.yml')
.with_content(%r{database:\n type: mysql\n host: db.example.org\n port: 4711\n database: foo\n user: bar\n password: supersecret\n\n})
.with_content(%r{database:\n type: mysql\n host: db.example.org\n port: 4711\n database: foo\n user: bar\n password: supersecret\n tls: false\n})
}
end

Expand Down Expand Up @@ -135,10 +135,9 @@
end

it { is_expected.not_to contain_exec('icingadb-pgsql-import-schema') }
it { is_expected.not_to contain_file('/etc/icingadb/config.yml').with_content(%r{tls}) }
it {
is_expected.to contain_file('/etc/icingadb/config.yml')
.with_content(%r{database:\n type: pgsql\n host: db.example.org\n port: 4711\n database: foo\n user: bar\n password: supersecret\n\n})
.with_content(%r{database:\n type: pgsql\n host: db.example.org\n port: 4711\n database: foo\n user: bar\n password: supersecret\n tls: false\n})
}
end

Expand Down
106 changes: 2 additions & 104 deletions templates/config.yml.epp
Original file line number Diff line number Diff line change
@@ -1,107 +1,5 @@
<%- | Enum['mysql', 'pgsql'] $db_type,
Stdlib::Host $db_host,
Optional[Stdlib::Port] $db_port = undef,
String $db_name,
String $db_username,
Variant[String, Sensitive[String]] $db_password,
Optional[Boolean] $db_tls = undef,
Optional[String] $db_tls_cert = undef,
Optional[String] $db_tls_key = undef,
Optional[String] $db_tls_cacert = undef,
Optional[Boolean] $db_tls_insecure = undef,
Hash[String[1], Integer[1]] $db_options = {},
Stdlib::Host $redis_host,
Optional[Stdlib::Port] $redis_port = undef,
Optional[Variant[String, Sensitive[String]]] $redis_password = undef,
Optional[Boolean] $redis_tls = undef,
Optional[String] $redis_tls_cert = undef,
Optional[String] $redis_tls_key = undef,
Optional[String] $redis_tls_cacert = undef,
Optional[Boolean] $redis_tls_insecure = undef,
String $logging_level,
Optional[String] $logging_output = undef,
String $logging_interval,
Hash[String, String] $logging_options,
Optional[Integer[1]] $retention_history_data = undef,
Optional[Integer[1]] $retention_sla_data = undef,
Hash[String, Integer[1]] $retention_options,
<%- | Hash[String[1],Any] $content,
| -%>
# This file is managed by Puppet. DO NOT EDIT.

database:
type: <%= $db_type %>
host: <%= $db_host %>
<% if $db_port { -%>
port: <%= $db_port %>
<% } -%>
database: <%= $db_name %>
user: <%= $db_username %>
password: <%= $db_password %>
<% if $db_tls { -%>
tls: <%= $db_tls %>
<% if $db_tls_cert { -%>
cert: <%= $db_tls_cert %>
<% } -%>
<% if $db_tls_key { -%>
key: <%= $db_tls_key %>
<% } -%>
<% if $db_tls_cacert { -%>
ca: <%= $db_tls_cacert %>
<% } -%>
<% if $db_tls_insecure =~ Boolean { -%>
insecure: <%= $db_tls_insecure %>
<% } -%>
<% } -%>
<% unless empty($db_options) { -%>
options:
<% $db_options.each |String $opt, Integer $val| { -%>
<%= $opt %>: <%= $val %>
<% } -%>
<% } -%>

redis:
host: <%= $redis_host %>
<% if $redis_port { -%>
port: <%= $redis_port %>
<% } -%>
<% if $redis_password { -%>
password: <%= $redis_password %>
<% } -%>
<% if $redis_tls { -%>
tls: <%= $redis_tls %>
<% if $redis_tls_cert { -%>
cert: <%= $redis_tls_cert %>
<% } -%>
<% if $redis_tls_key { -%>
key: <%= $redis_tls_key %>
<% } -%>
<% if $redis_tls_cacert { -%>
ca: <%= $redis_tls_cacert %>
<% } -%>
<% if $redis_tls_insecure =~ Boolean { -%>
insecure: <%= $redis_tls_insecure %>
<% } -%>
<% } -%>

logging:
level: <%= $logging_level %>
<% if $logging_output { -%>
output: <%= $logging_output %>
<% } -%>
interval: <%= $logging_interval %>
options:
<% $logging_options.each |String $opt, String $val| { -%>
<%= $opt %>: <%= $val %>
<% } -%>

retention:
<% if $retention_history_data { -%>
history-days: <%= $retention_history_data %>
<% } -%>
<% if $retention_sla_data { -%>
sla-days: <%= $retention_sla_data %>
<% } -%>
options:
<% $retention_options.each |String $opt, Integer[1] $val| { -%>
<%= $opt %>: <%= $val %>
<% } -%>
<%= $content -%>

0 comments on commit 66712a0

Please sign in to comment.