Showing with 85 additions and 10 deletions.

+1 −1 Modulefile

+6 −0 README.md

+18 −2 manifests/init.pp

+60 −7 spec/classes/init_spec.rb
diff --git a/Modulefile b/Modulefile
@@ -1,5 +1,5 @@
 name    'ghoneycutt-ssh'
-version '3.8.0'
+version '3.9.0'
 source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
 author 'ghoneycutt'
 license 'Apache License, Version 2.0'

diff --git a/README.md b/README.md
@@ -372,6 +372,12 @@ Export node SSH key. Valid values are 'present' and 'absent'.
 
 - *Default*: 'present'
 
+ssh_key_import
+--------------
+Import all exported node SSH keys. Valid values are 'true' and 'false'.
+
+- *Default*: 'true'
+
 ssh_key_type
 ------------
 Encryption type for SSH key. Valid values are 'rsa', 'dsa', 'ssh-dss' and 'ssh-rsa'

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -55,6 +55,7 @@
   $service_hasrestart               = 'true',
   $service_hasstatus                = 'USE_DEFAULTS',
   $ssh_key_ensure                   = 'present',
+  $ssh_key_import                   = 'true',
   $ssh_key_type                     = 'ssh-rsa',
   $keys                             = undef,
   $manage_root_ssh_config           = 'false',
@@ -360,6 +361,19 @@
     }
   }
 
+  case type($ssh_key_import) {
+    'string': {
+      validate_re($ssh_key_import, '^(true|false)$', "ssh::ssh_key_import may be either 'true' or 'false' and is set to <${ssh_key_import}>.")
+      $ssh_key_import_real = str2bool($ssh_key_import)
+    }
+    'boolean': {
+      $ssh_key_import_real = $ssh_key_import
+    }
+    default: {
+      fail('ssh::ssh_key_import type must be true or false.')
+    }
+  }
+
   case type($ssh_config_sendenv_xmodifiers) {
     'string': {
       $ssh_config_sendenv_xmodifiers_real = str2bool($ssh_config_sendenv_xmodifiers)
@@ -497,8 +511,10 @@
     key     => $key,
   }
 
-  # import all nodes' ssh keys
-  Sshkey <<||>>
+  if $ssh_key_import_real == true {
+    # import all nodes' ssh keys
+    Sshkey <<||>>
+  }
 
   # remove ssh key's not managed by puppet
   resources  { 'sshkey':

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -108,7 +108,7 @@
 
     it 'should fail' do
       expect {
-        should include_class('ssh')
+        should contain_class('ssh')
       }.to raise_error(Puppet::Error,/^ssh module supports Solaris kernel release 5.9, 5.10 and 5.11./)
     end
   end
@@ -123,9 +123,9 @@
       }
     end
 
-    it { should include_class('ssh')}
+    it { should contain_class('ssh')}
 
-    it { should_not include_class('common')}
+    it { should_not contain_class('common')}
 
 
     ['SUNWsshcu','SUNWsshdr','SUNWsshdu','SUNWsshr','SUNWsshu'].each do |pkg|
@@ -213,9 +213,9 @@
       }
     end
 
-    it { should include_class('ssh')}
+    it { should contain_class('ssh')}
 
-    it { should_not include_class('common')}
+    it { should_not contain_class('common')}
 
     ['SUNWsshcu','SUNWsshdr','SUNWsshdu','SUNWsshr','SUNWsshu'].each do |pkg|
       it {
@@ -301,9 +301,9 @@
       }
     end
 
-    it { should include_class('ssh')}
+    it { should contain_class('ssh')}
 
-    it { should_not include_class('common')}
+    it { should_not contain_class('common')}
 
     ['SUNWsshcu','SUNWsshdr','SUNWsshdu','SUNWsshr','SUNWsshu'].each do |pkg|
       it {
@@ -1743,4 +1743,57 @@
       end
     end
   end
+
+  describe 'with ssh_key_import parameter specified' do
+    context 'as a non-boolean or non-string' do
+    let(:params) { { :ssh_key_import => ['not_a_boolean','or_a_string'] } }
+
+      it 'should fail' do
+        expect { should raise_error(Puppet::Error) }
+      end
+    end
+
+    context 'as an invalid string' do
+      let(:params) { { :ssh_key_import => 'invalid_string' } }
+      let(:facts) do
+        { :osfamily          => 'RedHat',
+          :lsbmajdistrelease => '6',
+        }
+      end
+
+      it 'should fail' do
+        expect { should raise_error(Puppet::Error,/^ssh::ssh_key_import may be either 'true' or 'false' and is set to <invalid_string>./) }
+      end
+    end
+
+    ['true',true].each do |value|
+      context "as #{value}" do
+        let(:params) { { :ssh_key_import => value } }
+        let(:facts) do
+          { :osfamily          => 'RedHat',
+            :lsbmajdistrelease => '6',
+          }
+        end
+
+        it { should compile.with_all_deps }
+
+        it { should contain_class('ssh') }
+      end
+    end
+
+    ['false',false].each do |value|
+      context "as #{value}" do
+        let(:params) { { :ssh_key_import => value } }
+        let(:facts) do
+          { :osfamily          => 'RedHat',
+            :lsbmajdistrelease => '6',
+          }
+        end
+
+        it { should compile.with_all_deps }
+
+        it { should contain_class('ssh') }
+      end
+    end
+  end
 end