.sync.yml

@@ -1,5 +1,8 @@
 ---
 .travis.yml:
+  beaker_sets:
+    - docker/centos-7
+    - docker/debian-9
   env:
     global:
       - PARALLEL_TEST_PROCESSORS=8

.travis.yml

@@ -16,5 +16,18 @@ matrix:
   include:
     - rvm: 2.4.1
       env: PUPPET_VERSION=5.0
+    # Acceptance tests
+    - rvm: 2.3.1
+      dist: trusty
+      env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7
+      script: bundle exec rake beaker
+      services: docker
+      bundler_args: --without development
+    - rvm: 2.3.1
+      dist: trusty
+      env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/debian-9
+      script: bundle exec rake beaker
+      services: docker
+      bundler_args: --without development
 bundler_args: --without system_tests development
 sudo: false

CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## [7.1.0](https://github.com/theforeman/puppet-foreman_proxy/tree/7.1.0) (2018-02-28)
+
+[Full Changelog](https://github.com/theforeman/puppet-foreman_proxy/compare/7.0.0...7.1.0)
+
+**Implemented enhancements:**
+
+- Fixes [\#22479](https://projects.theforeman.org/issues/22479) - Handle remote directory with undefined parent [\#410](https://github.com/theforeman/puppet-foreman_proxy/pull/410) ([ekohl](https://github.com/ekohl))
+- Refs [\#22513](https://projects.theforeman.org/issues/22513) - Expose the dynflow file limit [\#409](https://github.com/theforeman/puppet-foreman_proxy/pull/409) ([chris1984](https://github.com/chris1984))
+
 ## [7.0.0](https://github.com/theforeman/puppet-foreman_proxy/tree/7.0.0) (2018-01-25)
 [Full Changelog](https://github.com/theforeman/puppet-foreman_proxy/compare/6.0.3...7.0.0)
 

manifests/plugin/discovery.pp

@@ -26,10 +26,9 @@
   if $install_images {
     $tftp_root_clean = regsubst($tftp_root, '/$', '')
 
-    foreman::remote_file {"${tftp_root_clean}/boot/${image_name}":
+    foreman_proxy::remote_file {"${tftp_root_clean}/boot/${image_name}":
       remote_location => "${source_url}${image_name}",
       mode            => '0644',
-      require         => File["${tftp_root_clean}/boot"],
     } ~> exec { "untar ${image_name}":
       command => "tar xf ${image_name}",
       path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',

manifests/plugin/dynflow.pp

@@ -22,6 +22,8 @@
 #
 # $tls_disabled_versions:: Disable TLS versions. Version 1.0 is always disabled. For example: ['1.1']
 #
+# $open_file_limit::       Limit number of open files - Only Red Hat Operating Systems with Software Collections.
+#
 class foreman_proxy::plugin::dynflow (
   Boolean $enabled = $::foreman_proxy::plugin::dynflow::params::enabled,
   Foreman_proxy::ListenOn $listen_on = $::foreman_proxy::plugin::dynflow::params::listen_on,
@@ -31,6 +33,7 @@
   Integer[0, 65535] $core_port = $::foreman_proxy::plugin::dynflow::params::core_port,
   Optional[Array[String]] $ssl_disabled_ciphers = $::foreman_proxy::plugin::dynflow::params::ssl_disabled_ciphers,
   Optional[Array[String]] $tls_disabled_versions = $::foreman_proxy::plugin::dynflow::params::tls_disabled_versions,
+  Integer[1] $open_file_limit = $::foreman_proxy::plugin::dynflow::params::open_file_limit,
 ) inherits foreman_proxy::plugin::dynflow::params {
   if $::foreman_proxy::ssl {
     $core_url = "https://${::fqdn}:${core_port}"
@@ -66,6 +69,12 @@
       ensure => link,
       target => '/etc/foreman-proxy/settings.d',
     }
+    ~> systemd::service_limits { 'smart_proxy_dynflow_core.service':
+      limits          => {
+        'LimitNOFILE' => $open_file_limit,
+      },
+      restart_service => false,
+    }
     ~> service { 'smart_proxy_dynflow_core':
       ensure => running,
       enable => true,

manifests/plugin/dynflow/params.pp

@@ -9,4 +9,5 @@
   $core_port             = 8008
   $ssl_disabled_ciphers  = undef
   $tls_disabled_versions = undef
+  $open_file_limit       = 1000000
 }

manifests/remote_file.pp

@@ -0,0 +1,17 @@
+# Downloads a file from a URL to a local file given by the title
+define foreman_proxy::remote_file(
+  $remote_location,
+  $mode='0644',
+) {
+  $parent = dirname($title)
+  File <| title == $parent |>
+  -> exec { "mkdir -p ${parent}":
+    path    => ['/bin', '/usr/bin'],
+    creates => $parent,
+  }
+  -> file { $title:
+    source  => $remote_location,
+    mode    => $mode,
+    replace => false,
+  }
+}

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "theforeman-foreman_proxy",
-  "version": "7.0.0",
+  "version": "7.1.0",
   "author": "theforeman",
   "summary": "Foreman Smart Proxy configuration",
   "license": "GPL-3.0+",

spec/acceptance/foreman_remote_file_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper_acceptance'
+
+describe 'remote_file works' do
+  let(:pp) do
+    <<-MANIFEST
+    foreman_proxy::remote_file { '/var/tmp/test':
+      remote_location => 'https://codeload.github.com/theforeman/puppet-foreman/tar.gz/9.0.0',
+    }
+    MANIFEST
+  end
+
+  it_behaves_like 'a idempotent resource'
+
+  describe file('/var/tmp/test') do
+    its(:md5sum) { should eq '5ef89571e3775b4bc17e4f5a55d1c146' }
+  end
+end

spec/classes/foreman_proxy__plugin__discovery_spec.rb

@@ -18,11 +18,12 @@
           tftproot = '/var/lib/tftpboot'
       end
 
-      it { should contain_foreman_proxy__plugin('discovery') }
-      it { should contain_foreman_proxy__feature('Discovery') }
-
       describe 'without paramaters' do
-        it { should_not contain_foreman__remote_file("#{tftproot}/boot/fdi-image-latest.tar") }
+        it { should compile.with_all_deps }
+        it { should contain_foreman_proxy__plugin('discovery') }
+        it { should contain_foreman_proxy__feature('Discovery') }
+        it { should_not contain_foreman_proxy__remote_file("#{tftproot}/boot/fdi-image-latest.tar") }
+        it { should_not contain_exec('untar fdi-image-latest.tar') }
       end
 
       describe 'with install_images => true' do
@@ -32,8 +33,12 @@
           }
         end
 
+        it { should compile.with_all_deps }
+        it { should contain_foreman_proxy__plugin('discovery') }
+        it { should contain_foreman_proxy__feature('Discovery') }
+
         it 'should download and install tarball' do
-          should contain_foreman__remote_file("#{tftproot}/boot/fdi-image-latest.tar").
+          should contain_foreman_proxy__remote_file("#{tftproot}/boot/fdi-image-latest.tar").
             with_remote_location('http://downloads.theforeman.org/discovery/releases/latest/fdi-image-latest.tar')
         end
 

spec/classes/foreman_proxy__plugin__dynflow_spec.rb

@@ -1,83 +1,123 @@
 require 'spec_helper'
 
 describe 'foreman_proxy::plugin::dynflow' do
-  describe 'with default settings' do
-    let :facts do
-      on_supported_os['redhat-7-x86_64']
-    end
+  on_os_under_test.each do |os, facts|
+    context "on #{os}" do
+      let :facts do
+        facts
+      end
 
-    let :pre_condition do
-      "include foreman_proxy"
-    end
+      let :pre_condition do
+        "include foreman_proxy"
+      end
 
-    it { should contain_foreman_proxy__plugin('dynflow') }
+      let :etc_dir do
+        case facts[:osfamily]
+        when 'FreeBSD', 'DragonFly'
+          '/usr/local/etc'
+        else
+          '/etc'
+        end
+      end
 
-    it 'should generate correct dynflow.yml' do
-      verify_exact_contents(catalogue, "/etc/foreman-proxy/settings.d/dynflow.yml", [
-          '---',
-          ':enabled: https',
-          ':database: ',
-          ':core_url: https://foo.example.com:8008',
-      ])
-    end
+      has_core = facts[:osfamily] == 'RedHat' && facts[:operatingsystem] != 'Fedora'
 
-    it 'should create settings.d symlink' do
-      should contain_file("/etc/smart_proxy_dynflow_core/settings.d").
-        with_ensure('link').with_target('/etc/foreman-proxy/settings.d')
-    end
+      describe 'with default settings' do
+        it { should compile.with_all_deps }
+        it { should contain_foreman_proxy__plugin('dynflow') }
 
-    it 'should generate correct dynflow core settings.yml' do
-      verify_exact_contents(catalogue, "/etc/smart_proxy_dynflow_core/settings.yml", [
-          "---",
-          ":database: ",
-          ":console_auth: true",
-          ":foreman_url: https://foo.example.com",
-          ":listen: 0.0.0.0",
-          ":port: 8008",
-          ":use_https: true",
-          ":ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem",
-          ":ssl_certificate: /var/lib/puppet/ssl/certs/foo.example.com.pem",
-          ":ssl_private_key: /var/lib/puppet/ssl/private_keys/foo.example.com.pem"
-      ])
-    end
-  end
+        it 'should generate correct dynflow.yml' do
+          verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dynflow.yml", [
+            '---',
+            ':enabled: https',
+            ':database: ',
+            ':core_url: https://foo.example.com:8008',
+          ])
+        end
 
-  describe 'with custom settings' do
-    let :facts do
-      on_supported_os['redhat-7-x86_64']
-    end
+        if has_core
+          it { should contain_foreman_proxy__plugin('dynflow_core') }
+          it { should contain_service('smart_proxy_dynflow_core') }
 
-    let :pre_condition do
-      "include foreman_proxy"
-    end
-    let :params do {
-      :database_path         => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
-      :ssl_disabled_ciphers  => ['NULL-MD5', 'NULL-SHA'],
-      :tls_disabled_versions => ['1.1']
-    } end
+          it 'should create settings.d symlink' do
+            should contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.d").
+              with_ensure('link').with_target("#{etc_dir}/foreman-proxy/settings.d")
+          end
 
-    it { should contain_foreman_proxy__plugin('dynflow') }
+          it 'should create systemd service limits' do
+            should contain_systemd__service_limits('smart_proxy_dynflow_core.service').
+              with_limits({'LimitNOFILE' => 1000000}).that_notifies('Service[smart_proxy_dynflow_core]')
+          end
 
-    it 'should create settings.d symlink' do
-      should contain_file("/etc/smart_proxy_dynflow_core/settings.d").
-        with_ensure('link').with_target('/etc/foreman-proxy/settings.d')
-    end
+          it 'should generate correct dynflow core settings.yml' do
+            verify_exact_contents(catalogue, "#{etc_dir}/smart_proxy_dynflow_core/settings.yml", [
+              "---",
+              ":database: ",
+              ":console_auth: true",
+              ":foreman_url: https://foo.example.com",
+              ":listen: 0.0.0.0",
+              ":port: 8008",
+              ":use_https: true",
+              ":ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem",
+              ":ssl_certificate: /var/lib/puppet/ssl/certs/foo.example.com.pem",
+              ":ssl_private_key: /var/lib/puppet/ssl/private_keys/foo.example.com.pem"
+            ])
+          end
+        else
+          it { should_not contain_foreman_proxy__plugin('dynflow_core') }
+          it { should_not contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.d") }
+          it { should_not contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.yml") }
+          it { should_not contain_service('smart_proxy_dynflow_core') }
+          it { should_not contain_systemd__service_limits('smart_proxy_dynflow_core.service') }
+        end
+      end
+
+      describe 'with custom settings' do
+        let :params do {
+          :database_path         => '/var/lib/foreman-proxy/dynflow/dynflow.sqlite',
+          :ssl_disabled_ciphers  => ['NULL-MD5', 'NULL-SHA'],
+          :tls_disabled_versions => ['1.1'],
+          :open_file_limit       => 8000
+        } end
+
+        it { should compile.with_all_deps }
+        it { should contain_foreman_proxy__plugin('dynflow') }
+
+        if has_core
+          it 'should create settings.d symlink' do
+            should contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.d").
+              with_ensure('link').with_target("#{etc_dir}/foreman-proxy/settings.d")
+          end
+
+          it 'should create systemd service limits' do
+            should contain_systemd__service_limits('smart_proxy_dynflow_core.service').
+              with_limits({'LimitNOFILE' => 8000}).that_notifies('Service[smart_proxy_dynflow_core]')
+          end
 
-    it 'should generate correct dynflow core settings.yml' do
-      verify_exact_contents(catalogue, "/etc/smart_proxy_dynflow_core/settings.yml", [
-        '---',
-        ':database: /var/lib/foreman-proxy/dynflow/dynflow.sqlite',
-        ':console_auth: true',
-        ':foreman_url: https://foo.example.com',
-        ':listen: 0.0.0.0',
-        ':port: 8008',
-        ':use_https: true',
-        ':ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem',
-        ':ssl_certificate: /var/lib/puppet/ssl/certs/foo.example.com.pem',
-        ':ssl_private_key: /var/lib/puppet/ssl/private_keys/foo.example.com.pem',
-        ':ssl_disabled_ciphers: ["NULL-MD5", "NULL-SHA"]',
-        ':tls_disabled_versions: ["1.1"]',
-      ])
+          it 'should generate correct dynflow core settings.yml' do
+            verify_exact_contents(catalogue, "#{etc_dir}/smart_proxy_dynflow_core/settings.yml", [
+              '---',
+              ':database: /var/lib/foreman-proxy/dynflow/dynflow.sqlite',
+              ':console_auth: true',
+              ':foreman_url: https://foo.example.com',
+              ':listen: 0.0.0.0',
+              ':port: 8008',
+              ':use_https: true',
+              ':ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem',
+              ':ssl_certificate: /var/lib/puppet/ssl/certs/foo.example.com.pem',
+              ':ssl_private_key: /var/lib/puppet/ssl/private_keys/foo.example.com.pem',
+              ':ssl_disabled_ciphers: ["NULL-MD5", "NULL-SHA"]',
+              ':tls_disabled_versions: ["1.1"]',
+            ])
+          end
+        else
+          it { should_not contain_foreman_proxy__plugin('dynflow_core') }
+          it { should_not contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.d") }
+          it { should_not contain_file("#{etc_dir}/smart_proxy_dynflow_core/settings.yml") }
+          it { should_not contain_service('smart_proxy_dynflow_core') }
+          it { should_not contain_systemd__service_limits('smart_proxy_dynflow_core.service') }
+        end
+      end
     end
   end
 end