Merge pull request #20 from maniacmurphy/sso

Updated vcsa_sso to match vpxd_servicecfg sso parameters
vmware-archive · Jan 8, 2015 · 98a564f · 98a564f
2 parents 5f7b615 + f1566e3
commit 98a564f
Show file tree

Hide file tree

Showing 4 changed files with 79 additions and 30 deletions.
diff --git a/lib/puppet/provider/vcsa_sso/default.rb b/lib/puppet/provider/vcsa_sso/default.rb
@@ -6,8 +6,49 @@
 Puppet::Type.type(:vcsa_sso).provide(:ssh, :parent => Puppet::Provider::Vcsa ) do
   @doc = 'Manages vCSA sso'
 
+  def addparam(paramlist, param_validation, param)
+    if resource[param].nil?
+      param_validation.push(param) unless param == 'is_group'
+    else
+      if param == 'thumbprint' && resource[:is_group].nil?
+        raise Puppet::Error, "Parmeter Missing: 'is_group' must be set if supplying values for 'thumbprint'"
+      end
+      paramlist += " '#{resource[param]}'"
+    end
+    paramlist
+  end
+
+  def cmdparams
+    param_order = ['dbtype','ls','login','password','principal','is_group','thumbprint']
+    param_validation = []
+    param_list = ""
+    param_order.each { |param|
+      case param
+      when 'ls','login','principal','is_group','thumbprint'
+        if resource[:dbtype].to_s == 'external'
+          param_list = addparam param_list, param_validation, param
+        end
+      when 'password'
+        if resource[:dbtype].to_s == 'external'
+          param_list = addparam param_list, param_validation, param
+        elsif resource[:dbtype].to_s == 'embedded'
+          Puppet.warning "No password provided for embedded SSO database. A new password will not be set for administrator@vsphere.local" if resource[param].nil? 
+          param_list += " '#{resource[param]}'"
+        end
+      else
+        param_list = addparam param_list, param_validation, param
+      end
+    }
+    raise Puppet::Error, "The following parameters are missing for a database type of #{resource[:dbtype]} : #{param_validation.inspect}" unless param_validation.empty?
+    param_list
+  end
+
+  def command
+    @command ||= "vpxd_servicecfg sso write#{cmdparams}"
+  end
+
   def create
-    transport.exec!("vpxd_servicecfg sso write #{resource[:dbtype]} #{resource[:server]} #{resource[:port]} #{resource[:instance]} #{resource[:user]} #{resource[:password]}")
+    transport.exec!(command)
   end
 
   def exists?

diff --git a/lib/puppet/type/vcsa_sso.rb b/lib/puppet/type/vcsa_sso.rb
@@ -1,36 +1,40 @@
 # Copyright (C) 2013 VMware, Inc.
 Puppet::Type.newtype(:vcsa_sso) do
-  @doc = 'Manage vCSA sso.'
+  @doc = 'Manage vCSA sso. Parameters to match /usr/sbin/vpxd_servicecfg sso parameters. See /usr/sbin/vpxd_servicecfg -h on vCSA for additional information'
 
   ensurable
 
   newparam(:name, :namevar => true) do
   end
 
   newparam(:dbtype) do
-    desc 'vCSA embedded dbtype - oracle, PostgreSQL, embedded or vcdb'
-    newvalues('oracle', 'PostgreSQL', 'embedded', 'vcdb')
+    desc 'vCSA dbtype -  embedded or external'
+    newvalues('embedded', 'external')
   end
 
-  newparam(:server) do
-    desc 'vCSA embedded server - name or ip of DB server'
+  newparam(:ls) do
+    desc 'Lookup service url'
   end
 
-  newparam(:port) do
-    desc 'vCSA embedded port - port number for DB, set to 0 to use default'
-    newvalues(/\d+/)
+  newparam(:login) do
+    desc 'LS administrator account'
   end
 
-  newparam(:instance) do
-    desc 'vCSA embedded instance - database instance name'
+  newparam(:password) do
+    desc 'LS administrator password'
   end
 
-  newparam(:user) do
-    desc 'vCSA embedded user - db user name'
+  newparam(:principal) do
+    desc 'Account to be assigned as VC admin'
   end
 
-  newparam(:password) do
-    desc 'vCSA embedded password - db user password'
+  newparam(:is_group) do
+    desc 'The principal account is a group'
+    newvalues(:true, :false)
+  end
+
+  newparam(:thumbprint) do
+    desc 'Optional thumbprint of the lookup service`s certificate'
   end
 end
 
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -11,8 +11,16 @@
   $db_instance   = undef,
   $db_user       = undef,
   $db_password   = undef,
+  $sso_db_type   = 'embedded',
+  $sso_ls        = undef,
+  $sso_login     = undef,
+  $sso_password  = undef,
+  $sso_principal = undef,
+  $sso_is_group  = undef,
+  $sso_thumbprint = undef,
   $capacity      = 'small',    #: inventory accepts small, medium, large, custom
-  $java_max_heap = undef       #: manual jmx heap max size configuration
+  $java_max_heap = undef,      #: manual jmx heap max size configuration
+  $vpxd_state    = 'running'
 ) {
 
   case $capacity {
@@ -69,14 +77,15 @@
   } ->
 
   vcsa_sso { $name:
-    ensure    => present,
-    dbtype    => $db_type,
-    server    => $db_server,
-    port      => $db_port,
-    instance  => $db_instance,
-    user      => $db_user,
-    password  => $db_password,
-    transport => Transport[$name],
+    ensure     => present,
+    dbtype     => $sso_db_type,
+    ls         => $sso_ls,
+    login      => $sso_login,
+    password   => $sso_password,
+    principal  => $sso_principal,
+    is_group   => $sso_is_group,
+    thumbprint => $sso_thumbprint,
+    transport  => Transport[$name],
   } ->
 
   vcsa_java { $name:
@@ -88,7 +97,7 @@
   } ~>
 
   vcsa_service { $name:
-    ensure    => running,
+    ensure    => $vpxd_state,
     transport => Transport[$name],
   }
 }
diff --git a/spec/unit/puppet/type/vcsa_sso_spec.rb b/spec/unit/puppet/type/vcsa_sso_spec.rb
@@ -13,11 +13,6 @@
     @resource = @type.new({
       :name     => 'sso',
       :dbtype   => 'embedded',
-      :server   => 'localhost',
-      :port     => '5432',
-      :instance => '',
-      :user     => '',
-      :password => '',
     })
   end