[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, experimental, updated. debian/2.6.8-1-844-g7ec39d5

Tue May 10 08:02:58 UTC 2011

The following commit has been merged in the experimental branch:
commit 0ab5e0f779d7261c4a9faf890cef8df52726a82a
Author: Stefan Schulte <stefan.schulte at taunusstein.net>
Date:   Sun Nov 21 20:52:49 2010 +0100

    (#2495) Better value validation for sshkey
    
    As mentioned in the ticket it is not obvious that aliases do not belong
    in the resourcename but have to be specified with the property
    "host_aliases". On the puppet-user list I saw someone using this as a
    resource
    
      @@sshkey {"$fqdn,$hostname,$ipaddress":
        type => rsa,
        key  => $sshrsakey,
      }
    
    Puppet will now write a correct entry to the know_hosts file, but when
    it rereads the file, the field $fqdn,$hostname,$ipaddress is split into
    name ($fqdn) and host_aliases ([$hostname,$ipaddress]). Since we dont
    find the resource the user specified, puppet will put the same key in
    the file over and over again. This patch adds a simple validation on
    resourcename.

diff --git a/lib/puppet/type/sshkey.rb b/lib/puppet/type/sshkey.rb
index b7a1b8a..59a1a12 100755
--- a/lib/puppet/type/sshkey.rb
+++ b/lib/puppet/type/sshkey.rb
@@ -41,7 +41,7 @@ module Puppet
           raise Puppet::Error, "Aliases cannot include whitespace"
         end
         if value =~ /,/
-          raise Puppet::Error, "Aliases cannot include whitespace"
+          raise Puppet::Error, "Aliases must be provided as an array, not a comma-separated list"
         end
       end
     end
@@ -50,6 +50,11 @@ module Puppet
       desc "The host name that the key is associated with."
 
       isnamevar
+
+      validate do |value|
+        raise Puppet::Error, "Resourcename cannot include whitespaces" if value =~ /\s/
+        raise Puppet::Error, "No comma in resourcename allowed. If you want to specify aliases use the host_aliases property" if value.include?(',')
+      end
     end
 
     newproperty(:target) do
diff --git a/spec/unit/type/sshkey_spec.rb b/spec/unit/type/sshkey_spec.rb
new file mode 100644
index 0000000..966ca70
--- /dev/null
+++ b/spec/unit/type/sshkey_spec.rb
@@ -0,0 +1,71 @@
+#!/usr/bin/env ruby
+
+require File.dirname(__FILE__) + '/../../spec_helper'
+
+sshkey = Puppet::Type.type(:sshkey)
+
+describe sshkey do
+  before do
+    @class = sshkey
+  end
+
+  it "should have :name its namevar" do
+    @class.key_attributes.should == [:name]
+  end
+
+  describe "when validating attributes" do
+    [:name, :provider].each do |param|
+      it "should have a #{param} parameter" do
+        @class.attrtype(param).should == :param
+      end
+    end
+
+    [:host_aliases, :ensure, :key, :type].each do |property|
+      it "should have a #{property} property" do
+        @class.attrtype(property).should == :property
+      end
+    end
+  end
+
+  describe "when validating values" do
+
+    it "should support ssh-dss as a type value" do
+      proc { @class.new(:name => "foo", :type => "ssh-dss") }.should_not raise_error
+    end
+
+    it "should support ssh-rsa as a type value" do
+      proc { @class.new(:name => "whev", :type => "ssh-rsa") }.should_not raise_error
+    end
+
+    it "should alias :dsa to ssh-dss as a value for type" do
+      key = @class.new(:name => "whev", :type => :dsa)
+      key.should(:type).should == :'ssh-dss'
+    end
+
+    it "should alias :rsa to ssh-rsa as a value for type" do
+      key = @class.new(:name => "whev", :type => :rsa)
+      key.should(:type).should == :'ssh-rsa'
+    end
+
+    it "should not support values other than ssh-dss, ssh-rsa, dsa, rsa for type" do
+      proc { @class.new(:name => "whev", :type => :'ssh-dsa') }.should raise_error(Puppet::Error)
+    end
+
+    it "should accept one host_alias" do
+      proc { @class.new(:name => "foo", :host_aliases => 'foo.bar.tld') }.should_not raise_error
+    end
+
+    it "should accept multiple host_aliases as an array" do
+      proc { @class.new(:name => "foo", :host_aliases => ['foo.bar.tld','10.0.9.9']) }.should_not raise_error
+    end
+
+    it "should not accept spaces in any host_alias" do
+      proc { @class.new(:name => "foo", :host_aliases => ['foo.bar.tld','foo bar']) }.should raise_error(Puppet::Error)
+    end
+
+    it "should not accept aliases in the resourcename" do
+      proc { @class.new(:name => 'host,host.domain,ip') }.should raise_error(Puppet::Error)
+    end
+
+  end
+end

-- 
Puppet packaging for Debian

