From 3355a7dd9d5d351f8c95706254cffd8773b0c39d Mon Sep 17 00:00:00 2001 From: handersen Date: Wed, 8 Aug 2018 12:05:23 +0200 Subject: [PATCH 01/12] catch errors based on missing authentication to allow creation of admin user on replicaset setup --- lib/puppet/provider/mongodb.rb | 13 +++++-- .../provider/mongodb_database/mongodb.rb | 14 +++++--- lib/puppet/provider/mongodb_user/mongodb.rb | 36 ++++++++++--------- 3 files changed, 40 insertions(+), 23 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 1e69d42ec..39a5314f3 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -132,9 +132,16 @@ def self.conn_string def self.db_ismaster cmd_ismaster = 'db.isMaster().ismaster' - cmd_ismaster = mongorc_file + cmd_ismaster if mongorc_file db = 'admin' - res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp + + if mongorc_file + res = mongo_cmd(db, conn_string, mongorc_file + cmd_ismaster).to_s.chomp + end + if res.match(/Authentication failed/) or not mongorc_file + Puppet.warning('db_ismaster authentication failed') + res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp + end + Puppet.warning("db_ismaster res: #{res}") res.eql?('true') ? true : false end @@ -153,6 +160,8 @@ def self.mongo_eval(cmd, db = 'admin', retries = 10, host = nil) retry_sleep = 3 cmd = mongorc_file + cmd if mongorc_file + Puppet.warning("mongoeval cmd: #{cmd}") + out = nil retry_count.times do |n| begin diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index 8be330779..cc63c3ba5 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -6,11 +6,15 @@ def self.instances require 'json' - dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())') + begin + dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())') - dbs['databases'].map do |db| - new(name: db['name'], - ensure: :present) + dbs['databases'].map do |db| + new(name: db['name'], + ensure: :present) + end + rescue + {} end end @@ -18,7 +22,7 @@ def self.instances def self.prefetch(resources) dbs = instances resources.keys.each do |name| - provider = dbs.find { |db| db.name == name } + provider = dbs.find {|db| db.name == name} resources[name].provider = provider if provider end end diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 1309375b7..80581c9f3 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -27,16 +27,20 @@ def self.instances end return allusers else - users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())') - - users.map do |user| - new(name: user['_id'], - ensure: :present, - username: user['user'], - database: user['db'], - roles: from_roles(user['roles'], user['db']), - password_hash: user['credentials']['MONGODB-CR'], - scram_credentials: user['credentials']['SCRAM-SHA-1']) + begin + users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())') + + users.map do |user| + new(name: user['_id'], + ensure: :present, + username: user['user'], + database: user['db'], + roles: from_roles(user['roles'], user['db']), + password_hash: user['credentials']['MONGODB-CR'], + scram_credentials: user['credentials']['SCRAM-SHA-1']) + end + rescue + {} end end else @@ -49,7 +53,7 @@ def self.instances def self.prefetch(resources) users = instances resources.each do |name, resource| - provider = users.find { |user| user.username == (resource[:username]) && user.database == (resource[:database]) } + provider = users.find {|user| user.username == (resource[:username]) && user.database == (resource[:database])} resources[name].provider = provider if provider end end @@ -63,9 +67,9 @@ def create raise Puppet::Error, "password_hash can't be set on MongoDB older than 3.0; use password instead" end user = { - user: @resource[:username], - pwd: @resource[:password], - roles: @resource[:roles] + user: @resource[:username], + pwd: @resource[:password], + roles: @resource[:roles] } mongo_eval("db.addUser(#{user.to_json})", @resource[:database]) @@ -84,7 +88,7 @@ def create "roles": #{@resource[:roles].to_json}, "digestPassword": false } - EOS + EOS mongo_eval("db.runCommand(#{cmd_json})", @resource[:database]) end @@ -155,7 +159,7 @@ def roles=(roles) else grant = roles - @property_hash[:roles] unless grant.empty? - mongo_eval("db.getSiblingDB('#{@resource[:database]}').grantRolesToUser('#{@resource[:username]}', #{grant. to_json})") + mongo_eval("db.getSiblingDB('#{@resource[:database]}').grantRolesToUser('#{@resource[:username]}', #{grant.to_json})") end revoke = @property_hash[:roles] - roles From a0dd29f76db22f80aaee80b23e90b715f8482c1b Mon Sep 17 00:00:00 2001 From: handersen Date: Mon, 13 Aug 2018 13:37:13 +0200 Subject: [PATCH 02/12] remove obsolete logging messages --- lib/puppet/provider/mongodb.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 39a5314f3..a6c1d194b 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -138,10 +138,8 @@ def self.db_ismaster res = mongo_cmd(db, conn_string, mongorc_file + cmd_ismaster).to_s.chomp end if res.match(/Authentication failed/) or not mongorc_file - Puppet.warning('db_ismaster authentication failed') res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end - Puppet.warning("db_ismaster res: #{res}") res.eql?('true') ? true : false end @@ -160,8 +158,6 @@ def self.mongo_eval(cmd, db = 'admin', retries = 10, host = nil) retry_sleep = 3 cmd = mongorc_file + cmd if mongorc_file - Puppet.warning("mongoeval cmd: #{cmd}") - out = nil retry_count.times do |n| begin From 6ae50515fbf55cc73f59c503260674c71e3fb955 Mon Sep 17 00:00:00 2001 From: handersen Date: Mon, 13 Aug 2018 16:19:51 +0200 Subject: [PATCH 03/12] Add logging and fix style offenses --- lib/puppet/provider/mongodb.rb | 2 +- lib/puppet/provider/mongodb_database/mongodb.rb | 7 ++++--- lib/puppet/provider/mongodb_user/mongodb.rb | 7 ++++--- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index a6c1d194b..c3c0c1e4c 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -137,7 +137,7 @@ def self.db_ismaster if mongorc_file res = mongo_cmd(db, conn_string, mongorc_file + cmd_ismaster).to_s.chomp end - if res.match(/Authentication failed/) or not mongorc_file + if res.match('Authentication failed') || ! mongorc_file res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index cc63c3ba5..82e98fcef 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -13,8 +13,9 @@ def self.instances new(name: db['name'], ensure: :present) end - rescue - {} + rescue e + Puppet.warning('Getting instances of mongodb_database failed: #{e}') + [] end end @@ -22,7 +23,7 @@ def self.instances def self.prefetch(resources) dbs = instances resources.keys.each do |name| - provider = dbs.find {|db| db.name == name} + provider = dbs.find { |db| db.name == name } resources[name].provider = provider if provider end end diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 80581c9f3..4e43e88e5 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -39,8 +39,9 @@ def self.instances password_hash: user['credentials']['MONGODB-CR'], scram_credentials: user['credentials']['SCRAM-SHA-1']) end - rescue - {} + rescue e + Puppet.warning 'Could not get instances for mongodb_database: #{e}' + [] end end else @@ -53,7 +54,7 @@ def self.instances def self.prefetch(resources) users = instances resources.each do |name, resource| - provider = users.find {|user| user.username == (resource[:username]) && user.database == (resource[:database])} + provider = users.find { |user| user.username == (resource[:username]) && user.database == (resource[:database]) } resources[name].provider = provider if provider end end From 3fcdfde5d4ae2d0679f0681cd9fa7217095508aa Mon Sep 17 00:00:00 2001 From: handersen Date: Mon, 13 Aug 2018 16:33:35 +0200 Subject: [PATCH 04/12] fix style offenses --- lib/puppet/provider/mongodb.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index c3c0c1e4c..25392282a 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -137,7 +137,7 @@ def self.db_ismaster if mongorc_file res = mongo_cmd(db, conn_string, mongorc_file + cmd_ismaster).to_s.chomp end - if res.match('Authentication failed') || ! mongorc_file + if res.match('Authentication failed') || !mongorc_file res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false From c3d7b154cf39cf7b74144c530b8208a4546cd4ae Mon Sep 17 00:00:00 2001 From: handersen Date: Tue, 14 Aug 2018 12:01:49 +0200 Subject: [PATCH 05/12] avoid nil exception for res --- lib/puppet/provider/mongodb.rb | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 25392282a..e611578c6 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -135,9 +135,13 @@ def self.db_ismaster db = 'admin' if mongorc_file - res = mongo_cmd(db, conn_string, mongorc_file + cmd_ismaster).to_s.chomp + full_command=mongorc_file + cmd_ismaster + else + full_command=cmd_ismaster + end - if res.match('Authentication failed') || !mongorc_file + res = mongo_cmd(db, conn_string, full_command).to_s.chomp + if res.match('Authentication failed') res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false From 4e897bca19fd0bacf9775c7dffb5357ec0c62f7b Mon Sep 17 00:00:00 2001 From: handersen Date: Tue, 14 Aug 2018 15:09:54 +0200 Subject: [PATCH 06/12] fix style issues --- lib/puppet/provider/mongodb.rb | 13 ++++++------- lib/puppet/provider/mongodb_user/mongodb.rb | 8 ++++---- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index e611578c6..5124a73e5 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -134,14 +134,13 @@ def self.db_ismaster cmd_ismaster = 'db.isMaster().ismaster' db = 'admin' - if mongorc_file - full_command=mongorc_file + cmd_ismaster - else - full_command=cmd_ismaster - - end + full_command = if mongorc_file + mongorc_file + cmd_ismaster + else + cmd_ismaster + end res = mongo_cmd(db, conn_string, full_command).to_s.chomp - if res.match('Authentication failed') + if res =~ 'Authentication failed' res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 4e43e88e5..e2642d1a8 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -40,7 +40,7 @@ def self.instances scram_credentials: user['credentials']['SCRAM-SHA-1']) end rescue e - Puppet.warning 'Could not get instances for mongodb_database: #{e}' + Puppet.warning 'Could not get instances for mongodb_database: #{e}' [] end end @@ -68,9 +68,9 @@ def create raise Puppet::Error, "password_hash can't be set on MongoDB older than 3.0; use password instead" end user = { - user: @resource[:username], - pwd: @resource[:password], - roles: @resource[:roles] + user: @resource[:username], + pwd: @resource[:password], + roles: @resource[:roles] } mongo_eval("db.addUser(#{user.to_json})", @resource[:database]) From e4d9b685a93e890654584e0ac9a8b84a7aca192b Mon Sep 17 00:00:00 2001 From: handersen Date: Tue, 14 Aug 2018 17:17:34 +0200 Subject: [PATCH 07/12] rescue StandardError and write variable to print an error message --- lib/puppet/provider/mongodb_database/mongodb.rb | 2 +- lib/puppet/provider/mongodb_user/mongodb.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index 82e98fcef..c1e2f89f6 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -13,7 +13,7 @@ def self.instances new(name: db['name'], ensure: :present) end - rescue e + rescue StandardError => e Puppet.warning('Getting instances of mongodb_database failed: #{e}') [] end diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index e2642d1a8..59708a410 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -39,7 +39,7 @@ def self.instances password_hash: user['credentials']['MONGODB-CR'], scram_credentials: user['credentials']['SCRAM-SHA-1']) end - rescue e + rescue StandardError => e Puppet.warning 'Could not get instances for mongodb_database: #{e}' [] end From d8af457c8d96afe75c3602d796257e8ad8ea14a0 Mon Sep 17 00:00:00 2001 From: handersen Date: Tue, 14 Aug 2018 18:08:38 +0200 Subject: [PATCH 08/12] fix if query + logging --- lib/puppet/provider/mongodb.rb | 2 +- lib/puppet/provider/mongodb_database/mongodb.rb | 4 ++-- lib/puppet/provider/mongodb_user/mongodb.rb | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 5124a73e5..75950b62d 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -140,7 +140,7 @@ def self.db_ismaster cmd_ismaster end res = mongo_cmd(db, conn_string, full_command).to_s.chomp - if res =~ 'Authentication failed' + if res =~ %r{Authentication failed} res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index c1e2f89f6..64d6fb463 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -13,8 +13,8 @@ def self.instances new(name: db['name'], ensure: :present) end - rescue StandardError => e - Puppet.warning('Getting instances of mongodb_database failed: #{e}') + rescue => e + Puppet.warning("Getting instances of mongodb_database failed: #{e}") [] end end diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb index 59708a410..5e9c5747a 100644 --- a/lib/puppet/provider/mongodb_user/mongodb.rb +++ b/lib/puppet/provider/mongodb_user/mongodb.rb @@ -39,8 +39,8 @@ def self.instances password_hash: user['credentials']['MONGODB-CR'], scram_credentials: user['credentials']['SCRAM-SHA-1']) end - rescue StandardError => e - Puppet.warning 'Could not get instances for mongodb_database: #{e}' + rescue => e + Puppet.warning "Could not get instances for mongodb_database: #{e}" [] end end From 6924c358484a2a49b0fdb39d38dccd4613accf74 Mon Sep 17 00:00:00 2001 From: handersen Date: Mon, 27 Aug 2018 10:01:49 +0200 Subject: [PATCH 09/12] do not retry command without mongorc_file --- lib/puppet/provider/mongodb.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 75950b62d..2e283f533 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -140,7 +140,9 @@ def self.db_ismaster cmd_ismaster end res = mongo_cmd(db, conn_string, full_command).to_s.chomp - if res =~ %r{Authentication failed} + + # Retry command without authentication when mongorc_file is set and authentication failed + if mongorc_file && res =~ %r{Authentication failed} res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false From 38a83c413dcb9029155646101fd27b0676bbe6cb Mon Sep 17 00:00:00 2001 From: handersen Date: Mon, 27 Aug 2018 15:26:48 +0200 Subject: [PATCH 10/12] removed double white spaces --- lib/puppet/provider/mongodb.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb index 2e283f533..5f5c7cebb 100644 --- a/lib/puppet/provider/mongodb.rb +++ b/lib/puppet/provider/mongodb.rb @@ -142,7 +142,7 @@ def self.db_ismaster res = mongo_cmd(db, conn_string, full_command).to_s.chomp # Retry command without authentication when mongorc_file is set and authentication failed - if mongorc_file && res =~ %r{Authentication failed} + if mongorc_file && res =~ %r{Authentication failed} res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp end res.eql?('true') ? true : false From 3d08ff2db0594aa1e37460a59df547815ec0787b Mon Sep 17 00:00:00 2001 From: handersen Date: Fri, 14 Sep 2018 12:20:44 +0200 Subject: [PATCH 11/12] remove obsolete indent --- .../provider/mongodb_database/mongodb.rb | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index 64d6fb463..ec2edeac3 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -6,24 +6,22 @@ def self.instances require 'json' - begin - dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())') + dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())') - dbs['databases'].map do |db| - new(name: db['name'], - ensure: :present) - end - rescue => e - Puppet.warning("Getting instances of mongodb_database failed: #{e}") - [] + dbs['databases'].map do |db| + new(name: db['name'], + ensure: :present) end + rescue => e + Puppet.warning("Getting instances of mongodb_database failed: #{e}") + [] end # Assign prefetched dbs based on name. def self.prefetch(resources) dbs = instances resources.keys.each do |name| - provider = dbs.find { |db| db.name == name } + provider = dbs.find {|db| db.name == name} resources[name].provider = provider if provider end end From f752b12dde47777158d74e277eeb27d878a15dbd Mon Sep 17 00:00:00 2001 From: handersen Date: Fri, 14 Sep 2018 12:26:08 +0200 Subject: [PATCH 12/12] fix rubocop issue --- lib/puppet/provider/mongodb_database/mongodb.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb index ec2edeac3..238f6158d 100644 --- a/lib/puppet/provider/mongodb_database/mongodb.rb +++ b/lib/puppet/provider/mongodb_database/mongodb.rb @@ -21,7 +21,7 @@ def self.instances def self.prefetch(resources) dbs = instances resources.keys.each do |name| - provider = dbs.find {|db| db.name == name} + provider = dbs.find { |db| db.name == name } resources[name].provider = provider if provider end end