Merge pull request #403 from Phil-Friderici/package_ensure

Add $package_ensure to package resources and option to manage packages
ghoneycutt · Nov 15, 2023 · 50743db · 50743db
2 parents 5b63487 + 9bde4f5
commit 50743db
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 15 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -47,9 +47,15 @@
 # @param manage_sshkey
 #   Boolean to choose if SSH keys should be managed. Also see $purge_keys.
 #
+# @param manage_packages
+#   Boolean to choose if SSH client packages should be managed.
+#
 # @param packages
 #   Installation package(s) for the SSH client.
 #
+# @param packages_ensure
+#   Ensure parameter to SSH client package(s).
+#
 # @param packages_adminfile
 #   Path to adminfile for SSH client package(s) installation. Needed for Solaris.
 #
@@ -481,7 +487,9 @@
   Boolean $manage_root_ssh_config = false,
   Boolean $manage_server = true,
   Boolean $manage_sshkey = true,
+  Boolean $manage_packages = true,
   Array[String[1]] $packages = [],
+  Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $packages_ensure = 'installed',
   Optional[Stdlib::Absolutepath] $packages_adminfile = undef,
   Optional[Stdlib::Absolutepath] $packages_source = undef,
   Boolean $purge_keys = true,
@@ -592,12 +600,16 @@
   # the ssh_config file.
   Optional[Array[String[1]]] $custom = undef
 ) {
-
-  package { $packages:
-    ensure    => installed,
-    source    => $packages_source,
-    adminfile => $packages_adminfile,
-    before    => 'File[ssh_config]',
+  if $manage_packages {
+    package { $packages:
+      ensure    => $packages_ensure,
+      source    => $packages_source,
+      adminfile => $packages_adminfile,
+      before    => 'File[ssh_config]',
+    }
+    $packages_require = Package[$packages]
+  } else {
+    $packages_require = undef
   }
 
   file { 'ssh_config' :
@@ -620,7 +632,7 @@
       purge   => $include_dir_purge,
       recurse => $include_dir_purge,
       force   => $include_dir_purge,
-      require => Package[$packages],
+      require => $packages_require,
     }
   } else {
     $include_dir = undef

diff --git a/manifests/server.pp b/manifests/server.pp
@@ -33,10 +33,16 @@
 # @param manage_service
 #   Boolean to choose if the SSH daemon should be managed.
 #
+# @param manage_packages
+#   Boolean to choose if SSH client packages should be managed.
+#
 # @param packages
 #   Installation package(s) for the SSH server. Leave empty if the client package(s) also
 #   include the server binaries (eg: Suse SLES and SLED).
 #
+# @param packages_ensure
+#   Ensure parameter to SSH server package(s).
+#
 # @param packages_adminfile
 #   Path to adminfile for SSH server package(s) installation. Needed for Solaris.
 #
@@ -462,7 +468,9 @@
 #   Uses one array item per line to be added.
 #
 class ssh::server (
+  Boolean $manage_packages = true,
   Array[String[1]] $packages = [],
+  Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $packages_ensure = 'installed',
   Optional[Stdlib::Absolutepath] $packages_adminfile = undef,
   Optional[Stdlib::Absolutepath] $packages_source = undef,
   Stdlib::Absolutepath $config_path = '/etc/ssh/sshd_config',
@@ -585,12 +593,16 @@
   # the sshd_config file.
   Optional[Array[String[1]]] $custom = undef,
 ) {
-
-  package { $packages:
-    ensure    => installed,
-    source    => $packages_source,
-    adminfile => $packages_adminfile,
-    before    => 'File[sshd_config]',
+  if $manage_packages {
+    package { $packages:
+      ensure    => $packages_ensure,
+      source    => $packages_source,
+      adminfile => $packages_adminfile,
+      before    => 'File[sshd_config]',
+    }
+    $packages_require = Package[$packages]
+  } else {
+    $packages_require = undef
   }
 
   file { 'sshd_config' :
@@ -613,7 +625,7 @@
       purge   => $include_dir_purge,
       recurse => $include_dir_purge,
       force   => $include_dir_purge,
-      require => Package[$packages],
+      require => $packages_require,
       notify  => Service['sshd_service'],
     }
   } else {

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -358,7 +358,27 @@
     context "on #{os} with manage_sshkey set to valid false" do
       let(:params) { { manage_sshkey: false } }
 
-      it { is_expected.not_to contain_resources('sshkey') }
+      it { is_expected.not_to contain_package('sshkey') }
+    end
+
+    context "on #{os} with manage_packages set to valid false" do
+      let(:params) { { manage_packages: false } }
+
+      it { is_expected.not_to contain_package('openssh-clients') }
+    end
+
+    context "on #{os} with manage_packages set to valid false when include dir is set" do
+      let(:params) { { manage_packages: false, include: '/test/ing' } }
+
+      it { is_expected.not_to contain_package('openssh-clients') }
+      it { is_expected.to contain_file('ssh_config_include_dir').with_require(nil) }
+    end
+
+    context "on #{os} with manage_packages set to valid true when include dir is set" do
+      let(:params) { { manage_packages: true, include: '/test/ing' } }
+
+      it { is_expected.to contain_package('openssh-clients') }
+      it { is_expected.to contain_file('ssh_config_include_dir').with_require(['Package[openssh-clients]']) }
     end
 
     context "on #{os} with packages set to valid array [array, of, strings]" do
@@ -370,6 +390,12 @@
       it { is_expected.to contain_package('strings') }
     end
 
+    context "on #{os} with packages_ensure set to valid latest" do
+      let(:params) { { packages_ensure: 'latest' } }
+
+      it { is_expected.to contain_package('openssh-clients').with_ensure('latest') }
+    end
+
     context "on #{os} with packages_adminfile set to valid /unit/test" do
       let(:params) { { packages_adminfile: '/unit/test' } }
 

diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb
@@ -151,6 +151,26 @@
   on_supported_os(redhat).sort.each do |os, os_facts|
     let(:facts) { os_facts }
 
+    context "on #{os} with manage_packages set to valid false" do
+      let(:params) { { manage_packages: false } }
+
+      it { is_expected.not_to contain_package('openssh-server') }
+    end
+
+    context "on #{os} with manage_packages set to valid false when include dir is set" do
+      let(:params) { { manage_packages: false, include: '/test/ing' } }
+
+      it { is_expected.not_to contain_package('openssh-server') }
+      it { is_expected.to contain_file('sshd_config_include_dir').with_require(nil) }
+    end
+
+    context "on #{os} with manage_packages set to valid true when include dir is set" do
+      let(:params) { { manage_packages: true, include: '/test/ing' } }
+
+      it { is_expected.to contain_package('openssh-server') }
+      it { is_expected.to contain_file('sshd_config_include_dir').with_require(['Package[openssh-server]']) }
+    end
+
     context "on #{os} with packages set to valid array [array, of, strings]" do
       let(:params) { { packages: ['array', 'of', 'strings'] } }
 
@@ -160,6 +180,12 @@
       it { is_expected.to contain_package('strings') }
     end
 
+    context "on #{os} with packages_ensure set to valid latest" do
+      let(:params) { { packages_ensure: 'latest' } }
+
+      it { is_expected.to contain_package('openssh-server').with_ensure('latest') }
+    end
+
     context "on #{os} with packages_adminfile set to valid /unit/test" do
       let(:params) { { packages_adminfile: '/unit/test' } }