X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;ds=sidebyside;f=spec%2Fspec_helper.rb;h=5d60a6500c40fefbe989f979d602fd8f7585e0d2;hb=7a664a0e4fa8bd3f16d7fce7844b67d0e43f51de;hp=038d909caa167a2fd272d833783ba083c235fc37;hpb=c5fecf6b2ce34829a950ef864d806868f690e0e6;p=integration%2Fpackaging%2Fpuppet-opendaylight.git diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 038d909..5d60a65 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,36 +1,21 @@ require 'puppetlabs_spec_helper/module_spec_helper' +require 'rspec-puppet-facts' +include RspecPuppetFacts # Customize filters to ignore 3rd-party code +# If the rspec coverage report shows not-our-code results, add it here custom_filters = [ - 'Anchor[java::end]', - 'Stage[setup]', - 'Anchor[java::begin:]', - 'Archive::Download[opendaylight.tar.gz]', - 'Archive::Download[opendaylight-systemd.tar.gz]', - 'Archive::Extract[opendaylight]', - 'Archive::Extract[opendaylight-systemd]', - 'Class[Java::Config]', - 'Class[Java::Params]', - 'Class[Stdlib::Stages]', - 'Class[Stdlib]', - 'Exec[download archive opendaylight.tar.gz and check sum]', - 'Exec[download archive opendaylight-systemd.tar.gz and check sum]', - 'Exec[opendaylight unpack]', - 'Exec[opendaylight-systemd unpack]', - 'Exec[rm-on-error-opendaylight.tar.gz]', - 'Exec[rm-on-error-opendaylight-systemd.tar.gz]', - 'Package[curl]', - 'Stage[deploy]', - 'Stage[deploy_app]', - 'Stage[deploy_infra]', - 'Stage[runtime]', - 'Stage[setup_app]', - 'Stage[setup_infra]', ] RSpec::Puppet::Coverage.filters.push(*custom_filters) +# +# NB: This is a library of helper fns used by the rspec-puppet tests +# + # Tests that are common to all possible configurations -def generic_tests() +def generic_tests(options = {}) + java_opts = options.fetch(:java_opts, '-Djava.net.preferIPv4Stack=true') + # Confirm that module compiles it { should compile } it { should compile.with_all_deps } @@ -40,15 +25,18 @@ def generic_tests() it { should contain_class('opendaylight::params') } it { should contain_class('opendaylight::install') } it { should contain_class('opendaylight::config') } + it { should contain_class('opendaylight::post_config') } it { should contain_class('opendaylight::service') } # Confirm relationships between classes - it { should contain_class('opendaylight::install').that_comes_before('opendaylight::config') } - it { should contain_class('opendaylight::config').that_requires('opendaylight::install') } - it { should contain_class('opendaylight::config').that_notifies('opendaylight::service') } - it { should contain_class('opendaylight::service').that_subscribes_to('opendaylight::config') } - it { should contain_class('opendaylight::service').that_comes_before('opendaylight') } - it { should contain_class('opendaylight').that_requires('opendaylight::service') } + it { should contain_class('opendaylight::install').that_comes_before('Class[opendaylight::config]') } + it { should contain_class('opendaylight::config').that_requires('Class[opendaylight::install]') } + it { should contain_class('opendaylight::config').that_notifies('Class[opendaylight::service]') } + it { should contain_class('opendaylight::service').that_subscribes_to('Class[opendaylight::config]') } + it { should contain_class('opendaylight::service').that_comes_before('Class[opendaylight]') } + it { should contain_class('opendaylight::post_config').that_requires('Class[opendaylight::service]') } + it { should contain_class('opendaylight::post_config').that_comes_before('Class[opendaylight]') } + it { should contain_class('opendaylight').that_requires('Class[opendaylight::service]') } # Confirm presence of generic resources it { should contain_service('opendaylight') } @@ -69,158 +57,237 @@ def generic_tests() should contain_file('org.apache.karaf.features.cfg').with( 'ensure' => 'file', 'path' => '/opt/opendaylight/etc/org.apache.karaf.features.cfg', + 'owner' => 'odl', + 'group' => 'odl', ) } + + it { + should contain_file_line('Karaf Java Options').with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/bin/karaf', + 'line' => "JAVA_OPTS=#{java_opts}", + 'match' => '^JAVA_OPTS=.*$', + 'after' => '^PROGNAME=.*$' + ) + } + end -# Shared tests that specialize in testing Karaf feature installs -def karaf_feature_tests(features) - # Confirm properties of other resources - # NB: These hashes don't work with Ruby 1.8.7, but we - # don't support 1.8.7 so that's okay. See issue #36. +# Shared tests that specialize in testing log file size and rollover +def log_settings(options = {}) + # Extraxt params. The dafault value should be same as in opendaylight::params + log_max_size = options.fetch(:log_max_size, '10GB') + log_max_rollover = options.fetch(:log_max_rollover, 2) + log_mechanism = options.fetch(:log_mechanism, 'file') + + if log_mechanism == 'console' + it { + should contain_file_line('consoleappender').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => 'karaf.log.console=INFO', + 'after' => 'log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter', + 'match' => '^karaf.log.console.*$' + ) + } + else it { - should contain_file('org.apache.karaf.features.cfg').with( - 'ensure' => 'file', - 'path' => '/opt/opendaylight/etc/org.apache.karaf.features.cfg', - 'content' => /^featuresBoot=#{features.join(",")}/ + should contain_file_line('logmaxsize').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => "log4j2.appender.rolling.policies.size.size = #{log_max_size}", + 'match' => '^log4j2.appender.rolling.policies.size.size.*$', + ) + } + it { + should contain_file_line('rolloverstrategy').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => 'log4j2.appender.rolling.strategy.type = DefaultRolloverStrategy' + ) + } + it { + should contain_file_line('logmaxrollover').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => "log4j2.appender.rolling.strategy.max = #{log_max_rollover}", + 'match' => '^log4j2.appender.rolling.strategy.max.*$', ) } + end end -def tarball_install_tests(options = {}) +# Shared tests that specialize in testing Karaf feature installs +def karaf_feature_tests(options = {}) # Extract params - tarball_url = options.fetch(:tarball_url, 'https://nexus.opendaylight.org/content/groups/public/org/opendaylight/integration/distribution-karaf/0.2.2-Helium-SR2/distribution-karaf-0.2.2-Helium-SR2.tar.gz') - unitfile_url = options.fetch(:unitfile_url, 'https://github.com/dfarrell07/opendaylight-systemd/archive/master/opendaylight-unitfile.tar.gz') - osfamily = options.fetch(:osfamily, 'RedHat') - - # Confirm presence of tarball-related resources - it { should contain_archive('opendaylight') } - it { should contain_class('java') } - it { should contain_file('/opt/opendaylight/') } - it { should contain_user('odl') } - it { should contain_group('odl') } - - # Confirm relationships between tarball-related resources - it { should contain_archive('opendaylight').that_comes_before('File[/opt/opendaylight/]') } - it { should contain_archive('opendaylight').that_comes_before('User[odl]') } - it { should contain_file('/opt/opendaylight/').that_requires('Archive[opendaylight]') } - it { should contain_file('/opt/opendaylight/').that_requires('Group[odl]') } - it { should contain_file('/opt/opendaylight/').that_requires('User[odl]') } - it { should contain_user('odl').that_comes_before('File[/opt/opendaylight/]') } - it { should contain_user('odl').that_requires('Archive[opendaylight]') } - it { should contain_user('odl').that_requires('Group[odl]') } - it { should contain_group('odl').that_comes_before('File[/opt/opendaylight/]') } - it { should contain_group('odl').that_comes_before('User[odl]') } - - # Confirm properties of tarball-related resources + # NB: This default list should be the same as the one in opendaylight::params + # TODO: Remove this possible source of bugs^^ + default_features = options.fetch(:default_features, ['standard', 'wrap', 'ssh']) + extra_features = options.fetch(:extra_features, []) + + # The order of this list concat matters + features = default_features + extra_features + features_csv = features.join(',') + + # Confirm properties of Karaf features config file # NB: These hashes don't work with Ruby 1.8.7, but we # don't support 1.8.7 so that's okay. See issue #36. it { - should contain_archive('opendaylight').with( - 'ensure' => 'present', - 'url' => tarball_url, - 'target' => '/opt/opendaylight/', - 'checksum' => false, - 'strip_components' => 1, - 'timeout' => 600, - ) - } - it { - should contain_file('/opt/opendaylight/').with( - 'ensure' => 'directory', - 'recurse' => true, + should contain_file('org.apache.karaf.features.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.apache.karaf.features.cfg', 'owner' => 'odl', 'group' => 'odl', ) } it { - should contain_user('odl').with( - 'name' => 'odl', - 'ensure' => 'present', - 'home' => '/opt/opendaylight/', - 'membership' => 'minimum', - 'groups' => 'odl', + should contain_file_line('featuresBoot').with( + 'path' => '/opt/opendaylight/etc/org.apache.karaf.features.cfg', + 'line' => "featuresBoot=#{features_csv}", + 'match' => '^featuresBoot=.*$', ) } +end + +# Shared tests that specialize in testing ODL's REST port config +def odl_rest_port_tests(options = {}) + # Extract params + # NB: This default value should be the same as one in opendaylight::params + # TODO: Remove this possible source of bugs^^ + odl_rest_port = options.fetch(:odl_rest_port, 8181) + odl_bind_ip = options.fetch(:odl_bind_ip, '0.0.0.0') + # Confirm properties of ODL REST port config file + # NB: These hashes don't work with Ruby 1.8.7, but we + # don't support 1.8.7 so that's okay. See issue #36. it { - should contain_group('odl').with( - 'name' => 'odl', - 'ensure' => 'present', - ) + should contain_augeas('ODL REST Port') } - # OS-specific validations - case osfamily - when 'RedHat' - # Validations specific to Red Hat family OSs (RHEL/CentOS/Fedora) - it { should contain_archive('opendaylight-systemd') } - it { should contain_file('/usr/lib/systemd/system/opendaylight.service') } - it { should contain_archive('opendaylight-systemd').that_comes_before('File[/usr/lib/systemd/system/opendaylight.service]') } - it { should contain_file('/usr/lib/systemd/system/opendaylight.service').that_requires('Archive[opendaylight-systemd]') } - - # NB: These hashes don't work with Ruby 1.8.7, but we - # don't support 1.8.7 so that's okay. See issue #36. + if not odl_bind_ip.eql? '0.0.0.0' it { - should contain_package('java').with( - 'name' => 'java-1.7.0-openjdk', + should contain_augeas('ODL REST IP') + should contain_file_line('set pax bind IP').with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => "org.ops4j.pax.web.listening.addresses = #{odl_bind_ip}", + 'require' => 'File[org.ops4j.pax.web.cfg]' ) } + else it { - should contain_archive('opendaylight-systemd').with( - 'ensure' => 'present', - 'url' => unitfile_url, - 'target' => '/usr/lib/systemd/system/', - 'root_dir' => 'opendaylight.service', - 'checksum' => false, - 'strip_components' => 1, - 'follow_redirects' => true, - ) + should_not contain_augeas('ODL REST IP') } + end + + it { + should contain_file_line('set pax bind port').with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => "org.osgi.service.http.port = #{odl_rest_port}", + 'require' => 'File[org.ops4j.pax.web.cfg]' + ) + } +end + +def log_level_tests(options = {}) + # Extract params + # NB: This default value should be the same as one in opendaylight::params + # TODO: Remove this possible source of bugs^^ + log_levels = options.fetch(:log_levels, {}) + + if log_levels.empty? + # Should contain log level config file it { - should contain_file('/usr/lib/systemd/system/opendaylight.service').with( - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', - ) + should_not contain_file_line('logger-org.opendaylight.ovsdb-level') } - when 'Debian' - # Validations specific to Debain family OSs (Ubuntu) it { - should contain_package('java').with( - 'name' => 'java7-jdk', - ) + should_not contain_file_line('logger-org.opendaylight.ovsdb-name') } + else + # Verify each custom log level config entry + log_levels.each_pair do |logger, level| + underscored_version = "#{logger}".gsub('.', '_') + it { + should contain_file_line("logger-#{logger}-level").with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => "log4j2.logger.#{underscored_version}.level = #{level}", + 'match' => "log4j2.logger.#{underscored_version}.level = .*$" + ) + should contain_file_line("logger-#{logger}-name").with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.logging.cfg', + 'line' => "log4j2.logger.#{underscored_version}.name = #{logger}", + 'match' => "log4j2.logger.#{underscored_version}.name = .*$" + ) + } + end + end +end + +def enable_ha_tests(options = {}) + # Extract params + enable_ha = options.fetch(:enable_ha, false) + odl_bind_ip = options.fetch(:odl_bind_ip, '0.0.0.0') + ha_node_ips = options.fetch(:ha_node_ips, []) + ha_db_modules = options.fetch(:ha_db_modules, { 'default' => false }) + # HA_NODE_IPS size + ha_node_count = ha_node_ips.size + + if (enable_ha) && (ha_node_count < 2) + # Check for HA_NODE_COUNT < 2 + fail("Number of HA nodes less than 2: #{ha_node_count} and HA Enabled") + end + + if enable_ha + ha_node_index = ha_node_ips.index(odl_bind_ip) it { - should contain_file('/etc/init/opendaylight.conf').with( + should contain_file('akka.conf').with( + 'path' => '/opt/opendaylight/configuration/initial/akka.conf', 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /roles\s*=\s*\["member-#{ha_node_index}"\]/ ) } - expected_msg = 'Debian has limited support, is less stable, less tested.' + + ha_db_modules.each do |mod, urn| + it { should contain_file('module-shards.conf').with( + 'path' => '/opt/opendaylight/configuration/initial/module-shards.conf', + 'ensure' => 'file', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /name = "#{mod}"/ + )} + if mod == 'default' + it { should contain_file('modules.conf').with( + 'path' => '/opt/opendaylight/configuration/initial/modules.conf', + 'ensure' => 'file', + 'owner' => 'odl', + 'group' => 'odl' + )} + else + it { should contain_file('modules.conf').with( + 'path' => '/opt/opendaylight/configuration/initial/modules.conf', + 'ensure' => 'file', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /name = "#{mod}"/, + )} + end + end + else it { - expect { - # This could be any check, most (all?) will raise warning - should contain_file('/etc/init/opendaylight.conf').to( - raise_warning(Puppet::Warning, /#{expected_msg}/) - ) + should_not contain_file('akka.conf') + should_not contain_file('module-shards.conf') + should_not contain_file('modules.conf') } - } - else - fail("Unexpected osfamily #{osfamily}") end - - # Verify that there are no unexpected resources from RPM-type installs - it { should_not contain_yumrepo('opendaylight') } - it { should_not contain_package('opendaylight') } end def rpm_install_tests(options = {}) # Extract params + rpm_repo = options.fetch(:rpm_repo, 'https://nexus.opendaylight.org/content/repositories/opendaylight-oxygen-epel-7-$basearch-devel') + + # Default to CentOS 7 Yum repo URL - yum_repo = options.fetch(:yum_repo, 'https://copr-be.cloud.fedoraproject.org/results/dfarrell07/OpenDaylight/epel-7-$basearch/') # Confirm presence of RPM-related resources it { should contain_yumrepo('opendaylight') } @@ -237,10 +304,30 @@ def rpm_install_tests(options = {}) should contain_yumrepo('opendaylight').with( 'enabled' => '1', 'gpgcheck' => '0', - 'descr' => 'OpenDaylight SDN controller', - 'baseurl' => yum_repo, + 'descr' => 'OpenDaylight SDN Controller', + 'baseurl' => "#{rpm_repo}", + ) + } + it { + should contain_package('opendaylight').with( + 'ensure' => 'present', ) } +end + +def deb_install_tests(options = {}) + # Extract params + deb_repo = options.fetch(:deb_repo, 'ppa:odl-team/nitrogen') + + # Confirm the presence of Deb-related resources + it { should contain_apt__ppa(deb_repo) } + it { should contain_package('opendaylight') } + + # Confirm relationships between Deb-related resources + it { should contain_package('opendaylight').that_requires("Apt::Ppa[#{deb_repo}]") } + it { should contain_apt__ppa(deb_repo).that_comes_before('Package[opendaylight]') } + + # Confirm presence of Deb-related resources it { should contain_package('opendaylight').with( 'ensure' => 'present', @@ -252,6 +339,7 @@ end def unsupported_os_tests(options = {}) # Extract params expected_msg = options.fetch(:expected_msg) + rpm_repo = options.fetch(:rpm_repo, 'https://nexus.opendaylight.org/content/repositories/opendaylight-oxygen-epel-7-$basearch-devel') # Confirm that classes fail on unsupported OSs it { expect { should contain_class('opendaylight') }.to raise_error(Puppet::Error, /#{expected_msg}/) } @@ -265,3 +353,213 @@ def unsupported_os_tests(options = {}) it { expect { should contain_service('opendaylight') }.to raise_error(Puppet::Error, /#{expected_msg}/) } it { expect { should contain_file('org.apache.karaf.features.cfg') }.to raise_error(Puppet::Error, /#{expected_msg}/) } end + +# Shared tests that specialize in testing SNAT mechanism +def snat_mechanism_tests(snat_mechanism='controller') + it { should contain_file('/opt/opendaylight/etc/opendaylight') } + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore')} + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore/initial')} + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore/initial/config')} + + # Confirm snat_mechanism + it { + should contain_file('netvirt-natservice-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /#{snat_mechanism}<\/nat-mode>/ + ) + } +end + +# Shared tests that specialize in testing SFC Config +def sfc_tests() + it { should contain_file('/opt/opendaylight/etc/opendaylight') } + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore')} + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore/initial')} + it { should contain_file('/opt/opendaylight/etc/opendaylight/datastore/initial/config')} + + it { + should contain_file('netvirt-elanmanager-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-elanmanager-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + 'source' => 'puppet:///modules/opendaylight/netvirt-elanmanager-config.xml' + ) + should contain_file('genius-itm-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/genius-itm-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + 'source' => 'puppet:///modules/opendaylight/genius-itm-config.xml' + ) + } +end + +# Shared tests that specialize in testing VPP routing node config +def vpp_routing_node_tests(options = {}) + # Extract params + # NB: This default list should be the same as the one in opendaylight::params + # TODO: Remove this possible source of bugs^^ + routing_node = options.fetch(:routing_node, '') + + if routing_node.empty? + it { should_not contain_file('org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg') } + it { should_not contain_file_line('routing-node') } + else + # Confirm properties of Karaf config file + # NB: These hashes don't work with Ruby 1.8.7, but we + # don't support 1.8.7 so that's okay. See issue #36. + it { + should contain_file('org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg', + 'owner' => 'odl', + 'group' => 'odl', + ) + } + it { + should contain_file_line('routing-node').with( + 'path' => '/opt/opendaylight/etc/org.opendaylight.groupbasedpolicy.neutron.vpp.mapper.startup.cfg', + 'line' => "routing-node=#{routing_node}", + 'match' => '^routing-node=.*$', + ) + } + end +end + +# ODL username/password tests +def username_password_tests(username, password) + + it { + should contain_odl_user(username).with( + :password => password + ) + } +end + +# ODL websocket address tests +def odl_websocket_address_tests(options = {}) + # Extract params + # NB: This default value should be the same as one in opendaylight::params + # TODO: Remove this possible source of bugs^^ + odl_bind_ip = options.fetch(:odl_bind_ip, '0.0.0.0') + # Confirm properties of ODL REST port config file + # NB: These hashes don't work with Ruby 1.8.7, but we + # don't support 1.8.7 so that's okay. See issue #36. + + if not odl_bind_ip.eql? '0.0.0.0' + it { + should contain_file('/opt/opendaylight/etc/org.opendaylight.restconf.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg', + 'owner' => 'odl', + 'group' => 'odl', + ) + } + it { + should contain_file_line('websocket-address').with( + 'path' => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg', + 'line' => "websocket-address=#{odl_bind_ip}", + 'match' => '^websocket-address=.*$', + ) + } + else + it { + should_not contain_file_line('websocket-address') + } + end +end + +def odl_tls_tests(options = {}) + enable_tls = options.fetch(:enable_tls, false) + tls_keystore_password = options.fetch(:tls_keystore_password, nil) + tls_trusted_certs = options.fetch(:tls_trusted_certs, []) + tls_keystore_password = options.fetch(:tls_keystore_password, nil) + tls_key_file = options.fetch(:tls_key_file, nil) + tls_cert_file = options.fetch(:tls_cert_file, nil) + tls_ca_cert_file = options.fetch(:tls_ca_cert_file, nil) + odl_rest_port = options.fetch(:odl_rest_port, 8181) + + if enable_tls + if tls_keystore_password.nil? + it { expect { should contain_class('opendaylight::config') }.to raise_error(Puppet::PreformattedError) } + return + end + + if tls_key_file or tls_cert_file + if tls_key_file and tls_cert_file + it { + should contain_odl_keystore('controller') + } + else + it { expect { should contain_class('opendaylight::config') }.to raise_error(Puppet::PreformattedError) } + end + end + it { + should contain_augeas('Remove HTTP ODL REST Port') + should contain_augeas('ODL SSL REST Port') + should contain_file_line('set pax TLS port').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => "org.osgi.service.http.port.secure = #{odl_rest_port}", + 'match' => '^#?org.osgi.service.http.port.secure.*$', + ) + should contain_file_line('set pax TLS keystore location').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => 'org.ops4j.pax.web.ssl.keystore = configuration/ssl/ctl.jks', + 'match' => '^#?org.ops4j.pax.web.ssl.keystore.*$', + ) + should contain_file_line('set pax TLS keystore integrity password').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => "org.ops4j.pax.web.ssl.password = #{tls_keystore_password}", + 'match' => '^#?org.ops4j.pax.web.ssl.password.*$', + ) + should contain_file_line('set pax TLS keystore password').with( + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => "org.ops4j.pax.web.ssl.keypassword = #{tls_keystore_password}", + 'match' => '^#?org.ops4j.pax.web.ssl.keypassword.*$', + ) + should contain_file('aaa-cert-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/aaa-cert-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + ) + should contain_file('org.opendaylight.ovsdb.library.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', + 'owner' => 'odl', + 'group' => 'odl', + 'source' => 'puppet:///modules/opendaylight/org.opendaylight.ovsdb.library.cfg' + ) + should contain_file('/opt/opendaylight/configuration/ssl').with( + 'ensure' => 'directory', + 'path' => '/opt/opendaylight/configuration/ssl', + 'owner' => 'odl', + 'group' => 'odl', + 'mode' => '0755' + ) + should contain_file_line('enable pax TLS').with( + 'ensure' => 'present', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'line' => 'org.osgi.service.http.secure.enabled = true', + 'match' => '^#?org.osgi.service.http.secure.enabled.*$', + ) + should contain_file('org.ops4j.pax.web.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg', + 'owner' => 'odl', + 'group' => 'odl', + ) + should contain_file('default-openflow-connection-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /TLS<\/transport-protocol>/ + ) + } + end +end