Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

catch errors based on missing authentication to allow creation of admin user on replicaset setup #479

Closed
wants to merge 12 commits into from
Closed

catch errors based on missing authentication to allow creation of admin user on replicaset setup #479

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
3355a7d
catch errors based on missing authentication to allow creation of adm…
Aug 8, 2018
a0dd29f
remove obsolete logging messages
Aug 13, 2018
6ae5051
Add logging and fix style offenses
Aug 13, 2018
3fcdfde
fix style offenses
Aug 13, 2018
c3d7b15
avoid nil exception for res
Aug 14, 2018
4e897bc
fix style issues
Aug 14, 2018
e4d9b68
rescue StandardError and write variable to print an error message
Aug 14, 2018
d8af457
fix if query + logging
Aug 14, 2018
6924c35
do not retry command without mongorc_file
Aug 27, 2018
38a83c4
removed double white spaces
Aug 27, 2018
3d08ff2
remove obsolete indent
Sep 14, 2018
f752b12
fix rubocop issue
Sep 14, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions lib/puppet/provider/mongodb.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,9 +132,17 @@ def self.conn_string

def self.db_ismaster
cmd_ismaster = 'db.isMaster().ismaster'
cmd_ismaster = mongorc_file + cmd_ismaster if mongorc_file
db = 'admin'
res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp

full_command = if mongorc_file
mongorc_file + cmd_ismaster
else
cmd_ismaster
end
res = mongo_cmd(db, conn_string, full_command).to_s.chomp
if res =~ %r{Authentication failed}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You retry the same command twice if there's an authentication failure (previous iteration didn't have this). You probably want to change this to if !mongorc_file && res =~ %r{Authentication failed} to get the same result.

res = mongo_cmd(db, conn_string, cmd_ismaster).to_s.chomp
end
res.eql?('true') ? true : false
end

Expand Down
13 changes: 9 additions & 4 deletions lib/puppet/provider/mongodb_database/mongodb.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,16 @@

def self.instances
require 'json'
dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())')
begin
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need for this indenting. You can write

def self.instances
  # code
rescue
  # code
end

dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())')

dbs['databases'].map do |db|
new(name: db['name'],
ensure: :present)
dbs['databases'].map do |db|
new(name: db['name'],
ensure: :present)
end
rescue => e
Puppet.warning("Getting instances of mongodb_database failed: #{e}")
[]
end
end

Expand Down
29 changes: 17 additions & 12 deletions lib/puppet/provider/mongodb_user/mongodb.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,21 @@ def self.instances
end
return allusers
else
users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())')

users.map do |user|
new(name: user['_id'],
ensure: :present,
username: user['user'],
database: user['db'],
roles: from_roles(user['roles'], user['db']),
password_hash: user['credentials']['MONGODB-CR'],
scram_credentials: user['credentials']['SCRAM-SHA-1'])
begin
users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())')

users.map do |user|
new(name: user['_id'],
ensure: :present,
username: user['user'],
database: user['db'],
roles: from_roles(user['roles'], user['db']),
password_hash: user['credentials']['MONGODB-CR'],
scram_credentials: user['credentials']['SCRAM-SHA-1'])
end
rescue => e
Puppet.warning "Could not get instances for mongodb_database: #{e}"
[]
end
end
else
Expand Down Expand Up @@ -84,7 +89,7 @@ def create
"roles": #{@resource[:roles].to_json},
"digestPassword": false
}
EOS
EOS

mongo_eval("db.runCommand(#{cmd_json})", @resource[:database])
end
Expand Down Expand Up @@ -155,7 +160,7 @@ def roles=(roles)
else
grant = roles - @property_hash[:roles]
unless grant.empty?
mongo_eval("db.getSiblingDB('#{@resource[:database]}').grantRolesToUser('#{@resource[:username]}', #{grant. to_json})")
mongo_eval("db.getSiblingDB('#{@resource[:database]}').grantRolesToUser('#{@resource[:username]}', #{grant.to_json})")
end

revoke = @property_hash[:roles] - roles
Expand Down