diff --git a/manifests/controller.pp b/manifests/controller.pp index d185576..143dca3 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -127,44 +127,35 @@ # Defaults to [] # class ovn::controller( - $ovn_remote, - $ovn_encap_ip, - $package_ensure = 'present', - $ovn_encap_type = 'geneve', - $ovn_encap_tos = undef, - $ovn_bridge_mappings = [], - $bridge_interface_mappings = [], - $hostname = $facts['networking']['fqdn'], - $ovn_bridge = 'br-int', - $mac_table_size = undef, - $datapath_type = undef, - $enable_dpdk = false, - $ovn_cms_options = undef, - $ovn_remote_probe_interval = 60000, - $ovn_openflow_probe_interval = 60, - $ovn_transport_zones = [], - $enable_ovn_match_northd = false, - $ovn_chassis_mac_map = [], - $ovn_monitor_all = false, - $manage_ovs_bridge = true, - $ovn_ofctrl_wait_before_clear = 8000, - $ovn_controller_ssl_key = undef, - $ovn_controller_ssl_cert = undef, - $ovn_controller_ssl_ca_cert = undef, - $ovn_controller_extra_opts = [], + String $ovn_remote, + String $ovn_encap_ip, + String $package_ensure = 'present', + Variant[String[1], Array[String[1]]] $ovn_encap_type = 'geneve', + Optional[Variant[String, Integer]] $ovn_encap_tos = undef, + Variant[String[1], Array[String[1]]] $ovn_bridge_mappings = [], + Array[String[1]] $bridge_interface_mappings = [], + String[1] $hostname = $facts['networking']['fqdn'], + String[1] $ovn_bridge = 'br-int', + Optional[Integer[0]] $mac_table_size = undef, + Optional[String[1]] $datapath_type = undef, + Boolean $enable_dpdk = false, + Optional[Variant[String[1], Array[String[1]]]] $ovn_cms_options = undef, + Integer[0] $ovn_remote_probe_interval = 60000, + Integer[0] $ovn_openflow_probe_interval = 60, + Array[String[1]] $ovn_transport_zones = [], + Boolean $enable_ovn_match_northd = false, + Variant[Array[String], Hash[String, String]] $ovn_chassis_mac_map = [], + Boolean $ovn_monitor_all = false, + Boolean $manage_ovs_bridge = true, + Integer[0] $ovn_ofctrl_wait_before_clear = 8000, + Optional[Stdlib::Absolutepath] $ovn_controller_ssl_key = undef, + Optional[Stdlib::Absolutepath] $ovn_controller_ssl_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_controller_ssl_ca_cert = undef, + Array[String[1]] $ovn_controller_extra_opts = [], ) { include ovn::params - validate_legacy(String, 'validate_string', $ovn_remote) - validate_legacy(String, 'validate_string', $ovn_encap_ip) - validate_legacy(Boolean, 'validate_bool', $enable_dpdk) - validate_legacy(Array, 'validate_array', $ovn_transport_zones) - validate_legacy(Boolean, 'validate_bool', $enable_ovn_match_northd) - validate_legacy(Boolean, 'validate_bool', $ovn_monitor_all) - validate_legacy(Boolean, 'validate_bool', $manage_ovs_bridge) - validate_legacy(Array, 'validate_array', $ovn_controller_extra_opts) - if $enable_dpdk and ! $datapath_type { fail('Datapath type must be set when DPDK is enabled') } diff --git a/manifests/controller/bridge.pp b/manifests/controller/bridge.pp index 2c6f8e6..dba7fb7 100644 --- a/manifests/controller/bridge.pp +++ b/manifests/controller/bridge.pp @@ -11,7 +11,7 @@ # Defaults to undef # define ovn::controller::bridge( - $mac_table_size = undef, + Optional[Integer[0]] $mac_table_size = undef, ){ $map_split = split($name, ':') $bridge = $map_split[1] diff --git a/manifests/northd.pp b/manifests/northd.pp index 8a4178f..7b72553 100644 --- a/manifests/northd.pp +++ b/manifests/northd.pp @@ -68,28 +68,26 @@ # Defaults to [] # class ovn::northd( - $package_ensure = 'present', - $dbs_listen_ip = '0.0.0.0', - $dbs_cluster_local_addr = undef, - $dbs_cluster_remote_addr = undef, - $ovn_northd_nb_db = undef, - $ovn_northd_sb_db = undef, - $ovn_northd_ssl_key = undef, - $ovn_northd_ssl_cert = undef, - $ovn_northd_ssl_ca_cert = undef, - $ovn_nb_db_ssl_key = undef, - $ovn_nb_db_ssl_cert = undef, - $ovn_nb_db_ssl_ca_cert = undef, - $ovn_sb_db_ssl_key = undef, - $ovn_sb_db_ssl_cert = undef, - $ovn_sb_db_ssl_ca_cert = undef, - $ovn_northd_extra_opts = [], + String $package_ensure = 'present', + String $dbs_listen_ip = '0.0.0.0', + Optional[String] $dbs_cluster_local_addr = undef, + Optional[String] $dbs_cluster_remote_addr = undef, + Optional[Variant[String, Array[String]]] $ovn_northd_nb_db = undef, + Optional[Variant[String, Array[String]]] $ovn_northd_sb_db = undef, + Optional[Stdlib::Absolutepath] $ovn_northd_ssl_key = undef, + Optional[Stdlib::Absolutepath] $ovn_northd_ssl_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_northd_ssl_ca_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_nb_db_ssl_key = undef, + Optional[Stdlib::Absolutepath] $ovn_nb_db_ssl_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_nb_db_ssl_ca_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_key = undef, + Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_cert = undef, + Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_ca_cert = undef, + Array[String] $ovn_northd_extra_opts = [], ) { include ovn::params include vswitch::ovs - validate_legacy(Array, 'validate_array', $ovn_northd_extra_opts) - $dbs_listen_ip_real = normalize_ip_for_uri($dbs_listen_ip) $ovn_northd_opts_addr = [ diff --git a/releasenotes/notes/parameter-types-5f0dbd9c3fd963e6.yaml b/releasenotes/notes/parameter-types-5f0dbd9c3fd963e6.yaml new file mode 100644 index 0000000..3528181 --- /dev/null +++ b/releasenotes/notes/parameter-types-5f0dbd9c3fd963e6.yaml @@ -0,0 +1,4 @@ +--- +upgrade: + - | + Now this module implements strict data type validations. diff --git a/spec/classes/ovn_controller_spec.rb b/spec/classes/ovn_controller_spec.rb index 0e0ded0..f27abfc 100644 --- a/spec/classes/ovn_controller_spec.rb +++ b/spec/classes/ovn_controller_spec.rb @@ -240,9 +240,9 @@ describe 'ovn::controller' do context 'with ovn controller ssl' do before :each do params.merge!({ - :ovn_controller_ssl_key => 'key.pem', - :ovn_controller_ssl_cert => 'cert.pem', - :ovn_controller_ssl_ca_cert => 'cacert.pem', + :ovn_controller_ssl_key => '/path/to/key.pem', + :ovn_controller_ssl_cert => '/path/to/cert.pem', + :ovn_controller_ssl_ca_cert => '/path/to/cacert.pem', }) end @@ -250,7 +250,7 @@ describe 'ovn::controller' do is_expected.to contain_augeas('config-ovn-controller').with({ :context => platform_params[:ovn_controller_context], :changes => "set " + platform_params[:ovn_controller_option_name] + " '\"" + - "--ovn-controller-ssl-key=key.pem --ovn-controller-ssl-cert=cert.pem --ovn-controller-ssl-ca-cert=cacert.pem" + + "--ovn-controller-ssl-key=/path/to/key.pem --ovn-controller-ssl-cert=/path/to/cert.pem --ovn-controller-ssl-ca-cert=/path/to/cacert.pem" + "\"'", }) end diff --git a/spec/classes/ovn_northd_spec.rb b/spec/classes/ovn_northd_spec.rb index e6d1512..4b35597 100644 --- a/spec/classes/ovn_northd_spec.rb +++ b/spec/classes/ovn_northd_spec.rb @@ -42,9 +42,9 @@ describe 'ovn::northd' do { :ovn_northd_nb_db => 'ssl:192.0.2.1:6645,ssl:192.0.2.2:6645,ssl:192.0.2.3:6645', :ovn_northd_sb_db => ['ssl:192.0.2.1:6646', 'ssl:192.0.2.2:6646', 'ssl:192.0.2.3:6646'], - :ovn_northd_ssl_key => 'key.pem', - :ovn_northd_ssl_cert => 'cert.pem', - :ovn_northd_ssl_ca_cert => 'cacert.pem', + :ovn_northd_ssl_key => '/path/to/key.pem', + :ovn_northd_ssl_cert => '/path/to/cert.pem', + :ovn_northd_ssl_ca_cert => '/path/to/cacert.pem', } end @@ -56,7 +56,7 @@ describe 'ovn::northd' do " --db-nb-create-insecure-remote=yes --db-sb-create-insecure-remote=yes" + " --ovn-northd-nb-db=ssl:192.0.2.1:6645,ssl:192.0.2.2:6645,ssl:192.0.2.3:6645" + " --ovn-northd-sb-db=ssl:192.0.2.1:6646,ssl:192.0.2.2:6646,ssl:192.0.2.3:6646" + - " --ovn-northd-ssl-key=key.pem --ovn-northd-ssl-cert=cert.pem --ovn-northd-ssl-ca-cert=cacert.pem" + + " --ovn-northd-ssl-key=/path/to/key.pem --ovn-northd-ssl-cert=/path/to/cert.pem --ovn-northd-ssl-ca-cert=/path/to/cacert.pem" + "\"'", }) end @@ -69,9 +69,9 @@ describe 'ovn::northd' do context 'with nb db ssl enabled' do let :params do { - :ovn_nb_db_ssl_key => 'dbkey.pem', - :ovn_nb_db_ssl_cert => 'dbcert.pem', - :ovn_nb_db_ssl_ca_cert => 'dbcacert.pem', + :ovn_nb_db_ssl_key => '/path/to/dbkey.pem', + :ovn_nb_db_ssl_cert => '/path/to/dbcert.pem', + :ovn_nb_db_ssl_ca_cert => '/path/to/dbcacert.pem', } end @@ -81,7 +81,7 @@ describe 'ovn::northd' do :changes => "set " + platform_params[:ovn_northd_option_name] + " '\"" + "--db-nb-addr=0.0.0.0 --db-sb-addr=0.0.0.0" + " --db-nb-create-insecure-remote=no --db-sb-create-insecure-remote=yes" + - " --ovn-nb-db-ssl-key=dbkey.pem --ovn-nb-db-ssl-cert=dbcert.pem --ovn-nb-db-ssl-ca-cert=dbcacert.pem" + + " --ovn-nb-db-ssl-key=/path/to/dbkey.pem --ovn-nb-db-ssl-cert=/path/to/dbcert.pem --ovn-nb-db-ssl-ca-cert=/path/to/dbcacert.pem" + "\"'", }) end @@ -101,9 +101,9 @@ describe 'ovn::northd' do let :params do { :dbs_listen_ip => '::1', - :ovn_nb_db_ssl_key => 'dbkey.pem', - :ovn_nb_db_ssl_cert => 'dbcert.pem', - :ovn_nb_db_ssl_ca_cert => 'dbcacert.pem', + :ovn_nb_db_ssl_key => '/path/to/dbkey.pem', + :ovn_nb_db_ssl_cert => '/path/to/dbcert.pem', + :ovn_nb_db_ssl_ca_cert => '/path/to/dbcacert.pem', } end @@ -113,7 +113,7 @@ describe 'ovn::northd' do :changes => "set " + platform_params[:ovn_northd_option_name] + " '\"" + "--db-nb-addr=[::1] --db-sb-addr=[::1]" + " --db-nb-create-insecure-remote=no --db-sb-create-insecure-remote=yes" + - " --ovn-nb-db-ssl-key=dbkey.pem --ovn-nb-db-ssl-cert=dbcert.pem --ovn-nb-db-ssl-ca-cert=dbcacert.pem" + + " --ovn-nb-db-ssl-key=/path/to/dbkey.pem --ovn-nb-db-ssl-cert=/path/to/dbcert.pem --ovn-nb-db-ssl-ca-cert=/path/to/dbcacert.pem" + "\"'", }) end @@ -132,9 +132,9 @@ describe 'ovn::northd' do context 'with sb db ssl enabled' do let :params do { - :ovn_sb_db_ssl_key => 'dbkey.pem', - :ovn_sb_db_ssl_cert => 'dbcert.pem', - :ovn_sb_db_ssl_ca_cert => 'dbcacert.pem', + :ovn_sb_db_ssl_key => '/path/to/dbkey.pem', + :ovn_sb_db_ssl_cert => '/path/to/dbcert.pem', + :ovn_sb_db_ssl_ca_cert => '/path/to/dbcacert.pem', } end @@ -144,7 +144,7 @@ describe 'ovn::northd' do :changes => "set " + platform_params[:ovn_northd_option_name] + " '\"" + "--db-nb-addr=0.0.0.0 --db-sb-addr=0.0.0.0" + " --db-nb-create-insecure-remote=yes --db-sb-create-insecure-remote=no" + - " --ovn-sb-db-ssl-key=dbkey.pem --ovn-sb-db-ssl-cert=dbcert.pem --ovn-sb-db-ssl-ca-cert=dbcacert.pem" + + " --ovn-sb-db-ssl-key=/path/to/dbkey.pem --ovn-sb-db-ssl-cert=/path/to/dbcert.pem --ovn-sb-db-ssl-ca-cert=/path/to/dbcacert.pem" + "\"'", }) end @@ -164,9 +164,9 @@ describe 'ovn::northd' do let :params do { :dbs_listen_ip => '::1', - :ovn_sb_db_ssl_key => 'dbkey.pem', - :ovn_sb_db_ssl_cert => 'dbcert.pem', - :ovn_sb_db_ssl_ca_cert => 'dbcacert.pem', + :ovn_sb_db_ssl_key => '/path/to/dbkey.pem', + :ovn_sb_db_ssl_cert => '/path/to/dbcert.pem', + :ovn_sb_db_ssl_ca_cert => '/path/to/dbcacert.pem', } end @@ -176,7 +176,7 @@ describe 'ovn::northd' do :changes => "set " + platform_params[:ovn_northd_option_name] + " '\"" + "--db-nb-addr=[::1] --db-sb-addr=[::1]" + " --db-nb-create-insecure-remote=yes --db-sb-create-insecure-remote=no" + - " --ovn-sb-db-ssl-key=dbkey.pem --ovn-sb-db-ssl-cert=dbcert.pem --ovn-sb-db-ssl-ca-cert=dbcacert.pem" + + " --ovn-sb-db-ssl-key=/path/to/dbkey.pem --ovn-sb-db-ssl-cert=/path/to/dbcert.pem --ovn-sb-db-ssl-ca-cert=/path/to/dbcacert.pem" + "\"'", }) end @@ -195,7 +195,7 @@ describe 'ovn::northd' do context 'with bad northd ssl parameters' do let :params do { - :ovn_northd_ssl_key => 'key.pem', + :ovn_northd_ssl_key => '/path/to/key.pem', } end @@ -205,7 +205,7 @@ describe 'ovn::northd' do context 'with bad nb db ssl parameters' do let :params do { - :ovn_nb_db_ssl_key => 'key.pem', + :ovn_nb_db_ssl_key => '/path/to/key.pem', } end @@ -215,7 +215,7 @@ describe 'ovn::northd' do context 'with bad sb db ssl parameters' do let :params do { - :ovn_sb_db_ssl_key => 'key.pem', + :ovn_sb_db_ssl_key => '/path/to/key.pem', } end