Merge remote-tracking branch 'origin/SIRE-9538'

parship · Aug 23, 2023 · a2d78d5 · a2d78d5
2 parents 6c5a2e6 + 1ace857
commit a2d78d5
Show file tree

Hide file tree

Showing 21 changed files with 168 additions and 186 deletions.
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -1203,6 +1203,7 @@ The following parameters are available in the `mongodb::server` class:
 * [`service_status`](#-mongodb--server--service_status)
 * [`package_ensure`](#-mongodb--server--package_ensure)
 * [`package_name`](#-mongodb--server--package_name)
+* [`mongosh_package_name`](#-mongodb--server--mongosh_package_name)
 * [`logpath`](#-mongodb--server--logpath)
 * [`bind_ip`](#-mongodb--server--bind_ip)
 * [`ipv6`](#-mongodb--server--ipv6)
@@ -1459,6 +1460,14 @@ Data type: `String`
 
 Default value: `$mongodb::params::server_package_name`
 
+##### <a name="-mongodb--server--mongosh_package_name"></a>`mongosh_package_name`
+
+Data type: `String`
+
+
+
+Default value: `$mongodb::params::mongosh_package_name`
+
 ##### <a name="-mongodb--server--logpath"></a>`logpath`
 
 Data type: `Variant[Boolean, Stdlib::Absolutepath]`

diff --git a/lib/facter/is_master.rb b/lib/facter/is_master.rb
@@ -73,17 +73,17 @@ def get_options_from_config(file)
 
 Facter.add('mongodb_is_master') do
   setcode do
-    if %w[mongo mongod].all? { |m| Facter::Util::Resolution.which m }
+    if %w[mongosh mongod].all? { |m| Facter::Util::Resolution.which m }
       file = mongod_conf_file
       if file
         options = get_options_from_config(file)
-        e = File.exist?('/root/.mongorc.js') ? 'load(\'/root/.mongorc.js\'); ' : ''
+        e = File.exist?('/root/.mongoshrc.js') ? 'load(\'/root/.mongoshrc.js\'); ' : ''
 
         # Check if the mongodb server is responding:
-        Facter::Core::Execution.exec("mongo --quiet #{options} --eval \"#{e}printjson(db.adminCommand({ ping: 1 }))\"")
+        Facter::Core::Execution.exec("mongosh --quiet #{options} --eval \"#{e}EJSON.stringify(db.adminCommand({ ping: 1 }))\"")
 
         if $CHILD_STATUS.success?
-          Facter::Core::Execution.exec("mongo --quiet #{options} --eval \"#{e}db.isMaster().ismaster\"")
+          Facter::Core::Execution.exec("mongosh --quiet #{options} --eval \"#{e}db.isMaster().ismaster\"")
         else
           'not_responding'
         end

diff --git a/lib/facter/mongodb_version.rb b/lib/facter/mongodb_version.rb
@@ -2,9 +2,9 @@
 
 Facter.add(:mongodb_version) do
   setcode do
-    if Facter::Core::Execution.which('mongo')
-      mongodb_version = Facter::Core::Execution.execute('mongo --version 2>&1')
-      %r{MongoDB shell version:?\s+v?([\w.]+)}.match(mongodb_version)[1]
+    if Facter::Core::Execution.which('mongod')
+      mongodb_version = Facter::Core::Execution.execute('mongod --version 2>&1')
+      %r{db version:?\s+v?([\w.]+)}.match(mongodb_version)[1]
     end
   end
 end
diff --git a/lib/puppet/provider/mongodb.rb b/lib/puppet/provider/mongodb.rb
@@ -1,18 +1,19 @@
 # frozen_string_literal: true
 
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', '..'))
-require 'puppet/util/mongodb_output'
 
 require 'yaml'
 require 'json'
+
 class Puppet::Provider::Mongodb < Puppet::Provider
   # Without initvars commands won't work.
   initvars
-  commands mongo: 'mongo'
+  # TODO: do we still need to support mongo ? Since it is removed from 6.x, not in this PR
+  commands mongo: 'mongosh'
 
   # Optional defaults file
   def self.mongorc_file
-    "load('#{Facter.value(:root_home)}/.mongorc.js'); " if File.file?("#{Facter.value(:root_home)}/.mongorc.js")
+    "load('#{Facter.value(:root_home)}/.mongoshrc.js'); " if File.file?("#{Facter.value(:root_home)}/.mongoshrc.js")
   end
 
   def mongorc_file
@@ -43,7 +44,7 @@ def self.mongo_conf
       'tlsca' => config['net.tls.CAFile'],
       'auth' => config['security.authorization'],
       'shardsvr' => config['sharding.clusterRole'],
-      'confsvr' => config['sharding.clusterRole']
+      'confsvr' => config['sharding.clusterRole'],
     }
   end
 
@@ -92,15 +93,16 @@ def self.mongo_cmd(db, host, cmd)
 
     if tls_is_enabled(config)
       args.push('--tls')
-      args += ['--tlsCertificateKeyFile', config['tlscert']]
 
       tls_ca = config['tlsca']
       args += ['--tlsCAFile', tls_ca] unless tls_ca.nil?
 
+      args += ['--tlsCertificateKeyFile', config['tlscert']]
+
       args.push('--tlsAllowInvalidHostnames') if tls_invalid_hostnames(config)
     end
 
-    args += ['--eval', cmd]
+    args += ['--eval', "\"#{cmd}\""]
     mongo(args)
   end
 
@@ -169,14 +171,15 @@ def self.mongo_eval(cmd, db = 'admin', retries = 10, host = nil)
       retry_count -= 1
       if retry_count.positive?
         Puppet.debug "Request failed: '#{e.message}' Retry: '#{retries - retry_count}'"
+        out = { 'errmsg' => e.message }
         sleep retry_sleep
         retry
       end
     end
 
     raise Puppet::ExecutionFailure, "Could not evaluate MongoDB shell command: #{cmd}" unless out
 
-    Puppet::Util::MongodbOutput.sanitize(out)
+    out
   end
 
   def mongo_eval(cmd, db = 'admin', retries = 10, host = nil)
@@ -192,6 +195,7 @@ def mongo_version
     self.class.mongo_version
   end
 
+  # TODO: moingosh only from 4.2 bersion ?, so do we remove this?
   def self.mongo_26?
     v = mongo_version
     !v[%r{^2\.6\.}].nil?
@@ -218,4 +222,13 @@ def self.mongo_5?
   def mongo_5?
     self.class.mongo_5?
   end
+
+  def self.mongo_6?
+    v = mongo_version
+    !v[%r{^6\.}].nil?
+  end
+
+  def mongo_6?
+    self.class.mongo_6?
+  end
 end
diff --git a/lib/puppet/provider/mongodb_database/mongodb.rb b/lib/puppet/provider/mongodb_database/mongodb.rb
@@ -9,8 +9,9 @@
   def self.instances
     require 'json'
 
-    pre_cmd = 'try { rs.secondaryOk() } catch (err) { rs.slaveOk() }'
-    dbs = JSON.parse mongo_eval("#{pre_cmd};printjson(db.getMongo().getDBs())")
+    mongo_eval_result = mongo_eval('JSON.stringify(db.getMongo().getDBs())')
+
+    dbs = JSON.parse mongo_eval_result
 
     dbs['databases'].map do |db|
       new(name: db['name'],
@@ -29,7 +30,7 @@ def self.prefetch(resources)
 
   def create
     if db_ismaster
-      out = mongo_eval('db.dummyData.insert({"created_by_puppet": 1})', @resource[:name])
+      out = mongo_eval('db.dummyData.insertOne({"created_by_puppet": 1})', @resource[:name])
       raise "Failed to create DB '#{@resource[:name]}'\n#{out}" if %r{writeError} =~ out
     else
       Puppet.warning 'Database creation is available only from master host'

diff --git a/lib/puppet/provider/mongodb_replset/mongo.rb b/lib/puppet/provider/mongodb_replset/mongo.rb
@@ -280,7 +280,7 @@ def set_members
           Puppet.debug 'Replica set initialization has successfully ended'
           return true
         else
-          Puppet.debug "Wainting for replica initialization. Retry: #{n}"
+          Puppet.debug "Waiting for replica initialization. Retry: #{n}"
           sleep retry_sleep
           next
         end
@@ -383,7 +383,7 @@ def mongo_command(command, host, retries = 4)
 
   def self.mongo_command(command, host = nil, retries = 4)
     begin
-      output = mongo_eval("printjson(#{command})", 'admin', retries, host)
+      output = mongo_eval("EJSON.stringify(#{command})", 'admin', retries, host)
     rescue Puppet::ExecutionFailure => e
       Puppet.debug "Got an exception: #{e}"
       raise
@@ -394,6 +394,10 @@ def self.mongo_command(command, host = nil, retries = 4)
     output = '{}' if output == "\nnull\n"
 
     # Parse the JSON output and return
-    JSON.parse(output)
+    begin
+      JSON.parse(output)
+    rescue e
+      output
+    end
   end
 end
diff --git a/lib/puppet/provider/mongodb_shard/mongo.rb b/lib/puppet/provider/mongodb_shard/mongo.rb
@@ -152,7 +152,7 @@ def self.mongo_command(command, host = nil, _retries = 4)
       args = []
       args << '--quiet'
       args << ['--host', host] if host
-      args << ['--eval', "printjson(#{command})"]
+      args << ['--eval', "EJSON.stringify(#{command})"]
       output = mongo(args.flatten)
     rescue Puppet::ExecutionFailure => e
       raise unless e =~ %r{Error: couldn't connect to server} && wait <= (2**max_wait)

diff --git a/lib/puppet/provider/mongodb_user/mongodb.rb b/lib/puppet/provider/mongodb_user/mongodb.rb
@@ -10,7 +10,7 @@ def self.instances
     require 'json'
 
     if db_ismaster
-      script = 'printjson(db.system.users.find().toArray())'
+      script = 'EJSON.stringify(db.system.users.find().toArray())'
       # A hack to prevent prefetching failures until admin user is created
       script = "try {#{script}} catch (e) { if (e.message.match(/not authorized on admin/)) { 'not authorized on admin' } else {throw e}}" if auth_enabled
 
@@ -59,7 +59,7 @@ def create
         roles: role_hashes(@resource[:roles], @resource[:database]),
       }
 
-      if mongo_4? || mongo_5?
+      if mongo_4? || mongo_5? || mongo_6?
         if @resource[:auth_mechanism] == :scram_sha_256 # rubocop:disable Naming/VariableNumber
           command[:mechanisms] = ['SCRAM-SHA-256']
           command[:pwd] = @resource[:password]
@@ -120,7 +120,7 @@ def password=(value)
         digestPassword: true
       }
 
-      if mongo_4? || mongo_5?
+      if mongo_4? || mongo_5? || mongo_6?
         command[:mechanisms] = @resource[:auth_mechanism] == :scram_sha_256 ? ['SCRAM-SHA-256'] : ['SCRAM-SHA-1'] # rubocop:disable Naming/VariableNumber
       end
 

diff --git a/lib/puppet/util/mongodb_output.rb b/lib/puppet/util/mongodb_output.rb
diff --git a/manifests/params.pp b/manifests/params.pp
@@ -19,7 +19,7 @@
   ]
   $handle_creds          = true
   $store_creds           = false
-  $rcfile                = "${facts['root_home']}/.mongorc.js"
+  $rcfile                = "${facts['root_home']}/.mongoshrc.js"
   $dbpath_fix            = false
 
   $manage_package        = pick($mongodb::globals::manage_package, $mongodb::globals::manage_package_repo, false)
@@ -38,6 +38,8 @@
     $package_ensure_mongos = true
   }
 
+  $mongosh_package_name    = 'mongodb-mongosh'
+
   # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'.
   case $facts['os']['family'] {
     'RedHat', 'Linux', 'Suse': {

diff --git a/manifests/server.pp b/manifests/server.pp
@@ -32,6 +32,7 @@
   Optional[Enum['stopped', 'running']] $service_status          = $mongodb::params::service_status,
   Variant[Boolean, String] $package_ensure                      = $mongodb::params::package_ensure,
   String $package_name                                          = $mongodb::params::server_package_name,
+  String $mongosh_package_name                                  = $mongodb::params::mongosh_package_name,
   Variant[Boolean, Stdlib::Absolutepath] $logpath               = $mongodb::params::logpath,
   Array[Stdlib::IP::Address] $bind_ip                           = $mongodb::params::bind_ip,
   Optional[Boolean] $ipv6                                       = undef,
@@ -126,12 +127,13 @@
     $admin_password
   }
   if $create_admin and ($service_ensure == 'running' or $service_ensure == true) {
-    mongodb::db { 'admin':
-      user            => $admin_username,
-      auth_mechanism  => $admin_auth_mechanism,
-      password        => $admin_password_unsensitive,
-      roles           => $admin_roles,
-      update_password => $admin_update_password,
+    mongodb_user { 'admin user':
+      ensure         => present,
+      username       => $admin_username,
+      database       => 'admin',
+      roles          => $admin_roles,
+      auth_mechanism => $admin_auth_mechanism,
+      password       => $admin_password,
     }
 
     # Make sure it runs before other DB creation
@@ -169,7 +171,7 @@
 
       # Make sure that the ordering is correct
       if $create_admin {
-        Class['mongodb::replset'] -> Mongodb::Db['admin']
+        Class['mongodb::replset'] -> Mongodb_user['admin user']
       }
     }
   }

diff --git a/manifests/server/config.pp b/manifests/server/config.pp
@@ -176,7 +176,7 @@
   if $handle_creds {
     file { $rcfile:
       ensure  => file,
-      content => template('mongodb/mongorc.js.erb'),
+      content => template('mongodb/mongoshrc.js.erb'),
       owner   => 'root',
       group   => 'root',
       mode    => '0600',

diff --git a/manifests/server/install.pp b/manifests/server/install.pp
@@ -1,7 +1,8 @@
 # PRIVATE CLASS: do not call directly
 class mongodb::server::install {
-  $package_ensure = $mongodb::server::package_ensure
-  $package_name   = $mongodb::server::package_name
+  $package_ensure       = $mongodb::server::package_ensure
+  $package_name         = $mongodb::server::package_name
+  $mongosh_package_name = $mongodb::server::mongosh_package_name
 
   case $package_ensure {
     true:     {
@@ -33,4 +34,11 @@
       tag    => 'mongodb_package',
     }
   }
+  unless defined(Package[$mongosh_package_name]) {
+    package { 'mongodb_mongosh':
+      ensure => present,
+      name   => $mongosh_package_name,
+      tag    => 'mongodb_mongosh_package',
+    }
+  }
 }
diff --git a/spec/acceptance/server_spec.rb b/spec/acceptance/server_spec.rb
@@ -25,6 +25,12 @@
     service_name = 'mongod'
     package_name = 'mongodb-org-server'
   end
+  major_version = 6 # fact('mongodb_version').split('.')[0].to_i
+  mongo_cli = if major_version >= 5
+                'mongosh'
+              else
+                'mongo'
+              end
 
   describe 'installation' do
     it 'works with no errors' do
@@ -143,15 +149,15 @@ class { 'mongodb::client': }
       its(:stdout) { is_expected.to match '13' }
     end
 
-    describe file('/root/.mongorc.js') do
+    describe file("/root/.#{mongo_cli}.js") do
       it { is_expected.to be_file }
       it { is_expected.to be_owned_by 'root' }
       it { is_expected.to be_grouped_into 'root' }
       it { is_expected.to be_mode 600 }
-      it { is_expected.to contain 'db.auth(\'admin\', \'password\')' }
+      it { is_expected.to contain 'admin.auth(\'admin\', \'password\')' }
     end
 
-    describe command("mongo admin --quiet --eval \"load('/root/.mongorc.js');printjson(db.getUser('admin')['customData'])\"") do
+    describe command("#{mongo_cli} admin --quiet --eval \"load('/root/.#{mongo_cli}.js');printjson(db.getUser('admin')['customData'])\"") do
       its(:exit_status) { is_expected.to eq 0 }
       its(:stdout) { is_expected.to match "{ \"createdBy\" : \"Puppet Mongodb_user['User admin on db admin']\" }\n" }
     end