GitHub puppet-mongodb
mongodb installation

Repo Checks ( 11 of 17 successfull )
Metadata Valid
No translation
passed
Correct Puppet Version Range
Supported Puppet version range is %{PUPPET_SUPPORT_RANGE}
passed
With Puppet Version Range
Puppet version range is present in requirements in metadata.json
passed
With Operatingsystem Support
No translation
passed
Supports Only Current Centos
No translation
failed
Supports Latest Centos
No translation
failed
Supports Only Current Debian
No translation
failed
Supports Latest Debian
No translation
failed
Supports Only Current Ubuntu
No translation
failed
Supports Latest Ubuntu
No translation
passed
In Modulesync Repo
Is listed as a module managed using modulesync_config
passed
Synced
Has a .msync.yml file
passed
Latest Modulesync
Has been synchronized with the latest tagged version of modulesync_config
passed
Has Modulesync
Is present in voxpupuli/modulesync_config/managed_modules.yml
passed
Released
Is in modulesync_config and in forge releases.
passed
Valid Sync File
If a (optional) sync file is present, it must not contain a `.travis.yml` entry.
passed
Reference Dot Md
The repository has a REFERENCE.md. It needs to be generated / puppet-strings documentation is missing.
failed

Open Pull Requests

Add support for net.ssl.allowConnectionsWithoutCertificates setting in mongod.conf
enhancement
needs-tests
needs-work
tests-fail

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

Add support for net.ssl.allowConnectionsWithoutCertificates setting in mongod.conf

This Pull Request (PR) fixes the following issues

Open PR in GitHub
#449 separate definition of /root/.mongorc.js file
needs-work
merge-conflicts

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

<!--
separate definition of /root/.mongorc.js file
-->

This Pull Request (PR) fixes the following issues

<!--
Fixes #449
-->

Open PR in GitHub
catch errors based on missing authentication to allow creation of admin user on replicaset setup
merge-conflicts

Pull Request (PR) description

When setting up a new replica set with authentication enabled the puppet run fails because some exceptions were not caught properly, when getting the user and database instances. When checking if the mongodb is a primary node a recheck without authentication is done to be able to create the admin user.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Open PR in GitHub
PR#182 addon: arbiter documentation + parameter replset_arbiter for mongodb::server
needs-rebase
tests-fail

The README currently does not give a hint how to configure an arbiter node for a replica set. That feature has been introduced with pull request #182.
It should also be possible to configure an arbiter by parameter replset_arbiter of mongodb::server.

Open PR in GitHub
Add support for replication.enableMajorityReadConcern setting
enhancement
needs-work

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

Add support for replication.enableMajorityReadConcern setting in mongod.conf.

This Pull Request (PR) fixes the following issues

542

Open PR in GitHub
Improve mongo output handling
tests-fail

Improve mongo output handling

This PR contains multiple changes to improve stability of parsing mongo output:

changes printjson to JSON.stringify to avoid internal types

In many cases printjson is adding internal types (ObjectId, etc) to the output, which results in an invalid JSON that is not parseable by ruby.

For example, printjson(db.isMaster()) prints something like this:


{
"topologyVersion" : {
"processId" : ObjectId("60995bb5e421c84948b94087"),
"counter" : NumberLong(6)
},
...
}

adds logic to extract error object from a corrupted output

Currently, the handling of exceptions is broken because the existing logic is expecting something parseable in the output, but it's not a valid JSON even after sanitization:


Error: Authentication failed.
2021-05-11T15:35:19.647+0200 E QUERY [thread1] Error: Could not retrieve replica set config: {
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { replSetGetConfig: 1.0, $clusterTime: { clusterTime: Timestamp(0, 0), signature: { hash: BinData(0, 0000000000000000000000000000000000000000), keyId: 0 } }, $readPreference: { mode: \"secondaryPreferred\" }, $db: \"admin\" }",
"code" : 13,
"codeName" : "Unauthorized",
"$clusterTime" : {
"clusterTime" : Timestamp(0, 0),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
} :
rs.conf@src/mongo/shell/utils.js:1323:11
@(shell eval):1:43'

Because of this, replica set provider (that relies on an error data) can't detect that the host is online and fails to properly initialize the replica set.

I've added code that attempts to extract an object in case an output is not a valid JSON.

adds check for error code when detecting failed authorization

The existing logic relies on an error message that potentially may change (because of i18n, etc), which may break it in a long run. I've added a check for a error code name, that is less likely to change.

Open PR in GitHub
Reorder switches in dbpath_fix find command
bug
needs-feedback

Pull Request (PR) description

Fix ordering of switches in dbpath_fix's find command

This Pull Request (PR) fixes the following issues

Fixes #571

Open PR in GitHub
Add default localhost real_ip
tests-fail

Pull Request (PR) description

Sometimes you just want to add a user or two to Mongo and not manage it with this module (because you're using managing it through Foreman/Katello as an example). In this case maybe all you want to do is:
```
class {'mongodb::globals':
managepackagerepo => false,
manage_package => false
}

mongodbuser { 'SOMEUSER':
ensure => present,
name => 'SOMEUSER',
password
hash => mongodbpassword('SOMEUSER', 'SOME_USER'),
database => 'admin',
roles => ['root', 'admin'],
tries => 10
}
```

Well and then you get Empty host component parsing HostAndPort from ":27017" and realize that all that's missing is just the bind_ip and that you don't want to do anything else with this module but add users... that's where this PR comes in!

This PR will add a default bind_ip of 127.0.0.1. This may be a poor hack because I don't know ruby from an implicit returning hole in the ground :) Either way, lets talk about it? maybe I'm doing something wrong? This PR seems reasonable however.

Open PR in GitHub
support for pure yaml in mongodb.cfg
tests-fail

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

Support for pure yaml in /etc/mongodb.cfg.
Right now only records like net.bindIp are supported, and if for example, you are using custom configuration template and your configuration looks like:
yaml
net:
port: 27017
bindIp: 0.0.0.0

you will get an error like Error: Could not prefetch mongodb_database provider 'mongodb': Could not evaluate MongoDB shell command: load('/root/.mongorc.js'); rs.slaveOk();printjson(db.getMongo().getDBs()) when using providers.
This PR adds support for both configuration file formats

This Pull Request (PR) fixes the following issues

Fixes #562 for user @seidler2547

Open PR in GitHub
Use confine to check the existence of a command needed for the fact to resolve
tests-fail

An initial puppet run (eg. in a vagrant box) will produce an error while trying to resolve the mongodbversion fact:
```
Facter: error while resolving custom fact "mongodb
version": undefined method '[]' for nil:NilClass
```
The reason is that the check for the existence of the mongo binary is inside the setcode block.

This pull request uses the fact confinement mechanism to pre-empt the fact resolution if the mongo binary is not available.

Open PR in GitHub
Slack Integration Config
tests-fail

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

Added slack Integration to fix a know bug in OpsManager 4.4 in conf-mms.properties file

<!--

-->

This Pull Request (PR) fixes the following issues

Ops Manager 4.4. has known issue with slack integration. We contact support and they asked us to do couple

configurations which apparently are not in this monog module. Theses two settings are slack client id and client secret #### for slack integration.

Open PR in GitHub
Adding support for Suse Linux
needs-rebase
enhancement

<!--
Thank you for contributing to this project!

-->

Pull Request (PR) description

<!--
This pull request is adding support for Suse Linux by adding class mongodb::repo::zypper
and calling this class in class mongodb::repo in case, OS family is 'Suse'.
-->

This Pull Request (PR) fixes the following issues

<!--
n/a
-->

Open PR in GitHub
The 'password' attribute was constantly updated even when the password was not changed
bug

Example code:

mongodb_user { 'user':
name => 'user',
ensure => present,
database => 'test',
password => 'password',
roles => ['readWrite'],
tries => 10,
}

apply agent:
```

created user

$ puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Info: Caching catalog for mongo26-1
Info: Applying configuration version '1633423266'
Notice: /Stage[main]/Main/Node[mongo26-1]/Mongodb_user[user]/ensure: created
Notice: Applied catalog in 0.95 seconds

password not changed, but:

$ puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Info: Caching catalog for mongo26-1
Info: Applying configuration version '1633423278'
Notice: /Stage[main]/Main/Node[mongo26-1]/Mongodb_user[user]/password: defined 'password' as 3bcfc22a1cd6be41bc7814c13d3ce94c (corrective)
Notice: Applied catalog in 0.75 seconds

password not changed, but:

$ puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Info: Caching catalog for mongo26-1
Info: Applying configuration version '1633423289'
Notice: /Stage[main]/Main/Node[mongo26-1]/Mongodb_user[user]/password: defined 'password' as 3bcfc22a1cd6be41bc7814c13d3ce94c (corrective)
Notice: Applied catalog in 0.82 seconds
```
As you can see, password is constantly being flagged as requiring changes. This PR fixes this behavior.

mongodb versions 4 and up use SCRAM-SHA-256 by default. This mechanism disallows the use of a password hash:

$ mongo test --quiet --host 127.0.0.1:27017 --eval "load('/root/.mongorc.js'); db.runCommand({\"createUser\":\"user\",\"pwd\":\"3bcfc22a1cd6be41bc7814c13d3ce94c\",\"roles\":[\"readWrite\"],\"digestPassword\":false})"
{
"operationTime" : Timestamp(1633424331, 1),
"ok" : 0,
"errmsg" : "Use of SCRAM-SHA-256 requires undigested passwords",
"code" : 2,
"codeName" : "BadValue",
"$clusterTime" : {
"clusterTime" : Timestamp(1633424331, 1),
"signature" : {
"hash" : BinData(0,"phzg8Y9u+y3uMQL5IbE0z4DQa/c="),
"keyId" : NumberLong("7015499301837078530")
}
}
}

Therefore, it makes sense to improve support for the 'password' attribute.

Open PR in GitHub