From 58230dd487459099902719574bc035bbb6bb3a63 Mon Sep 17 00:00:00 2001 From: Dan Webb Date: Tue, 5 Nov 2024 22:15:10 +0000 Subject: [PATCH] feat: Support PostgreSQL 17 (#778) - Remove support for Fedora Fedora is not an officially supported platform by the Sous Chefs community. If you would like to see Fedora support added back please open a PR to add it back. The installation methods for Fedora are substantially different than other platforms and require a lot of additional testing and maintenance. - Add testing for PostgreSQL 16 and 17 - Add libpq package to default packages - Fix GPG key URLs - Update Amazon to Amazon Linux 2023 - Remove unsupported configuration options from the `postgresql_config` resource `stats_temp_directory` --------- Signed-off-by: Dan Webb --- .github/copilot-instructions.md | 1 + .github/workflows/ci.yml | 67 ++++-- .markdownlint-cli2.yaml | 2 + .rubocop.yml | 10 + CHANGELOG.md | 12 +- documentation/postgresql_ident.md | 2 +- kitchen.yml | 190 ++++++------------ libraries/_utils.rb | 2 +- libraries/access.rb | 6 +- libraries/helpers.rb | 67 +++--- libraries/ident.rb | 4 +- libraries/sql/_connection.rb | 10 +- metadata.rb | 1 - resources/config.rb | 2 +- resources/install.rb | 26 +-- templates/default/createcluster.conf.erb | 3 - test/cookbooks/test/recipes/access.rb | 14 +- test/cookbooks/test/recipes/client_install.rb | 1 - test/cookbooks/test/recipes/extension.rb | 2 +- test/cookbooks/test/recipes/ident.rb | 2 +- test/cookbooks/test/recipes/multi_client.rb | 4 +- .../test/recipes/server_install_os.rb | 9 +- .../access/controls/base_access.rb | 8 +- .../controls/client_spec.rb | 2 +- .../initdb_locale/controls/default_spec.rb | 12 +- .../integration/repo/controls/repo_spec.rb.rb | 4 +- .../server_install/controls/server_spec.rb | 2 +- .../server_install_os/controls/access.rb | 4 +- 28 files changed, 219 insertions(+), 250 deletions(-) create mode 100644 .github/copilot-instructions.md create mode 100644 .rubocop.yml diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md new file mode 100644 index 000000000..1f6a7d326 --- /dev/null +++ b/.github/copilot-instructions.md @@ -0,0 +1 @@ +We use Chef Cookstyle to lint our Chef cookbooks. We use Test Kitchen to integration test our cookbooks. Test cookbooks are in the test/cookbooks directory. We keep documentation in README.md and the documentation folder. When suggestion improvements ignore the test directory. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4aa8e2244..7eff24ede 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,39 +22,68 @@ jobs: strategy: matrix: os: - - "almalinux-8" + - "almalinux-9" + - "rockylinux-9" + - "oraclelinux-9" - "centos-stream-9" + - "amazonlinux-2023" - "debian-11" - "debian-12" - - "rockylinux-8" - - "ubuntu-2004" - "ubuntu-2204" + - "ubuntu-2404" suite: - - "access-12" - - "access-13" - - "access-14" - "access-15" - - "client-install-12" - - "client-install-13" - - "client-install-14" + - "access-16" + - "access-17" - "client-install-15" - - "extension-12" - - "extension-13" - - "extension-14" + - "client-install-16" + - "client-install-17" - "extension-15" - - "ident-12" - - "ident-13" - - "ident-14" + - "extension-16" + - "extension-17" - "ident-15" - - "initdb-locale-15" - - "server-install-12" - - "server-install-13" - - "server-install-14" + - "ident-16" + - "ident-17" - "server-install-15" + - "server-install-16" + - "server-install-17" + - "initdb-locale-17" - "server-install-os" exclude: - os: "centos-7" suite: "server-install-os" + - os: "amazonlinux-2023" + suite: "access-15" + - os: "amazonlinux-2023" + suite: "access-16" + - os: "amazonlinux-2023" + suite: "access-17" + - os: "amazonlinux-2023" + suite: "client-install-15" + - os: "amazonlinux-2023" + suite: "client-install-16" + - os: "amazonlinux-2023" + suite: "client-install-17" + - os: "amazonlinux-2023" + suite: "extension-15" + - os: "amazonlinux-2023" + suite: "extension-16" + - os: "amazonlinux-2023" + suite: "extension-17" + - os: "amazonlinux-2023" + suite: "ident-15" + - os: "amazonlinux-2023" + suite: "ident-16" + - os: "amazonlinux-2023" + suite: "ident-17" + - os: "amazonlinux-2023" + suite: "server-install-15" + - os: "amazonlinux-2023" + suite: "server-install-16" + - os: "amazonlinux-2023" + suite: "server-install-17" + - os: "amazonlinux-2023" + suite: "initdb-locale-17" fail-fast: false steps: diff --git a/.markdownlint-cli2.yaml b/.markdownlint-cli2.yaml index 6fa8e776d..0196ac7b3 100644 --- a/.markdownlint-cli2.yaml +++ b/.markdownlint-cli2.yaml @@ -3,3 +3,5 @@ config: line-length: false # MD013 no-duplicate-heading: false # MD024 reference-links-images: false # MD052 +ignores: + - .github/copilot-instructions.md diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 000000000..6ce4d1a16 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,10 @@ +require: + - cookstyle + +AllCops: + TargetRubyVersion: 3.1 + Include: + - "**/*.rb" + Exclude: + - "vendor/**/*" + - "spec/**/*" diff --git a/CHANGELOG.md b/CHANGELOG.md index 845ccf3fa..21f1101aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,16 @@ This file is used to list changes made in the last 3 major versions of the postg ## Unreleased +- Remove support for Fedora + Fedora is not an officially supported platform by the Sous Chefs community. If you would like to see Fedora support added back please open a PR to add it back. + The installation methods for Fedora are substantially different than other platforms and require a lot of additional testing and maintenance. +- Add testing for PostgreSQL 16 and 17 +- Add libpq package to default packages +- Fix GPG key URLs +- Update Amazon to Amazon Linux 2023 +- Remove unsupported configuration options from the `postgresql_config` resource + `stats_temp_directory` + ## 11.11.2 - *2024-10-07* Standardise files with files in sous-chefs/repo-management @@ -301,7 +311,7 @@ Standardise files with files in sous-chefs/repo-management - Allow to install extensions with hyphens, ex: `postgresql_extension '"uuid-ossp"'` - Update Circle CI config to match sous-chefs defaults #617 -- Remove Fedora testing from CI, not an official supported OS by sous-chefs, PR welcome #617 +- Remove Fedora testing from CI, not an official supported OS by sous-chefs, PRs welcome #617 ## v7.1.4 (2019-03-28) diff --git a/documentation/postgresql_ident.md b/documentation/postgresql_ident.md index 06ff1daf0..dcb2f016b 100644 --- a/documentation/postgresql_ident.md +++ b/documentation/postgresql_ident.md @@ -60,7 +60,7 @@ postgresql_access 'local_foo_user' do database 'all' user 'foo' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end ``` diff --git a/kitchen.yml b/kitchen.yml index 5959eb87e..9f356ff7a 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -16,22 +16,15 @@ verifier: name: inspec platforms: - - name: almalinux-8 - name: almalinux-9 - - name: amazonlinux-2 - - name: centos-7 - - name: centos-stream-8 + - name: rockylinux-9 + - name: oraclelinux-9 - name: centos-stream-9 - - name: debian-10 + - name: amazonlinux-2023 - name: debian-11 - name: debian-12 - - name: fedora-latest - - name: oraclelinux-7 - - name: oraclelinux-8 - - name: rockylinux-8 - - name: rockylinux-9 - - name: ubuntu-20.04 - name: ubuntu-22.04 + - name: ubuntu-24.04 suites: - name: server_install_os @@ -41,282 +34,215 @@ suites: run_list: - recipe[test::server_install_os] - - name: access_15 + # PostgreSQL 17 + - name: access_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/access/ run_list: - recipe[test::access] - - name: client_install_15 + - name: client_install_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/client_install/ inputs: - pg_ver: "15" + pg_ver: "17" run_list: - recipe[test::client_install] - - name: extension_15 + - name: extension_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/extension/ run_list: - recipe[test::extension] - - name: ident_15 + - name: ident_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/ident/ run_list: - recipe[test::ident] - - name: initdb_locale_15 + - name: initdb_locale_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/initdb_locale/ run_list: - recipe[test::initdb_locale] - - name: repo_15 + - name: repo_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/repo/ inputs: - pg_ver: "15" + pg_ver: "17" run_list: - recipe[test::repository] - - name: server_install_15 + - name: server_install_17 attributes: test: - pg_ver: "15" + pg_ver: "17" verifier: inspec_tests: - path: test/integration/server_install/ inputs: - pg_ver: "15" + pg_ver: "17" run_list: - recipe[test::server_install] - - name: access_14 + # PostgreSQL 16 + - name: access_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/access/ run_list: - recipe[test::access] - - name: client_install_14 + - name: client_install_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/client_install/ inputs: - pg_ver: "14" + pg_ver: "16" run_list: - recipe[test::client_install] - - name: extension_14 + - name: extension_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/extension/ run_list: - recipe[test::extension] - - name: ident_14 + - name: ident_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/ident/ run_list: - recipe[test::ident] - - name: initdb_locale_14 + - name: initdb_locale_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/initdb_locale/ run_list: - recipe[test::initdb_locale] - - name: repo_14 + - name: repo_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/repo/ inputs: - pg_ver: "14" + pg_ver: "16" run_list: - recipe[test::repository] - - name: server_install_14 + - name: server_install_16 attributes: test: - pg_ver: "14" + pg_ver: "16" verifier: inspec_tests: - path: test/integration/server_install/ inputs: - pg_ver: "14" + pg_ver: "16" run_list: - recipe[test::server_install] - - name: access_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/access/ - run_list: - - recipe[test::access] - - name: client_install_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/client_install/ - inputs: - pg_ver: "13" - run_list: - - recipe[test::client_install] - - name: extension_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/extension/ - run_list: - - recipe[test::extension] - - name: ident_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/ident/ - run_list: - - recipe[test::ident] - - name: initdb_locale_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/initdb_locale/ - run_list: - - recipe[test::initdb_locale] - - name: repo_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/repo/ - inputs: - pg_ver: "13" - run_list: - - recipe[test::repository] - - name: server_install_13 - attributes: - test: - pg_ver: "13" - verifier: - inspec_tests: - - path: test/integration/server_install/ - inputs: - pg_ver: "13" - run_list: - - recipe[test::server_install] - - - name: access_12 + # PostgreSQL 15 + - name: access_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/access/ run_list: - recipe[test::access] - - name: client_install_12 + - name: client_install_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/client_install/ inputs: - pg_ver: "12" + pg_ver: "15" run_list: - recipe[test::client_install] - - name: extension_12 + - name: extension_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/extension/ run_list: - recipe[test::extension] - - name: ident_12 + - name: ident_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/ident/ run_list: - recipe[test::ident] - - name: initdb_locale_12 + - name: initdb_locale_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/initdb_locale/ run_list: - recipe[test::initdb_locale] - - name: repo_12 + - name: repo_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/repo/ inputs: - pg_ver: "12" + pg_ver: "15" run_list: - recipe[test::repository] - - name: server_install_12 + - name: server_install_15 attributes: test: - pg_ver: "12" + pg_ver: "15" verifier: inspec_tests: - path: test/integration/server_install/ inputs: - pg_ver: "12" + pg_ver: "15" run_list: - recipe[test::server_install] diff --git a/libraries/_utils.rb b/libraries/_utils.rb index 8810c512a..bab5da217 100644 --- a/libraries/_utils.rb +++ b/libraries/_utils.rb @@ -18,7 +18,7 @@ module PostgreSQL module Cookbook module Utils - AUTH_OPTION_REGEX = /[\w-]+=(?:"[^"]*"|[^\s"]+)/.freeze + AUTH_OPTION_REGEX = /[\w-]+=(?:"[^"]*"|[^\s"]+)/ private diff --git a/libraries/access.rb b/libraries/access.rb index fa4ca7529..b36a0078c 100644 --- a/libraries/access.rb +++ b/libraries/access.rb @@ -70,7 +70,7 @@ class PgHbaFile attr_reader :entries - SPLIT_REGEX = %r{^(((?local)\s+(?[\w\-_,]+)\s+(?[\w\d\-_.$,]+))|((?!local)(?\w+)\s+(?[\w\-_,]+)\s+(?[\w\d\-_.$,]+)\s+(?
[\w\-.:\/]+)))\s+(?[\w-]+)(?(?:\s+#{AUTH_OPTION_REGEX})*)(?:\s*)(?#\s*.*)?$}.freeze + SPLIT_REGEX = %r{^(((?local)\s+(?[\w\-_,]+)\s+(?[\w\d\-_.$,]+))|((?!local)(?\w+)\s+(?[\w\-_,]+)\s+(?[\w\d\-_.$,]+)\s+(?
[\w\-.:\/]+)))\s+(?[\w-]+)(?(?:\s+#{AUTH_OPTION_REGEX})*)(?:\s*)(?#\s*.*)?$} private_constant :SPLIT_REGEX def initialize @@ -151,7 +151,7 @@ def sort! def self.read(file = 'pg_hba.conf', sort: false) pg_hba = new - pg_hba.read!(file, sort: sort) + pg_hba.read!(file, sort:) pg_hba end @@ -284,7 +284,7 @@ class PgHbaFileEntryHost < PgHbaFileEntry def initialize(type:, database:, user:, address:, auth_method:, auth_options: nil, comment: nil, position: nil) raise PgHbaInvalidEntryType unless %w(host hostssl hostnossl hostgssenc hostnogssenc).include?(type) - super(type: type, database: database, user: user, auth_method: auth_method, auth_options: auth_options, comment: comment, position: position) + super(type:, database:, user:, auth_method:, auth_options:, comment:, position:) @address = address end diff --git a/libraries/helpers.rb b/libraries/helpers.rb index 152f08f20..6821b1553 100644 --- a/libraries/helpers.rb +++ b/libraries/helpers.rb @@ -67,7 +67,7 @@ def installed_postgresql_package_source def data_dir(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' source.eql?(:repo) ? "/var/lib/pgsql/#{version}/data" : '/var/lib/pgsql/data' when 'debian' "/var/lib/postgresql/#{version}/main" @@ -76,7 +76,7 @@ def data_dir(version: installed_postgresql_major_version, source: installed_post def conf_dir(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' source.eql?(:repo) ? "/var/lib/pgsql/#{version}/data" : '/var/lib/pgsql/data' when 'debian' "/etc/postgresql/#{version}/main" @@ -85,7 +85,7 @@ def conf_dir(version: installed_postgresql_major_version, source: installed_post # determine the platform specific service name def default_platform_service_name(version: installed_postgresql_major_version, source: installed_postgresql_package_source) - if platform_family?('rhel', 'fedora', 'amazon') && source.eql?(:repo) + if platform_family?('rhel', 'amazon') && source.eql?(:repo) "postgresql-#{version}" else 'postgresql' @@ -110,14 +110,19 @@ def secure_random def default_server_packages(version: nil, source: :os) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel' { - os: %w(postgresql-contrib postgresql-server), + os: %w(libpq postgresql-contrib postgresql-server), + repo: %W(postgresql#{version.delete('.')}-contrib postgresql#{version.delete('.')}-server), + }.fetch(source, nil) + when 'amazon' + { + os: %W(postgresql#{version.delete('.')}-contrib postgresql#{version.delete('.')}-server), repo: %W(postgresql#{version.delete('.')}-contrib postgresql#{version.delete('.')}-server), }.fetch(source, nil) when 'debian' { - os: %w(postgresql postgresql-common), + os: %w(libpq5 postgresql postgresql-common), repo: %W(postgresql-#{version} postgresql-common), }.fetch(source, nil) end @@ -125,11 +130,16 @@ def default_server_packages(version: nil, source: :os) def default_client_packages(version: nil, source: :os) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel' { os: %w(postgresql), repo: %W(postgresql#{version.delete('.')}), }.fetch(source, nil) + when 'amazon' + { + os: %W(postgresql#{version.delete('.')}), + repo: %W(postgresql#{version.delete('.')}), + }.fetch(source, nil) when 'debian' { os: %w(postgresql-client), @@ -139,26 +149,18 @@ def default_client_packages(version: nil, source: :os) end def default_yum_gpg_key_uri - case node['platform_family'] - when 'rhel', 'amazon' - case node['platform_version'].to_i - when 7 - 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL7' - else - 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL' - end - when 'fedora' - 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-Fedora' + if platform_family?('rhel') && node['platform_version'].to_i == 7 + 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL7' else - 'https://download.postgresql.org/pub/repos/yum/keys/RPM-GPG-KEY-PGDG' + 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL' end end def dnf_module_platform? - (platform_family?('rhel') && node['platform_version'].to_i == 8) || platform_family?('fedora') + (platform_family?('rhel') && node['platform_version'].to_i == 8) end - # determine the appropriate DB init command to run based on RHEL/Fedora/Amazon release + # determine the appropriate DB init command to run based on RHEL/Amazon release # initdb defaults to the execution environment. # https://www.postgresql.org/docs/9.5/static/locale.html def rhel_init_db_command(new_resource) @@ -171,36 +173,23 @@ def rhel_init_db_command(new_resource) # Given the base URL build the complete URL string for a yum repo def yum_repo_url(base_url) - "#{base_url}/#{new_resource.version}/#{yum_repo_platform_family_string}/#{yum_repo_platform_string}" + "#{base_url}/#{new_resource.version}/redhat/#{yum_repo_platform_string}" end # Given the base URL build the complete URL string for a yum repo def yum_common_repo_url - "https://download.postgresql.org/pub/repos/yum/common/#{yum_repo_platform_family_string}/#{yum_repo_platform_string}" - end - - # The postgresql yum repos URLs are organized into redhat and fedora directories.s - # route things to the right place based on platform_family - def yum_repo_platform_family_string - platform_family?('fedora') ? 'fedora' : 'redhat' + "https://download.postgresql.org/pub/repos/yum/common/redhat/#{yum_repo_platform_string}" end # Build the platform string that makes up the final component of the yum repo URL def yum_repo_platform_string - platform = platform?('fedora') ? 'fedora' : 'rhel' - release = platform?('amazon') ? '7' : '$releasever' - "#{platform}-#{release}-$basearch" + release = platform?('amazon') ? '8' : '$releasever' + "rhel-#{release}-$basearch" end - # On Amazon use the RHEL 7 packages. Otherwise use the releasever yum variable + # On Amazon use the RHEL 8 packages. Otherwise use the releasever yum variable def yum_releasever - platform?('amazon') ? '7' : '$releasever' - end - - # Fedora doesn't seem to know the right symbols for psql - def psql_environment - return {} unless platform?('fedora') - { LD_LIBRARY_PATH: '/usr/lib64' } + platform?('amazon') ? '8' : '$releasever' end # Generate a password if the value is set to generate. diff --git a/libraries/ident.rb b/libraries/ident.rb index 442911908..7391b9d03 100644 --- a/libraries/ident.rb +++ b/libraries/ident.rb @@ -68,7 +68,7 @@ class PgIdentFile attr_reader :entries - SPLIT_REGEX = /^(?[\w-]+)\s+(?[\w-]+)\s+(?[\w-]+)(?:\s*)(?#\s*.*)?$/.freeze + SPLIT_REGEX = /^(?[\w-]+)\s+(?[\w-]+)\s+(?[\w-]+)(?:\s*)(?#\s*.*)?$/ private_constant :SPLIT_REGEX def initialize @@ -144,7 +144,7 @@ def to_s(sort: true) def self.read(file = 'pg_ident.conf', sort: true) pg_hba = new - pg_hba.read!(file, sort: sort) + pg_hba.read!(file, sort:) pg_hba end diff --git a/libraries/sql/_connection.rb b/libraries/sql/_connection.rb index d582dd2ac..aa83ccced 100644 --- a/libraries/sql/_connection.rb +++ b/libraries/sql/_connection.rb @@ -29,16 +29,18 @@ module Connection def postgresql_devel_pkg_name(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel' source.eql?(:repo) ? "postgresql#{version}-devel" : 'postgresql-devel' when 'debian' 'libpq-dev' + when 'amazon' + 'libpq-devel' end end def postgresql_devel_path(suffix = nil, version: installed_postgresql_major_version) path = case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' "/usr/pgsql-#{version}" when 'debian' '/usr/include/postgresql' @@ -53,7 +55,7 @@ def postgresql_devel_path(suffix = nil, version: installed_postgresql_major_vers def pg_gem_build_options case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' "-- --with-pg-include=#{postgresql_devel_path('include')} --with-pg-lib=#{postgresql_devel_path('lib')}" when 'debian' "-- --with-pg-include=#{postgresql_devel_path} --with-pg-lib=#{postgresql_devel_path}" @@ -73,8 +75,6 @@ def install_pg_gem end case node['platform_family'] - when 'fedora' - declare_resource(:package, libpq_package_name) { compile_time(true) } when 'rhel' case node['platform_version'].to_i when 7 diff --git a/metadata.rb b/metadata.rb index 01130e0f1..67484bd9b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -16,7 +16,6 @@ supports 'amazon' supports 'centos' supports 'debian' -supports 'fedora' supports 'oracle' supports 'redhat' supports 'scientific' diff --git a/resources/config.rb b/resources/config.rb index 37e823afb..d1baa5b22 100644 --- a/resources/config.rb +++ b/resources/config.rb @@ -94,7 +94,7 @@ mode new_resource.filemode variables( - config: config + config: ) action :create diff --git a/resources/install.rb b/resources/install.rb index 9738ad506..0ea0ca339 100644 --- a/resources/install.rb +++ b/resources/install.rb @@ -23,7 +23,7 @@ default: true property :version, [String, Integer], - default: '15', + default: '17', coerce: proc { |p| p.to_s }, description: 'Version to install' @@ -34,12 +34,12 @@ description: 'Installation source' property :client_packages, [String, Array], - default: lazy { default_client_packages(version: version, source: source) }, + default: lazy { default_client_packages(version:, source:) }, coerce: proc { |p| Array(p) }, description: 'Client packages to install' property :server_packages, [String, Array], - default: lazy { default_server_packages(version: version, source: source) }, + default: lazy { default_server_packages(version:, source:) }, coerce: proc { |p| Array(p) }, description: 'Server packages to install' @@ -97,16 +97,17 @@ def install_method_repo? def do_repository_action(repo_action) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' + # Disable the PostgreSQL module if we're on RHEL 8 + dnf_module 'postgresql' do + action :disable + end if dnf_module_platform? + remote_file '/etc/pki/rpm-gpg/PGDG-RPM-GPG-KEY' do source new_resource.yum_gpg_key_uri sensitive new_resource.sensitive end - dnf_module 'postgresql' do - action :disable - end if dnf_module_platform? - yum_repository "PostgreSQL #{new_resource.version}" do repositoryid "pgdg#{new_resource.version}" description "PostgreSQL.org #{new_resource.version}" @@ -178,11 +179,6 @@ def do_repository_action(repo_action) end def do_client_package_action(package_action) - if platform_family?('rhel') && node['platform_version'].to_i.eql?(7) - package 'epel-release' - package 'centos-release-scl' - end - package 'postgresql-client' do package_name new_resource.client_packages action package_action @@ -241,7 +237,7 @@ def do_server_package_action(package_action) source 'createcluster.conf.erb' cookbook 'postgresql' variables( - initdb_options: initdb_options + initdb_options: ) end end @@ -273,7 +269,7 @@ def do_server_package_action(package_action) end action :init_server do - return if initialized? || !platform_family?('rhel', 'fedora', 'amazon') + return if initialized? || !platform_family?('rhel', 'amazon') converge_by('Init PostgreSQL') do execute 'init_db' do diff --git a/templates/default/createcluster.conf.erb b/templates/default/createcluster.conf.erb index 5f9e9f05f..ac50d132c 100644 --- a/templates/default/createcluster.conf.erb +++ b/templates/default/createcluster.conf.erb @@ -33,9 +33,6 @@ ssl = on # Show cluster name in process title cluster_name = '%v/%c' -# Put stats_temp_directory on tmpfs -stats_temp_directory = '/var/run/postgresql/%v-%c.pg_stat_tmp' - # Add prefix to log lines log_line_prefix = '%%m [%%p] %%q%%u@%%d ' diff --git a/test/cookbooks/test/recipes/access.rb b/test/cookbooks/test/recipes/access.rb index a6853eb61..c88ceba07 100644 --- a/test/cookbooks/test/recipes/access.rb +++ b/test/cookbooks/test/recipes/access.rb @@ -9,7 +9,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end postgresql_service 'postgresql' do @@ -45,7 +45,7 @@ type 'host' database 'all' user 'sous_chef' - auth_method 'md5' + auth_method 'scram-sha-256' address '127.0.0.1/32' position 5 @@ -74,7 +74,7 @@ type 'host' database 'all' user 'hostname_user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -84,7 +84,7 @@ type 'host' database 'all' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -94,7 +94,7 @@ type 'host' database 'my_database' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -104,7 +104,7 @@ type 'host' database 'my_database' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -135,5 +135,5 @@ database 'foo,bar' user 'john,doe' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end diff --git a/test/cookbooks/test/recipes/client_install.rb b/test/cookbooks/test/recipes/client_install.rb index 745759ee6..c48c9da2d 100644 --- a/test/cookbooks/test/recipes/client_install.rb +++ b/test/cookbooks/test/recipes/client_install.rb @@ -1,5 +1,4 @@ postgresql_install 'postgresql' do version node['test']['pg_ver'] - action %i(install_client) end diff --git a/test/cookbooks/test/recipes/extension.rb b/test/cookbooks/test/recipes/extension.rb index e2390a385..b8b77f301 100644 --- a/test/cookbooks/test/recipes/extension.rb +++ b/test/cookbooks/test/recipes/extension.rb @@ -1,6 +1,6 @@ # Dokken images don't have all locales available so this is a workaround locale = value_for_platform( - %i(debian ubuntu fedora oracle amazon almalinux rocky) => { default: 'C.UTF-8' }, + %i(debian ubuntu oracle amazon almalinux rocky) => { default: 'C.UTF-8' }, centos: { default: node['platform_version'].to_i < 8 ? 'en_US.utf-8' : 'C.UTF-8' }, default: 'en_US' ) diff --git a/test/cookbooks/test/recipes/ident.rb b/test/cookbooks/test/recipes/ident.rb index 588d17dae..8626e53c7 100644 --- a/test/cookbooks/test/recipes/ident.rb +++ b/test/cookbooks/test/recipes/ident.rb @@ -50,7 +50,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' notifies :reload, 'postgresql_service[postgresql]', :delayed end diff --git a/test/cookbooks/test/recipes/multi_client.rb b/test/cookbooks/test/recipes/multi_client.rb index c02ed360b..d90f9b305 100644 --- a/test/cookbooks/test/recipes/multi_client.rb +++ b/test/cookbooks/test/recipes/multi_client.rb @@ -1,5 +1,5 @@ -postgresql_install '13' do - version '13' +postgresql_install '16' do + version '16' action :install_client end diff --git a/test/cookbooks/test/recipes/server_install_os.rb b/test/cookbooks/test/recipes/server_install_os.rb index de052a942..5382bd56a 100644 --- a/test/cookbooks/test/recipes/server_install_os.rb +++ b/test/cookbooks/test/recipes/server_install_os.rb @@ -1,8 +1,13 @@ postgresql_install 'postgresql' do source :os + version '15' action %i(install init_server) end +apt_update + +package 'libpq-devel' if platform_family?('amazon') + postgresql_config 'postgresql-server' do server_config({ 'max_connections' => 110, @@ -38,7 +43,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end postgresql_user 'postgres' do @@ -74,7 +79,7 @@ type 'host' database 'all' user 'sous_chef' - auth_method 'md5' + auth_method 'scram-sha-256' address '127.0.0.1/32' notifies :restart, 'postgresql_service[postgresql]', :delayed diff --git a/test/integration/access/controls/base_access.rb b/test/integration/access/controls/base_access.rb index 4a59e9005..224ee27f6 100644 --- a/test/integration/access/controls/base_access.rb +++ b/test/integration/access/controls/base_access.rb @@ -5,7 +5,7 @@ describe postgres_hba_conf.where { type == 'host' && user == 'postgres' } do its('database') { should cmp 'all' } its('user') { should cmp 'postgres' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -23,7 +23,7 @@ describe postgres_hba_conf.where { user == 'sous_chef' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -41,7 +41,7 @@ describe postgres_hba_conf.where { user == 'hostname_user' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp 'host.domain' } end end @@ -53,7 +53,7 @@ describe postgres_hba_conf.where { address == 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' } do its('database') { should cmp 'my_database' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' } end end diff --git a/test/integration/client_multi_install/controls/client_spec.rb b/test/integration/client_multi_install/controls/client_spec.rb index c4e4da3ca..1e0c453c8 100644 --- a/test/integration/client_multi_install/controls/client_spec.rb +++ b/test/integration/client_multi_install/controls/client_spec.rb @@ -2,7 +2,7 @@ case os.family when 'debian' '/usr/lib/postgresql/' - when 'redhat', 'fedora' + when 'redhat' '/usr/pgsql-' end diff --git a/test/integration/initdb_locale/controls/default_spec.rb b/test/integration/initdb_locale/controls/default_spec.rb index f9ae3ae86..45358fdf9 100644 --- a/test/integration/initdb_locale/controls/default_spec.rb +++ b/test/integration/initdb_locale/controls/default_spec.rb @@ -4,11 +4,19 @@ postgres_access = postgres_session('postgres', '12345', '127.0.0.1') - describe postgres_access.query('SHOW lc_collate;') do + describe postgres_access.query('SHOW LC_MONETARY;') do its('output') { should include "#{os.release.to_i < 8 ? 'en_US.utf8' : 'C.UTF-8'}" } end - describe postgres_access.query('SHOW lc_messages;') do + describe postgres_access.query('SHOW LC_MESSAGES;') do + its('output') { should include "#{os.release.to_i < 8 ? 'en_US.utf8' : 'C.UTF-8'}" } + end + + describe postgres_access.query('SHOW LC_NUMERIC;') do + its('output') { should include "#{os.release.to_i < 8 ? 'en_US.utf8' : 'C.UTF-8'}" } + end + + describe postgres_access.query('SHOW LC_TIME;') do its('output') { should include "#{os.release.to_i < 8 ? 'en_US.utf8' : 'C.UTF-8'}" } end end diff --git a/test/integration/repo/controls/repo_spec.rb.rb b/test/integration/repo/controls/repo_spec.rb.rb index 5cda4637c..17e00fbe4 100644 --- a/test/integration/repo/controls/repo_spec.rb.rb +++ b/test/integration/repo/controls/repo_spec.rb.rb @@ -3,8 +3,7 @@ case os[:family] -when 'redhat', 'fedora' - +when 'redhat' describe yum.repo("pgdg#{pg_ver}") do it { should exist } it { should be_enabled } @@ -26,7 +25,6 @@ end when 'debian' - describe apt('https://download.postgresql.org/pub/repos/apt/') do it { should exist } it { should be_enabled } diff --git a/test/integration/server_install/controls/server_spec.rb b/test/integration/server_install/controls/server_spec.rb index ab13418c2..33f98f51a 100644 --- a/test/integration/server_install/controls/server_spec.rb +++ b/test/integration/server_install/controls/server_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true pg_ver = input('pg_ver') -if os[:family] == 'redhat' || os[:family] == 'fedora' +if os[:family] == 'redhat' describe service("postgresql-#{pg_ver}") do it { should be_installed } it { should be_enabled } diff --git a/test/integration/server_install_os/controls/access.rb b/test/integration/server_install_os/controls/access.rb index 703d4a4a3..edd570de6 100644 --- a/test/integration/server_install_os/controls/access.rb +++ b/test/integration/server_install_os/controls/access.rb @@ -5,7 +5,7 @@ describe postgres_hba_conf.where { type == 'host' && user == 'postgres' } do its('database') { should cmp 'all' } its('user') { should cmp 'postgres' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -23,7 +23,7 @@ describe postgres_hba_conf.where { user == 'sous_chef' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end