diff --git a/manifests/config.pp b/manifests/config.pp index 39cbc099..8821580e 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -35,6 +35,7 @@ owner => $::vault::user, group => $::vault::group, mode => $::vault::config_mode, + notify => Class['vault::service'], } # If using the file storage then the path must exist and be readable diff --git a/manifests/install.pp b/manifests/install.pp index 0a173d91..ade76dfc 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -1,29 +1,46 @@ # == Class vault::install # class vault::install { + $vault_bin = "${::vault::bin_dir}/vault" case $::vault::install_method { - 'archive': { - if $::vault::manage_download_dir { - file { $::vault::download_dir: - ensure => directory, - } + 'archive': { + if $::vault::manage_download_dir { + file { $::vault::download_dir: + ensure => directory, } + } - archive { "${::vault::download_dir}/${::vault::download_filename}": - ensure => present, - extract => true, - extract_path => $::vault::bin_dir, - source => $::vault::real_download_url, - cleanup => true, - creates => $vault_bin, - before => File['vault_binary'], - } + $_manage_file_capabilities = true + $_vault_versioned_bin = "/opt/vault-${::vault::version}/vault" + + file { "/opt/vault-${::vault::version}": + ensure => directory, + owner => 'root', + group => 'root', + mode => '0755', + } - $_manage_file_capabilities = true + archive { "${::vault::download_dir}/${::vault::download_filename}": + ensure => present, + extract => true, + extract_path => "/opt/vault-${::vault::version}", + source => $::vault::real_download_url, + cleanup => true, + creates => $_vault_versioned_bin, + before => File['vault_binary'], + notify => Exec['install_versioned_vault'], } + exec { 'install_versioned_vault': + command => "/bin/cp -f ${_vault_versioned_bin} ${vault_bin}", + refreshonly => true, + notify => Class['vault::service'], + } + + } + 'repo': { package { $::vault::package_name: ensure => $::vault::package_ensure, @@ -37,7 +54,7 @@ } file { 'vault_binary': - path => $vault_bin, + path => $vault_bin, owner => 'root', group => 'root', mode => '0755', diff --git a/spec/classes/vault_spec.rb b/spec/classes/vault_spec.rb index 5ea8afd0..327a6b3a 100644 --- a/spec/classes/vault_spec.rb +++ b/spec/classes/vault_spec.rb @@ -147,16 +147,29 @@ it { is_expected.to contain_archive('/tmp/vault.zip'). that_comes_before('File[vault_binary]') + is_expected.to contain_file('/opt/vault-1.4.2'). + with_ensure('directory'). + with_owner('root'). + with_group('root'). + with_mode('0755') } context 'when installed with default download options' do let(:params) do - super().merge(version: '0.7.0') + super().merge( + version: '0.7.0', + ) end it { + is_expected.to contain_file('/opt/vault-0.7.0') is_expected.to contain_archive('/tmp/vault.zip'). with_source('https://releases.hashicorp.com/vault/0.7.0/vault_0.7.0_linux_amd64.zip') + # A regex is used to validate the command because vault bin_dir is OS specific + is_expected.to contain_exec('install_versioned_vault'). + with_command(%r{/bin/cp -f /opt/vault-0.7.0/vault /[\w/]+/vault}). + with_refreshonly(true). + that_notifies(['Class[vault::service]']) } end @@ -171,6 +184,7 @@ end it { + is_expected.to contain_file('/opt/vault-0.6.0') is_expected.to contain_archive('/tmp/vault.zip'). with_source('http://my_site.example.com/vault/0.6.0/vaultbinary_0.6.0_linux_amd64.tar.gz') }