Merge pull request #134 from gnowxilef/master

support multiple sasl_passwd entries
2018-05-23 13:28:58 -05:00 · 2018-05-23 13:28:58 -05:00 · d1d826e513
commit d1d826e513
parent 68fda8b47d 1bb847e735
6 changed files with 126 additions and 15 deletions
--- a/.kitchen.yml
+++ b/.kitchen.yml
@ -44,7 +44,24 @@ suites:
  run_list:
  - recipe[postfix::server]

- name: sasl_auth
+- name: canonical
+  run_list:
+  - recipe[postfix]
+  attributes:
+    postfix:
+      recipient_canonical_map_entries:
+        john: john@doe.com
+        
+- name: sasl_auth_none
+  run_list:
+  - recipe[postfix::sasl_auth]
+  attributes:
+    postfix:
+      main:
+        relayhost: "localhost"
+        smtp_sasl_auth_enable: "yes"
+
+- name: sasl_auth_multiple
  run_list:
  - recipe[postfix::sasl_auth]
  attributes:
@ -53,14 +70,22 @@ suites:
        relayhost: "localhost"
        smtp_sasl_auth_enable: "yes"
      sasl:
-        smtp_sasl_user_name: "kitchenuser"
-        smtp_sasl_passwd: "not-a-real-thing"
+        relayhost1:
+          username: "kitchenuser"
+          password: "not-a-real-thing"
+        relayhost2:
+          username: "anotherkitchenuser"
+          password: "yet-not-a-real-thing"

- name: canonical
+- name: sasl_auth_one
  run_list:
-  - recipe[postfix]
+  - recipe[postfix::sasl_auth]
  attributes:
    postfix:
-      recipient_canonical_map_entries:
-        john: john@doe.com
-        
+      main:
+        relayhost: "localhost"
+        smtp_sasl_auth_enable: "yes"
+      sasl:
+        relayhost:
+          username: "kitchenuser"
+          password: "not-a-real-thing"
--- a/README.md
+++ b/README.md
@ -77,12 +77,20 @@ This change in namespace to `node['postfix']['main']` should allow for greater f
 - `node['postfix']['main']['smtp_sasl_password_maps']` - Set to `hash:/etc/postfix/sasl_passwd` template file
 - `node['postfix']['main']['smtp_sasl_security_options']` - Set to noanonymous
 - `node['postfix']['main']['relayhost']` - Set to empty string
- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty
- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty.
 - `node['postfix']['sender_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config.
 - `node['postfix']['smtp_generic_map_entries']` - (hash with key value pairs); default not configured. Setup generic postfix maps. See `man 5 generic`. If has at least one value, then will be enabled in config.
 - `node['postfix']['recipient_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config.
-
+- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty. You can only use this until the current version. The new syntax is below.
+- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty. You can only use this until the current version. The new syntax is below.
+- `node['postfix']['sasl']` = ```json {
+    "relayhost1" => {
+      'username' => 'foo',
+      'password' => 'bar'
+    },
+    "relayhost2" => {
+      ...
+    }
+  }``` - You must set the following attribute, otherwise the attribute will default to empty

 Example of json role config, for setup *_map_entries:

@ -335,8 +343,14 @@ override_attributes(
      "smtp_sasl_auth_enable" => "yes"
    },
    "sasl" => {
-      "smtp_sasl_passwd" => "your_password",
-      "smtp_sasl_user_name" => "your_username"
+      "relayhost1" => {
+        "username" => "your_password",
+        "password" => "your_username"
+      },
+      "relayhost2" => {
+        ...
+      },
+      ...
    }
  }
 )
--- a/templates/sasl_passwd.erb
+++ b/templates/sasl_passwd.erb
@ -1,4 +1,8 @@
 # Auto-generated by Chef.
 # Local modifications will be overwritten.
-#
-<%= node['postfix']['main']['relayhost'] %> <%= @settings['smtp_sasl_user_name'] %>:<%= @settings['smtp_sasl_passwd'] %>
+
+<% if !@settings.nil? && !@settings.empty? -%>
+<%   @settings.sort.map do |relayhost,value| -%>
+<%= relayhost %> <%= value['username'] %>:<%= value['password'] %>
+<%   end -%>
+<% end -%>
--- a/test/integration/sasl_auth_multiple/serverspec/sasl_auth_multiple_spec.rb
+++ b/test/integration/sasl_auth_multiple/serverspec/sasl_auth_multiple_spec.rb
@ -0,0 +1,32 @@
+# encoding: utf-8
+# Copyright 2012, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative './spec_helper'
+
+describe 'postfix::sasl_auth' do
+  let(:sasl_passwd_file) { '/etc/postfix/sasl_passwd' }
+
+  it 'manages postfix sasl_passwd' do
+    expect(file(sasl_passwd_file).content).to match(/^# This file is generated by Chef for/)
+  end
+
+  it 'configures postfix to use the sasl_passwd file' do
+    expect(file('/etc/postfix/main.cf').content).to match(/^\s*smtp_sasl_password_maps\s*=.*#{sasl_passwd_file}\s*$/)
+  end
+
+  it 'configures postfix sasl_passwd with multiple entries' do
+    expect(file(sasl_passwd_file).content).to match(/^# This file is generated by Chef for .*\nrelayhost1 kitchenuser:not-a-real-thing\nrelayhost2 anotherkitchenuser:yet-not-a-real-thing\n/)
+  end
+end
--- a/test/integration/sasl_auth_none/serverspec/sasl_auth_none_spec.rb
+++ b/test/integration/sasl_auth_none/serverspec/sasl_auth_none_spec.rb
@ -24,4 +24,8 @@ describe 'postfix::sasl_auth' do
  it 'configures postfix to use the sasl_passwd file' do
    expect(file('/etc/postfix/main.cf').content).to match(/^\s*smtp_sasl_password_maps\s*=.*#{sasl_passwd_file}\s*$/)
  end
+
+  it 'configures postfix sasl_passwd with nothing in it' do
+    expect(file(sasl_passwd_file).content).to match(/^# This file is generated by Chef for .*\n/)
+  end
 end
--- a/test/integration/sasl_auth_one/serverspec/sasl_auth_one_spec.rb
+++ b/test/integration/sasl_auth_one/serverspec/sasl_auth_one_spec.rb
@ -0,0 +1,32 @@
+# encoding: utf-8
+# Copyright 2012, Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative './spec_helper'
+
+describe 'postfix::sasl_auth' do
+  let(:sasl_passwd_file) { '/etc/postfix/sasl_passwd' }
+
+  it 'manages postfix sasl_passwd' do
+    expect(file(sasl_passwd_file).content).to match(/^# This file is generated by Chef for/)
+  end
+
+  it 'configures postfix to use the sasl_passwd file' do
+    expect(file('/etc/postfix/main.cf').content).to match(/^\s*smtp_sasl_password_maps\s*=.*#{sasl_passwd_file}\s*$/)
+  end
+
+  it 'configures postfix sasl_passwd with one entry' do
+    expect(file(sasl_passwd_file).content).to match(/^# This file is generated by Chef for .*\nrelayhost kitchenuser:not-a-real-thing\n/)
+  end
+end