diff options
| -rw-r--r-- | lib/chef/resource/sysctl_param.rb | 123 | ||||
| -rw-r--r-- | lib/chef/resources.rb | 1 | ||||
| -rw-r--r-- | spec/unit/resource/sysctl_param_spec.rb | 56 |
3 files changed, 180 insertions, 0 deletions
diff --git a/lib/chef/resource/sysctl_param.rb b/lib/chef/resource/sysctl_param.rb new file mode 100644 index 0000000000..9cf5250a6d --- /dev/null +++ b/lib/chef/resource/sysctl_param.rb @@ -0,0 +1,123 @@ +# +# Copyright:: 2018, Webb Agile Solutions Ltd. +# Copyright:: 2018, Chef Software Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require "chef/resource" + +class Chef + class Resource + class SysctlParam < Chef::Resource + resource_name :sysctl_param + provides :sysctl_param + + description "Use the sysctl_param resource to set kernel parameters using the sysctl"\ + " command line tool and configuration files in the system's sysctl.d directory."\ + "Configuration files managed by this resource are named 99-chef-KEYNAME.conf. If"\ + " an existing value was already set for the value it will be backed up to the node"\ + " and restored if the :remove action is used later." + + introduced "14.0" + + property :key, String, + description: "", + name_property: true + + property :ignore_error, [TrueClass, FalseClass], + description: "", + default: false + + property :value, [Array, String, Integer, Float], + description: "", + coerce: proc { |v| coerce_value(v) }, + required: true + + property :conf_dir, String, + description: "", + default: "/etc/sysctl.d" + + def after_created + raise "The systctl_param resource requires Linux as it needs sysctl and the systctl.d directory functionality." unless node["os"] == "linux" + raise "The systctl_param resource does not support SLES releases less than 12 as it requires a systctl.d directory" if platform_family?("suse") && node["platform_version"].to_i < 12 + end + + def coerce_value(v) + case v + when Array + v.join(" ") + else + v.to_s + end + end + + def get_sysctl_value(key) + o = shell_out("sysctl -n -e #{key}") + raise "Unknown sysctl key!" if o.error! + o.stdout.to_s.tr("\t", " ").strip + end + + load_current_value do + value get_sysctl_value(key) + if node.normal["sysctl"]["backup"][key].empty? + node.normal["sysctl"]["backup"][key] = value + end + end + + action :apply do + converge_if_changed do + # set it temporarily + set_sysctl_param(new_resource.key, new_resource.value) + + directory new_resource.conf_dir + + file "#{new_resource.conf_dir}/99-chef-#{new_resource.key}.conf" do + content "#{new_resource.key} = #{new_resource.value}" + end + + execute "sysctl -p" do + command "sysctl -p" + action :run + end + end + end + + action :remove do + # only converge the resource if the file actually exists to delete + if ::File.exist?("#{new_resource.conf_dir}/99-chef-#{new_resource.key}.conf") + converge_by "removing systctl value #{new_resource.key}" do + file "#{new_resource.conf_dir}/99-chef-#{new_resource.key}.conf" do + action :delete + end + + backup_value = node["sysctl"]["backup"][new_resource.key] + set_sysctl_param(new_resource.key, backup_value) unless backup_value.empty? + node.rm("sysctl", "backup", new_resource.key) + + execute "sysctl -p" do + command "sysctl -p" + action :run + end + end + end + end + + action_class do + def set_sysctl_param(key, value) + shell_out!("sysctl #{'-e ' if new_resource.ignore_error}-w \"#{key}=#{value}\"") + end + end + end + end +end diff --git a/lib/chef/resources.rb b/lib/chef/resources.rb index a5d5423bfe..1f1be2bbd8 100644 --- a/lib/chef/resources.rb +++ b/lib/chef/resources.rb @@ -89,6 +89,7 @@ require "chef/resource/scm" require "chef/resource/script" require "chef/resource/service" require "chef/resource/sudo" +require "chef/resource/sysctl_param" require "chef/resource/systemd_unit" require "chef/resource/windows_service" require "chef/resource/subversion" diff --git a/spec/unit/resource/sysctl_param_spec.rb b/spec/unit/resource/sysctl_param_spec.rb new file mode 100644 index 0000000000..14008e089d --- /dev/null +++ b/spec/unit/resource/sysctl_param_spec.rb @@ -0,0 +1,56 @@ +# +# Copyright:: Copyright 2018, Chef Software, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require "spec_helper" + +describe Chef::Resource::SysctlParam do + let(:resource) { Chef::Resource::SysctlParam.new("something.something") } + + it "sets resource name as :sysctl_param" do + expect(resource.resource_name).to eql(:sysctl_param) + end + + it "sets the default action as :apply" do + expect(resource.action).to eql([:apply]) + end + + it "sets the key property as its name property" do + expect(resource.key).to eql("something.something") + end + + it "coerces Arrays in the value property to space delimited Strings" do + resource.value [1, 2, 3] + expect(resource.value).to eql("1 2 3") + end + + it "coerces Integers in the value property to Strings" do + resource.value 1 + expect(resource.value).to eql("1") + end + + it "coerces Floats in the value property to Strings" do + resource.value 1.1 + expect(resource.value).to eql("1.1") + end + + it "supports :apply and :remove actions" do + expect { resource.action :apply }.not_to raise_error + expect { resource.action :remove }.not_to raise_error + expect { resource.action :delete }.to raise_error(ArgumentError) + expect { resource.action :install }.to raise_error(ArgumentError) + end +end |