]> review.fuel-infra Code Review - puppet-modules/puppet-ceilometer.git/commitdiff
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 7da5057)
Ensure pipeline yamls are created with correct permissions
authorLuis Pigueiras <luis.pigueiras@cern.ch>
Thu, 29 Jun 2017 09:48:31 +0000 (11:48 +0200)
committerLuis Pigueiras <luis.pigueiras@cern.ch>
Mon, 3 Jul 2017 09:57:59 +0000 (11:57 +0200)
Right now when you try to manage the `pipeline.yaml` or
`event_pipeline.yaml` via Puppet, notification-agent can't start
because it can't read the file because it has by default root:root
permissions. This enforces to have root:ceilometer and mode rw-r-----
to allow the daemon read the pipeline files

Change-Id: Ia97821135a2d51377514f2bcf389126254209e76

manifests/agent/notification.pp patch | blob | history
spec/classes/ceilometer_agent_notification_spec.rb patch | blob | history

diff --git a/manifests/agent/notification.pp b/manifests/agent/notification.pp
index 35e22194b5cac1b469c85cbbd11c103eb4b4ffb8..7f0f40a0722f8881dba5c90cbe7d0faedf7e73be 100644 (file)
--- a/manifests/agent/notification.pp
+++ b/manifests/agent/notification.pp
@@ -127,6 +127,9 @@ class ceilometer::agent::notification (
       path                    => $::ceilometer::params::event_pipeline,
       content                 => template('ceilometer/event_pipeline.yaml.erb'),
       selinux_ignore_defaults => true,
+      mode                    => '0640',
+      owner                   => 'root',
+      group                   => 'ceilometer',
       tag                     => 'ceilometer-yamls',
     }
   }
@@ -139,6 +142,9 @@ class ceilometer::agent::notification (
       path                    => $::ceilometer::params::pipeline,
       content                 => template('ceilometer/pipeline.yaml.erb'),
       selinux_ignore_defaults => true,
+      mode                    => '0640',
+      owner                   => 'root',
+      group                   => 'ceilometer',
       tag                     => 'ceilometer-yamls',
     }
   }
diff --git a/spec/classes/ceilometer_agent_notification_spec.rb b/spec/classes/ceilometer_agent_notification_spec.rb
index 1c1bbaef1ff86d9c7548d57bf837fcf406784429..bff9af5d0b7e05ff508bb06ead11ea2ad2dd624b 100644 (file)
--- a/spec/classes/ceilometer_agent_notification_spec.rb
+++ b/spec/classes/ceilometer_agent_notification_spec.rb
@@ -119,7 +119,10 @@ describe 'ceilometer::agent::notification' do
       ) }
 
       it { is_expected.to contain_file('event_pipeline').with(
-        'path' => '/etc/ceilometer/event_pipeline.yaml',
+        'path'  => '/etc/ceilometer/event_pipeline.yaml',
+        'owner' => 'root',
+        'group' => 'ceilometer',
+        'mode'  => '0640',
       ) }
 
       it { 'configures event_pipeline with the default notifier'
@@ -179,6 +182,9 @@ describe 'ceilometer::agent::notification' do
 
       it { is_expected.to contain_file('pipeline').with(
         'path' => '/etc/ceilometer/pipeline.yaml',
+        'mode'  => '0640',
+        'owner' => 'root',
+        'group' => 'ceilometer',
       ) }
     end