(maint) remove database-validation

With the removal of database-validation from the postgres module:
puppetlabs/puppetlabs-postgresql#1484

This module will no longer provide database validation.

This removes the validation files from the manifest, spec tests,
and parameters.

Author: jonathannewman

CHANGELOG.md

@@ -7,7 +7,7 @@ Release notes for the puppetlabs-puppetdb module.
 * Drop support for Ubuntu 16.04 and Scientific Linux 7
 * Remove all code related to embedded database
 * Require and install postgres 14 by default
-
+* remove support for database validation due to https://github.com/puppetlabs/puppetlabs-postgresql/pull/1484/
 
 #### 7.14.0 - 2023/10/09
 * Owner of puppetdb config.ini is now root

README.md

@@ -434,18 +434,6 @@ storeconfigs backend.
       puppet_conf => '/etc/puppet/puppet.conf'
     }
 
-**puppetdb::server::validate_db**
-
-Validates that a successful database connection can be established between the
-node on which this resource is run and the specified PuppetDB database instance
-(host/port/user/password/database name).
-
-    puppetdb::server::validate_db { 'validate my puppetdb database connection':
-      database_host     => 'my.postgres.host',
-      database_username => 'mydbuser',
-      database_password => 'mydbpassword',
-      database_name     => 'mydbname',
-    }
 
 ### Custom Types
 

manifests/init.pp

@@ -101,10 +101,6 @@
 #   This parameter maps directly to PostgreSQL's `listen_addresses`
 #   config option. Use a `*` to allow connections on any accessible address.
 #
-# @param database_validate
-#   If true, the module will attempt to connect to the database using the specified
-#   settings and fail if it is not able to do so. Defaults to `true`.
-#
 # @param node_ttl
 #   The length of time a node can go without receiving any new data before it's
 #   automatically deactivated. (defaults to '7d', which is a 7-day period. Set to
@@ -239,11 +235,7 @@
 #   The text to append to the JDBC connection URI. This should begin with a '?'
 #   character. For example, to use SSL for the PostgreSQL connection, set this
 #   parameter's value to `?ssl=true`.
-#
-# @param read_database_validate
-#   If true, the module will attempt to connect to the database using the specified
-#   settings and fail if it is not able to do so. Defaults to `true`.
-#
+##
 # @param read_database_name
 #   The name of the read database instance to connect to. If `read_database_host`
 #   is set to `undef`, and `manage_database` is set to `true`, it will use the value of
@@ -413,7 +405,6 @@
   $manage_db_password                      = $puppetdb::params::manage_db_password,
   $jdbc_ssl_properties                     = $puppetdb::params::jdbc_ssl_properties,
   $database_listen_address                 = $puppetdb::params::postgres_listen_addresses,
-  $database_validate                       = $puppetdb::params::database_validate,
   $node_ttl                                = $puppetdb::params::node_ttl,
   $node_purge_ttl                          = $puppetdb::params::node_purge_ttl,
   $report_ttl                              = $puppetdb::params::report_ttl,
@@ -437,7 +428,6 @@
   $read_database_name                      = $puppetdb::params::read_database_name,
   $manage_read_db_password                 = $puppetdb::params::manage_read_db_password,
   $read_database_jdbc_ssl_properties       = $puppetdb::params::read_database_jdbc_ssl_properties,
-  $read_database_validate                  = $puppetdb::params::read_database_validate,
   $read_log_slow_statements                = $puppetdb::params::read_log_slow_statements,
   $read_conn_max_age                       = $puppetdb::params::read_conn_max_age,
   $read_conn_keep_alive                    = $puppetdb::params::read_conn_keep_alive,
@@ -492,7 +482,6 @@
     database_name                     => $database_name,
     manage_db_password                => $manage_db_password,
     jdbc_ssl_properties               => $jdbc_ssl_properties,
-    database_validate                 => $database_validate,
     node_ttl                          => $node_ttl,
     node_purge_ttl                    => $node_purge_ttl,
     report_ttl                        => $report_ttl,
@@ -518,7 +507,6 @@
     read_database_name                => $read_database_name,
     manage_read_db_password           => $manage_read_db_password,
     read_database_jdbc_ssl_properties => $read_database_jdbc_ssl_properties,
-    read_database_validate            => $read_database_validate,
     read_log_slow_statements          => $read_log_slow_statements,
     read_conn_max_age                 => $read_conn_max_age,
     read_conn_keep_alive              => $read_conn_keep_alive,
@@ -542,14 +530,6 @@
     java_bin                          => $java_bin,
   }
 
-  $database_before = str2bool($database_validate) ? {
-    false => Class['puppetdb::server'],
-    default => [
-      Class['puppetdb::server'],
-      Class['puppetdb::server::validate_db']
-    ],
-  }
-
   class { 'puppetdb::database::postgresql':
     listen_addresses            => $database_listen_address,
     database_name               => $database_name,
@@ -568,6 +548,6 @@
     read_database_username      => $read_database_username,
     read_database_password      => $read_database_password,
     read_database_host          => $read_database_host,
-    before                      => $database_before,
+    before                      =>  Class['puppetdb::server'],
   }
 }

manifests/params.pp

@@ -39,7 +39,6 @@
   $database_password      = 'puppetdb'
   $manage_db_password     = true
   $jdbc_ssl_properties    = ''
-  $database_validate      = true
   $database_max_pool_size = undef
   $puppetdb_server        = fact('networking.fqdn')
 
@@ -69,7 +68,6 @@
   $read_database_password            = 'puppetdb-read'
   $manage_read_db_password           = true
   $read_database_jdbc_ssl_properties = ''
-  $read_database_validate            = true
   $read_log_slow_statements          = '10'
   $read_conn_max_age                 = '60'
   $read_conn_keep_alive              = '45'

manifests/server.pp

@@ -72,9 +72,6 @@
 #   character. For example, to use SSL for the PostgreSQL connection, set this
 #   parameter's value to `?ssl=true`.
 #
-# @param database_validate
-#   If true, the module will attempt to connect to the database using the specified
-#   settings and fail if it is not able to do so. Defaults to `true`.
 #
 # @param node_ttl
 #   The length of time a node can go without receiving any new data before it's
@@ -208,10 +205,6 @@
 #   character. For example, to use SSL for the PostgreSQL connection, set this
 #   parameter's value to `?ssl=true`.
 #
-# @param read_database_validate
-#   If true, the module will attempt to connect to the database using the specified
-#   settings and fail if it is not able to do so. Defaults to `true`.
-#
 # @param read_database_name
 #   The name of the read database instance to connect to. If `read_database_host`
 #   is set to `undef`, and `manage_database` is set to `true`, it will use the value of
@@ -372,7 +365,6 @@
   $database_name                           = $puppetdb::params::database_name,
   $manage_db_password                      = $puppetdb::params::manage_db_password,
   $jdbc_ssl_properties                     = $puppetdb::params::jdbc_ssl_properties,
-  $database_validate                       = $puppetdb::params::database_validate,
   $node_ttl                                = $puppetdb::params::node_ttl,
   $node_purge_ttl                          = $puppetdb::params::node_purge_ttl,
   $report_ttl                              = $puppetdb::params::report_ttl,
@@ -395,7 +387,6 @@
   $read_database_name                      = $puppetdb::params::read_database_name,
   $manage_read_db_password                 = $puppetdb::params::manage_read_db_password,
   $read_database_jdbc_ssl_properties       = $puppetdb::params::read_database_jdbc_ssl_properties,
-  $read_database_validate                  = $puppetdb::params::read_database_validate,
   $read_log_slow_statements                = $puppetdb::params::read_log_slow_statements,
   $read_conn_max_age                       = $puppetdb::params::read_conn_max_age,
   $read_conn_keep_alive                    = $puppetdb::params::read_conn_keep_alive,
@@ -504,7 +495,6 @@
     ssl_ca_cert_path          => $ssl_ca_cert_path,
     database_max_pool_size    => $database_max_pool_size,
     jdbc_ssl_properties       => $jdbc_ssl_properties,
-    database_validate         => $database_validate,
     node_ttl                  => $node_ttl,
     node_purge_ttl            => $node_purge_ttl,
     report_ttl                => $report_ttl,
@@ -544,7 +534,6 @@
     ssl_cert_path          => $ssl_cert_path,
     ssl_ca_cert_path       => $ssl_ca_cert_path,
     jdbc_ssl_properties    => $read_database_jdbc_ssl_properties,
-    database_validate      => $read_database_validate,
     log_slow_statements    => $read_log_slow_statements,
     conn_max_age           => $read_conn_max_age,
     conn_keep_alive        => $read_conn_keep_alive,

manifests/server/database.pp

@@ -9,7 +9,6 @@
   $database_name             = $puppetdb::params::database_name,
   $manage_db_password        = $puppetdb::params::manage_db_password,
   $jdbc_ssl_properties       = $puppetdb::params::jdbc_ssl_properties,
-  $database_validate         = $puppetdb::params::database_validate,
   $node_ttl                  = $puppetdb::params::node_ttl,
   $node_purge_ttl            = $puppetdb::params::node_purge_ttl,
   $report_ttl                = $puppetdb::params::report_ttl,
@@ -30,23 +29,6 @@
   $ssl_key_pk8_path          = $puppetdb::params::ssl_key_pk8_path,
   $ssl_ca_cert_path          = $puppetdb::params::ssl_ca_cert_path
 ) inherits puppetdb::params {
-  if str2bool($database_validate) {
-    # Validate the database connection.  If we can't connect, we want to fail
-    # and skip the rest of the configuration, so that we don't leave puppetdb
-    # in a broken state.
-    #
-    # NOTE:
-    # Because of a limitation in the postgres module this will break with
-    # a duplicate declaration if read and write database host+name are the
-    # same.
-    class { 'puppetdb::server::validate_db':
-      database_host     => $database_host,
-      database_port     => $database_port,
-      database_username => $database_username,
-      database_password => $database_password,
-      database_name     => $database_name,
-    }
-  }
 
   $database_ini = "${confdir}/database.ini"
 
@@ -58,16 +40,12 @@
   }
 
   $file_require = File[$database_ini]
-  $ini_setting_require = str2bool($database_validate) ? {
-    false   => $file_require,
-    default => [$file_require, Class['puppetdb::server::validate_db']],
-  }
   # Set the defaults
   Ini_setting {
     path    => $database_ini,
     ensure  => present,
     section => 'database',
-    require => $ini_setting_require,
+    require => $file_require ,
   }
 
   $classname = 'org.postgresql.Driver'

manifests/server/read_database.pp

@@ -9,7 +9,6 @@
   $read_database_name     = $puppetdb::params::read_database_name,
   $manage_db_password     = $puppetdb::params::manage_read_db_password,
   $jdbc_ssl_properties    = $puppetdb::params::read_database_jdbc_ssl_properties,
-  $database_validate      = $puppetdb::params::read_database_validate,
   $log_slow_statements    = $puppetdb::params::read_log_slow_statements,
   $conn_max_age           = $puppetdb::params::read_conn_max_age,
   $conn_keep_alive        = $puppetdb::params::read_conn_keep_alive,
@@ -24,23 +23,6 @@
   $ssl_ca_cert_path       = $puppetdb::params::ssl_ca_cert_path
 ) inherits puppetdb::params {
   if $read_database_host != undef {
-    if str2bool($database_validate) {
-      # Validate the database connection.  If we can't connect, we want to fail
-      # and skip the rest of the configuration, so that we don't leave puppetdb
-      # in a broken state.
-      #
-      # NOTE:
-      # Because of a limitation in the postgres module this will break with
-      # a duplicate declaration if read and write database host+name are the
-      # same.
-      class { 'puppetdb::server::validate_read_db':
-        database_host     => $read_database_host,
-        database_port     => $read_database_port,
-        database_username => $read_database_username,
-        database_password => $read_database_password,
-        database_name     => $read_database_name,
-      }
-    }
 
     $read_database_ini = "${confdir}/read_database.ini"
 
@@ -51,17 +33,12 @@
       mode   => '0600',
     }
 
-    $file_require = File[$read_database_ini]
-    $ini_setting_require = str2bool($database_validate) ? {
-      false   => $file_require,
-      default => [$file_require, Class['puppetdb::server::validate_read_db']],
-    }
     # Set the defaults
     Ini_setting {
       path    => $read_database_ini,
       ensure  => present,
       section => 'read-database',
-      require => $ini_setting_require,
+      require => File[$read_database_ini],
     }
 
     $classname = 'org.postgresql.Driver'

manifests/server/validate_db.pp

@@ -6,28 +6,13 @@
   'puppetdb-read': {
     database_name:     'puppetdb',
     database_username: 'monitor',
-    postgres_version: '11',
+    postgres_version: '14',
     puppetdb_server:   'localhost',
   },
   'monitor': {
     database_name:     'opensesame',
     database_username: 'grover',
-    postgres_version: '11',
-    puppetdb_server:   'rainbow',
-  },
-}
-
-valid_12plus = {
-  'puppetdb-read': {
-    database_name:     'puppetdb',
-    database_username: 'monitor',
-    postgres_version: '12',
-    puppetdb_server:   'localhost',
-  },
-  'monitor': {
-    database_name:     'opensesame',
-    database_username: 'grover',
-    postgres_version: '12',
+    postgres_version: '14',
     puppetdb_server:   'rainbow',
   },
 }
@@ -51,15 +36,6 @@
     end
   end
 
-  valid_12plus.each do |name, params|
-    context "for valid_12plus #{name}" do
-      include_examples 'puppetdb::database::postgresql_ssl_rules' do
-        let(:title) { name.to_s }
-        let(:params) { params }
-      end
-    end
-  end
-
   invalid.each do |name, params|
     context "for invalid #{name}" do
       include_examples 'puppetdb::database::postgresql_ssl_rules', Puppet::Error do