(MODULES-5126) Puppet4ing SQL Server

.fixtures.yml

@@ -1,6 +1,5 @@
 fixtures:
   repositories:
-    "stdlib":
-      "repo": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
+    "stdlib": "https://github.com/puppetlabs/puppetlabs-stdlib.git"
   symlinks:
     sqlserver: "#{source_dir}"

lib/puppet/parser/functions/sqlserver_validate_instance_name.rb

@@ -10,6 +10,7 @@
 # @raise [Puppet::ParserError] Instance name can not be larger than 16 characters
 # @raise [Puppet::ParserError] Instance name can not start or end with underscore (_)
 #
+
 module Puppet::Parser::Functions
   newfunction(:sqlserver_validate_instance_name, :docs => <<DOC) do |args|
 Validate the MS SQL Instance name based on what Microsoft has set within the document located at

manifests/config.pp

@@ -23,10 +23,10 @@
 #   }
 #
 define sqlserver::config (
-  $admin_user    = '',
-  $admin_pass    = '',
-  $admin_login_type    = 'SQL_LOGIN',
-  $instance_name = $title,
+  Optional[String] $admin_user = '',
+  Optional[String] $admin_pass = '',
+  Enum['SQL_LOGIN', 'WINDOWS_LOGIN'] $admin_login_type = 'SQL_LOGIN',
+  String[1,16] $instance_name = $title,
 ) {
   ##This config is a catalog requirement for sqlserver_tsql and is looked up to retrieve the admin_user,
   ## admin_pass and admin_login_type for a given instance_name

manifests/database.pp

@@ -83,32 +83,32 @@
 # @see http://msdn.microsoft.com/en-us/library/ms190303.aspx System Languages
 #
 define sqlserver::database (
-  $db_name = $title,
-  $instance = 'MSSQLSERVER',
-  $ensure = present,
-  $compatibility = 100,
-  $collation_name = undef,
-  $filestream_non_transacted_access = undef,
-  $filestream_directory_name = undef,
-  $filespec_name = undef,
-  $filespec_filename = undef,
-  $filespec_size = undef,
-  $filespec_maxsize = undef,
-  $filespec_filegrowth = undef,
-  $log_name = undef,
-  $log_filename = undef,
-  $log_size = undef,
-  $log_maxsize = undef,
-  $log_filegrowth = undef,
-  $containment = 'NONE',
+  String[1,128] $db_name = $title,
+  String[1,16] $instance = 'MSSQLSERVER',
+  Enum['present', 'absent'] $ensure = 'present',
+  Integer $compatibility = 100,
+  Optional[String[1]] $collation_name = undef,
+  Optional[Enum['OFF', 'READ_ONLY', 'FULL']] $filestream_non_transacted_access = undef,
+  Optional[Pattern[/^[\w|\s]+$/]] $filestream_directory_name = undef,
+  Optional[String[1,128]] $filespec_name = undef,
+  Optional[Stdlib::Absolutepath] $filespec_filename = undef,
+  Optional[String[1]] $filespec_size = undef,
+  Optional[String[1]] $filespec_maxsize = undef,
+  Optional[String[1]] $filespec_filegrowth = undef,
+  Optional[String[1,128]] $log_name = undef,
+  Optional[Stdlib::Absolutepath] $log_filename = undef,
+  Optional[String[1]] $log_size = undef,
+  Optional[String[1]] $log_maxsize = undef,
+  Optional[String[1]] $log_filegrowth = undef,
+  Enum['PARTIAL', 'NONE'] $containment = 'NONE',
 #require Containment = 'PARTIAL' for the following params to be executed
-  $default_fulltext_language = 'English',
-  $default_language = 'us_english',
-  $nested_triggers = undef,
-  $transform_noise_words = undef,
-  $two_digit_year_cutoff = 2049,
-  $db_chaining = 'OFF',
-  $trustworthy = 'OFF',
+  String[1] $default_fulltext_language = 'English',
+  String[1] $default_language = 'us_english',
+  Optional[Enum['ON', 'OFF']] $nested_triggers = undef,
+  Optional[Enum['ON', 'OFF']] $transform_noise_words = undef,
+  Integer[1753, 9999] $two_digit_year_cutoff = 2049,
+  Enum['ON', 'OFF'] $db_chaining = 'OFF',
+  Enum['ON', 'OFF'] $trustworthy = 'OFF',
 ){
 ##
 #  validate max size
@@ -123,49 +123,38 @@
   if $filespec_maxsize and $filespec_maxsize != 'UNLIMITED' {
     sqlserver_validate_size($filespec_maxsize)
   }
+
   if $filespec_filename or $filespec_name {
-    validate_re($filespec_filename, '^.+$', 'filespec_filename must not be null if specifying filespec_name')
-    validate_re($filespec_name, '^.+$', 'filespec_name must not be null if specifying filespec_filename')
-    sqlserver_validate_range($filespec_name, 1, 128, 'filespec_name can not be more than 128 characters and must be at least 1 character in length')
-    validate_absolute_path($filespec_filename)
-  }
-  if $log_filename {
-    sqlserver_validate_range($log_name, 1, 128, "${log_name} can not be more than 128 characters and must be at least 1 character in length")
-    validate_absolute_path($log_filename)
+    assert_type(String[1], $filespec_filename) |$expected, $actual| {
+      fail('filespec_filename must also be specified when specifying filespec_name')
+    }
+    assert_type(String[1], $filespec_name) |$expected, $actual| {
+      fail('filespec_name must also be specified when specifying filespec_filename')
+    }
   }
+
   if $log_size { sqlserver_validate_size($log_size) }
   if $log_maxsize { sqlserver_validate_size($log_maxsize) }
-  if $log_filename or $log_filegrowth or $log_maxsize or $log_name or $log_size {
-    sqlserver_validate_range($filespec_filename, 1, 128, 'filespec_name and filespec_filename must be specified when specifying any log attributes')
-    validate_absolute_path($filespec_filename)
-  }
-## VALIDATE FILESTREAM
-  if $filestream_non_transacted_access {
-    validate_re($filestream_non_transacted_access, '^(OFF|READ_ONLY|FULL)$',
-      "filestream_non_transacted_access can be OFF|READ_ONLY|FULL only, you provided ${filestream_non_transacted_access}")
 
+  if $log_filename or $log_name {
+    assert_type(String[1], $log_filename) |$expected, $actual| {
+      fail('log_filename must also be specified when specifying log_name')
+    }
+    assert_type(String[1], $log_name) |$expected, $actual| {
+      fail('log_name must also be specified when specifying log_filename')
+    }
   }
-  if $filestream_directory_name {
-    validate_re($filestream_directory_name,'^[\w|\s]+$',
-      "Filestream Directory Name should not be an absolute path but a directory name only, you provided ${filestream_directory_name}")
-  }
-
-  sqlserver_validate_instance_name($instance)
-
-  validate_re($containment, '^(PARTIAL|NONE)$', "Containment must be either PARTIAL or NONE, you provided ${containment}")
 
-## Validate PARTIAL required variables switches
-  if $containment == 'PARTIAL' {
-    if $db_chaining { sqlserver_validate_on_off($db_chaining) }
-    if $nested_triggers { sqlserver_validate_on_off($nested_triggers) }
-    if $transform_noise_words { sqlserver_validate_on_off($transform_noise_words) }
-    if $trustworthy { sqlserver_validate_on_off($trustworthy) }
-    sqlserver_validate_range($two_digit_year_cutoff, 1753, 9999,
-      "Two digit year cutoff must be between 1753 and 9999, you provided ${two_digit_year_cutoff}")
+  if $log_filename or $log_filegrowth or $log_maxsize or $log_name or $log_size {
+    assert_type(String[1], $filespec_filename) |$expected, $actual| {
+      fail('filespec_filename must also be specified when specifying any log attribute')
+    }
+    assert_type(String[1], $filespec_name) |$expected, $actual| {
+      fail('filespec_name must also be specified when specifying any log attribute')
+    }
   }
 
-
-  validate_re($ensure,['^present$','^absent$'],"Ensure must be either present or absent, you provided ${ensure}")
+  sqlserver_validate_instance_name($instance)
 
   $create_delete = $ensure ? {
     present => 'create',
@@ -178,6 +167,4 @@
     onlyif   => template('sqlserver/query/database_exists.sql.erb'),
     require  => Sqlserver::Config[$instance],
   }
-
-
 }

manifests/login.pp

@@ -51,23 +51,21 @@
 ##
 define sqlserver::login (
   $login = $title,
-  $instance = 'MSSQLSERVER',
-  $ensure = 'present',
-  $password = undef,
-  $svrroles = { },
-  $login_type = 'SQL_LOGIN',
-  $default_database = 'master',
-  $default_language = 'us_english',
-  $check_expiration = false,
-  $check_policy = true,
-  $disabled = false,
-  $permissions = { },
+  String[1,16] $instance = 'MSSQLSERVER',
+  Enum['SQL_LOGIN', 'WINDOWS_LOGIN'] $login_type = 'SQL_LOGIN',
+  Enum['present', 'absent'] $ensure = 'present',
+  Optional[String] $password = undef,
+  Optional[Hash] $svrroles = { },
+  String $default_database = 'master',
+  String $default_language = 'us_english',
+  Boolean $check_expiration = false,
+  Boolean $check_policy = true,
+  Boolean $disabled = false,
+  Optional[Hash] $permissions = { },
 ) {
 
   sqlserver_validate_instance_name($instance)
 
-  validate_re($login_type,['^(SQL_LOGIN|WINDOWS_LOGIN)$'])
-
   if $check_expiration and !$check_policy {
     fail ('Can not have check expiration enabled when check_policy is disabled')
   }
@@ -85,7 +83,6 @@
   }
 
   if $ensure == present {
-    validate_hash($permissions)
     $_upermissions = sqlserver_upcase($permissions)
     sqlserver_validate_hash_uniq_values($_upermissions, "Duplicate permissions found for sqlserver::login[${title}]")
 

manifests/login/permissions.pp

@@ -21,25 +21,16 @@
 #
 ##
 define sqlserver::login::permissions (
-  $login,
-  $permissions,
-  $state             = 'GRANT',
-  $with_grant_option = false,
-  $instance          = 'MSSQLSERVER',
+  String[1,128] $login,
+  Array[String[4,128]] $permissions,
+  Pattern[/(?i)^(GRANT|REVOKE|DENY)$/] $state = 'GRANT',
+  Optional[Boolean] $with_grant_option = false,
+  String[1,16] $instance = 'MSSQLSERVER',
 ){
   sqlserver_validate_instance_name($instance)
 
-## Validate Permissions
-  sqlserver_validate_range($permissions, 4, 128, 'Permission must be between 4 and 128 characters')
-  validate_array($permissions)
-
-  sqlserver_validate_range($login, 1, 128, 'Login must be between 1 and 128 characters')
-
-## Validate state
   $_state = upcase($state)
-  validate_re($_state,'^(GRANT|REVOKE|DENY)$', "State parameter can only be one of 'GRANT', 'REVOKE' or 'DENY', you passed a value of ${state}")
 
-  validate_bool($with_grant_option)
   $_grant_option =  $with_grant_option ? {
     true => '-WITH_GRANT_OPTION',
     default => ''

manifests/role.pp

@@ -37,22 +37,18 @@
 #   Whether we should purge any members not listed in the members parameter. Default: false
 ##
 define sqlserver::role(
-  $ensure        = present,
-  $role          = $title,
-  $instance      = 'MSSQLSERVER',
-  $authorization = undef,
-  $type          = 'SERVER',
-  $database      = 'master',
-  $permissions   = { },
-  $members       = [],
-  $members_purge = false,
+  String[1,128] $role = $title,
+  String[1,16] $instance = 'MSSQLSERVER',
+  Enum['present', 'absent'] $ensure = 'present',
+  Optional[String] $authorization = undef,
+  Enum['SERVER', 'DATABASE'] $type = 'SERVER',
+  String[1,128] $database = 'master',
+  Optional[Hash] $permissions = { },
+  Array[String] $members = [],
+  Boolean $members_purge = false,
 ){
   sqlserver_validate_instance_name($instance)
-  sqlserver_validate_range($role, 1, 128, 'Role names must be between 1 and 128 characters')
 
-  validate_re($type, ['^SERVER$','^DATABASE$'], "Type must be either 'SERVER' or 'DATABASE', provided '${type}'")
-
-  sqlserver_validate_range($database, 1, 128, 'Database name must be between 1 and 128 characters')
   if $type == 'SERVER' and $database != 'master' {
     fail('Can not specify a database other than master when managing SERVER ROLES')
   }
@@ -75,7 +71,6 @@
   }
 
   if $ensure == present {
-    validate_hash($permissions)
     $_upermissions = sqlserver_upcase($permissions)
 
     Sqlserver::Role::Permissions{
@@ -111,7 +106,6 @@
       }
     }
 
-    validate_array($members)
     if size($members) > 0 or $members_purge == true {
       sqlserver_tsql{ "role-${role}-members":
         command  => template('sqlserver/create/role/members.sql.erb'),

manifests/role/permissions.pp

@@ -31,32 +31,21 @@
 #
 ##
 define sqlserver::role::permissions (
-  $role,
-  $permissions,
-  $state             = 'GRANT',
-  $with_grant_option = false,
-  $type              = 'SERVER',
-  $database          = 'master',
-  $instance          = 'MSSQLSERVER',
+  String[1,128] $role,
+  Array[String[4,128]] $permissions,
+  Pattern[/(?i)^(GRANT|REVOKE|DENY)$/] $state = 'GRANT',
+  Optional[Boolean] $with_grant_option = false,
+  Enum['SERVER','DATABASE'] $type = 'SERVER',
+  String[1,128] $database = 'master',
+  String[1,16] $instance = 'MSSQLSERVER',
 ){
-  validate_array($permissions)
   if size($permissions) < 1 {
     warning("Received an empty set of permissions for ${title}, no further action will be taken")
   } else{
     sqlserver_validate_instance_name($instance)
-  #Validate state
     $_state = upcase($state)
-    validate_re($_state,'^(GRANT|REVOKE|DENY)$',"State can only be of 'GRANT', 'REVOKE' or 'DENY' you passed ${state}")
-    validate_bool($with_grant_option)
-
-  #Validate role
-    sqlserver_validate_range($role, 1, 128, 'Role names must be between 1 and 128 characters')
-
-  #Validate permissions
-    sqlserver_validate_range($permissions, 4, 128, 'Permissions must be between 4 and 128 characters')
 
     $_upermissions = upcase($permissions)
-
     $_grant_option = $with_grant_option ? {
       true => '-WITH_GRANT_OPTION',
       false => '',

manifests/sp_configure.pp

@@ -27,22 +27,14 @@
 #  @see http://msdn.microsoft.com/en-us/library/ms189631.aspx Server Configuration Options
 ##
 define sqlserver::sp_configure (
-  $value,
-  $config_name   = $title,
-  $instance      = 'MSSQLSERVER',
-  $reconfigure   = true,
-  $with_override = false,
-  $restart       = false,
+  Integer $value,
+  Pattern['^\w+'] $config_name = $title,
+  String[1,16] $instance = 'MSSQLSERVER',
+  Boolean $reconfigure = true,
+  Boolean $with_override = false,
+  Boolean $restart = false,
 ){
   sqlserver_validate_instance_name($instance)
-  validate_re($config_name,'^\w+')
-  if !is_integer($value) {
-    fail("Value for ${config_name}, for instance ${instance}, must be a integer value, you provided ${value}")
-  }
-
-  validate_bool($reconfigure)
-  validate_bool($with_override)
-  validate_bool($restart)
 
   $service_name = $instance ? {
     'MSSQLSERVER' => 'MSSQLSERVER',