Skip to content

Commit 18ed042

Browse files
stevenpoststevenpost
committed
Users should be created before the database
Databases in MongoDB are created lazy, meaning there is no `create` command. Thus if a record is inserted the DB is created. When auth is enabled, any attempt to insert data is denied because of missing auth. However the `db.createUser()` function works because of the config option `enableBypassLocalAuth`. For an overview see https://www.mongodb.com/docs/manual/tutorial/deploy-replica-set-with-keyfile-access-control/
1 parent 4d6b3b0 commit 18ed042

File tree

3 files changed

+21
-15
lines changed

3 files changed

+21
-15
lines changed

lib/puppet/type/mongodb_user.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -117,7 +117,7 @@ def insync?(_is)
117117
%w[mongodb mongod]
118118
end
119119

120-
autorequire(:mongodb_database) do
120+
autobefore(:mongodb_database) do
121121
self[:database]
122122
end
123123

spec/acceptance/user_spec.rb

Lines changed: 18 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,9 @@ class { 'mongodb::globals':
1414
}
1515
-> class { 'mongodb::server': }
1616
-> class { 'mongodb::client': }
17-
-> mongodb_database { 'testdb': ensure => present }
18-
->
17+
18+
mongodb_database { 'testdb': ensure => present }
19+
1920
mongodb_user {'testuser':
2021
ensure => present,
2122
password_hash => mongodb_password('testuser', 'passw0rd'),
@@ -40,8 +41,9 @@ class { 'mongodb::globals':
4041
}
4142
-> class { 'mongodb::server': }
4243
-> class { 'mongodb::client': }
43-
-> mongodb_database { 'testdb': ensure => present }
44-
->
44+
45+
mongodb_database { 'testdb': ensure => present }
46+
4547
mongodb_user {'testuser':
4648
ensure => absent,
4749
password_hash => mongodb_password('testuser', 'passw0rd'),
@@ -68,8 +70,9 @@ class { 'mongodb::globals':
6870
}
6971
-> class { 'mongodb::server': port => 27018 }
7072
-> class { 'mongodb::client': }
71-
-> mongodb_database { 'testdb': ensure => present }
72-
->
73+
74+
mongodb_database { 'testdb': ensure => present }
75+
7376
mongodb_user {'testuser':
7477
ensure => present,
7578
password_hash => mongodb_password('testuser', 'passw0rd'),
@@ -96,8 +99,9 @@ class { 'mongodb::globals':
9699
}
97100
-> class { 'mongodb::server': }
98101
-> class { 'mongodb::client': }
99-
-> mongodb_database { 'testdb': ensure => present }
100-
->
102+
103+
mongodb_database { 'testdb': ensure => present }
104+
101105
mongodb_user {'testuser':
102106
ensure => present,
103107
password_hash => mongodb_password('testuser', 'passw0rd'),
@@ -125,16 +129,18 @@ class { 'mongodb::globals':
125129
}
126130
-> class { 'mongodb::server': }
127131
-> class { 'mongodb::client': }
128-
-> mongodb_database { 'testdb': ensure => present }
129-
-> mongodb_database { 'testdb2': ensure => present }
130-
->
132+
133+
mongodb_database { 'testdb': ensure => present }
134+
135+
mongodb_database { 'testdb2': ensure => present }
136+
131137
mongodb_user {'testuser':
132138
ensure => present,
133139
password_hash => mongodb_password('testuser', 'passw0rd'),
134140
database => 'testdb',
135141
roles => ['readWrite', 'dbAdmin'],
136142
}
137-
->
143+
138144
mongodb_user {'testuser2':
139145
ensure => present,
140146
password_hash => mongodb_password('testuser2', 'passw0rd'),

spec/defines/db_spec.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
is_expected.to contain_mongodb_user('User testuser on db testdb'). \
2626
with_username('testuser'). \
2727
with_database('testdb'). \
28-
that_requires('Mongodb_database[testdb]')
28+
that_comes_before('Mongodb_database[testdb]')
2929
end
3030

3131
it 'contains mongodb_user with proper roles' do
@@ -65,7 +65,7 @@
6565
is_expected.to contain_mongodb_user('User testuser on db testdb'). \
6666
with_username('testuser'). \
6767
with_database('testdb'). \
68-
that_requires('Mongodb_database[testdb]')
68+
that_comes_before('Mongodb_database[testdb]')
6969
end
7070

7171
it 'contains mongodb_user with proper roles' do

0 commit comments

Comments
 (0)