Next, we need a database for our application. In this workshop we're using Postgresql.
Let's generate a new recipe like so:
vagrant@workshop $ chef generate recipe postgresql
Now we need to create the directory where our server specs will live:
vagrant@workshop $ mkdir -p test/integration/postgresql/serverspec
And create the test file
vagrant@workshop $ touch test/integration/postgresql/serverspec/postgresql_spec.rb
And we need to be able to access a spec_helper similar to the one living in test/integration/default/serverspec. In this case, let's copy that one into our new integration test directory.
vagrant@workshop $ cp test/integration/default/serverspec/spec_helper.rb test/integration/postgresql/serverspec
First up is installing the Postgresql package. Let's create a couple of tests, making sure that the postgresql package is installed and that a postgres user is created (this happens automatically when the package is installed).
require 'spec_helper'
describe 'my_web_server_cookbook::postgresql' do
describe package('postgresql') do
it { should be_installed }
describe user('postgres') do
it { should exist }
Then open up the .kitchen.yml file and add in the suite
- name: default
- recipe[my_web_server_cookbook::default]
- name: ruby
- recipe[my_web_server_cookbook::ruby]
- name: passenger
- recipe[my_web_server_cookbook::passenger]
- name: postgresql
- recipe[my_web_server_cookbook::postgresql]
Then create the test instance.
vagrant@workshop $ kitchen create postgresql-ubuntu-14-04-x64
And set it up:
vagrant@workshop $ kitchen setup postgresql-ubuntu-14-04-x64
Now run these tests:
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
And, as expected, we get failures.
Now, let's commit the code:
vagrant@workshop $ git add recipes/postgresql.rb test/integration/serverspec/postgresql
vagrant@workshop $ git commit -m 'failing postgresql package test'
Now let's make it pass. Open up recipes/postgresql.rb and add this content:
include_recipe 'my_web_server_cookbook::default'
package 'postgresql'
Then save the file, converge, and run your tests again.
vagrant@workshop $ kitchen converge postgresql-ubuntu-14-04-x64
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
And they pass!
You know what to do.
vagrant@workshop $ git add recipes/postgresql.rb
Then commit
vagrant@workshop $ git commit -m 'passing postgresql package test'
Next, we need to create an additional user for Postgresql called the "deploy" user. This user will have restricted access to the database so we're not using the root user all the time.
Let's add in a test for this user.
describe command('sudo -u postgres -s psql postgres -tAc "SELECT 1 FROM pg_roles WHERE rolname=\'deploy\'"') do
its(:stdout) { should match /1/ }
Then run the test and watch it fail
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
And commit:
vagrant@workshop $ git add test/integration/serverspec/passenger
Then commit
vagrant@workshop $ git commit -m 'failing postgres deploy user test'
And now let's add the code to make this pass
execute "create new postgres user" do
user "postgres"
command "psql -c \"create user deploy with password '#{password for node}';\""
not_if { `sudo -u postgres psql -tAc \"SELECT 1 FROM pg_roles WHERE rolname=\'deploy\'\" | wc -l`.chomp == "1" }
Then converge and verify to make sure the tests pass
vagrant@workshop $ kitchen converge postgresql-ubuntu-14-04-x64
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
They should pass!
And commit.
vagrant@workshop $ git add recipes/postgresql.rb
Then commit
vagrant@workshop $ git commit -m '[passing postgres deploy user test'
Finally, when we deploy our application it will need to create a Postgres database. That means the deploy user needs access to create databases.
First, a test:
describe command('sudo -u postgres -s psql postgres -tAc "\du"') do
its(:stdout) { should match /Create DB/ }
Now run it and watch it fail.
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
Then commit it:
vagrant@workshop $ git add test/integration/serverspec/postgresql
vagrant@workshop $ git commit -m 'failing postgresql privileges spec'
Then add in the code to make it pass. recipes/postgresql.rb
execute "create new postgres user" do
user "postgres"
command "psql -c \"ALTER USER deploy CREATEDB;\""
Then converge and verify:
vagrant@workshop $ kitchen converge postgresql-ubuntu-14-04-x64
vagrant@workshop $ kitchen verify postgresql-ubuntu-14-04-x64
And we have a working Postgres database!
Now let's commit this:
vagrant@workshop $ git add recipes/postgresql.rb
vagrant@workshop $ git commit -m 'passing postgresql privileges test'
It's working....but having the password hard coded into the recipe is not a good thing. Let's use another development practice - refactoring.
Rather than hard coding the database password in the recipe, let's create an attributes file. For now we'll create a defaults attributes file, but when we start deploying this to live nodes we'll use different configuration files.
First, create an attributes directory:
vagrant@workshop $ mkdir attributes
Then create a file called default.rb
vagrant@workshop $ touch attributes/default.rb
And open up the file and add this content:
default['my_web_server_cookbook']['postgres_password'] = 'some_random_password_you_generate'
Then save and close the file.
Now let's use this in the postgresql recipe. Open it up and modify the content so it looks like this:
execute "create new postgres user" do
user "postgres"
command "psql -c \"create user deploy with password '\"#{node['my_web_server_cookbook']['postgres_password']}\"';\""
not_if { `sudo -u postgres psql -tAc \"SELECT 1 FROM pg_roles WHERE rolname=\'deploy\'\" | wc -l`.chomp == "1" }
Then verify that our tests still pass by running them on a clean test kitchen instance:
vagrant@workshop $ kitchen test postgresql-ubuntu-14-04-x64
Now let's commit ONLY the recipe changes, we are NOT going to commit our attributes file.
vagrant@workshop $ git add recipes/postgresql.rb
vagrant@workshop $ git commit -m 'refactored postgresql recipe'