diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 545c4aa81..7eff24ede 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,7 +29,6 @@ jobs: - "amazonlinux-2023" - "debian-11" - "debian-12" - - "fedora-latest" - "ubuntu-2204" - "ubuntu-2404" suite: diff --git a/CHANGELOG.md b/CHANGELOG.md index 845ccf3fa..21f1101aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,16 @@ This file is used to list changes made in the last 3 major versions of the postg ## Unreleased +- Remove support for Fedora + Fedora is not an officially supported platform by the Sous Chefs community. If you would like to see Fedora support added back please open a PR to add it back. + The installation methods for Fedora are substantially different than other platforms and require a lot of additional testing and maintenance. +- Add testing for PostgreSQL 16 and 17 +- Add libpq package to default packages +- Fix GPG key URLs +- Update Amazon to Amazon Linux 2023 +- Remove unsupported configuration options from the `postgresql_config` resource + `stats_temp_directory` + ## 11.11.2 - *2024-10-07* Standardise files with files in sous-chefs/repo-management @@ -301,7 +311,7 @@ Standardise files with files in sous-chefs/repo-management - Allow to install extensions with hyphens, ex: `postgresql_extension '"uuid-ossp"'` - Update Circle CI config to match sous-chefs defaults #617 -- Remove Fedora testing from CI, not an official supported OS by sous-chefs, PR welcome #617 +- Remove Fedora testing from CI, not an official supported OS by sous-chefs, PRs welcome #617 ## v7.1.4 (2019-03-28) diff --git a/documentation/postgresql_ident.md b/documentation/postgresql_ident.md index 06ff1daf0..dcb2f016b 100644 --- a/documentation/postgresql_ident.md +++ b/documentation/postgresql_ident.md @@ -60,7 +60,7 @@ postgresql_access 'local_foo_user' do database 'all' user 'foo' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end ``` diff --git a/kitchen.yml b/kitchen.yml index ac79b689b..9f356ff7a 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -23,7 +23,6 @@ platforms: - name: amazonlinux-2023 - name: debian-11 - name: debian-12 - - name: fedora-latest - name: ubuntu-22.04 - name: ubuntu-24.04 diff --git a/libraries/helpers.rb b/libraries/helpers.rb index 7bc7abb9c..6821b1553 100644 --- a/libraries/helpers.rb +++ b/libraries/helpers.rb @@ -67,7 +67,7 @@ def installed_postgresql_package_source def data_dir(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' source.eql?(:repo) ? "/var/lib/pgsql/#{version}/data" : '/var/lib/pgsql/data' when 'debian' "/var/lib/postgresql/#{version}/main" @@ -76,7 +76,7 @@ def data_dir(version: installed_postgresql_major_version, source: installed_post def conf_dir(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' source.eql?(:repo) ? "/var/lib/pgsql/#{version}/data" : '/var/lib/pgsql/data' when 'debian' "/etc/postgresql/#{version}/main" @@ -85,7 +85,7 @@ def conf_dir(version: installed_postgresql_major_version, source: installed_post # determine the platform specific service name def default_platform_service_name(version: installed_postgresql_major_version, source: installed_postgresql_package_source) - if platform_family?('rhel', 'fedora', 'amazon') && source.eql?(:repo) + if platform_family?('rhel', 'amazon') && source.eql?(:repo) "postgresql-#{version}" else 'postgresql' @@ -110,7 +110,7 @@ def secure_random def default_server_packages(version: nil, source: :os) case node['platform_family'] - when 'rhel', 'fedora' + when 'rhel' { os: %w(libpq postgresql-contrib postgresql-server), repo: %W(postgresql#{version.delete('.')}-contrib postgresql#{version.delete('.')}-server), @@ -130,7 +130,7 @@ def default_server_packages(version: nil, source: :os) def default_client_packages(version: nil, source: :os) case node['platform_family'] - when 'rhel', 'fedora' + when 'rhel' { os: %w(postgresql), repo: %W(postgresql#{version.delete('.')}), @@ -151,18 +151,16 @@ def default_client_packages(version: nil, source: :os) def default_yum_gpg_key_uri if platform_family?('rhel') && node['platform_version'].to_i == 7 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL7' - elsif platform_family?('fedora') - 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-KEY-fedora' else 'https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL' end end def dnf_module_platform? - (platform_family?('rhel') && node['platform_version'].to_i == 8) || platform_family?('fedora') + (platform_family?('rhel') && node['platform_version'].to_i == 8) end - # determine the appropriate DB init command to run based on RHEL/Fedora/Amazon release + # determine the appropriate DB init command to run based on RHEL/Amazon release # initdb defaults to the execution environment. # https://www.postgresql.org/docs/9.5/static/locale.html def rhel_init_db_command(new_resource) @@ -175,25 +173,18 @@ def rhel_init_db_command(new_resource) # Given the base URL build the complete URL string for a yum repo def yum_repo_url(base_url) - "#{base_url}/#{new_resource.version}/#{yum_repo_platform_family_string}/#{yum_repo_platform_string}" + "#{base_url}/#{new_resource.version}/redhat/#{yum_repo_platform_string}" end # Given the base URL build the complete URL string for a yum repo def yum_common_repo_url - "https://download.postgresql.org/pub/repos/yum/common/#{yum_repo_platform_family_string}/#{yum_repo_platform_string}" - end - - # The postgresql yum repos URLs are organized into redhat and fedora directories.s - # route things to the right place based on platform_family - def yum_repo_platform_family_string - platform_family?('fedora') ? 'fedora' : 'redhat' + "https://download.postgresql.org/pub/repos/yum/common/redhat/#{yum_repo_platform_string}" end # Build the platform string that makes up the final component of the yum repo URL def yum_repo_platform_string - platform = platform?('fedora') ? 'fedora' : 'rhel' release = platform?('amazon') ? '8' : '$releasever' - "#{platform}-#{release}-$basearch" + "rhel-#{release}-$basearch" end # On Amazon use the RHEL 8 packages. Otherwise use the releasever yum variable @@ -201,12 +192,6 @@ def yum_releasever platform?('amazon') ? '8' : '$releasever' end - # Fedora doesn't seem to know the right symbols for psql - def psql_environment - return {} unless platform?('fedora') - { LD_LIBRARY_PATH: '/usr/lib64' } - end - # Generate a password if the value is set to generate. def postgres_password(new_resource) new_resource.password == 'generate' ? secure_random : new_resource.password diff --git a/libraries/sql/_connection.rb b/libraries/sql/_connection.rb index 53c24bacd..aa83ccced 100644 --- a/libraries/sql/_connection.rb +++ b/libraries/sql/_connection.rb @@ -29,7 +29,7 @@ module Connection def postgresql_devel_pkg_name(version: installed_postgresql_major_version, source: installed_postgresql_package_source) case node['platform_family'] - when 'rhel', 'fedora' + when 'rhel' source.eql?(:repo) ? "postgresql#{version}-devel" : 'postgresql-devel' when 'debian' 'libpq-dev' @@ -40,7 +40,7 @@ def postgresql_devel_pkg_name(version: installed_postgresql_major_version, sourc def postgresql_devel_path(suffix = nil, version: installed_postgresql_major_version) path = case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' "/usr/pgsql-#{version}" when 'debian' '/usr/include/postgresql' @@ -55,7 +55,7 @@ def postgresql_devel_path(suffix = nil, version: installed_postgresql_major_vers def pg_gem_build_options case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' "-- --with-pg-include=#{postgresql_devel_path('include')} --with-pg-lib=#{postgresql_devel_path('lib')}" when 'debian' "-- --with-pg-include=#{postgresql_devel_path} --with-pg-lib=#{postgresql_devel_path}" @@ -75,8 +75,6 @@ def install_pg_gem end case node['platform_family'] - when 'fedora' - declare_resource(:package, libpq_package_name) { compile_time(true) } when 'rhel' case node['platform_version'].to_i when 7 diff --git a/metadata.rb b/metadata.rb index 01130e0f1..67484bd9b 100644 --- a/metadata.rb +++ b/metadata.rb @@ -16,7 +16,6 @@ supports 'amazon' supports 'centos' supports 'debian' -supports 'fedora' supports 'oracle' supports 'redhat' supports 'scientific' diff --git a/resources/install.rb b/resources/install.rb index b59a50d60..0ea0ca339 100644 --- a/resources/install.rb +++ b/resources/install.rb @@ -97,7 +97,8 @@ def install_method_repo? def do_repository_action(repo_action) case node['platform_family'] - when 'rhel', 'fedora', 'amazon' + when 'rhel', 'amazon' + # Disable the PostgreSQL module if we're on RHEL 8 dnf_module 'postgresql' do action :disable end if dnf_module_platform? @@ -268,7 +269,7 @@ def do_server_package_action(package_action) end action :init_server do - return if initialized? || !platform_family?('rhel', 'fedora', 'amazon') + return if initialized? || !platform_family?('rhel', 'amazon') converge_by('Init PostgreSQL') do execute 'init_db' do diff --git a/templates/default/createcluster.conf.erb b/templates/default/createcluster.conf.erb index 5f9e9f05f..ac50d132c 100644 --- a/templates/default/createcluster.conf.erb +++ b/templates/default/createcluster.conf.erb @@ -33,9 +33,6 @@ ssl = on # Show cluster name in process title cluster_name = '%v/%c' -# Put stats_temp_directory on tmpfs -stats_temp_directory = '/var/run/postgresql/%v-%c.pg_stat_tmp' - # Add prefix to log lines log_line_prefix = '%%m [%%p] %%q%%u@%%d ' diff --git a/test/cookbooks/test/recipes/access.rb b/test/cookbooks/test/recipes/access.rb index a6853eb61..c88ceba07 100644 --- a/test/cookbooks/test/recipes/access.rb +++ b/test/cookbooks/test/recipes/access.rb @@ -9,7 +9,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end postgresql_service 'postgresql' do @@ -45,7 +45,7 @@ type 'host' database 'all' user 'sous_chef' - auth_method 'md5' + auth_method 'scram-sha-256' address '127.0.0.1/32' position 5 @@ -74,7 +74,7 @@ type 'host' database 'all' user 'hostname_user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -84,7 +84,7 @@ type 'host' database 'all' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -94,7 +94,7 @@ type 'host' database 'my_database' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'host.domain' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -104,7 +104,7 @@ type 'host' database 'my_database' user 'hostname.user' - auth_method 'md5' + auth_method 'scram-sha-256' address 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' notifies :restart, 'postgresql_service[postgresql]', :delayed @@ -135,5 +135,5 @@ database 'foo,bar' user 'john,doe' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end diff --git a/test/cookbooks/test/recipes/extension.rb b/test/cookbooks/test/recipes/extension.rb index e2390a385..b8b77f301 100644 --- a/test/cookbooks/test/recipes/extension.rb +++ b/test/cookbooks/test/recipes/extension.rb @@ -1,6 +1,6 @@ # Dokken images don't have all locales available so this is a workaround locale = value_for_platform( - %i(debian ubuntu fedora oracle amazon almalinux rocky) => { default: 'C.UTF-8' }, + %i(debian ubuntu oracle amazon almalinux rocky) => { default: 'C.UTF-8' }, centos: { default: node['platform_version'].to_i < 8 ? 'en_US.utf-8' : 'C.UTF-8' }, default: 'en_US' ) diff --git a/test/cookbooks/test/recipes/ident.rb b/test/cookbooks/test/recipes/ident.rb index 588d17dae..8626e53c7 100644 --- a/test/cookbooks/test/recipes/ident.rb +++ b/test/cookbooks/test/recipes/ident.rb @@ -50,7 +50,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' notifies :reload, 'postgresql_service[postgresql]', :delayed end diff --git a/test/cookbooks/test/recipes/multi_client.rb b/test/cookbooks/test/recipes/multi_client.rb index c02ed360b..d90f9b305 100644 --- a/test/cookbooks/test/recipes/multi_client.rb +++ b/test/cookbooks/test/recipes/multi_client.rb @@ -1,5 +1,5 @@ -postgresql_install '13' do - version '13' +postgresql_install '16' do + version '16' action :install_client end diff --git a/test/cookbooks/test/recipes/server_install_os.rb b/test/cookbooks/test/recipes/server_install_os.rb index 6a137069b..414b4b5b0 100644 --- a/test/cookbooks/test/recipes/server_install_os.rb +++ b/test/cookbooks/test/recipes/server_install_os.rb @@ -41,7 +41,7 @@ database 'all' user 'postgres' address '127.0.0.1/32' - auth_method 'md5' + auth_method 'scram-sha-256' end postgresql_user 'postgres' do @@ -77,7 +77,7 @@ type 'host' database 'all' user 'sous_chef' - auth_method 'md5' + auth_method 'scram-sha-256' address '127.0.0.1/32' notifies :restart, 'postgresql_service[postgresql]', :delayed diff --git a/test/integration/access/controls/base_access.rb b/test/integration/access/controls/base_access.rb index 4a59e9005..224ee27f6 100644 --- a/test/integration/access/controls/base_access.rb +++ b/test/integration/access/controls/base_access.rb @@ -5,7 +5,7 @@ describe postgres_hba_conf.where { type == 'host' && user == 'postgres' } do its('database') { should cmp 'all' } its('user') { should cmp 'postgres' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -23,7 +23,7 @@ describe postgres_hba_conf.where { user == 'sous_chef' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -41,7 +41,7 @@ describe postgres_hba_conf.where { user == 'hostname_user' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp 'host.domain' } end end @@ -53,7 +53,7 @@ describe postgres_hba_conf.where { address == 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' } do its('database') { should cmp 'my_database' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp 'a.very.long.host.domain.that.exceeds.the.max.of.24.characters' } end end diff --git a/test/integration/client_multi_install/controls/client_spec.rb b/test/integration/client_multi_install/controls/client_spec.rb index c4e4da3ca..1e0c453c8 100644 --- a/test/integration/client_multi_install/controls/client_spec.rb +++ b/test/integration/client_multi_install/controls/client_spec.rb @@ -2,7 +2,7 @@ case os.family when 'debian' '/usr/lib/postgresql/' - when 'redhat', 'fedora' + when 'redhat' '/usr/pgsql-' end diff --git a/test/integration/repo/controls/repo_spec.rb.rb b/test/integration/repo/controls/repo_spec.rb.rb index 5cda4637c..17e00fbe4 100644 --- a/test/integration/repo/controls/repo_spec.rb.rb +++ b/test/integration/repo/controls/repo_spec.rb.rb @@ -3,8 +3,7 @@ case os[:family] -when 'redhat', 'fedora' - +when 'redhat' describe yum.repo("pgdg#{pg_ver}") do it { should exist } it { should be_enabled } @@ -26,7 +25,6 @@ end when 'debian' - describe apt('https://download.postgresql.org/pub/repos/apt/') do it { should exist } it { should be_enabled } diff --git a/test/integration/server_install/controls/server_spec.rb b/test/integration/server_install/controls/server_spec.rb index ab13418c2..33f98f51a 100644 --- a/test/integration/server_install/controls/server_spec.rb +++ b/test/integration/server_install/controls/server_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true pg_ver = input('pg_ver') -if os[:family] == 'redhat' || os[:family] == 'fedora' +if os[:family] == 'redhat' describe service("postgresql-#{pg_ver}") do it { should be_installed } it { should be_enabled } diff --git a/test/integration/server_install_os/controls/access.rb b/test/integration/server_install_os/controls/access.rb index 703d4a4a3..edd570de6 100644 --- a/test/integration/server_install_os/controls/access.rb +++ b/test/integration/server_install_os/controls/access.rb @@ -5,7 +5,7 @@ describe postgres_hba_conf.where { type == 'host' && user == 'postgres' } do its('database') { should cmp 'all' } its('user') { should cmp 'postgres' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end @@ -23,7 +23,7 @@ describe postgres_hba_conf.where { user == 'sous_chef' } do its('database') { should cmp 'all' } its('type') { should cmp 'host' } - its('auth_method') { should cmp 'md5' } + its('auth_method') { should cmp 'scram-sha-256' } its('address') { should cmp '127.0.0.1/32' } end