mongodb_user provider does not support creating the user in multiple databases

[dschaaff]

The mongodb_user provider does not support creating the user in multiple databases and including the resource more than gives a duplicate resources error.

I believe the mongodb_user provider should accept an array for the database parameter and create the user in each one. Something like

mongodb_user { testuser:
  name          => 'testuser',
  ensure        => present,
  password_hash => mongodb_password('testuser', 'p@ssw0rd'),
  database      => [ 'foo', 'bar' ]
  roles         => ['readWrite', 'dbAdmin'],
  tries         => 10,
  require       => Class['mongodb::server'],
}

Affected Puppet, Ruby, OS and module versions/distributions

• Puppet: 5.5
• Ruby: 2.4.3p205 (2017-12-14 revision 61247) [x86_64-linux]
• Distribution: Centos 7
• Module version: 2.1.2

[bastianb]

I think I hit the same issue. I would like to create a monitoring user and this user needs access to admin db for server status and so on, and access to some other database to store some data about cluster health. So I thought I could simply do:

    mongodb_user { 'monitoring':
        database      => 'admin',
        roles         => ['readAnyDatabase', 'clusterMonitor', 'readWrite@nagios'],
        [...]
    }

but got:

Error: Failed to apply catalog: Parameter roles failed on Mongodb_user[monitoring]: Invalid value "readWrite@admin". Valid values match /^[\w-]+$/. at /etc/puppetlabs/code/environments/test_mongo/manifests/my-mongo.pp:60

I solved it by changing the regex here https://github.com/voxpupuli/puppet-mongodb/blob/v2.2.1/lib/puppet/type/mongodb_user.rb#L43 for ^([\w-]|@)+$ (to includes @) so it matches readWrite@nagios.

I am not an expert and it may break other things. Not sure if it is the right fix too and I have no idea how to test it properly, but seems to works for mongo 3.0+.