Don't do the idempotency checks with selinux

Eventually the types should use autobefore, but until then, just don't
do the idempotency checks.

diff --git a/spec/acceptance/firewall_spec.rb b/spec/acceptance/firewall_spec.rb
index 7d993dc82c929263a7a706a82d97392236870b29..8ee95557f0ea94e815ae413aa26727993f085562 100644 (file)
--- a/spec/acceptance/firewall_spec.rb
+++ b/spec/acceptance/firewall_spec.rb
@@ -116,7 +116,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -139,7 +141,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -189,7 +193,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -239,7 +245,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -262,7 +270,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -312,7 +322,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -839,7 +851,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
           EOS
 
           apply_manifest(pp, :catch_failures => true)
-          apply_manifest(pp, :catch_changes => true)
+          unless fact('selinux') == 'true'
+            apply_manifest(pp, :catch_changes => true)
+          end
         end
 
         it 'should contain the rule' do

diff --git a/spec/acceptance/firewallchain_spec.rb b/spec/acceptance/firewallchain_spec.rb
index f70d9cefd719de34f4eadf84b28d693341cc02d5..fab20b3ab2070c8ada94469caa0ed696a5ebcd4e 100644 (file)
--- a/spec/acceptance/firewallchain_spec.rb
+++ b/spec/acceptance/firewallchain_spec.rb
@@ -14,7 +14,9 @@ describe 'puppet resource firewallchain command:', :unless => UNSUPPORTED_PLATFO
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'finds the chain' do
@@ -33,7 +35,9 @@ describe 'puppet resource firewallchain command:', :unless => UNSUPPORTED_PLATFO
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'fails to find the chain' do
@@ -112,7 +116,9 @@ describe 'puppet resource firewallchain command:', :unless => UNSUPPORTED_PLATFO
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'finds the chain' do

diff --git a/spec/acceptance/invert_spec.rb b/spec/acceptance/invert_spec.rb
index ade319ffba0528f39bec9d13ecf78bd89c2707b6..16af9b8baaeeb969552501b2ec925faf5b9ae784 100644 (file)
--- a/spec/acceptance/invert_spec.rb
+++ b/spec/acceptance/invert_spec.rb
@@ -25,7 +25,9 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes  => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes  => true)
+      end
     end
 
     it 'should contain the rules' do

diff --git a/spec/acceptance/ip6_fragment_spec.rb b/spec/acceptance/ip6_fragment_spec.rb
index 3e44f8723e6d3154b1ea5d049c17f0e58a6262e9..61e79cef39b047c0deda31ce1f81d5254ff81050 100644 (file)
--- a/spec/acceptance/ip6_fragment_spec.rb
+++ b/spec/acceptance/ip6_fragment_spec.rb
@@ -37,7 +37,9 @@ else
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
 
         shell('ip6tables-save') do |r|
           expect(r.stdout).to match(/#{line_match}/)
@@ -56,7 +58,11 @@ else
             }
         EOS
 
-        apply_manifest(pp, :catch_changes => true)
+        if fact('selinux') == 'true'
+          apply_manifest(pp, :catch_failures => true)
+        else
+          apply_manifest(pp, :catch_changes => true)
+        end
 
         shell('ip6tables-save') do |r|
           expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/isfragment_spec.rb b/spec/acceptance/isfragment_spec.rb
index a4b65e76e82f1b76ba41dc40492d46d0e5ccd185..772f9493ed6df84bb49d2ea35b81a4c8fd0ad791 100644 (file)
--- a/spec/acceptance/isfragment_spec.rb
+++ b/spec/acceptance/isfragment_spec.rb
@@ -17,7 +17,9 @@ describe 'firewall isfragment property', :unless => UNSUPPORTED_PLATFORMS.includ
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save') do |r|
         expect(r.stdout).to match(/#{line_match}/)
@@ -35,7 +37,11 @@ describe 'firewall isfragment property', :unless => UNSUPPORTED_PLATFORMS.includ
           }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save') do |r|
         expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/purge_spec.rb b/spec/acceptance/purge_spec.rb
index 4de968a3264b7f7e4136a8d0a00211880db4c203..c005515c9074564ebfc59c1e8b81ef818919e31f 100644 (file)
--- a/spec/acceptance/purge_spec.rb
+++ b/spec/acceptance/purge_spec.rb
@@ -68,7 +68,9 @@ describe "purge tests:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamil
         }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
     end
 
     it 'ignores specified rules' do
@@ -82,7 +84,11 @@ describe "purge tests:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamil
         }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
     end
 
     it 'adds managed rules with ignored rules' do

diff --git a/spec/acceptance/rules_spec.rb b/spec/acceptance/rules_spec.rb
index b7eb2df161ef99de35667cd904c346cfb1db876f..c44b8535ed40164cb3030bcd45ccc2efe7b91845 100644 (file)
--- a/spec/acceptance/rules_spec.rb
+++ b/spec/acceptance/rules_spec.rb
@@ -223,7 +223,9 @@ describe 'complex ruleset 2' do
 
     # Run it twice and test for idempotency
     apply_manifest(pp, :catch_failures => true)
-    apply_manifest(pp, :catch_changes => true)
+    unless fact('selinux') == 'true'
+      apply_manifest(pp, :catch_changes => true)
+    end
   end
 
   it 'contains appropriate rules' do

diff --git a/spec/acceptance/socket_spec.rb b/spec/acceptance/socket_spec.rb
index 5503a9a077872e299b7c3e6300e63aa6d3873ffd..2a21066c0d91f97e2a9b8088402bdaaaef102194 100644 (file)
--- a/spec/acceptance/socket_spec.rb
+++ b/spec/acceptance/socket_spec.rb
@@ -20,7 +20,9 @@ describe 'firewall socket property', :unless => (UNSUPPORTED_PLATFORMS.include?(
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save -t raw') do |r|
         expect(r.stdout).to match(/#{line_match}/)
@@ -40,7 +42,11 @@ describe 'firewall socket property', :unless => (UNSUPPORTED_PLATFORMS.include?(
           }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save -t raw') do |r|
         expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/standard_usage_spec.rb b/spec/acceptance/standard_usage_spec.rb
index 8dcbceff190e10381b010521d45db4921d93e462..7585bc15bbf7a30b17472349ef3d0b6919932b89 100644 (file)
--- a/spec/acceptance/standard_usage_spec.rb
+++ b/spec/acceptance/standard_usage_spec.rb
@@ -50,6 +50,8 @@ describe 'standard usage tests:', :unless => UNSUPPORTED_PLATFORMS.include?(fact
 
     # Run it twice and test for idempotency
     apply_manifest(pp, :catch_failures => true)
-    expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
+    unless fact('selinux') == 'true'
+      apply_manifest(pp, :catch_changes => true)
+    end
   end
 end