fixtures:
+ repositories:
+ "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
symlinks:
"firewall": "#{source_dir}"
#
class firewall (
$ensure = running,
+ $ensure_v6 = undef,
$pkg_ensure = present,
$service_name = $::firewall::params::service_name,
$service_name_v6 = $::firewall::params::service_name_v6,
$package_name = $::firewall::params::package_name,
) inherits ::firewall::params {
+ $_ensure_v6 = pick($ensure_v6, $ensure)
+
case $ensure {
/^(running|stopped)$/: {
# Do nothing.
}
}
+ if $ensure_v6 {
+ case $ensure_v6 {
+ /^(running|stopped)$/: {
+ # Do nothing.
+ }
+ default: {
+ fail("${title}: ensure_v6 value '${ensure_v6}' is not supported")
+ }
+ }
+ }
+
case $::kernel {
'Linux': {
class { "${title}::linux":
ensure => $ensure,
+ ensure_v6 => $_ensure_v6,
pkg_ensure => $pkg_ensure,
service_name => $service_name,
service_name_v6 => $service_name_v6,
# service will be started on boot, and when `stopped` it will not.
# Default: running
#
+# [*ensure_v6*]
+# Ensure parameter passed onto Service[] resources. When `running` the
+# service will be started on boot, and when `stopped` it will not.
+# Default: running
+#
class firewall::linux (
$ensure = running,
+ $ensure_v6 = undef,
$pkg_ensure = present,
$service_name = $::firewall::params::service_name,
$service_name_v6 = $::firewall::params::service_name_v6,
stopped => false,
}
+ $_ensure_v6 = pick($ensure_v6, $ensure)
+
+ $_enable_v6 = $_ensure_v6 ? {
+ running => true,
+ stopped => false,
+ }
+
package { 'iptables':
ensure => $pkg_ensure,
}
'VirtuozzoLinux': {
class { "${title}::redhat":
ensure => $ensure,
+ ensure_v6 => $_ensure_v6,
enable => $enable,
+ enable_v6 => $_enable_v6,
package_name => $package_name,
service_name => $service_name,
service_name_v6 => $service_name_v6,
# Ensure parameter passed onto Service[] resources.
# Default: running
#
+# [*ensure_v6*]
+# Ensure parameter passed onto Service[] resources.
+# Default: running
+#
# [*enable*]
# Enable parameter passed onto Service[] resources.
# Default: true
#
+# [*enable_v6*]
+# Enable parameter passed onto Service[] resources.
+# Default: true
+#
+#
class firewall::linux::redhat (
$ensure = running,
+ $ensure_v6 = undef,
$enable = true,
+ $enable_v6 = undef,
$service_name = $::firewall::params::service_name,
$service_name_v6 = $::firewall::params::service_name_v6,
$package_name = $::firewall::params::package_name,
$package_ensure = $::firewall::params::package_ensure,
) inherits ::firewall::params {
+ $_ensure_v6 = pick($ensure_v6, $ensure)
+ $_enable_v6 = pick($enable_v6, $enable)
# RHEL 7 / CentOS 7 and later and Fedora 15 and later require the iptables-services
# package, which provides the /usr/libexec/iptables/iptables.init used by
hasstatus => true,
}
service { $service_name_v6:
- ensure => $ensure,
- enable => $enable,
+ ensure => $_ensure_v6,
+ enable => $_enable_v6,
hasstatus => true,
}
}
],
"dependencies": [
-
+ {"name":"puppetlabs/stdlib","version_requirement":">= 4.0.0 < 5.0.0"}
]
}
c.before :suite do
# Install module and dependencies
hosts.each do |host|
+ on host, puppet('module', 'install', 'puppetlabs-stdlib'), { :acceptable_exit_codes => [0] }
# the ubuntu-14.04 docker image doesn't carry the iptables command
apply_manifest_on host, 'package { "iptables": ensure => installed }' if fact('osfamily') == 'Debian'
end
:enable => 'true'
)}
it { should contain_service('ip6tables').with(
- :ensure => 'running',
- :enable => 'true'
+ :ensure => 'running',
+ :enable => 'true'
)}
context 'ensure => stopped' do
it { should contain_service('iptables').with(
:ensure => 'stopped'
)}
+ end
+
+ context 'ensure_v6 => stopped' do
+ let(:params) {{ :ensure_v6 => 'stopped' }}
it { should contain_service('ip6tables').with(
- :ensure => 'stopped'
+ :ensure => 'stopped'
)}
end
it { should contain_service('iptables').with(
:enable => 'false'
)}
+ end
+
+ context 'enable_v6 => false' do
+ let(:params) {{ :enable_v6 => 'false' }}
it { should contain_service('ip6tables').with(
- :enable => 'false'
+ :enable => 'false'
)}
end
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff