require 'spec_helper'
describe 'firewall::linux::debian', type: :class do
- context 'with Debian 8' do
- let(:facts) do
- {
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: 'jessie/sid',
- }
- end
-
- it {
- is_expected.to contain_package('iptables-persistent').with(
- ensure: 'installed',
- )
- }
- it {
- is_expected.to contain_service('netfilter-persistent').with(
- ensure: nil,
- enable: 'true',
- require: 'Package[iptables-persistent]',
- )
- }
- end
- context 'with deb8 enable => false' do
- let(:facts) do
- {
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: 'jessie/sid',
- }
- end
- let(:params) { { enable: 'false' } }
-
- it {
- is_expected.to contain_service('netfilter-persistent').with(
- enable: 'false',
- )
- }
- end
-
- context 'with Debian 8, alt operatingsystem' do
+ context 'with Debian 10' do
let(:facts) do
{
osfamily: 'Debian',
operatingsystem: 'Debian',
- operatingsystemrelease: '8.0',
+ operatingsystemrelease: '10.0',
}
end
}
end
- context 'with deb8, alt operatingsystem, enable => false' do
+ context 'with Debian 10, enable => false' do
let(:facts) do
{
osfamily: 'Debian',
operatingsystem: 'Debian',
- operatingsystemrelease: '8.0',
+ operatingsystemrelease: '10',
}
end
let(:params) { { enable: 'false' } }
}
end
- context 'with Debian 10' do
+ context 'with Debian 11' do
let(:facts) do
{
osfamily: 'Debian',
operatingsystem: 'Debian',
- operatingsystemrelease: '10.0',
+ operatingsystemrelease: '11.0',
}
end
}
end
- context 'with Debian 10, enable => false' do
+ context 'with Debian 11, enable => false' do
let(:facts) do
{
osfamily: 'Debian',
operatingsystem: 'Debian',
- operatingsystemrelease: '10',
+ operatingsystemrelease: '11',
}
end
let(:params) { { enable: 'false' } }
describe 'firewall::linux::redhat', type: :class do
['RedHat', 'CentOS', 'Fedora', 'AlmaLinux'].each do |os|
- oldreleases = ((os == 'Fedora') ? ['14'] : ['6.5'])
- newreleases = ((os == 'Fedora') ? ['15', 'Rawhide'] : ['7.0.1406'])
+ releases = ((os == 'Fedora') ? ['36'] : ['7.0.1406'])
nftablesreleases = ((os == 'Fedora') ? [] : ['8.0'])
- oldreleases.each do |osrel|
- context "os #{os} and osrel #{osrel}" do
- let(:facts) do
- {
- operatingsystem: os,
- operatingsystemrelease: osrel,
- osfamily: 'RedHat',
- selinux: false,
- puppetversion: Puppet.version,
- }
- end
-
- it { is_expected.not_to contain_service('firewalld') }
- it { is_expected.not_to contain_package('iptables-services') }
- it {
- is_expected.to contain_file('/etc/sysconfig/iptables')
- is_expected.to contain_file('/etc/sysconfig/ip6tables')
- }
-
- it_behaves_like 'ensures iptables service'
- end
- end
-
- newreleases.each do |osrel|
+ releases.each do |osrel|
context "os #{os} and osrel #{osrel}" do
let(:facts) do
{
describe 'firewall::linux', type: :class do
['RedHat', 'CentOS'].each do |os|
context "Redhat Like: operatingsystem => #{os}" do
- releases = ['6', '7']
+ releases = ['6', '7', '8']
releases.each do |osrel|
context "operatingsystemrelease => #{osrel}" do
let(:facts) do
['Debian', 'Ubuntu'].each do |os|
context "Debian Like: operatingsystem => #{os}" do
- releases = ((os == 'Debian') ? ['10'] : ['20.04'])
+ releases = ((os == 'Debian') ? ['10', '11'] : ['20.04', '22.04'])
releases.each do |osrel|
let(:facts) do
{
# frozen_string_literal: true
require 'spec_helper'
-if Puppet::Util::Package.versioncmp(Puppet.version, '3.4.0') < 0
- require 'puppet/provider/confine/exists'
-else
- require 'puppet/confine/exists'
-end
+require 'puppet/confine/exists'
+
provider_class = Puppet::Type.type(:firewall).provider(:ip6tables)
describe 'ip6tables' do
let(:params) { { name: '000 test foo', action: 'accept' } }
# frozen_string_literal: true
require 'spec_helper'
-if Puppet::Util::Package.versioncmp(Puppet.version, '3.4.0') < 0
- require 'puppet/provider/confine/exists'
-else
- require 'puppet/confine/exists'
-end
+require 'puppet/confine/exists'
describe 'iptables chain' do
describe 'iptables chain provider detection' do
- if Puppet::Util::Package.versioncmp(Puppet.version, '3.4.0') < 0
- let(:exists) do
- Puppet::Provider::Confine::Exists
- end
- else
- let(:exists) do
- Puppet::Confine::Exists
- end
+ let(:exists) do
+ Puppet::Confine::Exists
end
before :each do
# frozen_string_literal: true
require 'spec_helper'
-if Puppet::Util::Package.versioncmp(Puppet.version, '3.4.0') < 0
- require 'puppet/provider/confine/exists'
-else
- require 'puppet/confine/exists'
-end
+require 'puppet/confine/exists'
describe 'iptables provider detection' do # rubocop:disable RSpec/MultipleDescribes
- if Puppet::Util::Package.versioncmp(Puppet.version, '3.4.0') < 0
- let(:exists) do
- Puppet::Provider::Confine::Exists
- end
- else
- let(:exists) do
- Puppet::Confine::Exists
- end
+
+ let(:exists) do
+ Puppet::Confine::Exists
end
before :each do
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff