--no-relative_classname_inclusion-check
--no-parameter_types-check
--no-top_scope_facts-check
---no-legacy_facts-check
- relative_classname_inclusion
- parameter_types
- top_scope_facts
- - legacy_facts
PuppetLint.configuration.send('disable_relative_classname_inclusion')
PuppetLint.configuration.send('disable_parameter_types')
PuppetLint.configuration.send('disable_top_scope_facts')
-PuppetLint.configuration.send('disable_legacy_facts')
if Bundler.rubygems.find_name('github_changelog_generator').any?
}
}
- case $::operatingsystem {
+ case $facts['os']['name'] {
'RedHat', 'CentOS', 'Fedora', 'Scientific', 'SL', 'SLC', 'Ascendos',
'CloudLinux', 'PSBM', 'OracleLinux', 'OVS', 'OEL', 'Amazon', 'XenServer',
'VirtuozzoLinux', 'Rocky', 'AlmaLinux': {
# RHEL 7 / CentOS 7 and later and Fedora 15 and later require the iptables-services
# package, which provides the /usr/libexec/iptables/iptables.init used by
# lib/puppet/util/firewall.rb.
- if ($::operatingsystem != 'Amazon') {
+ if ($facts['os']['name'] != 'Amazon') {
if $firewalld_manage {
service { 'firewalld':
ensure => stopped,
)
}
- if ($::operatingsystem != 'Amazon') {
+ if ($facts['os']['name'] != 'Amazon') {
if $ensure == 'running' {
$running_command = ['/usr/bin/systemctl', 'daemon-reload']
}
}
- if ($::operatingsystem == 'Amazon') and (versioncmp($::operatingsystemmajrelease, '4') >= 0)
- or ($::operatingsystem == 'Amazon') and (versioncmp($::operatingsystemmajrelease, '2') >= 0) {
+ if ($facts['os']['name'] == 'Amazon') and (versioncmp($facts['os']['release']['major'], '4') >= 0)
+ or ($facts['os']['name'] == 'Amazon') and (versioncmp($facts['os']['release']['major'], '2') >= 0) {
service { $service_name:
ensure => $ensure,
enable => $enable,
# Redhat 7 selinux user context for /etc/sysconfig/iptables is set to system_u
# Redhat 7 selinux type context for /etc/sysconfig/iptables is set to system_conf_t
- case $::selinux {
+ case $facts['os']['selinux']['enabled'] {
#lint:ignore:quoted_booleans
'true',true: {
- case $::operatingsystem {
+ case $facts['os']['name'] {
'CentOS': {
- case $::operatingsystemrelease {
+ case $facts['os']['release']['full'] {
/^6\..*/: {
$seluser = 'unconfined_u'
$seltype = 'system_conf_t'
#
class firewall::params {
$package_ensure = 'present'
- case $::osfamily {
+ case $facts['os']['family'] {
'RedHat': {
- case $::operatingsystem {
+ case $facts['os']['name'] {
'Amazon': {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
'Fedora': {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
- if versioncmp($::operatingsystemrelease, '34') >= 0 {
+ if versioncmp($facts['os']['release']['full'], '34') >= 0 {
$package_name = 'iptables-services'
$iptables_name = 'iptables-compat'
} else {
$firewalld_manage = true
}
default: {
- if versioncmp($::operatingsystemrelease, '9') >= 0 {
+ if versioncmp($facts['os']['release']['full'], '9') >= 0 {
$service_name = ['nftables','iptables']
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
$iptables_name = 'iptables-nft'
$sysconfig_manage = false
$firewalld_manage = false
- } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
+ } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 {
$service_name = ['iptables', 'nftables']
$service_name_v6 = 'ip6tables'
$package_name = ['iptables-services', 'nftables']
$iptables_name = 'iptables'
$sysconfig_manage = false
$firewalld_manage = true
- } elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 {
+ } elsif versioncmp($facts['os']['release']['full'], '7.0') >= 0 {
$service_name = 'iptables'
$service_name_v6 = 'ip6tables'
$package_name = 'iptables-services'
'Debian': {
$service_name_v6 = undef
$iptables_name = 'iptables'
- case $::operatingsystem {
+ case $facts['os']['name'] {
'Debian': {
- if versioncmp($::operatingsystemrelease, 'unstable') >= 0 {
+ if versioncmp($facts['os']['release']['full'], 'unstable') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'netfilter-persistent'
- } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
+ } elsif versioncmp($facts['os']['release']['full'], '8.0') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'iptables-persistent'
} else {
}
}
'Ubuntu': {
- if versioncmp($::operatingsystemrelease, '14.10') >= 0 {
+ if versioncmp($facts['os']['release']['full'], '14.10') >= 0 {
$service_name = 'netfilter-persistent'
$package_name = 'iptables-persistent'
} else {
default: {
$iptables_name = 'iptables'
$service_name_v6 = undef
- case $::operatingsystem {
+ case $facts['os']['name'] {
'Archlinux': {
$service_name = ['iptables','ip6tables']
$package_name = undef
let :facts do
{
kernel: 'Linux',
- operatingsystem: 'Debian',
- operatingsystemrelease: '8.0',
- osfamily: 'Debian',
+ os: {
+ name: 'Debian',
+ release: { full: '8.0' },
+ family: 'Debian',
+ },
}
end
end
describe 'firewall::linux::archlinux', type: :class do
let(:facts) do
{
- osfamily: 'Archlinux',
- operatingsystem: 'Archlinux',
+ os: {
+ family: 'ArchLinux',
+ name: 'ArchLinux',
+ },
}
end
context 'with Debian 10' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '10.0',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '10.0' },
+ },
}
end
context 'with Debian 10, enable => false' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '10',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '10' },
+ },
}
end
let(:params) { { enable: 'false' } }
context 'with Debian 10, ensure => stopped' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '10.0',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '10.0' },
+ },
}
end
let(:params) { { ensure: 'stopped' } }
context 'with Debian 11' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '11.0',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '11.0' },
+ },
}
end
context 'with Debian 11, enable => false' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '11',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '11' },
+ },
}
end
let(:params) { { enable: 'false' } }
context 'with Debian 11, ensure => stopped' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '10.0',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '10.0' },
+ },
}
end
let(:params) { { ensure: 'stopped' } }
context 'with Debian unstable' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: 'unstable',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: 'unstable' },
+ },
}
end
context 'with Debian unstable, enable => false' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: 'unstable',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: 'unstable' },
+ },
}
end
let(:params) { { enable: 'false' } }
context 'with Debian unstable, ensure => stopped' do
let(:facts) do
{
- osfamily: 'Debian',
- operatingsystem: 'Debian',
- operatingsystemrelease: '10.0',
+ os: {
+ family: 'Debian',
+ name: 'Debian',
+ release: { full: '10.0' },
+ },
}
end
let(:params) { { ensure: 'stopped' } }
context "os #{os} and osrel #{osrel}" do
let(:facts) do
{
- operatingsystem: os,
- operatingsystemrelease: osrel,
- osfamily: 'RedHat',
- selinux: false,
+ os: {
+ name: os,
+ release: { full: osrel },
+ family: 'RedHat',
+ selinux: { enabled: false },
+ },
puppetversion: Puppet.version,
}
end
context "os #{os} and osrel #{osrel}" do
let(:facts) do
{
- operatingsystem: os,
- operatingsystemrelease: osrel,
- osfamily: 'RedHat',
- selinux: false,
+ os: {
+ name: os,
+ release: { full: osrel },
+ family: 'RedHat',
+ selinux: { enabled: false },
+ },
puppetversion: Puppet.version,
}
end
let(:facts) do
{
kernel: 'Linux',
- operatingsystem: os,
- operatingsystemrelease: osrel,
- osfamily: 'RedHat',
- selinux: false,
+ os: {
+ name: os,
+ release: { full: osrel },
+ family: 'RedHat',
+ selinux: { enabled: false },
+ },
puppetversion: Puppet.version,
}
end
let(:facts) do
{
kernel: 'Linux',
- operatingsystem: os,
- operatingsystemrelease: osrel,
- osfamily: 'Debian',
- selinux: false,
+ os: {
+ name: os,
+ release: { full: osrel },
+ family: 'Debian',
+ selinux: { enabled: false },
+ },
puppetversion: Puppet.version,
}
end
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff