--- /dev/null
+---
+default_set: 'centos-63-x64'
+sets:
+ 'centos-58-x64':
+ nodes:
+ "main":
+ prefab: 'centos-58-x64'
+ 'centos-63-x64':
+ nodes:
+ "main":
+ prefab: 'centos-63-x64'
+ 'debian-606-x64':
+ nodes:
+ "main":
+ prefab: 'debian-606-x64'
+ 'ubuntu-server-1004-x64':
+ nodes:
+ "main":
+ prefab: 'ubuntu-server-1004-x64'
+ 'ubuntu-server-1204-x64':
+ nodes:
+ "main":
+ prefab: 'ubuntu-server-1204-x64'
group :development, :test do
gem 'puppetlabs_spec_helper', :require => false
+ gem 'rspec-system', '0.1.3'
end
if puppetversion = ENV['PUPPET_GEM_VERSION']
And run the tests from the root of the source code:
rake test
+
+If you have a copy of Vagrant 1.1.0 you can also run the system tests:
+
+ RSPEC_SET=debian-606-x64 rake spec:system
+ RSPEC_SET=centos-58-x64 rake spec:system
+
+*Note:* system testing is fairly alpha at this point, your mileage may vary.
require 'rspec/core/rake_task'
require 'puppetlabs_spec_helper/rake_tasks'
+require 'rspec-system/rake_task'
task :default do
sh %{rake -T}
--- /dev/null
+# This helper file is specific to the system tests for puppetlabs-firewall
+# and should be included by all tests under spec/system
+require 'rspec-system/spec_helper'
+
+RSpec.configure do |c|
+ # Project root for the firewall code
+ proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+ # This is where we 'setup' the nodes before running our tests
+ c.system_setup_block = proc do
+ # TODO: find a better way of importing these into this namespace
+ include RSpecSystem::Helpers
+ include RSpecSystem::Log
+
+ # TODO: this setup stuff is fairly generic, should move this into a plugin
+ # for rspec-system.
+
+ # Grab facts from node
+ facts = system_node.facts
+
+ # Remove annoying mesg n from profile, otherwise on Debian we get:
+ # stdin: is not a tty which messes with our tests later on.
+ if facts['osfamily'] == 'Debian'
+ log.info("Remove 'mesg n' from profile to stop noise")
+ system_run("sed -i 's/^mesg n/# mesg n/' /root/.profile")
+ end
+
+ # Grab PL repository and install PL copy of puppet
+ log.info "Starting installation of puppet from PL repos"
+ if facts['osfamily'] == 'RedHat'
+ system_run('rpm -ivh http://yum.puppetlabs.com/el/5/products/i386/puppetlabs-release-5-6.noarch.rpm')
+ system_run('yum install -y puppet')
+ elsif facts['osfamily'] == 'Debian'
+ system_run("wget http://apt.puppetlabs.com/puppetlabs-release-#{facts['lsbdistcodename']}.deb")
+ system_run("dpkg -i puppetlabs-release-#{facts['lsbdistcodename']}.deb")
+ system_run('apt-get update')
+ system_run('apt-get install -y puppet')
+ end
+
+ # Prep modules dir
+ log.info("Preparing modules dir")
+ system_run('mkdir -p /etc/puppet/modules')
+
+ # Copy the current code into appropriate module dir
+ # TODO: we could always use the build process, copy tarball across etc.
+ # just a shame the puppet module tool doesn't handle standalone tarballs
+ # yet.
+ log.info("Now transferring module onto node")
+ system_rcp(:sp => proj_root, :dp => '/etc/puppet/modules/firewall')
+ end
+end
--- /dev/null
+require 'spec_helper_system'
+
+# TODO: we probably wanna break this into pieces
+describe "basic tests:" do
+ # This helper flushes all tables on the default machine.
+ #
+ # It checks that the flush command returns with no errors.
+ def iptables_flush_all_tables
+ ['filter', 'nat', 'mangle', 'raw'].each do |t|
+ system_run("iptables -t #{t} -F") do |s, o, e|
+ s.exitstatus.should == 0
+ e.should == ''
+ end
+ end
+ end
+
+ context 'prelim:' do
+ it 'make sure we have copied the module across' do
+ # No point diagnosing any more if the module wasn't copied properly
+ system_run("ls /etc/puppet/modules/firewall") do |s, o, e|
+ s.exitstatus.should == 0
+ o.should =~ /Modulefile/
+ e.should == ''
+ end
+ end
+ end
+
+ context 'puppet resource firewall command:' do
+ it 'make sure it returns no errors when executed on a clean machine' do
+ # Except for the absence of iptables, it should run perfectly usually
+ # most hosts have iptables at least.
+ system_run('puppet resource firewall') do |s, o, e|
+ s.exitstatus.should == 0
+ # don't check stdout, some boxes come with rules, that is normal
+ e.should == ''
+ end
+ end
+
+ it 'flush iptables and make sure it returns nothing afterwards' do
+ iptables_flush_all_tables
+ # No rules, means no output thanks. And no errors as well.
+ system_run('puppet resource firewall') do |s, o, e|
+ s.exitstatus.should == 0
+ e.should == ''
+ o.should == "\n"
+ end
+ end
+ end
+end
require 'spec_helper'
-describe 'firewall::linux::debian' do
+describe 'firewall::linux::debian', :type => :class do
it { should contain_package('iptables-persistent').with(
:ensure => 'present'
)}
require 'spec_helper'
-describe 'firewall::linux::redhat' do
+describe 'firewall::linux::redhat', :type => :class do
it { should contain_service('iptables').with(
:ensure => 'running',
:enable => 'true'
require 'spec_helper'
-describe 'firewall::linux' do
+describe 'firewall::linux', :type => :class do
let(:facts_default) {{ :kernel => 'Linux' }}
it { should contain_package('iptables').with_ensure('present') }
require 'spec_helper'
-describe 'firewall' do
+describe 'firewall', :type => :class do
context 'kernel => Linux' do
let(:facts) {{ :kernel => 'Linux' }}
it { should include_class('firewall::linux') }
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff