]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commitdiff
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 0fb7f6f)
Add tests for the recommended setup
authorKen Barber <ken@bob.sh>
Sat, 13 Apr 2013 19:00:43 +0000 (20:00 +0100)
committerKen Barber <ken@bob.sh>
Sat, 13 Apr 2013 19:00:43 +0000 (20:00 +0100)
Using the documented recommended setup, we test if it works with no error and
test if it is idempotent by running it again, looking for resource changes.

Signed-off-by: Ken Barber <ken@bob.sh>
spec/system/class_spec.rb patch | blob | history
spec/system/stanard_usage_spec.rb [new file with mode: 0644] patch | blob

diff --git a/spec/system/class_spec.rb b/spec/system/class_spec.rb
index 6dfaa2e78aba95172af519c156e231cf62b8ecfb..8ba8415a53af72b71f1e9c5ad7c86e9fba589091 100644 (file)
--- a/spec/system/class_spec.rb
+++ b/spec/system/class_spec.rb
@@ -1,10 +1,13 @@
 require 'spec_helper_system'
 
 describe "firewall class:" do
-  it "should run without event" do
+  let(:pp) do
     pp = <<-EOS
       class { 'firewall': }
     EOS
+  end
+
+  it "should run without event" do
     puppet_apply(pp) do |r|
       r[:stderr].should == ''
       r[:exit_code].should_not eq(1)
@@ -12,9 +15,6 @@ describe "firewall class:" do
   end
 
   it "should be idempotent" do
-    pp = <<-EOS
-      class { 'firewall': }
-    EOS
     puppet_apply(pp) do |r|
       r[:stderr].should == ''
       r[:exit_code].should == 0
diff --git a/spec/system/stanard_usage_spec.rb b/spec/system/stanard_usage_spec.rb
new file mode 100644 (file)
index 0000000..fc935f7
--- /dev/null
+++ b/spec/system/stanard_usage_spec.rb
@@ -0,0 +1,65 @@
+require 'spec_helper_system'
+
+# Some tests for the standard recommended usage
+describe "standard usage:" do
+  let(:pp) do
+    pp = <<-EOS
+class my_fw::pre {
+  Firewall {
+    require => undef,
+  }
+
+  # Default firewall rules
+  firewall { '000 accept all icmp':
+    proto   => 'icmp',
+    action  => 'accept',
+  }->
+  firewall { '001 accept all to lo interface':
+    proto   => 'all',
+    iniface => 'lo',
+    action  => 'accept',
+  }->
+  firewall { '002 accept related established rules':
+    proto   => 'all',
+    state   => ['RELATED', 'ESTABLISHED'],
+    action  => 'accept',
+  }
+}
+class my_fw::post {
+  firewall { '999 drop all':
+    proto   => 'all',
+    action  => 'drop',
+    before  => undef,
+  }
+}
+resources { "firewall":
+  purge => true
+}
+Firewall {
+  before  => Class['my_fw::post'],
+  require => Class['my_fw::pre'],
+}
+class { ['my_fw::pre', 'my_fw::post']: }
+class { 'firewall': }
+firewall { '500 open up port 22':
+  action => 'accept',
+  proto => 'tcp',
+  dport => 22,
+}
+    EOS
+  end
+
+  it 'make sure it runs without error' do
+    puppet_apply(pp) do |r|
+      r[:stderr].should == ''
+      r[:exit_code].should_not eq(1)
+    end
+  end
+
+  it 'should be idempotent' do
+    puppet_apply(pp) do |r|
+      r[:stderr].should == ''
+      r[:exit_code].should == 0
+    end
+  end
+end