]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commitdiff
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: dc3bd7f)
Fix netmap acceptance tests
authorColleen Murphy <colleen@puppetlabs.com>
Tue, 23 Dec 2014 19:48:19 +0000 (11:48 -0800)
committerColleen Murphy <colleen@puppetlabs.com>
Tue, 23 Dec 2014 20:45:12 +0000 (12:45 -0800)
This commit:
  - Updates the netmap acceptance tests to have the correct identifying
    comment
  - Resets iptables inbetween the two tests since the rules can't be
    changed
  - Updates a regex in the iptables provider to check for spaces before
    and after a flag so that "--to" isn't confused with "--to-port"

lib/puppet/provider/firewall/iptables.rb patch | blob | history
spec/acceptance/firewall_spec.rb patch | blob | history

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 233d96094198d9c583b3046ec93e291483a265d0..cda5d08bdda82f43bd49b337d3aa10aa7a4f7fc8 100644 (file)
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -267,7 +267,7 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
     map_index={}
     @resource_map.each_pair do |map_k,map_v|
       [map_v].flatten.each do |v|
-        ind=values.index(/\s#{v}/)
+        ind=values.index(/\s#{v}\s/)
         next unless ind
         map_index[map_k]=ind
      end
diff --git a/spec/acceptance/firewall_spec.rb b/spec/acceptance/firewall_spec.rb
index ac172b0e32919bb48471b437576a8644cbb2e0af..06e47c6cdd9a606ef627fcfd15c86bd9dcecf50c 100644 (file)
--- a/spec/acceptance/firewall_spec.rb
+++ b/spec/acceptance/firewall_spec.rb
@@ -1701,11 +1701,18 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
 
       it 'should contain the rule' do
         shell('iptables-save -t nat') do |r|
-          expect(r.stdout).to match(/-A PREROUTING -s 200.200.200.200(\/32)? -p tcp -m comment --comment "611 - test" -j NETMAP --to 192.168.1.1/)
+          expect(r.stdout).to match(/-A PREROUTING -s 200.200.200.200(\/32)? -p tcp -m comment --comment "569 - test" -j NETMAP --to 192.168.1.1/)
         end
       end
     end
 
+     describe 'reset' do
+       it 'deletes all rules' do
+         shell('ip6tables --flush')
+         shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush')
+       end
+     end
+
     context 'Source netmap 192.168.1.1' do
       it 'applies' do
         pp = <<-EOS
@@ -1725,7 +1732,7 @@ describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfami
 
       it 'should contain the rule' do
         shell('iptables-save -t nat') do |r|
-          expect(r.stdout).to match(/-A POSTROUTING -d 200.200.200.200(\/32)? -p tcp -m comment --comment "611 - test" -j NETMAP --to 192.168.1.1/)
+          expect(r.stdout).to match(/-A POSTROUTING -d 200.200.200.200(\/32)? -p tcp -m comment --comment "569 - test" -j NETMAP --to 192.168.1.1/)
         end
       end
     end