From: tphoney <tp@puppet.com>
Date: Tue, 19 Feb 2019 18:14:53 +0000 (+0000)
Subject: rename test files to reflect what they do
X-Git-Tag: 1.15.2~9^2~6
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=4f4d340513cdf71575b2285ecbf08de2b95b6e5e;p=puppet-modules%2Fpuppetlabs-firewall.git

rename test files to reflect what they do
---

diff --git a/spec/acceptance/firewall_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb
similarity index 96%
rename from spec/acceptance/firewall_spec.rb
rename to spec/acceptance/firewall_attributes_exceptions_spec.rb
index 17ebfbc..9517de2 100644
--- a/spec/acceptance/firewall_spec.rb
+++ b/spec/acceptance/firewall_attributes_exceptions_spec.rb
@@ -7,31 +7,10 @@ describe 'firewall basics', docker: true do
   end
 
   describe 'name' do
-    context 'when valid' do
-      pp1 = <<-PUPPETCODE
-          class { '::firewall': }
-          firewall { '001 - test': ensure => present }
-      PUPPETCODE
-      it 'applies cleanly' do
-        apply_manifest(pp1, catch_failures: true)
-      end
-    end
-
-    context 'when invalid' do
-      pp2 = <<-PUPPETCODE
-          class { '::firewall': }
-          firewall { 'test': ensure => present }
-      PUPPETCODE
-      it 'fails' do
-        apply_manifest(pp2, expect_failures: true) do |r|
-          expect(r.stderr).to match(%r{Invalid value "test".})
-        end
-      end
-    end
-
     context 'when invalid ordering range specified' do
       pp = <<-PUPPETCODE
           class { '::firewall': }
+          firewall { '001 - test': ensure => present }
           firewall { '9946 test': ensure => present }
       PUPPETCODE
       it 'fails' do
@@ -43,26 +22,6 @@ describe 'firewall basics', docker: true do
   end
 
   describe 'ensure' do
-    context 'when default' do
-      pp3 = <<-PUPPETCODE
-          class { '::firewall': }
-          firewall { '555 - test':
-            proto  => tcp,
-            port   => '555',
-            action => accept,
-          }
-      PUPPETCODE
-      it 'applies' do
-        apply_manifest(pp3, catch_failures: true)
-      end
-
-      it 'contains the rule' do
-        shell('iptables-save') do |r|
-          expect(r.stdout).to match(%r{-A INPUT -p tcp -m multiport --ports 555 -m comment --comment "555 - test" -j ACCEPT})
-        end
-      end
-    end
-
     context 'when present' do
       pp4 = <<-PUPPETCODE
           class { '::firewall': }
@@ -107,50 +66,6 @@ describe 'firewall basics', docker: true do
   end
 
   describe 'source' do
-    context 'when 192.168.2.0/24' do
-      pp7 = <<-PUPPETCODE
-          class { '::firewall': }
-          firewall { '556 - test':
-            proto  => tcp,
-            port   => '556',
-            action => accept,
-            source => '192.168.2.0/24',
-          }
-      PUPPETCODE
-      it 'applies' do
-        apply_manifest(pp7, catch_failures: true)
-        apply_manifest(pp7, catch_changes: do_catch_changes)
-      end
-
-      it 'contains the rule' do
-        shell('iptables-save') do |r|
-          expect(r.stdout).to match(%r{-A INPUT -s 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - test" -j ACCEPT})
-        end
-      end
-    end
-
-    context 'when ! 192.168.2.0/24' do
-      pp8 = <<-PUPPETCODE
-          class { '::firewall': }
-          firewall { '556 - test':
-            proto  => tcp,
-            port   => '556',
-            action => accept,
-            source => '! 192.168.2.0/24',
-          }
-      PUPPETCODE
-      it 'applies' do
-        apply_manifest(pp8, catch_failures: true)
-        apply_manifest(pp8, catch_changes: do_catch_changes)
-      end
-
-      it 'contains the rule' do
-        shell('iptables-save') do |r|
-          expect(r.stdout).to match(%r{-A INPUT (! -s|-s !) 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - test" -j ACCEPT})
-        end
-      end
-    end
-
     # Invalid address
     context 'when 256.168.2.0/24' do
       pp9 = <<-PUPPETCODE
diff --git a/spec/acceptance/firewall_attributes_spec.rb b/spec/acceptance/firewall_attributes_happy_path_spec.rb
similarity index 65%
rename from spec/acceptance/firewall_attributes_spec.rb
rename to spec/acceptance/firewall_attributes_happy_path_spec.rb
index 18abccc..bfb65ec 100644
--- a/spec/acceptance/firewall_attributes_spec.rb
+++ b/spec/acceptance/firewall_attributes_happy_path_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper_acceptance'
 
-describe 'connlimit property' do
+describe 'firewall attribute testing, happy path' do
   before :all do
     iptables_flush_all_tables
     ip6tables_flush_all_tables
@@ -22,13 +22,25 @@ describe 'connlimit property' do
             connmark => '0x1',
             action   => reject,
           }
+          firewall { '556 - source':
+            proto  => tcp,
+            port   => '556',
+            action => accept,
+            source => '192.168.2.0/24',
+          }
+          firewall { '557 - source negated':
+            proto  => tcp,
+            port   => '557',
+            action => accept,
+            source => '! 192.168.2.0/24',
+          }
           firewall { '801 - gid root':
             chain => 'OUTPUT',
             action => accept,
             gid => 'root',
             proto => 'all',
           }
-          firewall { '802 - gid not root':
+          firewall { '802 - gid root negated':
             chain => 'OUTPUT',
             action => accept,
             gid => '!root',
@@ -40,7 +52,7 @@ describe 'connlimit property' do
             uid => '0',
             proto => 'all',
           }
-          firewall { '804 - uid not 0':
+          firewall { '804 - uid 0 negated':
             chain => 'OUTPUT',
             action => accept,
             uid => '!0',
@@ -57,20 +69,26 @@ describe 'connlimit property' do
         %r{-A INPUT -p tcp -m multiport --dports 2222 -m connlimit --connlimit-above 10 --connlimit-mask 24 (--connlimit-saddr )?-m comment --comment "501 - connlimit" -j REJECT --reject-with icmp-port-unreachable}, # rubocop:disable Metrics/LineLength
       )
     end
-    it 'contains the connmark' do
+    it 'contains connmark' do
       expect(result.stdout).to match(%r{-A INPUT -m connmark --mark 0x1 -m comment --comment "502 - connmark" -j REJECT --reject-with icmp-port-unreachable})
     end
-    it 'when gid set to root' do
+    it 'source is set' do
+      expect(result.stdout).to match(%r{-A INPUT -s 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - source" -j ACCEPT})
+    end
+    it 'source is negated' do
+      expect(result.stdout).to match(%r{-A INPUT (! -s|-s !) 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 557 -m comment --comment "557 - source negated" -j ACCEPT})
+    end
+    it 'gid set to root' do
       expect(result.stdout).to match(%r{-A OUTPUT -m owner --gid-owner (0|root) -m comment --comment "801 - gid root" -j ACCEPT})
     end
-    it 'when gid set to not root' do
-      expect(result.stdout).to match(%r{-A OUTPUT -m owner ! --gid-owner (0|root) -m comment --comment "802 - gid not root" -j ACCEPT})
+    it 'gid set to root negated' do
+      expect(result.stdout).to match(%r{-A OUTPUT -m owner ! --gid-owner (0|root) -m comment --comment "802 - gid root negated" -j ACCEPT})
     end
-    it 'when uid set to 0' do
+    it 'uid set to 0' do
       expect(result.stdout).to match(%r{-A OUTPUT -m owner --uid-owner (0|root) -m comment --comment "803 - uid 0" -j ACCEPT})
     end
-    it 'when uid set to not 0' do
-      expect(result.stdout).to match(%r{-A OUTPUT -m owner ! --uid-owner (0|root) -m comment --comment "804 - uid not 0" -j ACCEPT})
+    it 'uid set to 0 negated' do
+      expect(result.stdout).to match(%r{-A OUTPUT -m owner ! --uid-owner (0|root) -m comment --comment "804 - uid 0 negated" -j ACCEPT})
     end
   end
 end