From: Cristian Falcas <falcas@optymyze.com>
Date: Wed, 25 Nov 2015 12:26:10 +0000 (+0200)
Subject: allow iptables package to be updated
X-Git-Tag: 1.8.0~6^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=93785592d10b773c530fe4129dfca68d40bf5b79;p=puppet-modules%2Fpuppetlabs-firewall.git

allow iptables package to be updated
---

diff --git a/manifests/init.pp b/manifests/init.pp
index 97ed273..56c8091 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -13,6 +13,7 @@
 #
 class firewall (
   $ensure       = running,
+  $pkg_ensure   = present,
   $service_name = $::firewall::params::service_name,
   $package_name = $::firewall::params::package_name,
 ) inherits ::firewall::params {
@@ -29,6 +30,7 @@ class firewall (
     'Linux': {
       class { "${title}::linux":
         ensure       => $ensure,
+        pkg_ensure   => $pkg_ensure,
         service_name => $service_name,
         package_name => $package_name,
       }
diff --git a/manifests/linux.pp b/manifests/linux.pp
index e3f5129..4769516 100644
--- a/manifests/linux.pp
+++ b/manifests/linux.pp
@@ -13,6 +13,7 @@
 #
 class firewall::linux (
   $ensure       = running,
+  $pkg_ensure   = present,
   $service_name = $::firewall::params::service_name,
   $package_name = $::firewall::params::package_name,
 ) inherits ::firewall::params {
@@ -22,7 +23,7 @@ class firewall::linux (
   }
 
   package { 'iptables':
-    ensure => present,
+    ensure => $pkg_ensure,
   }
 
   case $::operatingsystem {
diff --git a/manifests/linux/archlinux.pp b/manifests/linux/archlinux.pp
index cfe1a69..bdd803b 100644
--- a/manifests/linux/archlinux.pp
+++ b/manifests/linux/archlinux.pp
@@ -14,14 +14,15 @@
 #   Default: true
 #
 class firewall::linux::archlinux (
-  $ensure       = 'running',
-  $enable       = true,
-  $service_name = $::firewall::params::service_name,
-  $package_name = $::firewall::params::package_name,
+  $ensure         = 'running',
+  $enable         = true,
+  $service_name   = $::firewall::params::service_name,
+  $package_name   = $::firewall::params::package_name,
+  $package_ensure = $::firewall::params::package_ensure,
 ) inherits ::firewall::params {
   if $package_name {
     package { $package_name:
-      ensure => $ensure,
+      ensure => $package_ensure,
     }
   }
 
diff --git a/manifests/linux/debian.pp b/manifests/linux/debian.pp
index a24d3ab..a857177 100644
--- a/manifests/linux/debian.pp
+++ b/manifests/linux/debian.pp
@@ -14,10 +14,11 @@
 #   Default: true
 #
 class firewall::linux::debian (
-  $ensure       = running,
-  $enable       = true,
-  $service_name = $::firewall::params::service_name,
-  $package_name = $::firewall::params::package_name,
+  $ensure         = running,
+  $enable         = true,
+  $service_name   = $::firewall::params::service_name,
+  $package_name   = $::firewall::params::package_name,
+  $package_ensure = $::firewall::params::package_ensure,
 ) inherits ::firewall::params {
 
   if $package_name {
@@ -27,7 +28,7 @@ class firewall::linux::debian (
         refreshonly => true
     }
     package { $package_name:
-      ensure  => present,
+      ensure  => $package_ensure,
       require => Exec['iptables-persistent-debconf']
     }
   }
diff --git a/manifests/linux/gentoo.pp b/manifests/linux/gentoo.pp
index 29a57cb..920e60c 100644
--- a/manifests/linux/gentoo.pp
+++ b/manifests/linux/gentoo.pp
@@ -14,14 +14,15 @@
 #   Default: true
 #
 class firewall::linux::gentoo (
-  $ensure       = 'running',
-  $enable       = true,
-  $service_name = $::firewall::params::service_name,
-  $package_name = $::firewall::params::package_name,
+  $ensure         = 'running',
+  $enable         = true,
+  $service_name   = $::firewall::params::service_name,
+  $package_name   = $::firewall::params::package_name,
+  $package_ensure = $::firewall::params::package_ensure,
 ) inherits ::firewall::params {
   if $package_name {
     package { $package_name:
-      ensure => present,
+      ensure => $package_ensure,
     }
   }
 
diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
index 680c04b..44ced37 100644
--- a/manifests/linux/redhat.pp
+++ b/manifests/linux/redhat.pp
@@ -13,10 +13,11 @@
 #   Default: true
 #
 class firewall::linux::redhat (
-  $ensure       = running,
-  $enable       = true,
-  $service_name = $::firewall::params::service_name,
-  $package_name = $::firewall::params::package_name,
+  $ensure         = running,
+  $enable         = true,
+  $service_name   = $::firewall::params::service_name,
+  $package_name   = $::firewall::params::package_name,
+  $package_ensure = $::firewall::params::package_ensure,
 ) inherits ::firewall::params {
 
   # RHEL 7 and later and Fedora 15 and later require the iptables-services
@@ -34,7 +35,7 @@ class firewall::linux::redhat (
 
   if $package_name {
     package { $package_name:
-      ensure => present,
+      ensure => $package_ensure,
       before => Service[$service_name],
     }
   }
diff --git a/manifests/params.pp b/manifests/params.pp
index 1e926e7..a988f01 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,4 +1,5 @@
 class firewall::params {
+  $package_ensure = 'present'
   case $::osfamily {
     'RedHat': {
       case $::operatingsystem {