From: Dan Carley <dan.carley@gmail.com>
Date: Sun, 18 Mar 2012 13:16:38 +0000 (+0000)
Subject: (#13201) Tests and docstring for chain autorequire
X-Git-Tag: 0.1.0~38^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=94db8f21fee84776cbfcae43c9a9a4ff2e31b129;p=puppet-modules%2Fpuppetlabs-firewall.git
(#13201) Tests and docstring for chain autorequire
Test for autorequire behaviour on :chain, :jump, and :chain + :jump params.
With both specified and default/undef :table and :provider params.
Document autorequire behaviour in docstring.
---
diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index df26ad9..680f776 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -15,6 +15,10 @@ Puppet::Type.newtype(:firewall) do
@doc = <<-EOS
This type provides the capability to manage firewall rules within
puppet.
+
+ **Autorequires:** If Puppet is managing the iptables or ip6tables chains
+ specified in the `chain` or `jump` parameters, the firewall resource
+ will autorequire those firewallchain resources.
EOS
feature :rate_limiting, "Rate limiting features."
diff --git a/spec/unit/puppet/type/firewall_spec.rb b/spec/unit/puppet/type/firewall_spec.rb
index 4d1eca8..4fb814a 100755
--- a/spec/unit/puppet/type/firewall_spec.rb
+++ b/spec/unit/puppet/type/firewall_spec.rb
@@ -305,4 +305,85 @@ describe firewall do
@resource[:set_mark].should == '0x3e8'
end
end
+
+ [:chain, :jump].each do |param|
+ describe param do
+ it 'should autorequire fwchain when table and provider are undefined' do
+ @resource[param] = 'FOO'
+ @resource[:table].should == :filter
+ @resource[:provider].should == :iptables
+
+ chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4')
+ catalog = Puppet::Resource::Catalog.new
+ catalog.add_resource @resource
+ catalog.add_resource chain
+ rel = @resource.autorequire[0]
+ rel.source.ref.should == chain.ref
+ rel.target.ref.should == @resource.ref
+ end
+
+ it 'should autorequire fwchain when table is undefined and provider is ip6tables' do
+ @resource[param] = 'FOO'
+ @resource[:table].should == :filter
+ @resource[:provider] = :ip6tables
+
+ chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv6')
+ catalog = Puppet::Resource::Catalog.new
+ catalog.add_resource @resource
+ catalog.add_resource chain
+ rel = @resource.autorequire[0]
+ rel.source.ref.should == chain.ref
+ rel.target.ref.should == @resource.ref
+ end
+
+ it 'should autorequire fwchain when table is raw and provider is undefined' do
+ @resource[param] = 'FOO'
+ @resource[:table] = :raw
+ @resource[:provider].should == :iptables
+
+ chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv4')
+ catalog = Puppet::Resource::Catalog.new
+ catalog.add_resource @resource
+ catalog.add_resource chain
+ rel = @resource.autorequire[0]
+ rel.source.ref.should == chain.ref
+ rel.target.ref.should == @resource.ref
+ end
+
+ it 'should autorequire fwchain when table is raw and provider is ip6tables' do
+ @resource[param] = 'FOO'
+ @resource[:table] = :raw
+ @resource[:provider] = :ip6tables
+
+ chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv6')
+ catalog = Puppet::Resource::Catalog.new
+ catalog.add_resource @resource
+ catalog.add_resource chain
+ rel = @resource.autorequire[0]
+ rel.source.ref.should == chain.ref
+ rel.target.ref.should == @resource.ref
+ end
+ end
+ end
+
+ describe ":chain and :jump" do
+ it 'should autorequire independent fwchains' do
+ @resource[:chain] = 'FOO'
+ @resource[:jump] = 'BAR'
+ @resource[:table].should == :filter
+ @resource[:provider].should == :iptables
+
+ chain_foo = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4')
+ chain_bar = Puppet::Type.type(:firewallchain).new(:name => 'BAR:filter:IPv4')
+ catalog = Puppet::Resource::Catalog.new
+ catalog.add_resource @resource
+ catalog.add_resource chain_foo
+ catalog.add_resource chain_bar
+ rel = @resource.autorequire
+ rel[0].source.ref.should == chain_foo.ref
+ rel[0].target.ref.should == @resource.ref
+ rel[1].source.ref.should == chain_bar.ref
+ rel[1].target.ref.should == @resource.ref
+ end
+ end
end