From: Ashley Penney Date: Thu, 19 Dec 2013 17:25:31 +0000 (-0500) Subject: Convert rspec-system tests to beaker-rspec. X-Git-Tag: 0.5.0~22^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=acbe1958e57519ce8d665d3f6fb7550926636a68;p=puppet-modules%2Fpuppetlabs-firewall.git Convert rspec-system tests to beaker-rspec. This work migrates the existing tests to beaker-rspec. --- diff --git a/spec/acceptance/basic_spec.rb b/spec/acceptance/basic_spec.rb new file mode 100644 index 0000000..12aa1eb --- /dev/null +++ b/spec/acceptance/basic_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper_acceptance' + +# Here we put the more basic fundamental tests, ultra obvious stuff. +describe "basic tests:" do + it 'make sure we have copied the module across' do + shell('ls /etc/puppet/modules/firewall/Modulefile', {:acceptable_exit_codes => 0}) + end +end diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb new file mode 100644 index 0000000..aaf05a1 --- /dev/null +++ b/spec/acceptance/class_spec.rb @@ -0,0 +1,27 @@ +require 'spec_helper_acceptance' + +describe "firewall class:" do + it 'should run successfully' do + pp = "class { 'firewall': }" + + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero + end + + it 'ensure => stopped:' do + pp = "class { 'firewall': ensure => stopped }" + + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero + end + + it 'ensure => running:' do + pp = "class { 'firewall': ensure => running }" + + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero + end +end diff --git a/spec/acceptance/nodesets/centos-59-x64.yml b/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 0000000..b0a4ba8 --- /dev/null +++ b/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,8 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: centos-59-x64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant diff --git a/spec/acceptance/nodesets/centos-64-x64.yml b/spec/acceptance/nodesets/centos-64-x64.yml new file mode 100644 index 0000000..8f57028 --- /dev/null +++ b/spec/acceptance/nodesets/centos-64-x64.yml @@ -0,0 +1,8 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-i386 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml new file mode 120000 index 0000000..2719644 --- /dev/null +++ b/spec/acceptance/nodesets/default.yml @@ -0,0 +1 @@ +centos-64-x64.yml \ No newline at end of file diff --git a/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 0000000..2b8fe4a --- /dev/null +++ b/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,8 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-server-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant diff --git a/spec/system/params_spec.rb b/spec/acceptance/params_spec.rb similarity index 64% rename from spec/system/params_spec.rb rename to spec/acceptance/params_spec.rb index f6d6356..916cc1a 100644 --- a/spec/system/params_spec.rb +++ b/spec/acceptance/params_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper_system' +require 'spec_helper_acceptance' describe "param based tests:" do # Takes a hash and converts it into a firewall resource @@ -8,7 +8,7 @@ describe "param based tests:" do firewall { '#{name}': EOS - params.each do |k,v| + params.each do |k,v| pm += <<-EOS #{k} => #{v}, EOS @@ -23,10 +23,8 @@ firewall { '#{name}': it 'test various params' do iptables_flush_all_tables - facts = node.facts - - unless (facts['operatingsystem'] == 'CentOS') && \ - facts['operatingsystemrelease'] =~ /^5\./ then + unless (fact('operatingsystem') == 'CentOS') && \ + fact('operatingsystemrelease') =~ /^5\./ then ppm = pp({ 'table' => "'raw'", @@ -36,13 +34,8 @@ firewall { '#{name}': 'log_level' => 'debug', }) - puppet_apply(ppm) do |r| - r.exit_code.should == 2 - r.stderr.should be_empty - r.refresh - r.stderr.should be_empty - r.exit_code.should be_zero - end + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero end end @@ -55,13 +48,8 @@ firewall { '#{name}': 'jump' => 'LOG', 'log_level' => 'debug', }) - puppet_apply(ppm) do |r| - r.exit_code.should == 2 - r.stderr.should be_empty - r.refresh - r.stderr.should be_empty - r.exit_code.should be_zero - end + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero end it 'test log rule - changing names' do @@ -87,20 +75,14 @@ firewall { '#{name}': 'log_prefix' => '"IPTABLES dropped invalid: "', }) - puppet_apply(ppm1) do |r| - r.stderr.should be_empty - r.exit_code.should == 2 - end + expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to eq(2) ppm = <<-EOS + "\n" + ppm2 resources { 'firewall': purge => true, } EOS - puppet_apply(ppm) do |r| - r.stderr.should be_empty - r.exit_code.should == 2 - end + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) end it 'test log rule - idempotent' do @@ -116,13 +98,8 @@ firewall { '#{name}': 'log_prefix' => '"IPTABLES dropped invalid: "', }) - puppet_apply(ppm1) do |r| - r.exit_code.should == 2 - r.stderr.should be_empty - r.refresh - r.stderr.should be_empty - r.exit_code.should be_zero - end + expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to eq(2) + expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to be_zero end it 'test src_range rule' do @@ -135,13 +112,8 @@ firewall { '#{name}': 'action' => 'drop', 'src_range' => '"10.0.0.1-10.0.0.10"', }) - puppet_apply(ppm) do |r| - r.exit_code.should == 2 - r.stderr.should be_empty - r.refresh - r.stderr.should be_empty - r.exit_code.should be_zero - end + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero end it 'test dst_range rule' do @@ -154,13 +126,8 @@ firewall { '#{name}': 'action' => 'drop', 'dst_range' => '"10.0.0.2-10.0.0.20"', }) - puppet_apply(ppm) do |r| - r.exit_code.should == 2 - r.stderr.should be_empty - r.refresh - r.stderr.should be_empty - r.exit_code.should be_zero - end + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) + expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero end end diff --git a/spec/acceptance/purge_spec.rb b/spec/acceptance/purge_spec.rb new file mode 100644 index 0000000..e1c29e8 --- /dev/null +++ b/spec/acceptance/purge_spec.rb @@ -0,0 +1,30 @@ +require 'spec_helper_acceptance' + +describe "purge tests:" do + before(:all) do + iptables_flush_all_tables + + shell('/sbin/iptables -A INPUT -s 1.2.1.2') + shell('/sbin/iptables -A INPUT -s 1.2.1.2') + end + + it 'make sure duplicate existing rules get purged' do + + pp = <<-EOS + class { 'firewall': } + resources { 'firewall': + purge => true, + } + EOS + + expect(apply_manifest(pp, :catch_failures => true).exit_code).to eq(2) + end + + it 'saves' do + shell('/sbin/iptables-save') do |r| + r.stdout.should_not =~ /1\.2\.1\.2/ + r.stderr.should be_empty + end + end + +end diff --git a/spec/system/resource_cmd_spec.rb b/spec/acceptance/resource_cmd_spec.rb similarity index 50% rename from spec/system/resource_cmd_spec.rb rename to spec/acceptance/resource_cmd_spec.rb index abd214e..f67c300 100644 --- a/spec/system/resource_cmd_spec.rb +++ b/spec/acceptance/resource_cmd_spec.rb @@ -1,53 +1,61 @@ -require 'spec_helper_system' +require 'spec_helper_acceptance' # Here we want to test the the resource commands ability to work with different # existing ruleset scenarios. This will give the parsing capabilities of the # code a good work out. describe 'puppet resource firewall command:' do context 'make sure it returns no errors when executed on a clean machine' do - context puppet_resource('firewall') do - its(:exit_code) { should be_zero } - # don't check stdout, some boxes come with rules, that is normal - its(:stderr) { should be_empty } + it do + shell('puppet resource firewall') do |r| + r.exit_code.should be_zero + # don't check stdout, some boxes come with rules, that is normal + r.stderr.should be_empty + end end end context 'flush iptables and make sure it returns nothing afterwards' do - before :all do + before(:all) do iptables_flush_all_tables end # No rules, means no output thanks. And no errors as well. - context puppet_resource('firewall') do - its(:exit_code) { should be_zero } - its(:stderr) { should be_empty } - its(:stdout) { should == "\n" } + it do + shell('puppet resource firewall') do |r| + r.exit_code.should be_zero + r.stderr.should be_empty + r.stdout.should == "\n" + end end end context 'accepts rules without comments' do - before :all do + before(:all) do iptables_flush_all_tables shell('/sbin/iptables -A INPUT -j ACCEPT -p tcp --dport 80') end - context puppet_resource('firewall') do |r| - its(:exit_code) { should be_zero } - # don't check stdout, testing preexisting rules, output is normal - its(:stderr) { should be_empty } + it do + shell('puppet resource firewall') do |r| + r.exit_code.should be_zero + # don't check stdout, testing preexisting rules, output is normal + r.stderr.should be_empty + end end end context 'accepts rules with invalid comments' do - before :all do + before(:all) do iptables_flush_all_tables shell('/sbin/iptables -A INPUT -j ACCEPT -p tcp --dport 80 -m comment --comment "http"') end - context puppet_resource('firewall') do - its(:exit_code) { should be_zero } - # don't check stdout, testing preexisting rules, output is normal - its(:stderr) { should be_empty } + it do + shell('puppet resource firewall') do |r| + r.exit_code.should be_zero + # don't check stdout, testing preexisting rules, output is normal + r.stderr.should be_empty + end end end end diff --git a/spec/system/standard_usage_spec.rb b/spec/acceptance/standard_usage_spec.rb similarity index 80% rename from spec/system/standard_usage_spec.rb rename to spec/acceptance/standard_usage_spec.rb index 49d4ce3..f29278b 100644 --- a/spec/system/standard_usage_spec.rb +++ b/spec/acceptance/standard_usage_spec.rb @@ -1,8 +1,8 @@ -require 'spec_helper_system' +require 'spec_helper_acceptance' # Some tests for the standard recommended usage describe 'standard usage tests:' do - context 'standard 1' do + it 'applies twice' do pp = <<-EOS class my_fw::pre { Firewall { @@ -48,12 +48,8 @@ describe 'standard usage tests:' do } EOS - context puppet_apply(pp) do - its(:stderr) { should be_empty } - its(:exit_code) { should_not == 1 } - its(:refresh) { should be_nil } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb new file mode 100644 index 0000000..cc7cae3 --- /dev/null +++ b/spec/spec_helper_acceptance.rb @@ -0,0 +1,35 @@ +require 'beaker-rspec' + +def iptables_flush_all_tables + ['filter', 'nat', 'mangle', 'raw'].each do |t| + shell "/sbin/iptables -t #{t} -F" do |r| + r.stderr.should be_empty + r.exit_code.should be_zero + end + end +end + +hosts.each do |host| + # Install Puppet + install_package host, 'rubygems' + on host, 'gem install puppet --no-ri --no-rdoc' + on host, "mkdir -p #{host['distmoduledir']}" +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + # Install module and dependencies + puppet_module_install(:source => proj_root, :module_name => 'firewall') + hosts.each do |host| + shell('/bin/touch /etc/puppet/hiera.yaml') + shell('puppet module install puppetlabs-stdlib --version 3.2.0', { :acceptable_exit_codes => [0,1] }) + end + end +end diff --git a/spec/spec_helper_system.rb b/spec/spec_helper_system.rb deleted file mode 100644 index a571239..0000000 --- a/spec/spec_helper_system.rb +++ /dev/null @@ -1,48 +0,0 @@ -# This helper file is specific to the system tests for puppetlabs-firewall -# and should be included by all tests under spec/system -require 'rspec-system/spec_helper' -require 'rspec-system-puppet/helpers' - -# Just some helpers specific to this module -module LocalHelpers - # This helper flushes all tables on the default machine. - # - # It checks that the flush command returns with no errors. - # - # @return [void] - # @todo Need to optionally do the newer tables - # @example - # it 'should flush tables' do - # iptables_flush_all_tables - # end - def iptables_flush_all_tables - ['filter', 'nat', 'mangle', 'raw'].each do |t| - shell "/sbin/iptables -t #{t} -F" do |r| - r.stderr.should be_empty - r.exit_code.should be_zero - end - end - end -end - -include RSpecSystemPuppet::Helpers - -RSpec.configure do |c| - # Project root for the firewall code - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Enable colour in Jenkins - c.tty = true - - # Import in our local helpers - c.include ::LocalHelpers - - # This is where we 'setup' the nodes before running our tests - c.before :suite do - # Install puppet - puppet_install - - # Copy this module into the module path of the test node - puppet_module_install(:source => proj_root, :module_name => 'firewall') - end -end diff --git a/spec/system/basic_spec.rb b/spec/system/basic_spec.rb deleted file mode 100644 index 34f3ae5..0000000 --- a/spec/system/basic_spec.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'spec_helper_system' - -# Here we put the more basic fundamental tests, ultra obvious stuff. -describe "basic tests:" do - context 'make sure we have copied the module across' do - # No point diagnosing any more if the module wasn't copied properly - context shell 'ls /etc/puppet/modules/firewall' do - its(:stdout) { should =~ /Modulefile/ } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end - end -end diff --git a/spec/system/class_spec.rb b/spec/system/class_spec.rb deleted file mode 100644 index a289911..0000000 --- a/spec/system/class_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'spec_helper_system' - -describe "firewall class:" do - context 'should run successfully' do - pp = "class { 'firewall': }" - - context puppet_apply(pp) do - its(:stderr) { should be_empty } - its(:exit_code) { should_not == 1 } - its(:refresh) { should be_nil } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end - end - - context 'ensure => stopped:' do - pp = "class { 'firewall': ensure => stopped }" - - context puppet_apply(pp) do - its(:stderr) { should be_empty } - its(:exit_code) { should_not == 1 } - its(:refresh) { should be_nil } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end - end - - context 'ensure => running:' do - pp = "class { 'firewall': ensure => running }" - - context puppet_apply(pp) do |r| - its(:stderr) { should be_empty } - its(:exit_code) { should_not == 1 } - its(:refresh) { should be_nil } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end - end -end diff --git a/spec/system/purge_spec.rb b/spec/system/purge_spec.rb deleted file mode 100644 index be361e2..0000000 --- a/spec/system/purge_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'spec_helper_system' - -describe "purge tests:" do - context 'make sure duplicate existing rules get purged' do - before :all do - iptables_flush_all_tables - - shell('/sbin/iptables -A INPUT -s 1.2.1.2') - shell('/sbin/iptables -A INPUT -s 1.2.1.2') - end - - pp = <<-EOS -class { 'firewall': } -resources { 'firewall': - purge => true, -} - EOS - - context puppet_apply(pp) do - its(:stderr) { should be_empty } - its(:exit_code) { should == 2 } - end - - context shell('/sbin/iptables-save') do - its(:stdout) { should_not =~ /1\.2\.1\.2/ } - its(:stderr) { should be_empty } - end - end -end