From 94db8f21fee84776cbfcae43c9a9a4ff2e31b129 Mon Sep 17 00:00:00 2001 From: Dan Carley Date: Sun, 18 Mar 2012 13:16:38 +0000 Subject: [PATCH] (#13201) Tests and docstring for chain autorequire Test for autorequire behaviour on :chain, :jump, and :chain + :jump params. With both specified and default/undef :table and :provider params. Document autorequire behaviour in docstring. --- lib/puppet/type/firewall.rb | 4 ++ spec/unit/puppet/type/firewall_spec.rb | 81 ++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb index df26ad9..680f776 100644 --- a/lib/puppet/type/firewall.rb +++ b/lib/puppet/type/firewall.rb @@ -15,6 +15,10 @@ Puppet::Type.newtype(:firewall) do @doc = <<-EOS This type provides the capability to manage firewall rules within puppet. + + **Autorequires:** If Puppet is managing the iptables or ip6tables chains + specified in the `chain` or `jump` parameters, the firewall resource + will autorequire those firewallchain resources. EOS feature :rate_limiting, "Rate limiting features." diff --git a/spec/unit/puppet/type/firewall_spec.rb b/spec/unit/puppet/type/firewall_spec.rb index 4d1eca8..4fb814a 100755 --- a/spec/unit/puppet/type/firewall_spec.rb +++ b/spec/unit/puppet/type/firewall_spec.rb @@ -305,4 +305,85 @@ describe firewall do @resource[:set_mark].should == '0x3e8' end end + + [:chain, :jump].each do |param| + describe param do + it 'should autorequire fwchain when table and provider are undefined' do + @resource[param] = 'FOO' + @resource[:table].should == :filter + @resource[:provider].should == :iptables + + chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4') + catalog = Puppet::Resource::Catalog.new + catalog.add_resource @resource + catalog.add_resource chain + rel = @resource.autorequire[0] + rel.source.ref.should == chain.ref + rel.target.ref.should == @resource.ref + end + + it 'should autorequire fwchain when table is undefined and provider is ip6tables' do + @resource[param] = 'FOO' + @resource[:table].should == :filter + @resource[:provider] = :ip6tables + + chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv6') + catalog = Puppet::Resource::Catalog.new + catalog.add_resource @resource + catalog.add_resource chain + rel = @resource.autorequire[0] + rel.source.ref.should == chain.ref + rel.target.ref.should == @resource.ref + end + + it 'should autorequire fwchain when table is raw and provider is undefined' do + @resource[param] = 'FOO' + @resource[:table] = :raw + @resource[:provider].should == :iptables + + chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv4') + catalog = Puppet::Resource::Catalog.new + catalog.add_resource @resource + catalog.add_resource chain + rel = @resource.autorequire[0] + rel.source.ref.should == chain.ref + rel.target.ref.should == @resource.ref + end + + it 'should autorequire fwchain when table is raw and provider is ip6tables' do + @resource[param] = 'FOO' + @resource[:table] = :raw + @resource[:provider] = :ip6tables + + chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv6') + catalog = Puppet::Resource::Catalog.new + catalog.add_resource @resource + catalog.add_resource chain + rel = @resource.autorequire[0] + rel.source.ref.should == chain.ref + rel.target.ref.should == @resource.ref + end + end + end + + describe ":chain and :jump" do + it 'should autorequire independent fwchains' do + @resource[:chain] = 'FOO' + @resource[:jump] = 'BAR' + @resource[:table].should == :filter + @resource[:provider].should == :iptables + + chain_foo = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4') + chain_bar = Puppet::Type.type(:firewallchain).new(:name => 'BAR:filter:IPv4') + catalog = Puppet::Resource::Catalog.new + catalog.add_resource @resource + catalog.add_resource chain_foo + catalog.add_resource chain_bar + rel = @resource.autorequire + rel[0].source.ref.should == chain_foo.ref + rel[0].target.ref.should == @resource.ref + rel[1].source.ref.should == chain_bar.ref + rel[1].target.ref.should == @resource.ref + end + end end -- 2.45.2