From d1cbf110441ffe73bbffd70a69af774bb322f1d3 Mon Sep 17 00:00:00 2001 From: Robert Frank Date: Thu, 29 Aug 2019 11:52:57 +0100 Subject: [PATCH] Disable tests of CT target on RH 5/6 based systems. --- .../firewall_attributes_happy_path_spec.rb | 26 ++++++++++++++----- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/spec/acceptance/firewall_attributes_happy_path_spec.rb b/spec/acceptance/firewall_attributes_happy_path_spec.rb index 704cfd6..78cc2aa 100644 --- a/spec/acceptance/firewall_attributes_happy_path_spec.rb +++ b/spec/acceptance/firewall_attributes_happy_path_spec.rb @@ -349,13 +349,6 @@ describe 'firewall attribute testing, happy path' do chain => 'OUTPUT', table => 'mangle', } - firewall { '1100 - ct_target tests - zone': - proto => 'all', - zone => '4000', - jump => 'CT', - chain => 'PREROUTING', - table => 'raw', - } PUPPETCODE apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: do_catch_changes) @@ -509,6 +502,25 @@ describe 'firewall attribute testing, happy path' do it 'jump is set' do expect(result.stdout).to match(%r{-A INPUT -p tcp -m comment --comment "567 - jump" -j TEST}) end + end + + describe 'test attributes which are not available on rh5/6', unless: (os[:family] == 'redhat' && os[:release].start_with?('5', '6')) do + before(:all) do + pp = <<-PUPPETCODE + firewall { '1100 - ct_target tests - zone': + proto => 'all', + zone => '4000', + jump => 'CT', + chain => 'PREROUTING', + table => 'raw', + } + PUPPETCODE + apply_manifest(pp, catch_failures: true) + apply_manifest(pp, catch_changes: do_catch_changes) + end + + let(:result) { shell('iptables-save') } + it 'zone is set' do expect(result.stdout).to match(%r{-A PREROUTING -m comment --comment "1100 - ct_target tests - zone" -j CT --zone 4000}) end -- 2.45.2