/ - Diff - puppet nftables - Koumbit's Redmine

Révision 3a52fb41

Ajouté par Nacho Barrientos il y a plus de 4 ans

Richer dport

         $action = 'accept',
       Optional[String]
         $comment = undef,
       Optional[Integer[1, 65535]]
       Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, Pattern[/\d+-\d+/]]]
         $dport  = undef,
       Optional[Enum['tcp', 'udp']]
         $proto  = undef,
     ){
       if $dport and !$proto {
         fail('Specifying a transport protocol via $proto is mandatory when passing a port')
+      }
       if $ensure == 'present' {
         nftables::rule{"${chain}-${rulename}":
           content => epp('nftables/simplerule.epp',

             it {
               is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(
                 content: 'accept',
                 order: 50,
                 order: '50',
+              )
+            }
           end
-...
             it {
               is_expected.to contain_nftables__rule('default_out-my_big_rule').with(
                 content: 'udp dport 333 comment "this is my rule" accept',
                 order: 50,
                 order: '50',
+              )
+            }
           end
           describe 'port range' do
             let(:params) do
+              {
                 dport: '333-334',
                 proto: 'tcp',
+              }
             end
             it { is_expected.to compile }
             it {
               is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(
                 content: 'tcp dport 333-334 accept',
+              )
+            }
           end
           describe 'port array' do
             let(:params) do
+              {
                 dport: [333, 335],
                 proto: 'tcp',
+              }
             end
             it { is_expected.to compile }
             it {
               is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(
                 content: 'tcp dport {333, 335} accept',
+              )
+            }
           end

     <%- | String                  $action,
           Optional[String]        $comment,
           Optional[Integer]       $dport,
           Optional[Variant[Array[Stdlib::Port, 1], Stdlib::Port, String]] $dport,
           Optional[String]        $proto,
     | -%>
     <%- if $proto and $dport  {
       $_destination = "${proto} dport ${dport}"
     <%- if $proto and $dport {
       if $dport =~ Array {
         $_destination = "${proto} dport {${dport.join(', ')}}"
       } else {
         $_destination = "${proto} dport $dport"
+      }
     } else {
       $_destination = undef
     } -%>
-...
     } else {
       $_comment = undef
     } -%>
     <%= strip([$_destination, $_comment, $action].join(' ')) -%>
     <%= regsubst(strip([$_destination, $_comment, $action].join(' ')), '\s+', ' ', 'G') -%>

Formats disponibles : Unified diff