/spec/defines/set_spec.rb - Annoter - puppet nftables - Koumbit's Redmine

Télécharger au format

root / spec / defines / set_spec.rb @ 7030bde0

Historique | Voir | Annoter | Télécharger (5,87 ko)

1	c82b960a	Steve Traylen	# frozen_string_literal: true
2
3	20b96360	Nacho Barrientos	require 'spec_helper'
4
5			describe 'nftables::set' do
6			let(:pre_condition) { 'include nftables' }
7
8			let(:title) { 'my_set' }
9
10			on_supported_os.each do \|os, os_facts\|
11			context "on #{os}" do
12			let(:facts) { os_facts }
13
14			describe 'minimum instantiation' do
15			let(:params) do
16			{
17			type: 'ipv4_addr',
18			}
19			end
20
21			it { is_expected.to compile }
22	c82b960a	Steve Traylen
23	20b96360	Nacho Barrientos	it {
24	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
25			target: 'nftables-inet-filter',
26	20b96360	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv4_addr\n \}$}m,
27	c82b960a	Steve Traylen	order: '10'
28	20b96360	Nacho Barrientos	)
29			}
30			end
31
32			describe 'max size exceeding the prepopulated elements' do
33			let(:params) do
34			{
35			type: 'ipv6_addr',
36			elements: ['2001:1458::/32', '2001:1458:1::/48'],
37			size: 1,
38			}
39			end
40
41			it { is_expected.not_to compile }
42			end
43
44			describe 'invalid type' do
45			let(:params) do
46			{
47			type: 'foo',
48			}
49			end
50
51			it { is_expected.not_to compile }
52			end
53
54			describe 'invalid flags' do
55			let(:params) do
56			{
57			type: 'ipv4_addr',
58			flags: ['foo'],
59			}
60			end
61
62			it { is_expected.not_to compile }
63			end
64
65			describe 'ipv6 prepopulated' do
66			let(:params) do
67			{
68			type: 'ipv6_addr',
69			elements: ['2001:1458::/32', '2001:1458:1::/48'],
70			}
71			end
72
73			it { is_expected.to compile }
74	c82b960a	Steve Traylen
75	20b96360	Nacho Barrientos	it {
76	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
77			target: 'nftables-inet-filter',
78	20b96360	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::/32, 2001:1458:1::/48 \}\n \}$}m,
79	c82b960a	Steve Traylen	order: '10'
80	20b96360	Nacho Barrientos	)
81			}
82			end
83
84			describe 'using flags and auto-merge' do
85			let(:params) do
86			{
87			type: 'ipv4_addr',
88	7e5b657a	Steve Traylen	flags: %w[interval timeout],
89	20b96360	Nacho Barrientos	elements: ['192.168.0.1/24'],
90			auto_merge: true,
91			}
92			end
93
94			it { is_expected.to compile }
95	c82b960a	Steve Traylen
96	20b96360	Nacho Barrientos	it {
97	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
98			target: 'nftables-inet-filter',
99	20b96360	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv4_addr\n flags interval, timeout\n elements = \{ 192.168.0.1/24 \}\n auto-merge\n \}$}m,
100	c82b960a	Steve Traylen	order: '10'
101	20b96360	Nacho Barrientos	)
102			}
103			end
104
105			describe 'using ether_addr as type and custom policy' do
106			let(:params) do
107			{
108			type: 'ether_addr',
109			elements: ['aa:bb:cc:dd:ee:ff'],
110			policy: 'memory',
111			}
112			end
113
114			it { is_expected.to compile }
115	c82b960a	Steve Traylen
116	20b96360	Nacho Barrientos	it {
117	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
118			target: 'nftables-inet-filter',
119	20b96360	Nacho Barrientos	content: %r{^ set my_set \{\n type ether_addr\n elements = \{ aa:bb:cc:dd:ee:ff \}\n policy memory\n \}$}m,
120	c82b960a	Steve Traylen	order: '10'
121	20b96360	Nacho Barrientos	)
122			}
123			end
124	9f0498e3	Nacho Barrientos
125			describe 'using raw content' do
126			let(:params) do
127			{
128			content: 'set my_set { }',
129			}
130			end
131
132			it { is_expected.to compile }
133	c82b960a	Steve Traylen
134	9f0498e3	Nacho Barrientos	it {
135	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
136			target: 'nftables-inet-filter',
137	9f0498e3	Nacho Barrientos	content: ' set my_set { }',
138	c82b960a	Steve Traylen	order: '10'
139	9f0498e3	Nacho Barrientos	)
140			}
141			end
142
143			describe 'fails without a type and not source/content' do
144			it { is_expected.not_to compile }
145			end
146	7bb485c5	Nacho Barrientos
147			describe 'set names with dashes are allowed' do
148			let(:title) { 'my-set' }
149			let(:params) do
150			{
151			type: 'ether_addr',
152			}
153			end
154
155			it { is_expected.to compile }
156	c82b960a	Steve Traylen
157	7bb485c5	Nacho Barrientos	it {
158	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my-set').with(
159			target: 'nftables-inet-filter',
160	7bb485c5	Nacho Barrientos	content: %r{^ set my-set \{\n type ether_addr\n \}$}m,
161	c82b960a	Steve Traylen	order: '10'
162	7bb485c5	Nacho Barrientos	)
163			}
164			end
165	c94658e1	Nacho Barrientos
166			describe 'default table can be changed' do
167			let(:params) do
168			{
169			type: 'ipv6_addr',
170			elements: ['2001:1458::1', '2001:1458:1::2'],
171			table: 'ip-nat'
172			}
173			end
174
175			it { is_expected.to compile }
176	c82b960a	Steve Traylen
177	c94658e1	Nacho Barrientos	it {
178	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-set-my_set').with(
179			target: 'nftables-ip-nat',
180	c94658e1	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m,
181	c82b960a	Steve Traylen	order: '10'
182	c94658e1	Nacho Barrientos	)
183			}
184			end
185
186			describe 'multiple tables no tables' do
187			let(:params) do
188			{
189			type: 'ipv6_addr',
190			elements: ['2001:1458::1', '2001:1458:1::2'],
191			table: []
192			}
193			end
194
195			it { is_expected.not_to compile }
196			end
197
198			describe 'multiple tables' do
199			let(:params) do
200			{
201			type: 'ipv6_addr',
202			elements: ['2001:1458::1', '2001:1458:1::2'],
203	c82b960a	Steve Traylen	table: %w[inet-filter ip-nat]
204	c94658e1	Nacho Barrientos	}
205			end
206
207			it { is_expected.to compile }
208	c82b960a	Steve Traylen
209	c94658e1	Nacho Barrientos	it {
210	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-set-my_set').with(
211			target: 'nftables-inet-filter',
212	c94658e1	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m,
213	c82b960a	Steve Traylen	order: '10'
214	c94658e1	Nacho Barrientos	)
215	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-set-my_set').with(
216			target: 'nftables-ip-nat',
217	c94658e1	Nacho Barrientos	content: %r{^ set my_set \{\n type ipv6_addr\n elements = \{ 2001:1458::1, 2001:1458:1::2 \}\n \}$}m,
218	c82b960a	Steve Traylen	order: '10'
219	c94658e1	Nacho Barrientos	)
220			}
221			end
222	20b96360	Nacho Barrientos	end
223			end
224			end

Projet

Général

Profil

puppet nftables

root / spec / defines / set_spec.rb @ 7030bde0