/spec/defines/chain_spec.rb - Annoter - puppet nftables - Koumbit's Redmine

Télécharger au format

root / spec / defines / chain_spec.rb @ a1f09048

Historique | Voir | Annoter | Télécharger (3,99 ko)

1	c82b960a	Steve Traylen	# frozen_string_literal: true
2
3	30462da1	Steve Traylen	require 'spec_helper'
4
5			describe 'nftables::chain' do
6			let(:title) { 'MYCHAIN' }
7			let(:pre_condition) { 'include nftables' }
8
9			on_supported_os.each do \|os, facts\|
10			context "on #{os}" do
11			let(:facts) do
12			facts
13			end
14
15			it { is_expected.to compile }
16
17			it { is_expected.to contain_concat('nftables-inet-filter-chain-MYCHAIN').that_notifies('Exec[nft validate]') }
18			it { is_expected.to contain_exec('nft validate').that_comes_before('File[/etc/nftables/puppet/inet-filter-chain-MYCHAIN.nft]') }
19			it { is_expected.to contain_file('/etc/nftables/puppet/inet-filter-chain-MYCHAIN.nft').that_comes_before('Service[nftables]') }
20
21			it {
22	c82b960a	Steve Traylen	expect(subject).to contain_concat('nftables-inet-filter-chain-MYCHAIN').with(
23	30462da1	Steve Traylen	path: '/etc/nftables/puppet-preflight/inet-filter-chain-MYCHAIN.nft',
24			owner: 'root',
25			group: 'root',
26			mode: '0640',
27	fa92e118	Romain Tartière	ensure_newline: true
28	30462da1	Steve Traylen	)
29			}
30	c82b960a	Steve Traylen
31	30462da1	Steve Traylen	it {
32	c82b960a	Steve Traylen	expect(subject).to contain_file('/etc/nftables/puppet/inet-filter-chain-MYCHAIN.nft').with(
33	30462da1	Steve Traylen	ensure: 'file',
34			source: '/etc/nftables/puppet-preflight/inet-filter-chain-MYCHAIN.nft',
35			mode: '0640',
36			owner: 'root',
37	fa92e118	Romain Tartière	group: 'root'
38	30462da1	Steve Traylen	)
39			}
40	c82b960a	Steve Traylen
41	30462da1	Steve Traylen	it {
42	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-chain-MYCHAIN-header').with(
43	30462da1	Steve Traylen	order: '00',
44			content: "# Start of fragment order:00 MYCHAIN header\nchain MYCHAIN {",
45	fa92e118	Romain Tartière	target: 'nftables-inet-filter-chain-MYCHAIN'
46	30462da1	Steve Traylen	)
47			}
48	c82b960a	Steve Traylen
49	30462da1	Steve Traylen	it {
50	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-inet-filter-chain-MYCHAIN-footer').with(
51	30462da1	Steve Traylen	order: '99',
52			content: "# Start of fragment order:99 MYCHAIN footer\n}",
53	fa92e118	Romain Tartière	target: 'nftables-inet-filter-chain-MYCHAIN'
54	30462da1	Steve Traylen	)
55			}
56
57			context('with table set to ip6-foo') do
58			let(:params) do
59			{
60			table: 'ip6-foo',
61			}
62			end
63
64			it {
65	c82b960a	Steve Traylen	expect(subject).to contain_concat('nftables-ip6-foo-chain-MYCHAIN').with(
66	30462da1	Steve Traylen	path: '/etc/nftables/puppet-preflight/ip6-foo-chain-MYCHAIN.nft',
67			owner: 'root',
68			group: 'root',
69			mode: '0640',
70	fa92e118	Romain Tartière	ensure_newline: true
71	30462da1	Steve Traylen	)
72			}
73	c82b960a	Steve Traylen
74	30462da1	Steve Traylen	it {
75	c82b960a	Steve Traylen	expect(subject).to contain_file('/etc/nftables/puppet/ip6-foo-chain-MYCHAIN.nft').with(
76	30462da1	Steve Traylen	ensure: 'file',
77			source: '/etc/nftables/puppet-preflight/ip6-foo-chain-MYCHAIN.nft',
78			mode: '0640',
79			owner: 'root',
80	fa92e118	Romain Tartière	group: 'root'
81	30462da1	Steve Traylen	)
82			}
83	c82b960a	Steve Traylen
84	30462da1	Steve Traylen	it {
85	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip6-foo-chain-MYCHAIN-header').with(
86	30462da1	Steve Traylen	order: '00',
87			content: "# Start of fragment order:00 MYCHAIN header\nchain MYCHAIN {",
88	fa92e118	Romain Tartière	target: 'nftables-ip6-foo-chain-MYCHAIN'
89	30462da1	Steve Traylen	)
90			}
91	c82b960a	Steve Traylen
92	30462da1	Steve Traylen	it {
93	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip6-foo-chain-MYCHAIN-footer').with(
94	30462da1	Steve Traylen	order: '99',
95			content: "# Start of fragment order:99 MYCHAIN footer\n}",
96	fa92e118	Romain Tartière	target: 'nftables-ip6-foo-chain-MYCHAIN'
97	30462da1	Steve Traylen	)
98			}
99			end
100	c82b960a	Steve Traylen
101	30462da1	Steve Traylen	context 'with inject set to 22-foobar' do
102			let(:params) do
103			{
104			inject: '22-foobar',
105			}
106			end
107
108			it { is_expected.to contain_nftables__rule('foobar-jump_MYCHAIN') }
109	c82b960a	Steve Traylen
110	30462da1	Steve Traylen	it {
111	c82b960a	Steve Traylen	expect(subject).to contain_nftables__rule('foobar-jump_MYCHAIN').with(
112	30462da1	Steve Traylen	order: '22',
113	fa92e118	Romain Tartière	content: 'jump MYCHAIN'
114	30462da1	Steve Traylen	)
115			}
116	c82b960a	Steve Traylen
117	30462da1	Steve Traylen	context 'with inject_oif set to alpha and inject_oif set to beta' do
118			let(:params) do
119			super().merge(inject_iif: 'alpha', inject_oif: 'beta')
120			end
121
122			it {
123	c82b960a	Steve Traylen	expect(subject).to contain_nftables__rule('foobar-jump_MYCHAIN').with(
124	30462da1	Steve Traylen	order: '22',
125	fa92e118	Romain Tartière	content: 'iifname alpha oifname beta jump MYCHAIN'
126	30462da1	Steve Traylen	)
127			}
128			end
129			end
130			end
131			end
132			end

Projet

Général

Profil

puppet nftables

root / spec / defines / chain_spec.rb @ a1f09048