Projet

Général

Profil

Révision be6aa569

IDbe6aa569b5021eda10aa96b849446a460b322408
Parent a04bdb5e
Enfant 3ccc62ae

Ajouté par tr il y a plus de 4 ans

Add spec tests for filter chains

Voir les différences:

spec/classes/filter_spec.rb
1 
require 'spec_helper'
2 

  		




  
  3
  
    
describe 'nftables' do


  		




  
  4
  
    
  let(:pre_condition) {


  		




  
  5
  
    
    <<-EOS


  		




  
  6
  
    
    Exec{path => "/bin"}


  		




  
  7
  
    
    EOS


  		




  
  8
  
    
  }


  		




  
  9
  
    

  		




  
  10
  
    
  on_supported_os.each do |os, os_facts|


  		




  
  11
  
    
    context "on #{os}" do


  		




  
  12
  
    
      let(:facts) { os_facts }


  		




  
  13
  
    

  		




  
  14
  
    
      it { is_expected.to compile }


  		




  
  15
  
    

  		




  
  16
  
    
      it { is_expected.to contain_file('/etc/nftables/puppet/filter.nft').with(


  		




  
  17
  
    
        :ensure => 'file',


  		




  
  18
  
    
        :owner  => 'root',


  		




  
  19
  
    
        :group  => 'root',


  		




  
  20
  
    
        :mode   => '0640',


  		




  
  21
  
    
      )}


  		




  
  22
  
    

  		




  
  23
  
    
      context "chain input" do


  		




  
  24
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-input-chains-50-default_in.nft').with(


  		




  
  25
  
    
          :ensure => 'file',


  		




  
  26
  
    
          :owner  => 'root',


  		




  
  27
  
    
          :group  => 'root',


  		




  
  28
  
    
          :mode   => '0640',


  		




  
  29
  
    
        )}


  		




  
  30
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-input-chains-50-default_in.nft').with_content(


  		




  
  31
  
    
          /^jump default_in$/


  		




  
  32
  
    
        )}


  		




  
  33
  
    
      end


  		




  
  34
  
    

  		




  
  35
  
    
      context "chain forward" do


  		




  
  36
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-forward-chains-50-default_fwd.nft').with(


  		




  
  37
  
    
          :ensure => 'file',


  		




  
  38
  
    
          :owner  => 'root',


  		




  
  39
  
    
          :group  => 'root',


  		




  
  40
  
    
          :mode   => '0640',


  		




  
  41
  
    
        )}


  		




  
  42
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-forward-chains-50-default_fwd.nft').with_content(


  		




  
  43
  
    
          /^jump default_fwd$/


  		




  
  44
  
    
        )}


  		




  
  45
  
    
      end


  		




  
  46
  
    

  		




  
  47
  
    
      context "chain output" do


  		




  
  48
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-output-chains-50-default_out.nft').with(


  		




  
  49
  
    
          :ensure => 'file',


  		




  
  50
  
    
          :owner  => 'root',


  		




  
  51
  
    
          :group  => 'root',


  		




  
  52
  
    
          :mode   => '0640',


  		




  
  53
  
    
        )}


  		




  
  54
  
    
        it { is_expected.to contain_file('/etc/nftables/puppet/filter-output-chains-50-default_out.nft').with_content(


  		




  
  55
  
    
          /^jump default_out$/


  		




  
  56
  
    
        )}


  		




  
  57
  
    
      end


  		




  
  58
  
    
    end


  		




  
  59
  
    
  end


  		




  
  60
  
    
end


  		












Formats disponibles :  Unified diff