Add unit tests for tripleo::firewall::service_rules

In order to get a proper unit test suits, we need to change the
separator from the "dot" to "double-semicolons".

The "." is a reserved character in YAML for hashes. In puppet world,
we commonly use "::".

Unit tests don't work if we let the "dot" separator, and apparently it's
an intended outcome with that kind of syntax.

Fact it's working in the deploy process is kind of black magic (see the
tripleo::haproxy::service_endpoints resource for example). And the "dot"
creates something weird, as all other resources are using the standard
double-semicolon.

Change-Id: If53d632ab458b0c04a8b7211194c18ebc8978d23
Closes-Bug: 1737086
This commit is contained in:
Cédric Jeanneret 2017-12-08 04:34:25 +01:00
parent 24f73597b6
commit 41f9b0d3cf
4 changed files with 67 additions and 5 deletions

View File

@ -29,10 +29,14 @@ define tripleo::firewall::service_rules ($service_name = $title) {
# This allows each composable service to load its own custom rules by # This allows each composable service to load its own custom rules by
# creating its own flat hiera key named: # creating its own flat hiera key named:
# tripleo.<service name with underscores>.firewall_rules # tripleo.<service name with underscores>.firewall_rules
$service_firewall_rules = hiera("tripleo.${underscore_name}.firewall_rules", {}) $dots_rules = hiera("tripleo.${underscore_name}.firewall_rules", {})
if !empty($service_firewall_rules) { # Supports standard "::" notation:
create_resources('tripleo::firewall::rule', $service_firewall_rules) # tripleo::<service name with underscores>::firewall_rules
} $colons_rules = hiera("tripleo::${underscore_name}::firewall_rules", {})
# merge rules
$firewall_rules = merge($colons_rules, $dots_rules)
create_resources('tripleo::firewall::rule', $firewall_rules)
} }

View File

@ -0,0 +1,10 @@
---
features:
- |
Adds support for standard puppet separator. The "." separator does
not work in puppet-rpsec, so we can't get proper unit tests on the
firewall service_rules definition.
fixes:
- Partly fixes `bug 1737086
<https://bugs.launchpad.net/tripleo/+bug/1737086>`__ in oder to get unit
tests on firewall service_rules definition

View File

@ -0,0 +1,45 @@
require 'spec_helper'
describe 'tripleo::firewall::service_rules' do
let :pre_condition do
'include ::tripleo::firewall'
end
shared_examples_for 'tripleo firewall service rules' do
context 'with existing service_rules' do
let(:title) { 'dynamic-rules' }
it 'should compile' do
is_expected.to compile.with_all_deps
end
it 'should configure firewall' do
is_expected.to contain_tripleo__firewall__rule('11-neutron')
end
end
context 'with NON-existing service_rules' do
let(:title) { 'no-rules' }
it 'should compile' do
is_expected.to compile.with_all_deps
end
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian',
:hostname => 'myhost' }
end
it_configures 'tripleo firewall service rules'
end
context 'on RedHat platforms' do
let :facts do
{ :osfamily => 'RedHat',
:hostname => 'myhost' }
end
it_configures 'tripleo firewall service rules'
end
end

View File

@ -62,4 +62,7 @@ pacemaker::resource_defaults::defaults:
# pcmk instance ha # pcmk instance ha
keystone::endpoint::public_url: 'localhost:5000' keystone::endpoint::public_url: 'localhost:5000'
keystone::admin_password: 'password' keystone::admin_password: 'password'
# tripleo firewall service_rules
tripleo::dynamic_rules::firewall_rules:
'11-neutron':
port: 1138