carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-11 23:25:28 +01:00
Code Issues Projects Releases Packages Wiki Activity

Integration test: ensure forwarding start disabled

Browse source 
Integration test: verify error message if firewalld<0.9.0
Added changelog fragment
This commit is contained in:
Evert Hessel 2022-01-30 12:22:57 +01:00
parent e8198bce1c
commit 6635b83911
2 changed files with 79 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
changelogs/fragments/320_firewalld_intra_zone_forwarding.yml Normal file
View file

@ -0,0 +1,4 @@
---
minor_changes:
- firewalld - Added parameter ``forward`` to support enabling/disabling intra-zone
forwarding.

51
tests/integration/targets/firewalld/tasks/forward_test_cases.yml
View file

@ -2,50 +2,85 @@
# (c) 2017, Adam Miller <admiller@redhat.com> # (c) 2017, Adam Miller <admiller@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: firewalld forward test permanent enabled - name: query firewalld version
package_facts:
- name: run tests if intra zone forwarding is supported
block:
# Starting with firewalld 1.0.0 intra-zone forwarding is enabled by default.
# Ensure it is disabled before starting our tests.
- name: ensure forwarding starts disabled
firewalld:
forward: yes
permanent: true
state: disabled
- name: firewalld forward test permanent enabled
firewalld: firewalld:
forward: yes forward: yes
permanent: true permanent: true
state: enabled state: enabled
register: result register: result
- name: assert firewalld forward test permanent enabled worked - name: assert firewalld forward test permanent enabled worked
assert: assert:
that: that:
- result is changed - result is changed
- name: firewalld forward test permanent enabled rerun (verify not changed) - name: firewalld forward test permanent enabled rerun (verify not changed)
firewalld: firewalld:
forward: yes forward: yes
permanent: true permanent: true
state: enabled state: enabled
register: result register: result
- name: assert firewalld forward test permanent enabled rerun worked (verify not changed) - name: assert firewalld forward test permanent enabled rerun worked (verify not changed)
assert: assert:
that: that:
- result is not changed - result is not changed
- name: firewalld forward test permanent disabled - name: firewalld forward test permanent disabled
firewalld: firewalld:
forward: no forward: no
permanent: true permanent: true
state: disabled state: disabled
register: result register: result
- name: assert firewalld forward test permanent disabled worked - name: assert firewalld forward test permanent disabled worked
assert: assert:
that: that:
- result is changed - result is changed
- name: firewalld forward test permanent disabled rerun (verify not changed) - name: firewalld forward test permanent disabled rerun (verify not changed)
firewalld: firewalld:
forward: no forward: no
permanent: true permanent: true
state: disabled state: disabled
register: result register: result
- name: assert firewalld forward test permanent disabled rerun worked (verify not changed) - name: assert firewalld forward test permanent disabled rerun worked (verify not changed)
assert: assert:
that: that:
- result is not changed - result is not changed
when: ansible_facts.packages.firewalld[0].version is version('0.9.0', '>=')
- name: run tests if intra zone forwarding is not supported
block:
- name: try to enable intra zone forwarding
firewalld:
forward: yes
permanent: yes
state: enabled
ignore_errors: yes
register: result
- name: assert unsupported firewalld version
assert:
that:
- result is failed
- "'Intra zone forwarding requires firewalld>=0.9.0. Current version is' in result.msg"
when: ansible_facts.packages.firewalld[0].version is version('0.9.0', '<')