(#13201) Firewall autorequire Firewallchains #67
Conversation
Autorequire Firewallchain resources for Firewall resources that have jump or chain parameters. Remove require params from README examples now that they're not essential. Only deals with iptables and ip6tables providers, which have support for chains. Doesn't attempt to weed out chains that might be builtin. Just let Puppet determine which of the resources are really managed.
|
Looking good, So there are examples for how to document autorequires in puppet core. Try this one on for size: https://github.com/puppetlabs/puppet/blob/master/lib/puppet/type/user.rb#L17-20 And there are a few examples around for testing autorequires, on the same type try this one: https://github.com/puppetlabs/puppet/blob/master/spec/unit/type/user_spec.rb#L327-342 I'd imagine we want to focus on testing not just explicit table/chains - but also any implicit/default settings to make sure the Right Thing (tm) happens :-). |
Test for autorequire behaviour on :chain, :jump, and :chain + :jump params. With both specified and default/undef :table and :provider params. Document autorequire behaviour in docstring.
|
Those tests should cover everything except for the absence of autoreqs on providers other than ip[6]tables, of which we don't have at the moment. Should we test for that? |
|
@dcarley umm ... not sure we could even test for that reasonably today. Is this ready to test now? |
|
Yeah, ready to rock. |
(#13201) Firewall autorequire Firewallchains
Autorequire Firewallchain resources for Firewall resources that have jump or
chain parameters. Remove require params from README examples now that
they're not essential.
Only deals with iptables and ip6tables providers, which have support for
chains. Doesn't attempt to weed out chains that might be builtin. Just let
Puppet determine which of the resources are really managed.
Doesn't include tests. Should
firewall_spec.rbmock up the appropriate Firewallchain resources?