From 7f1e8603f06636fc3d8b1ac0fbe8d12276cc1fd8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Mon, 24 Feb 2020 13:22:51 +0000 Subject: [PATCH 1/6] Enable finish client for autoinstallation --- .../y2firewall/clients/installation_finish.rb | 8 +++++-- .../clients/installation_finish_test.rb | 22 +++++++++++-------- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/src/lib/y2firewall/clients/installation_finish.rb b/src/lib/y2firewall/clients/installation_finish.rb index b09f8771..7faa33ec 100644 --- a/src/lib/y2firewall/clients/installation_finish.rb +++ b/src/lib/y2firewall/clients/installation_finish.rb @@ -24,6 +24,8 @@ require "y2firewall/proposal_settings" require "installation/finish_client" +Yast.import "Mode" + module Y2Firewall module Clients # This is a step of base installation finish and it is responsible of write @@ -49,7 +51,7 @@ def title end def modes - [:installation] + [:installation, :autoinst] end def write @@ -63,7 +65,9 @@ def write # Modifies the configuration of the firewall according to the current # settings def configure_firewall - @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! + if Yast::Mode.installation + @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! + end if @settings.open_ssh @firewalld.api.add_service(@settings.default_zone, "ssh") diff --git a/test/lib/y2firewall/clients/installation_finish_test.rb b/test/lib/y2firewall/clients/installation_finish_test.rb index 85d60aee..e1a5f8ea 100644 --- a/test/lib/y2firewall/clients/installation_finish_test.rb +++ b/test/lib/y2firewall/clients/installation_finish_test.rb @@ -21,7 +21,7 @@ describe "#modes" do it "runs on installation and autoinstallation" do - expect(subject.modes).to eq([:installation]) + expect(subject.modes).to eq([:installation, :autoinst]) end end @@ -69,26 +69,30 @@ let(:api) do instance_double(Y2Firewall::Firewalld::Api, remove_service: true, add_service: true) end + let(:installation) { true } before do allow(proposal_settings).to receive("enable_firewall").and_return(enable_firewall) allow(firewalld).to receive("api").and_return(api) allow(firewalld).to receive("enable!") allow(firewalld).to receive("disable!") + allow(Yast::Mode).to receive(:installation).and_return(installation) allow(proposal_settings).to receive("open_ssh").and_return(false) end - it "enables the firewalld service if enabled in the proposal" do - allow(proposal_settings).to receive("enable_firewall").and_return(true) - expect(firewalld).to receive("enable!") + context "during an installation" do + it "enables the firewalld service if enabled in the proposal" do + allow(proposal_settings).to receive("enable_firewall").and_return(true) + expect(firewalld).to receive("enable!") - subject.send(:configure_firewall) - end + subject.send(:configure_firewall) + end - it "disables the firewalld service if disabled in the proposal" do - expect(firewalld).to receive("disable!") + it "disables the firewalld service if disabled in the proposal" do + expect(firewalld).to receive("disable!") - subject.send(:configure_firewall) + subject.send(:configure_firewall) + end end it "adds the ssh service to the default zone if opened in the proposal" do From aefc5e7b2e3cf6d175c975b74ff9634cc6157d87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Wed, 26 Feb 2020 20:34:51 +0000 Subject: [PATCH 2/6] Bump version & changelog --- package/yast2-firewall.changes | 8 ++++++++ package/yast2-firewall.spec | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/package/yast2-firewall.changes b/package/yast2-firewall.changes index b27ee2b9..c0661c3d 100644 --- a/package/yast2-firewall.changes +++ b/package/yast2-firewall.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Feb 26 20:23:04 UTC 2020 - Knut Anderssen + +- Autoyast: Added back the installation finish client for opening + the vnc or ssh port during the first stage when used for remote + installations (bsc#1161319) +- 4.2.3 + ------------------------------------------------------------------- Tue Aug 27 18:00:06 CEST 2019 - schubi@suse.de diff --git a/package/yast2-firewall.spec b/package/yast2-firewall.spec index 3cfd5d31..ead53216 100644 --- a/package/yast2-firewall.spec +++ b/package/yast2-firewall.spec @@ -17,7 +17,7 @@ Name: yast2-firewall -Version: 4.2.2 +Version: 4.2.3 Release: 0 Summary: YaST2 - Firewall Configuration Group: System/YaST From d3591943a701520b8a009601370a28141944fc4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Wed, 26 Feb 2020 21:31:51 +0000 Subject: [PATCH 3/6] Reduced configure_firewall method complexity --- .../y2firewall/clients/installation_finish.rb | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/src/lib/y2firewall/clients/installation_finish.rb b/src/lib/y2firewall/clients/installation_finish.rb index 7faa33ec..62c514a0 100644 --- a/src/lib/y2firewall/clients/installation_finish.rb +++ b/src/lib/y2firewall/clients/installation_finish.rb @@ -65,16 +65,32 @@ def write # Modifies the configuration of the firewall according to the current # settings def configure_firewall - if Yast::Mode.installation - @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! - end + configure_service + configure_ssh + configure_vnc + end + + # Convenience method to enable / disable the firewalld service depending + # on the proposal settings + def configure_service + return unless Yast::Mode.installation + @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! + end + + # Convenience method to open the ssh ports in firewalld depending on the + # proposal settings + def configure_ssh if @settings.open_ssh @firewalld.api.add_service(@settings.default_zone, "ssh") else @firewalld.api.remove_service(@settings.default_zone, "ssh") end + end + # Convenience method to open the vnc ports in firewalld depending on the + # proposal settings + def configure_vnc if @settings.open_vnc if @firewalld.api.service_supported?("tigervnc") @firewalld.api.add_service(@settings.default_zone, "tigervnc") From f26a538d716d255ad613a1673aa6761914a59bc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Thu, 27 Feb 2020 12:11:08 +0000 Subject: [PATCH 4/6] Changes based on code review. --- package/yast2-firewall.changes | 4 ++-- src/lib/y2firewall/clients/installation_finish.rb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/yast2-firewall.changes b/package/yast2-firewall.changes index c0661c3d..ef9643a4 100644 --- a/package/yast2-firewall.changes +++ b/package/yast2-firewall.changes @@ -1,8 +1,8 @@ ------------------------------------------------------------------- Wed Feb 26 20:23:04 UTC 2020 - Knut Anderssen -- Autoyast: Added back the installation finish client for opening - the vnc or ssh port during the first stage when used for remote +- AutoYaST: Added back the installation finish client for opening + the VNC or SSH port during the first stage when used for remote installations (bsc#1161319) - 4.2.3 diff --git a/src/lib/y2firewall/clients/installation_finish.rb b/src/lib/y2firewall/clients/installation_finish.rb index 62c514a0..6278b3c4 100644 --- a/src/lib/y2firewall/clients/installation_finish.rb +++ b/src/lib/y2firewall/clients/installation_finish.rb @@ -65,14 +65,14 @@ def write # Modifies the configuration of the firewall according to the current # settings def configure_firewall - configure_service + configure_firewall_service configure_ssh configure_vnc end # Convenience method to enable / disable the firewalld service depending # on the proposal settings - def configure_service + def configure_firewall_service return unless Yast::Mode.installation @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! From 39fdeb1cfc16106bd88b721f8af13d66fb0abe49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Thu, 27 Feb 2020 12:11:27 +0000 Subject: [PATCH 5/6] Add a missing unit test --- test/lib/y2firewall/clients/auto_test.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/lib/y2firewall/clients/auto_test.rb b/test/lib/y2firewall/clients/auto_test.rb index fdb85877..ad79084e 100755 --- a/test/lib/y2firewall/clients/auto_test.rb +++ b/test/lib/y2firewall/clients/auto_test.rb @@ -399,4 +399,10 @@ end end end + + describe "#packages" do + it "returns a hash with firewalld as a package to be installed" do + expect(subject.packages).to eq("install" => ["firewalld"], "remove" => []) + end + end end From ee18091994510e28bbf40691e166eb3a830785fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Alejandro=20Anderssen=20Gonz=C3=A1lez?= Date: Thu, 27 Feb 2020 12:42:43 +0000 Subject: [PATCH 6/6] Use symbols instead of strings in all the receive method mocks --- .../clients/installation_finish_test.rb | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/test/lib/y2firewall/clients/installation_finish_test.rb b/test/lib/y2firewall/clients/installation_finish_test.rb index e1a5f8ea..a3de7e62 100644 --- a/test/lib/y2firewall/clients/installation_finish_test.rb +++ b/test/lib/y2firewall/clients/installation_finish_test.rb @@ -30,13 +30,13 @@ let(:installed) { true } before do - allow(proposal_settings).to receive("enable_sshd").and_return(enable_sshd) - allow(firewalld).to receive("installed?").and_return(installed) - allow(proposal_settings).to receive("open_ssh").and_return(false) + allow(proposal_settings).to receive(:enable_sshd).and_return(enable_sshd) + allow(firewalld).to receive(:installed?).and_return(installed) + allow(proposal_settings).to receive(:open_ssh).and_return(false) end it "enables the sshd service if enabled in the proposal" do - allow(proposal_settings).to receive("enable_sshd").and_return(true) + allow(proposal_settings).to receive(:enable_sshd).and_return(true) expect(Yast::Service).to receive(:Enable).with("sshd") subject.write @@ -72,31 +72,31 @@ let(:installation) { true } before do - allow(proposal_settings).to receive("enable_firewall").and_return(enable_firewall) - allow(firewalld).to receive("api").and_return(api) - allow(firewalld).to receive("enable!") - allow(firewalld).to receive("disable!") + allow(proposal_settings).to receive(:enable_firewall).and_return(enable_firewall) + allow(firewalld).to receive(:api).and_return(api) + allow(firewalld).to receive(:enable!) + allow(firewalld).to receive(:disable!) allow(Yast::Mode).to receive(:installation).and_return(installation) - allow(proposal_settings).to receive("open_ssh").and_return(false) + allow(proposal_settings).to receive(:open_ssh).and_return(false) end context "during an installation" do it "enables the firewalld service if enabled in the proposal" do - allow(proposal_settings).to receive("enable_firewall").and_return(true) - expect(firewalld).to receive("enable!") + allow(proposal_settings).to receive(:enable_firewall).and_return(true) + expect(firewalld).to receive(:enable!) subject.send(:configure_firewall) end it "disables the firewalld service if disabled in the proposal" do - expect(firewalld).to receive("disable!") + expect(firewalld).to receive(:disable!) subject.send(:configure_firewall) end end it "adds the ssh service to the default zone if opened in the proposal" do - expect(proposal_settings).to receive("open_ssh").and_return(true) + expect(proposal_settings).to receive(:open_ssh).and_return(true) expect(api).to receive(:add_service).with(proposal_settings.default_zone, "ssh") subject.send(:configure_firewall) @@ -112,7 +112,7 @@ let(:service_available) { true } before do - allow(proposal_settings).to receive("open_vnc").and_return(true) + allow(proposal_settings).to receive(:open_vnc).and_return(true) allow(api).to receive(:service_supported?).with("tigervnc").and_return(service_available) end