Merge pull request #416 from mhaskel/selinux_fixes

Don't do the idempotency checks with selinux
xbezdick · Oct 16, 2014 · de7d781 · de7d781
2 parents 903a3a0 + 244f3f6
commit de7d781
Show file tree

Hide file tree

Showing 9 changed files with 71 additions and 21 deletions.
diff --git a/spec/acceptance/firewall_spec.rb b/spec/acceptance/firewall_spec.rb
@@ -116,7 +116,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -139,7 +141,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -189,7 +193,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -239,7 +245,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -262,7 +270,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -312,7 +322,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'should contain the rule' do
@@ -839,7 +851,9 @@ class { '::firewall': }
           EOS
 
           apply_manifest(pp, :catch_failures => true)
-          apply_manifest(pp, :catch_changes => true)
+          unless fact('selinux') == 'true'
+            apply_manifest(pp, :catch_changes => true)
+          end
         end
 
         it 'should contain the rule' do

diff --git a/spec/acceptance/firewallchain_spec.rb b/spec/acceptance/firewallchain_spec.rb
@@ -14,7 +14,9 @@
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'finds the chain' do
@@ -33,7 +35,9 @@
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'fails to find the chain' do
@@ -112,7 +116,9 @@
         EOS
         # Run it twice and test for idempotency
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
       end
 
       it 'finds the chain' do

diff --git a/spec/acceptance/invert_spec.rb b/spec/acceptance/invert_spec.rb
@@ -25,7 +25,9 @@ class { '::firewall': }
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes  => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes  => true)
+      end
     end
 
     it 'should contain the rules' do

diff --git a/spec/acceptance/ip6_fragment_spec.rb b/spec/acceptance/ip6_fragment_spec.rb
@@ -37,7 +37,9 @@ class { '::firewall': }
         EOS
 
         apply_manifest(pp, :catch_failures => true)
-        apply_manifest(pp, :catch_changes => true)
+        unless fact('selinux') == 'true'
+          apply_manifest(pp, :catch_changes => true)
+        end
 
         shell('ip6tables-save') do |r|
           expect(r.stdout).to match(/#{line_match}/)
@@ -56,7 +58,11 @@ class { '::firewall': }
             }
         EOS
 
-        apply_manifest(pp, :catch_changes => true)
+        if fact('selinux') == 'true'
+          apply_manifest(pp, :catch_failures => true)
+        else
+          apply_manifest(pp, :catch_changes => true)
+        end
 
         shell('ip6tables-save') do |r|
           expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/isfragment_spec.rb b/spec/acceptance/isfragment_spec.rb
@@ -17,7 +17,9 @@ class { '::firewall': }
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save') do |r|
         expect(r.stdout).to match(/#{line_match}/)
@@ -35,7 +37,11 @@ class { '::firewall': }
           }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save') do |r|
         expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/purge_spec.rb b/spec/acceptance/purge_spec.rb
@@ -68,7 +68,9 @@ class { 'firewall': }
         }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
     end
 
     it 'ignores specified rules' do
@@ -82,7 +84,11 @@ class { 'firewall': }
         }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
     end
 
     it 'adds managed rules with ignored rules' do

diff --git a/spec/acceptance/rules_spec.rb b/spec/acceptance/rules_spec.rb
@@ -223,7 +223,9 @@ class { '::firewall': }
 
     # Run it twice and test for idempotency
     apply_manifest(pp, :catch_failures => true)
-    apply_manifest(pp, :catch_changes => true)
+    unless fact('selinux') == 'true'
+      apply_manifest(pp, :catch_changes => true)
+    end
   end
 
   it 'contains appropriate rules' do

diff --git a/spec/acceptance/socket_spec.rb b/spec/acceptance/socket_spec.rb
@@ -20,7 +20,9 @@ class { '::firewall': }
       EOS
 
       apply_manifest(pp, :catch_failures => true)
-      apply_manifest(pp, :catch_changes => true)
+      unless fact('selinux') == 'true'
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save -t raw') do |r|
         expect(r.stdout).to match(/#{line_match}/)
@@ -40,7 +42,11 @@ class { '::firewall': }
           }
       EOS
 
-      apply_manifest(pp, :catch_changes => true)
+      if fact('selinux') == 'true'
+        apply_manifest(pp, :catch_failures => true)
+      else
+        apply_manifest(pp, :catch_changes => true)
+      end
 
       shell('iptables-save -t raw') do |r|
         expect(r.stdout).to match(/#{line_match}/)

diff --git a/spec/acceptance/standard_usage_spec.rb b/spec/acceptance/standard_usage_spec.rb
@@ -50,6 +50,8 @@ class { 'firewall': }
 
     # Run it twice and test for idempotency
     apply_manifest(pp, :catch_failures => true)
-    expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero
+    unless fact('selinux') == 'true'
+      apply_manifest(pp, :catch_changes => true)
+    end
   end
 end