Just a sanity check here. You did try the puppetlabs/firewall module before writing your own, right? (https://forge.puppet.com/puppetlabs/firewall)
On Mon, Jul 1, 2019 at 6:40 AM Bill Sirinek <[email protected]> wrote: > Fixed this by setting AUGEAS_LENS_LIB in spec/spec_helper_local.rb > > ENV['AUGEAS_LENS_LIB']='/opt/puppetlabs/puppet/share/augeas/lenses/dist' > > > > On Thursday, June 27, 2019 at 11:38:05 AM UTC-4, Bill Sirinek wrote: >> >> I need some help here. I have a simple augeas resource that changes a >> line in the /etc/sysconfig/iptables-config file. I am trying to write an >> rspec test for this and it's not working. >> >> >> >> RHEL7, pdk 1.10. I do not have any augeas packages installed, only using >> what is bundled with pdk 1.10. >> >> >> >> If my augeas resource specifies the incl and lens attributes, the test >> doesn't work at all, complaining that Shellvars.lns cannot be found. >> >> >> >> If my augeas resource specifies the context attribute and does not >> specify a lens (augeas uses Shellvars for this file by default anyway), the >> execute.with_change fails, but verifying the changes via aug_get and >> checking execute.idempotently both succeed. >> >> >> >> Below I have the four combinations of the above and the output generated. >> At the very bottom is my spec_helper.rb file. >> >> >> The IPTABLES_MODULES value is "" in the iptables-config file in the >> spec/fixtures/augeas/etc/sysconfig directory. >> >> >> 1. Augeas resource specifying both incl and lens in manifest. Checking if >> resource executes with change. >> >> >> >> Augeas resource: >> >> augeas { 'set_iptables_modules': >> >> incl => '/etc/sysconfig/iptables-config', >> >> lens => 'Shellvars.lns', >> >> changes => [ >> >> "set IPTABLES_MODULES '\"iptable_nat ip_conntrack nf_nat_tftp >> nf_conntrack_ipv4\"'" >> >> ] >> >> } >> >> >> >> >> >> Spec test: >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables configuration' >> do >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.idempotently >> >> end >> >> end >> >> >> >> >> >> Output: >> >> bsirinek@mydevhost $ pdk test unit >> >> pdk (INFO): Using Ruby 2.4.5 >> >> pdk (INFO): Using Puppet 5.5.12 >> >> [✔] Preparing to run the unit tests. >> >> [✖] Running unit tests. >> >> Run options: exclude {:bolt=>true} >> >> Evaluated 18 tests in 9.488949739 seconds: 1 failures, 0 pending. >> >> failed: rspec: ./spec/classes/init_spec.rb:29: Augeas[set_iptables_modules] >> fails when executing: >> >> debug: Opening augeas with root >> /tmp/rspec-puppet-augeas20190625-14571-apd4ov, lens path , flags 64 >> >> debug: Augeas version 1.8.1 is installed >> >> warning: Loading failed for one or more files, see debug for /augeas//error >> output >> >> debug: /augeas/load/Xfm/error = Can not find lens Shellvars.lns >> >> debug: Will attempt to save and only run if files changed >> >> debug: sending command 'set' with params >> ["/files/etc/sysconfig/iptables-config/IPTABLES_MODULES", "\"iptable_nat >> ip_conntrack nf_nat_tftp nf_conntrack_ipv4\""] >> >> debug: Closed the augeas connection >> >> err: Could not evaluate: Saving failed, see debug >> >> sebastion Augeas[set_iptables_modules] specifies the kernel modules to >> load in the iptables configuration >> >> Failure/Error: >> >> >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables >> configuration' do >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> >> >> Total resources: 13 >> >> Touched resources: 13 >> >> Resource coverage: 100.00% >> >> >> >> >> >> >> >> >> >> >> 2. Augeas resource specifying only context and no lens in manifest. >> Checking if resource executes with change. >> >> >> >> Augeas resource: >> >> augeas { 'set_iptables_modules': >> >> context => '/files/etc/sysconfig/iptables-config', >> >> changes => [ >> >> "set IPTABLES_MODULES '\"iptable_nat ip_conntrack nf_nat_tftp >> nf_conntrack_ipv4\"'" >> >> ] >> >> } >> >> >> >> >> >> Spec test: >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables configuration' >> do >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.idempotently >> >> end >> >> end >> >> >> >> >> >> Output: >> >> bsirinek@mydevhost $ pdk test unit >> >> pdk (INFO): Using Ruby 2.4.5 >> >> pdk (INFO): Using Puppet 5.5.12 >> >> [✔] Preparing to run the unit tests. >> >> [✖] Running unit tests. >> >> Run options: exclude {:bolt=>true} >> >> Evaluated 18 tests in 9.104591825 seconds: 1 failures, 0 pending. >> >> failed: rspec: ./spec/classes/init_spec.rb:29: Augeas[set_iptables_modules] >> doesn't change when executed: >> >> debug: Opening augeas with root >> /tmp/rspec-puppet-augeas20190625-16038-6r286s, lens path , flags 32 >> >> debug: Augeas version 1.8.1 is installed >> >> debug: Will attempt to save and only run if files changed >> >> debug: sending command 'set' with params >> ["/etc/sysconfig/iptables-config/IPTABLES_MODULES", "\"iptable_nat >> ip_conntrack nf_nat_tftp nf_conntrack_ipv4\""] >> >> debug: Skipping because no files were changed >> >> debug: Closed the augeas connection >> >> sebastion Augeas[set_iptables_modules] specifies the kernel modules to >> load in the iptables configuration >> >> Failure/Error: >> >> >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables >> configuration' do >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> >> >> Total resources: 13 >> >> Touched resources: 13 >> >> Resource coverage: 100.00% >> >> >> >> >> 3. Augeas resource specifying both incl and lens in manifest. Not >> checking if resource executes with change. >> >> >> >> Augeas resource: >> >> augeas { 'set_iptables_modules': >> >> incl => '/etc/sysconfig/iptables-config', >> >> lens => 'Shellvars.lns', >> >> changes => [ >> >> "set IPTABLES_MODULES '\"iptable_nat ip_conntrack nf_nat_tftp >> nf_conntrack_ipv4\"'" >> >> ] >> >> } >> >> >> >> >> >> Spec test: >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables configuration' >> do >> >> #is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.idempotently >> >> end >> >> end >> >> >> >> >> >> Output: >> >> bsirinek@mydevhost $ pdk test unit >> >> pdk (INFO): Using Ruby 2.4.5 >> >> pdk (INFO): Using Puppet 5.5.12 >> >> [✔] Preparing to run the unit tests. >> >> [✖] Running unit tests. >> >> Run options: exclude {:bolt=>true} >> >> Evaluated 18 tests in 8.827282266 seconds: 1 failures, 0 pending. >> >> failed: rspec: ./spec/classes/init_spec.rb:29: Augeas[set_iptables_modules] >> fails when executing: >> >> debug: Opening augeas with root >> /tmp/rspec-puppet-augeas20190625-18357-10z5g08, lens path , flags 64 >> >> debug: Augeas version 1.8.1 is installed >> >> warning: Loading failed for one or more files, see debug for /augeas//error >> output >> >> debug: /augeas/load/Xfm/error = Can not find lens Shellvars.lns >> >> debug: Will attempt to save and only run if files changed >> >> debug: sending command 'set' with params >> ["/files/etc/sysconfig/iptables-config/IPTABLES_MODULES", "\"iptable_nat >> ip_conntrack nf_nat_tftp nf_conntrack_ipv4\""] >> >> debug: Closed the augeas connection >> >> err: Could not evaluate: Saving failed, see debug >> >> sebastion Augeas[set_iptables_modules] specifies the kernel modules to >> load in the iptables configuration >> >> Failure/Error: >> >> >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables >> configuration' do >> >> #is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> >> >> Total resources: 13 >> >> Touched resources: 13 >> >> Resource coverage: 100.00% >> >> >> >> >> 4. Augeas resource specifying only context and no lens in manifest. Not >> checking if resource executes with change. >> >> >> >> Augeas resource: >> >> augeas { 'set_iptables_modules': >> >> context => '/files/etc/sysconfig/iptables-config', >> >> changes => [ >> >> "set IPTABLES_MODULES '\"iptable_nat ip_conntrack nf_nat_tftp >> nf_conntrack_ipv4\"'" >> >> ] >> >> } >> >> >> >> >> >> Spec test: >> >> describe_augeas 'set_iptables_modules', :lens => 'Shellvars', :target => >> 'etc/sysconfig/iptables-config' do >> >> it 'specifies the kernel modules to load in the iptables configuration' >> do >> >> #is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.with_change >> >> expect(aug_get('IPTABLES_MODULES')) == '"iptable_nat ip_conntrack >> nf_nat_tftp nf_conntrack_ipv4"' >> >> is_expected.to <https://secure.ice/?http://is_expected.to> >> execute.idempotently >> >> end >> >> end >> >> >> >> >> >> Output: >> >> bsirinek@mydevhost $ pdk test unit >> >> pdk (INFO): Using Ruby 2.4.5 >> >> pdk (INFO): Using Puppet 5.5.12 >> >> [✔] Preparing to run the unit tests. >> >> [✔] Running unit tests. >> >> Run options: exclude {:bolt=>true} >> >> Evaluated 18 tests in 9.325532779 seconds: 0 failures, 0 pending. >> >> >> >> Total resources: 13 >> >> Touched resources: 13 >> >> Resource coverage: 100.00% >> >> >> spec/spec_helper.rb >> >> >> >> RSpec.configure do |c| >> >> c.mock_with :rspec >> >> end >> >> >> >> require 'puppetlabs_spec_helper/module_spec_helper' >> >> require 'rspec-puppet-facts' >> >> >> >> require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), >> 'spec_helper_local.rb')) >> >> >> >> include RspecPuppetFacts >> >> >> >> default_facts = { >> >> puppetversion: Puppet.version, >> >> facterversion: Facter.version, >> >> } >> >> >> >> default_fact_files = [ >> >> File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), >> >> File.expand_path(File.join(File.dirname(__FILE__), >> 'default_module_facts.yml')), >> >> ] >> >> >> >> default_fact_files.each do |f| >> >> next unless File.exist?(f) && File.readable?(f) && File.size?(f) >> >> >> >> begin >> >> default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) >> >> rescue => e >> >> RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" >> >> end >> >> end >> >> >> >> RSpec.configure do |c| >> >> c.default_facts = default_facts >> >> c.hiera_config = 'spec/fixtures/hiera/hiera.yaml' >> >> c.before :each do >> >> # set to strictest setting for testing >> >> # by default Puppet runs at warning level >> >> Puppet.settings[:strict] = :warning >> >> end >> >> c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] >> >> c.after(:suite) do >> >> RSpec::Puppet::Coverage.report!(0) >> >> end >> >> end >> >> >> >> def ensure_module_defined(module_name) >> >> module_name.split('::').reduce(Object) do |last_module, next_module| >> >> last_module.const_set(next_module, Module.new) unless >> last_module.const_defined?(next_module, false) >> >> last_module.const_get(next_module, false) >> >> end >> >> end >> >> >> >> # 'spec_overrides' from sync.yml will appear below this line >> >> require 'rspec-puppet-augeas' >> >> require 'octofacts' >> >> RSpec.configure do |c| >> >> c.default_formatter = 'doc' >> >> c.augeas_fixtures = File.join(File.dirname(File.expand_path(__FILE__)), >> 'fixtures', 'augeas') >> >> end >> >> require 'puppetlabs_spec_helper/module_spec_helper' >> >> ENV["OCTOFACTS_FIXTURE_PATH"] ||= >> File.expand_path("fixtures/facts/octofacts", File.dirname(__FILE__)) >> >> ENV["OCTOFACTS_INDEX_PATH"] ||= >> File.expand_path("fixtures/facts/octofacts-index.yaml", >> File.dirname(__FILE__)) >> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/d7c413e7-aaea-4871-884a-d6565d36910b%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/d7c413e7-aaea-4871-884a-d6565d36910b%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACkW_L4SPfcsE-8xDwQoVB2aKYRwsGUgE%2BiN5vyFtrGSXOKmeA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
