[RHELC-1300] Cleanup firewalld action (oamg#975)

This PR introduces a few cleanups that were made as comments in oamg#953.

Signed-off-by: Rodolfo Olivieri <[email protected]>

convert2rhel/actions/system_checks/check_firewalld_availability.py

@@ -60,9 +60,7 @@ def _is_modules_cleanup_enabled():
     # CleanupModulesOnExit as true. Ignoring # and ; as they are ignored in the
     # config parser for firewalld as well:
     # https://github.com/firewalld/firewalld/blob/46d54dcbdff94423686d67befc78ca8d601fce60/src/firewall/core/io/firewalld_conf.py#L85
-    option_present = any(
-        item.strip().startswith("CleanupModulesOnExit") for item in contents if not item.startswith(("#", ";"))
-    )
+    option_present = any(item.strip().startswith("CleanupModulesOnExit") for item in contents)
     if not option_present:
         logger.debug(
             "Couldn't find CleanupModulesOnExit in firewalld.conf. Treating it as enabled because of default behavior."
@@ -112,11 +110,10 @@ def run(self):
                     remediation=(
                         "Set the option CleanupModulesOnExit in /etc/firewalld/firewalld.conf "
                         "to no prior to running convert2rhel:\n"
-                        " sed -i -- 's/CleanupModulesOnExit=yes/CleanupModulesOnExit=no/g' /etc/firewalld/firewalld.conf\n && firewall-cmd --reload."
-                        " You can change the option back to yes after the system reboot "
+                        " sed -i -- 's/^CleanupModulesOnExit.*/CleanupModulesOnExit=no/g' /etc/firewalld/firewalld.conf\n && firewall-cmd --reload\n"
+                        "You can change the option back to yes after the system reboot "
                         "- that is after the system boots into the RHEL kernel."
                     ),
                 )
-                return
-
-        logger.info("Skipping the check as it is relevant only for Oracle Linux 8.8 and above.")
+        else:
+            logger.info("Skipping the check as it is relevant only for Oracle Linux 8.8 and above.")

convert2rhel/unit_tests/actions/system_checks/check_firewalld_availability_test.py

@@ -305,8 +305,8 @@ def test_cleanup_modules_on_exit_is_true(
             remediation=(
                 "Set the option CleanupModulesOnExit in /etc/firewalld/firewalld.conf "
                 "to no prior to running convert2rhel:\n"
-                " sed -i -- 's/CleanupModulesOnExit=yes/CleanupModulesOnExit=no/g' /etc/firewalld/firewalld.conf\n && firewall-cmd --reload."
-                " You can change the option back to yes after the system reboot "
+                " sed -i -- 's/^CleanupModulesOnExit.*/CleanupModulesOnExit=no/g' /etc/firewalld/firewalld.conf\n && firewall-cmd --reload\n"
+                "You can change the option back to yes after the system reboot "
                 "- that is after the system boots into the RHEL kernel."
             ),
         )

tests/integration/tier0/non-destructive/firewalld-inhibitor/test_firewalld_inhibitor.py

@@ -4,7 +4,8 @@
 
 from envparse import env
 
-from convert2rhel.actions.system_checks.check_firewalld_availability import FIREWALLD_CONFIG_FILE
+
+FIREWALLD_CONFIG_FILE = "/etc/firewalld/firewalld.conf"
 
 
 @pytest.mark.test_firewalld_inhibitor
@@ -37,8 +38,4 @@ def test_firewalld_inhibitor(shell, convert2rhel):
 
     assert c2r.exitstatus == 1
 
-    assert shell(
-        "grep 'Firewalld running on Oracle Linux 8 can lead to a conversion failure' /var/log/convert2rhel/convert2rhel.log"
-    )
-
     shell(f"sed -i 's/CleanupModulesOnExit=yes/CleanupModulesOnExit=no/g' {FIREWALLD_CONFIG_FILE}")

tests/integration/tier1/destructive/firewalld-disabled-ol8/test_firewalld_disabled_ol8.py

@@ -4,7 +4,8 @@
 
 from envparse import env
 
-from convert2rhel.actions.system_checks.check_firewalld_availability import FIREWALLD_CONFIG_FILE
+
+FIREWALLD_CONFIG_FILE = "/etc/firewalld/firewalld.conf"
 
 
 @pytest.mark.test_firewalld_disabled