-
Notifications
You must be signed in to change notification settings - Fork 148
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
actors: add FirewalldIptablesModules
This actor will check if firewalld is using iptables, if so it will cause kernel-module-extra to be installed.
- Loading branch information
Showing
2 changed files
with
84 additions
and
0 deletions.
There are no files selected for viewing
37 changes: 37 additions & 0 deletions
37
repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/actor.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| from leapp.actors import Actor | ||
| from leapp.models import FirewallsFacts, RpmTransactionTasks, FirewalldGlobalConfig, FirewalldDirectConfig | ||
| from leapp.tags import ChecksPhaseTag, IPUWorkflowTag | ||
|
|
||
|
|
||
| class FirewalldIptablesModules(Actor): | ||
| """ | ||
| This actor cause kernel-modules-extra to be installed if firewalld is using | ||
| iptables. | ||
| """ | ||
|
|
||
| name = 'firewalld_iptables_modules' | ||
| consumes = (FirewallsFacts, FirewalldGlobalConfig, FirewalldDirectConfig) | ||
| produces = (RpmTransactionTasks,) | ||
| tags = (ChecksPhaseTag, IPUWorkflowTag) | ||
|
|
||
| def process(self): | ||
| # If firewalld is not enabled then don't bother the user about its | ||
| # configuration. | ||
| for facts in self.consume(FirewallsFacts): | ||
| if not facts.firewalld.enabled: | ||
| return | ||
|
|
||
| flag = False | ||
|
|
||
| for config in self.consume(FirewalldGlobalConfig): | ||
| if config.firewallbackend == "iptables": | ||
| flag = True | ||
| break | ||
|
|
||
| for config in self.consume(FirewalldDirectConfig): | ||
| if config.has_permanent_configuration: | ||
| flag = True | ||
| break | ||
|
|
||
| if flag: | ||
| self.produce(RpmTransactionTasks(to_install=['kernel-modules-extra'])) |
47 changes: 47 additions & 0 deletions
47
repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/tests/unit_tests.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| from leapp.models import (FirewallStatus, | ||
| FirewallsFacts, | ||
| RpmTransactionTasks, | ||
| FirewalldGlobalConfig, | ||
| FirewalldDirectConfig) | ||
|
|
||
|
|
||
| def test_produce(current_actor_context): | ||
| status = FirewallStatus(enabled=True, active=True) | ||
| current_actor_context.feed(FirewallsFacts(firewalld=status, | ||
| iptables=status, | ||
| ip6tables=status)) | ||
| current_actor_context.feed(FirewalldGlobalConfig(firewallbackend='iptables')) | ||
| current_actor_context.run() | ||
| assert current_actor_context.consume(RpmTransactionTasks)[0].to_install[0] == 'kernel-modules-extra' | ||
|
|
||
|
|
||
| def test_produce_02(current_actor_context): | ||
| status = FirewallStatus(enabled=True, active=True) | ||
| current_actor_context.feed(FirewallsFacts(firewalld=status, | ||
| iptables=status, | ||
| ip6tables=status)) | ||
| current_actor_context.feed(FirewalldDirectConfig(has_permanent_configuration=True)) | ||
| current_actor_context.run() | ||
| assert current_actor_context.consume(RpmTransactionTasks)[0].to_install[0] == 'kernel-modules-extra' | ||
|
|
||
|
|
||
| def test_no_produce_negative(current_actor_context): | ||
| current_actor_context.feed(FirewalldGlobalConfig()) | ||
| current_actor_context.run() | ||
| assert not current_actor_context.consume(RpmTransactionTasks) | ||
|
|
||
|
|
||
| def test_no_produce_negative_02(current_actor_context): | ||
| status = FirewallStatus(enabled=False, active=True) | ||
| current_actor_context.feed(FirewallsFacts(firewalld=status, | ||
| iptables=status, | ||
| ip6tables=status)) | ||
| current_actor_context.feed(FirewalldGlobalConfig(firewallbackend='iptables')) | ||
| current_actor_context.run() | ||
| assert not current_actor_context.consume(RpmTransactionTasks) | ||
|
|
||
|
|
||
| def test_no_produce_negative_03(current_actor_context): | ||
| current_actor_context.feed(FirewalldDirectConfig()) | ||
| current_actor_context.run() | ||
| assert not current_actor_context.consume(RpmTransactionTasks) |