add a server default firewall test
Summary: The test here is a bit ugly, but it should work. Better ideas welcome =) Test Plan: Run the test, check it works (and maybe hack it up a bit and check it fails properly too, it worked first time for me which is always suspicious) Reviewers: jskladan, garretraziel Reviewed By: garretraziel Subscribers: tflink Differential Revision: https://phab.qadevel.cloud.fedoraproject.org/D870
This commit is contained in:
parent
802c9298fd
commit
cf543adf72
21
templates
21
templates
@ -831,6 +831,17 @@
|
|||||||
},
|
},
|
||||||
test_suite => { name => "install_kickstart_firewall_configured" },
|
test_suite => { name => "install_kickstart_firewall_configured" },
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
machine => { name => "64bit" },
|
||||||
|
prio => 40,
|
||||||
|
product => {
|
||||||
|
arch => "x86_64",
|
||||||
|
distri => "fedora",
|
||||||
|
flavor => "Server-dvd-iso",
|
||||||
|
version => "*",
|
||||||
|
},
|
||||||
|
test_suite => { name => "server_firewall_default" },
|
||||||
|
},
|
||||||
{
|
{
|
||||||
machine => { name => "64bit" },
|
machine => { name => "64bit" },
|
||||||
prio => 11,
|
prio => 11,
|
||||||
@ -1608,6 +1619,16 @@
|
|||||||
{ key => "USER_LOGIN", value => "false" },
|
{ key => "USER_LOGIN", value => "false" },
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name => "server_firewall_default",
|
||||||
|
settings => [
|
||||||
|
{ key => "POSTINSTALL", value => "server_firewall_default" },
|
||||||
|
{ key => "USER_LOGIN", value => "false" },
|
||||||
|
{ key => "START_AFTER_TEST", value => "install_default_upload" },
|
||||||
|
{ key => "BOOTFROM", value => "c" },
|
||||||
|
{ key => "HDD_1", value => "disk_%FLAVOR%_%MACHINE%.qcow2" },
|
||||||
|
],
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name => "server_role_deploy_domain_controller",
|
name => "server_role_deploy_domain_controller",
|
||||||
settings => [
|
settings => [
|
||||||
|
29
tests/server_firewall_default_postinstall.pm
Normal file
29
tests/server_firewall_default_postinstall.pm
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
use base "installedtest";
|
||||||
|
use strict;
|
||||||
|
use testapi;
|
||||||
|
|
||||||
|
sub run {
|
||||||
|
my $self=shift;
|
||||||
|
if (not( check_screen "root_console", 0)) {
|
||||||
|
$self->root_console(tty=>3);
|
||||||
|
}
|
||||||
|
# this only succeeds if the firewall is running
|
||||||
|
assert_script_run 'firewall-cmd --state';
|
||||||
|
# we need to check that exactly these three services and no others
|
||||||
|
# are allowed...but the displayed order is arbitrary.
|
||||||
|
validate_script_output 'firewall-cmd --list-services', sub { m/^(cockpit dhcpv6-client ssh|cockpit ssh dhcpv6-client|dhcpv6-client cockpit ssh|dhcpv6-client ssh cockpit|ssh cockpit dhcpv6-client|ssh dhcpv6-client cockpit)$/ };
|
||||||
|
validate_script_output 'firewall-cmd --list-ports', sub { m/^$/ };
|
||||||
|
validate_script_output 'firewall-cmd --list-protocols', sub { m/^$/ };
|
||||||
|
}
|
||||||
|
|
||||||
|
sub test_flags {
|
||||||
|
# without anything - rollback to 'lastgood' snapshot if failed
|
||||||
|
# 'fatal' - whole test suite is in danger if this fails
|
||||||
|
# 'milestone' - after this test succeeds, update 'lastgood'
|
||||||
|
# 'important' - if this fails, set the overall state to 'fail'
|
||||||
|
return { fatal => 1 };
|
||||||
|
}
|
||||||
|
|
||||||
|
1;
|
||||||
|
|
||||||
|
# vim: set sw=4 et:
|
Loading…
Reference in New Issue
Block a user