mirror of
https://github.com/rocky-linux/os-autoinst-distri-rocky.git
synced 2024-12-22 02:38:31 +00:00
add a server default firewall test
Summary: The test here is a bit ugly, but it should work. Better ideas welcome =) Test Plan: Run the test, check it works (and maybe hack it up a bit and check it fails properly too, it worked first time for me which is always suspicious) Reviewers: jskladan, garretraziel Reviewed By: garretraziel Subscribers: tflink Differential Revision: https://phab.qadevel.cloud.fedoraproject.org/D870
This commit is contained in:
parent
802c9298fd
commit
cf543adf72
21
templates
21
templates
@ -831,6 +831,17 @@
|
||||
},
|
||||
test_suite => { name => "install_kickstart_firewall_configured" },
|
||||
},
|
||||
{
|
||||
machine => { name => "64bit" },
|
||||
prio => 40,
|
||||
product => {
|
||||
arch => "x86_64",
|
||||
distri => "fedora",
|
||||
flavor => "Server-dvd-iso",
|
||||
version => "*",
|
||||
},
|
||||
test_suite => { name => "server_firewall_default" },
|
||||
},
|
||||
{
|
||||
machine => { name => "64bit" },
|
||||
prio => 11,
|
||||
@ -1608,6 +1619,16 @@
|
||||
{ key => "USER_LOGIN", value => "false" },
|
||||
],
|
||||
},
|
||||
{
|
||||
name => "server_firewall_default",
|
||||
settings => [
|
||||
{ key => "POSTINSTALL", value => "server_firewall_default" },
|
||||
{ key => "USER_LOGIN", value => "false" },
|
||||
{ key => "START_AFTER_TEST", value => "install_default_upload" },
|
||||
{ key => "BOOTFROM", value => "c" },
|
||||
{ key => "HDD_1", value => "disk_%FLAVOR%_%MACHINE%.qcow2" },
|
||||
],
|
||||
},
|
||||
{
|
||||
name => "server_role_deploy_domain_controller",
|
||||
settings => [
|
||||
|
29
tests/server_firewall_default_postinstall.pm
Normal file
29
tests/server_firewall_default_postinstall.pm
Normal file
@ -0,0 +1,29 @@
|
||||
use base "installedtest";
|
||||
use strict;
|
||||
use testapi;
|
||||
|
||||
sub run {
|
||||
my $self=shift;
|
||||
if (not( check_screen "root_console", 0)) {
|
||||
$self->root_console(tty=>3);
|
||||
}
|
||||
# this only succeeds if the firewall is running
|
||||
assert_script_run 'firewall-cmd --state';
|
||||
# we need to check that exactly these three services and no others
|
||||
# are allowed...but the displayed order is arbitrary.
|
||||
validate_script_output 'firewall-cmd --list-services', sub { m/^(cockpit dhcpv6-client ssh|cockpit ssh dhcpv6-client|dhcpv6-client cockpit ssh|dhcpv6-client ssh cockpit|ssh cockpit dhcpv6-client|ssh dhcpv6-client cockpit)$/ };
|
||||
validate_script_output 'firewall-cmd --list-ports', sub { m/^$/ };
|
||||
validate_script_output 'firewall-cmd --list-protocols', sub { m/^$/ };
|
||||
}
|
||||
|
||||
sub test_flags {
|
||||
# without anything - rollback to 'lastgood' snapshot if failed
|
||||
# 'fatal' - whole test suite is in danger if this fails
|
||||
# 'milestone' - after this test succeeds, update 'lastgood'
|
||||
# 'important' - if this fails, set the overall state to 'fail'
|
||||
return { fatal => 1 };
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
# vim: set sw=4 et:
|
Loading…
Reference in New Issue
Block a user