Removing RedHat/Scientific/OracleLinux 6

rajat-puppet · Ramesh7 · commit ae4663128fe1 · 2023-09-21T16:46:53.000+05:30
diff --git a/spec/acceptance/firewall_attributes_exceptions_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb
@@ -19,9 +19,7 @@
 
   # --bytecode is only supported by operatingsystems using nftables (in general Linux kernel 3.13, RedHat 7 (and derivates) with 3.10)
   # Skipping those from which we know they would fail.
-  describe 'bytecode property', unless: (os[:family] == 'redhat' && os[:release][0] <= '6') ||
-                                        (os[:family] == 'sles' && os[:release][0..1] <= '11') ||
-                                        (fetch_os_name == 'oraclelinux' && os[:release][0] <= '7') ||
+  describe 'bytecode property', unless: (fetch_os_name == 'oraclelinux' && os[:release][0] == '7') ||
                                         (os[:family] == 'ubuntu') do
     describe 'bytecode' do
       context 'when 4,48 0 0 9,21 0 1 6,6 0 0 1,6 0 0 0' do
diff --git a/spec/acceptance/firewall_attributes_ipv6_exceptions_spec.rb b/spec/acceptance/firewall_attributes_ipv6_exceptions_spec.rb
@@ -86,29 +86,6 @@ class { '::firewall': }
             end
           end
         end
-
-        context 'when multiple addrtype fail', if: (os[:family] == 'redhat' && os[:release].start_with?('5')) do
-          pp = <<-PUPPETCODE
-                class { '::firewall': }
-                firewall { '616 - test':
-                  proto    => tcp,
-                  jump     => accept,
-                  #{type}  => ['LOCAL', '! LOCAL'],
-                  protocol => 'IPv6',
-                }
-          PUPPETCODE
-          it 'fails' do
-            apply_manifest(pp, expect_failures: true) do |r|
-              expect(r.stderr).to match(%r{Multiple #{type} elements are available from iptables version})
-            end
-          end
-
-          it 'does not contain the rule' do
-            run_shell('ip6tables-save') do |r|
-              expect(r.stdout).not_to match(%r{-A INPUT -p (tcp|6) -m addrtype --#{type.tr('_', '-')} LOCAL -m addrtype ! --#{type.tr('_', '-')} LOCAL -m comment --comment "616 - test" -j ACCEPT})
-            end
-          end
-        end
       end
     end
 
@@ -139,61 +116,6 @@ class { '::firewall': }
       end
     end
 
-    # ipset is hard to test, only testing on ubuntu 14
-    describe 'ipset', if: (os[:family] == 'redhat' && os[:release].start_with?('14')) do
-      before(:all) do
-        pp = <<-PUPPETCODE
-          exec { 'hackery pt 1':
-            command => 'service iptables-persistent flush',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-          }
-          package { 'ipset':
-            ensure  => present,
-            require => Exec['hackery pt 1'],
-          }
-          exec { 'hackery pt 2':
-            command => 'service iptables-persistent start',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-            require => Package['ipset'],
-          }
-          class { '::firewall': }
-          exec { 'create ipset blacklist':
-            command => 'ipset create blacklist hash:ip,port family inet6 maxelem 1024 hashsize 65535 timeout 120',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-            require => Package['ipset'],
-          }
-          -> exec { 'create ipset honeypot':
-            command => 'ipset create honeypot hash:ip family inet6 maxelem 1024 hashsize 65535 timeout 120',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-          }
-          -> exec { 'add blacklist':
-            command => 'ipset add blacklist 2001:db8::1,80',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-          }
-          -> exec { 'add honeypot':
-            command => 'ipset add honeypot 2001:db8::5',
-            path    => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-          }
-          firewall { '612 - test':
-            ensure   => present,
-            chain    => 'INPUT',
-            proto    => tcp,
-            jump     => drop,
-            ipset    => ['blacklist src,dst', '! honeypot dst'],
-            protocol => 'IPv6',
-            require  => Exec['add honeypot'],
-          }
-        PUPPETCODE
-        apply_manifest(pp, catch_failures: true)
-      end
-
-      it 'contains the rule' do
-        run_shell('ip6tables-save') do |r|
-          expect(r.stdout).to match(%r{-A INPUT -p (tcp|6) -m set --match-set blacklist src,dst -m set ! --match-set honeypot dst -m comment --comment "612 - test" -j DROP})
-        end
-      end
-    end
-
     describe 'src_range' do
       context 'when 2001::db8::1-2001:db8::ff' do
         pp = <<-PUPPETCODE
diff --git a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper_acceptance'
 
-describe 'firewall attribute testing, happy path', unless: (os[:family] == 'redhat' && os[:release].start_with?('5', '6')) || (os[:family] == 'sles') do
+describe 'firewall attribute testing, happy path', unless: (os[:family] == 'sles') do
   before :all do
     iptables_flush_all_tables
     ip6tables_flush_all_tables
diff --git a/spec/acceptance/resource_cmd_spec.rb b/spec/acceptance/resource_cmd_spec.rb
@@ -85,7 +85,7 @@
     end
   end
 
-  context 'when accepts rules with multiple comments', unless: (os[:family] == 'redhat' && os[:release].start_with?('5')) do
+  context 'when accepts rules with multiple comments' do
     before(:all) do
       iptables_flush_all_tables
       run_shell('iptables -A INPUT -j ACCEPT -p tcp --dport 80 -m comment --comment "http" -m comment --comment "http"')
diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb
@@ -62,7 +62,7 @@ def fetch_os_name
   c.before :suite do
     # Depmod is not availible by default on our AlmaLinux/CentOS 8 docker image
     LitmusHelper.instance.run_shell('yum install kmod -y') if ['almalinux-8', 'centos-8'].include?("#{fetch_os_name}-#{os[:release].to_i}")
-    if ['centos-6', 'centos-7', 'oraclelinux-6', 'scientific-6', 'scientific-7'].include?("#{fetch_os_name}-#{os[:release].to_i}")
+    if ['centos-7', 'scientific-7'].include?("#{fetch_os_name}-#{os[:release].to_i}")
       LitmusHelper.instance.run_shell('yum update -y')
       LitmusHelper.instance.run_shell('depmod -a')
       ['filter', 'nat', 'mangle', 'raw'].each do |t|
diff --git a/spec/unit/classes/firewall_linux_spec.rb b/spec/unit/classes/firewall_linux_spec.rb
@@ -5,7 +5,7 @@
 describe 'firewall::linux', type: :class do
   ['RedHat', 'CentOS'].each do |os|
     context "with Redhat Like: operatingsystem => #{os}" do
-      releases = ['6', '7', '8']
+      releases = ['7', '8']
       releases.each do |osrel|
         context "when operatingsystemrelease => #{osrel}" do
           let(:facts) do
