Merge pull request #1054 from puppetlabs/pdksync_GH-cat-12/main/add_redhat_9_support

chelnak · web-flow · commit a88f0633c257 · 2022-06-16T10:55:20.000+01:00
pdksync - (GH-cat-12) Add Support for Redhat 9
diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
@@ -41,7 +41,7 @@
   $package_name     = $firewall::params::package_name,
   $package_ensure   = $firewall::params::package_ensure,
   $sysconfig_manage = $firewall::params::sysconfig_manage,
-  $firewalld_manage = true,
+  $firewalld_manage = $firewall::params::firewalld_manage,
 ) inherits ::firewall::params {
   $_ensure_v6 = pick($ensure_v6, $ensure)
   $_enable_v6 = pick($enable_v6, $enable)
diff --git a/manifests/params.pp b/manifests/params.pp
@@ -13,6 +13,7 @@
           $package_name = undef
           $iptables_name = 'iptables'
           $sysconfig_manage = true
+          $firewalld_manage = true
         }
         'Fedora': {
           $service_name = 'iptables'
@@ -28,32 +29,37 @@
             $package_name = undef
           }
           $sysconfig_manage = true
+          $firewalld_manage = true
         }
         default: {
           if versioncmp($::operatingsystemrelease, '9') >= 0 {
             $service_name = 'nftables'
-            $service_name_v6 = undef
+            $service_name_v6 = 'ip6tables'
             $package_name = ['iptables-services', 'nftables', 'iptables-nft-services']
             $iptables_name = 'iptables'
             $sysconfig_manage = false
+            $firewalld_manage = false
           } elsif versioncmp($::operatingsystemrelease, '8.0') >= 0 {
             $service_name = ['iptables', 'nftables']
             $service_name_v6 = 'ip6tables'
             $package_name = ['iptables-services', 'nftables']
             $iptables_name = 'iptables'
             $sysconfig_manage = false
+            $firewalld_manage = true
           } elsif versioncmp($::operatingsystemrelease, '7.0') >= 0 {
             $service_name = 'iptables'
             $service_name_v6 = 'ip6tables'
             $package_name = 'iptables-services'
             $iptables_name = 'iptables'
             $sysconfig_manage = true
+            $firewalld_manage = true
           } else {
             $service_name = 'iptables'
             $service_name_v6 = 'ip6tables'
             $package_name = 'iptables-ipv6'
             $iptables_name = 'iptables'
             $sysconfig_manage = true
+            $firewalld_manage = true
           }
         }
       }
diff --git a/metadata.json b/metadata.json
@@ -19,7 +19,8 @@
       "operatingsystemrelease": [
         "6",
         "7",
-        "8"
+        "8",
+        "9"
       ]
     },
     {
diff --git a/spec/acceptance/firewall_attributes_exceptions_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb
@@ -327,12 +327,18 @@ class { '::firewall': }
 
   describe 'mac_source' do
     context 'when 0A:1B:3C:4D:5E:6F' do
+      # On RHEL 9 this must be lower case, on all others it must be upper case
+      mac_source = if os[:family] == 'redhat' && os[:release].start_with?('9')
+                     '0a:1b:3c:4d:5e:6f'
+                   else
+                     '0A:1B:3C:4D:5E:6F'
+                   end
       pp88 = <<-PUPPETCODE
           class { '::firewall': }
           firewall { '610 - test':
             ensure      => present,
             source      => '10.1.5.28/32',
-            mac_source  => '0A:1B:3C:4D:5E:6F',
+            mac_source  => '#{mac_source}',
             chain       => 'INPUT',
           }
       PUPPETCODE
@@ -1015,7 +1021,7 @@ class { '::firewall': }
     end
   end
 
-  unless (os[:family] == 'redhat' && os[:release].start_with?('5', '6', '8')) || (os[:family] == 'sles')
+  unless (os[:family] == 'redhat' && os[:release].start_with?('5', '6', '8', '9')) || (os[:family] == 'sles')
     describe 'time tests' do
       context 'when set all time parameters' do
         pp1 = <<-PUPPETCODE
diff --git a/spec/acceptance/firewall_attributes_ipv6_exceptions_spec.rb b/spec/acceptance/firewall_attributes_ipv6_exceptions_spec.rb
@@ -220,7 +220,7 @@ class { '::firewall': }
       end
     end
 
-    unless os[:family] == 'redhat' && os[:release].start_with?('8')
+    unless os[:family] == 'redhat' && os[:release].start_with?('8', '9')
       describe 'time tests' do
         context 'when set all time parameters' do
           pp1 = <<-PUPPETCODE
diff --git a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb
@@ -10,6 +10,13 @@
 
   describe 'attributes test' do
     before(:all) do
+      # On RHEL 9 this must be lower case, on all others it must be upper case
+      mac_source = if os[:family] == 'redhat' && os[:release].start_with?('9')
+                     '0a:1b:3c:4d:5e:6f'
+                   else
+                     '0A:1B:3C:4D:5E:6F'
+                   end
+
       pp = <<-PUPPETCODE
         class { '::firewall': }
         firewall { '571 - hop_limit':
@@ -101,7 +108,7 @@ class { '::firewall': }
         firewall { '604 - mac_source':
           ensure      => present,
           source      => '2001:db8::1/128',
-          mac_source  => '0A:1B:3C:4D:5E:6F',
+          mac_source  => '#{mac_source}',
           chain       => 'INPUT',
           provider    => 'ip6tables',
         }

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,8 @@`
`19`	`19`	`"operatingsystemrelease": [`
`20`	`20`	`"6",`
`21`	`21`	`"7",`
`22`		`- "8"`
	`22`	`+ "8",`
	`23`	`+ "9"`
`23`	`24`	`]`
`24`	`25`	`},`
`25`	`26`	`{`