Merge pull request #234 from trevor-vaughan/native-type-autorequires

Native type autorequires for the firewalld service

lib/puppet/type/firewalld_direct_chain.rb

@@ -45,4 +45,8 @@ def self.title_patterns
     desc 'Name of the table type to add (e.g: filter, nat, mangle, raw)'
     isnamevar
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_direct_passthrough.rb

@@ -32,4 +32,8 @@
     isnamevar
     desc 'Name of the passthroughhrough to add (e.g: -A OUTPUT -j OUTPUT_filter)'
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_direct_purge.rb

@@ -51,6 +51,10 @@ def generate
     newvalues('chain', 'passthrough', 'rule')
   end
 
+  autorequire(:service) do
+    ['firewalld']
+  end
+
   def purge?
     !@purge_resources.empty?
   end

lib/puppet/type/firewalld_direct_rule.rb

@@ -44,4 +44,8 @@
   newparam(:args) do
     desc '<args> can be all iptables, ip6tables and ebtables command line arguments'
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_ipset.rb

@@ -93,4 +93,8 @@ def change_to_s(current, desire)
       raise(Puppet::Error, "Ipset should not declare entries if it doesn't manage entries")
     end
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_port.rb

@@ -47,4 +47,8 @@
   autorequire(:firewalld_zone) do
     self[:zone]
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_rich_rule.rb

@@ -127,4 +127,8 @@ def elements
   autorequire(:ipset) do
     self[:source]['ipset'] if self[:source].is_a?(Hash)
   end
+
+  autorequire(:service) do
+    ['firewalld']
+  end
 end

lib/puppet/type/firewalld_service.rb

@@ -45,8 +45,9 @@
   end
 
   autorequire(:service) do
-    catalog.resources.select do |res|
-      res.title == "Firewalld::Custom_service[#{self[:service]}]"
-    end
+    ['firewalld'] +
+      catalog.resources.select do |res|
+        res.title == "Firewalld::Custom_service[#{self[:service]}]"
+      end
   end
 end

lib/puppet/type/firewalld_zone.rb

@@ -52,6 +52,14 @@ def generate
     desc 'Name of the zone'
   end
 
+  newparam(:description) do
+    desc 'Description of the zone to add'
+  end
+
+  newparam(:short) do
+    desc 'Short description of the zone to add'
+  end
+
   newproperty(:target) do
     desc 'Specify the target for the zone'
   end
@@ -151,6 +159,10 @@ def retrieve
     end
   end
 
+  autorequire(:service) do
+    ['firewalld']
+  end
+
   def purge_resource(res_type)
     if Puppet.settings[:noop] || self[:noop]
       Puppet.debug "Would have purged #{res_type.ref}, (noop)"
@@ -233,12 +245,4 @@ def purge_ports
       @ports_purgable = true
     end
   end
-
-  newparam(:description) do
-    desc 'Description of the zone to add'
-  end
-
-  newparam(:short) do
-    desc 'Short description of the zone to add'
-  end
 end

spec/unit/puppet/type/firewalld_direct_chain_spec.rb

@@ -48,4 +48,21 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: 'ipv4:filter:LOG_DROPS')
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_direct_passthrough_spec.rb

@@ -51,4 +51,21 @@
       provider.destroy
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: '-A OUTPUT -j OUTPUT_filter')
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_direct_rule_spec.rb

@@ -78,4 +78,32 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    let(:attrs) do
+      {
+        title: 'Allow SSH',
+        ensure: 'present',
+        table: 'filter',
+        chain: 'OUTPUT',
+        priority: 1,
+        args: '-p tcp ---dport=22 -j ACCEPT'
+      }
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(attrs)
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_ipset_spec.rb

@@ -155,4 +155,21 @@
       end.to raise_error(%r{Ipset should not declare entries if it doesn't manage entries})
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: 'test', hashsize: 128)
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_port_spec.rb

@@ -20,4 +20,21 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: 'test', port: 1234)
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_rich_rule_spec.rb

@@ -204,4 +204,33 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    let(:attrs) do
+      {
+        title: 'SSH from barny',
+        ensure: 'present',
+        zone: 'restricted',
+        source: '192.168.1.2/32',
+        dest: '192.168.99.2/32',
+        service: 'ssh',
+        action: 'accept'
+      }
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(attrs)
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_service_spec.rb

@@ -20,4 +20,21 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: 'test', service: 'test')
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end

spec/unit/puppet/type/firewalld_zone_spec.rb

@@ -161,4 +161,21 @@
       end
     end
   end
+
+  context 'autorequires' do
+    # rubocop:disable RSpec/InstanceVariable
+    before do
+      @firewalld_service = Puppet::Type.type(:service).new(name: 'firewalld')
+      @catalog = Puppet::Resource::Catalog.new
+      @catalog.add_resource(@firewalld_service)
+    end
+
+    it 'autorequires the firewalld service' do
+      @resource = described_class.new(name: 'test')
+      @catalog.add_resource(@resource)
+
+      expect(@resource.autorequire.map { |rp| rp.source.to_s }).to include('Service[firewalld]')
+    end
+    # rubocop:enable RSpec/InstanceVariable
+  end
 end