OSSForks/ansible
1
0
Fork 0
mirror of https://github.com/zebrajr/ansible.git synced 2026-01-15 12:15:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ansible-test: disable xt_comment testcase for iptables (#86365)

Browse Source 
Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde
2025-12-23 17:13:56 -08:00
committed by GitHub
parent 85d20838ce
commit 5e10a9160c
3 changed files with 36 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/integration/targets/iptables/tasks/chain_management.yml
View File

@@ -52,7 +52,8 @@
source: 0.0.0.0 source: 0.0.0.0
destination: 0.0.0.0 destination: 0.0.0.0
jump: DROP jump: DROP
comment: "FOOBAR-CHAIN RULE" # FIXME: Enable when xt_comment is working on RHEL 10
#comment: "FOOBAR-CHAIN RULE"
- name: get the state of the iptable rules after rule is added to foobar chain - name: get the state of the iptable rules after rule is added to foobar chain
become: true become: true
@@ -63,7 +64,8 @@
assert: assert:
that: that:
- result is not failed - result is not failed
- '"FOOBAR-CHAIN RULE" in result.stdout' # FIXME: Enable when xt_comment is working on RHEL 10
# - '"FOOBAR-CHAIN RULE" in result.stdout'
- name: flush the foobar chain - name: flush the foobar chain
become: true become: true

27
test/integration/targets/iptables/tasks/main.yml
View File

@@ -35,29 +35,6 @@
# prevent attempts to upgrade the kernel and install kernel modules for a non-running kernel version # prevent attempts to upgrade the kernel and install kernel modules for a non-running kernel version
exclude: "{{ 'kernel-core' if ansible_distribution == 'RedHat' else omit }}" exclude: "{{ 'kernel-core' if ansible_distribution == 'RedHat' else omit }}"
- name: install xt_comment for iptables `-m comment` tests on RHEL 10 # FIXME: Disabling this test for now as it is not working on RHEL 10
dnf: # - import_tasks: xt_comment.yml
name:
- kernel-modules-extra-{{ ansible_facts.kernel }}
state: present
exclude:
# prevent attempts to upgrade the kernel and install kernel modules for a non-running kernel version
- kernel-core
when: ansible_distribution == 'RedHat'
- name: Use iptables with unnecessary extension match
iptables:
chain: INPUT
source: 8.8.8.8
jump: DROP
match: comment
comment: Here to include an extension
register: unnecessary_extension
- name: Assert success
assert:
that:
- unnecessary_extension is success
- unnecessary_extension.rule.count('-m comment') == 1
- import_tasks: chain_management.yml - import_tasks: chain_management.yml

30
test/integration/targets/iptables/tasks/xt_comment.yml Normal file
View File

@@ -0,0 +1,30 @@
---
# test code for the iptables module
# Copyright: (c) Contributors to the Ansible project
# Copyright: (c) 2021, Éloi Rivard <eloi@yaal.coop>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: install xt_comment for iptables `-m comment` tests on RHEL 10
dnf:
name:
- kernel-modules-extra-{{ ansible_facts.kernel }}
state: present
exclude:
# prevent attempts to upgrade the kernel and install kernel modules for a non-running kernel version
- kernel-core
when: ansible_distribution == 'RedHat'
- name: Use iptables with unnecessary extension match
iptables:
chain: INPUT
source: 8.8.8.8
jump: DROP
match: comment
comment: Here to include an extension
register: unnecessary_extension
- name: Assert success
assert:
that:
- unnecessary_extension is success
- unnecessary_extension.rule.count('-m comment') == 1