migrate firewalld to ansible.posix (#623)

* migrate firewalld to ansible.posix Signed-off-by: Adam Miller <admiller@redhat.com> * fix removal_version for runtime.yml Signed-off-by: Adam Miller <admiller@redhat.com> * add changelog fragment Signed-off-by: Adam Miller <admiller@redhat.com> * Update meta/runtime.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update changelogs/fragments/firewalld_migration.yml Co-authored-by: Felix Fontein <felix@fontein.de> * add module_util routing entry Signed-off-by: Adam Miller <admiller@redhat.com> * Update meta/runtime.yml Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
2025-07-28 07:31:23 -07:00 · 2020-07-16 15:21:22 -05:00 · 2020-07-16 15:21:22 -05:00 · 64c4548b7f
commit 64c4548b7f
parent a0c8a3034a
14 changed files with 13 additions and 1646 deletions
--- a/tests/integration/targets/firewalld/aliases
+++ b/tests/integration/targets/firewalld/aliases
@ -1,6 +0,0 @@
-destructive
-shippable/posix/group3
-skip/docker
-skip/aix
-skip/freebsd
-skip/osx
--- a/tests/integration/targets/firewalld/meta/main.yml
+++ b/tests/integration/targets/firewalld/meta/main.yml
@ -1,2 +0,0 @@
-dependencies:
-  - setup_pkg_mgr
--- a/tests/integration/targets/firewalld/tasks/main.yml
+++ b/tests/integration/targets/firewalld/tasks/main.yml
@ -1,56 +0,0 @@
-# Test playbook for the firewalld module
-# (c) 2017, Adam Miller <admiller@redhat.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: Run firewalld tests
-  block:
-    - name: Ensure firewalld is installed
-      package:
-        name: firewalld
-        state: present
-      # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6
-
-    - name: Check to make sure the firewalld python module is available.
-      shell: "{{ansible_python.executable}} -c 'import firewall'"
-      register: check_output
-      ignore_errors: true
-
-    - name: Test Online Operations
-      block:
-        - name: start firewalld
-          service:
-            name: firewalld
-            state: started
-
-        - import_tasks: run_all_tests.yml
-      when: check_output.rc == 0
-
-    - name: Test Offline Operations
-      block:
-        - name: stop firewalld
-          service:
-            name: firewalld
-            state: stopped
-
-        - import_tasks: run_all_tests.yml
-      when: check_output.rc == 0
-
-  when:
-  - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=')
-  - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '=='))
-  # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros
-  - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3)
--- a/tests/integration/targets/firewalld/tasks/port_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/port_test_cases.yml
@ -1,65 +0,0 @@
-# Test playbook for the firewalld module - port operations
-# (c) 2017, Adam Miller <admiller@redhat.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: firewalld port test permanent enabled
-  firewalld:
-    port: 8081/tcp
-    permanent: true
-    state: enabled
-  register: result
-
- name: assert firewalld port test permanent enabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld port test permanent enabled rerun (verify not changed)
-  firewalld:
-    port: 8081/tcp
-    permanent: true
-    state: enabled
-  register: result
-
- name: assert firewalld port test permanent enabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
-
- name: firewalld port test permanent disabled
-  firewalld:
-    port: 8081/tcp
-    permanent: true
-    state: disabled
-  register: result
-
- name: assert firewalld port test permanent disabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld port test permanent disabled rerun (verify not changed)
-  firewalld:
-    port: 8081/tcp
-    permanent: true
-    state: disabled
-  register: result
-
- name: assert firewalld port test permanent disabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
--- a/tests/integration/targets/firewalld/tasks/run_all_tests.yml
+++ b/tests/integration/targets/firewalld/tasks/run_all_tests.yml
@ -1,38 +0,0 @@
-# Test playbook for the firewalld module
-# (c) 2017, Adam Miller <admiller@redhat.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: Ensure /run/firewalld exists
-  file:
-    path: /run/firewalld
-    state: directory
-
-# firewalld service operation test cases
- include_tasks: service_test_cases.yml
-  # Skipping on CentOS 8 due to https://github.com/ansible/ansible/issues/64750
-  when: not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('8', '=='))
-
-# firewalld port operation test cases
- include_tasks: port_test_cases.yml
-  # Skipping on CentOS 8 due to https://github.com/ansible/ansible/issues/64750
-  when: not (ansible_facts.distribution == "CentOS" and ansible_distribution_major_version is version('8', '=='))
-
-# firewalld source operation test cases
- import_tasks: source_test_cases.yml
-
-# firewalld zone target operation test cases
- import_tasks: zone_target_test_cases.yml
--- a/tests/integration/targets/firewalld/tasks/service_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/service_test_cases.yml
@ -1,65 +0,0 @@
-# Test playbook for the firewalld module - service operations
-# (c) 2017, Adam Miller <admiller@redhat.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: firewalld service test permanent enabled
-  firewalld:
-    service: https
-    permanent: true
-    state: enabled
-  register: result
-
- name: assert firewalld service test permanent enabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld service test permanent enabled rerun (verify not changed)
-  firewalld:
-    service: https
-    permanent: true
-    state: enabled
-  register: result
-
- name: assert firewalld service test permanent enabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
-
- name: firewalld service test permanent disabled
-  firewalld:
-    service: https
-    permanent: true
-    state: disabled
-  register: result
-
- name: assert firewalld service test permanent disabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld service test permanent disabled rerun (verify not changed)
-  firewalld:
-    service: https
-    permanent: true
-    state: disabled
-  register: result
-
- name: assert firewalld service test permanent disabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
--- a/tests/integration/targets/firewalld/tasks/source_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/source_test_cases.yml
@ -1,85 +0,0 @@
-# Test playbook for the firewalld module - source operations
-# (c) 2019, Hideki Saito <saito@fgrep.org>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: firewalld source test permanent enabled
-  firewalld:
-    source: 192.0.2.0/24
-    zone: internal
-    permanent: True
-    state: enabled
-  register: result
-
- name: assert firewalld source test permanent enabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld source test permanent enabled rerun (verify not changed)
-  firewalld:
-    source: 192.0.2.0/24
-    zone: internal
-    permanent: True
-    state: enabled
-  register: result
-
- name: assert firewalld source test permanent enabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
-
- name: firewalld source test permanent disabled
-  firewalld:
-    source: 192.0.2.0/24
-    zone: internal
-    permanent: True
-    state: disabled
-  register: result
-
- name: assert firewalld source test permanent disabled worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld source test permanent disabled rerun (verify not changed)
-  firewalld:
-    source: 192.0.2.0/24
-    zone: internal
-    permanent: True
-    state: disabled
-  register: result
-
- name: assert firewalld source test permanent disabled rerun worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
-
- name: firewalld source test permanent enabled is exclusive (verify exclusive error)
-  firewalld:
-    source: 192.0.2.0/24
-    port: 8081/tcp
-    zone: internal
-    permanent: True
-    state: enabled
-  register: result
-  ignore_errors: true
-
- name: assert firewalld source test permanent enabled is exclusive (verify exclusive error)
-  assert:
-    that:
-    - result is not changed
-    - "result.msg == 'can only operate on port, service, rich_rule, masquerade, icmp_block, icmp_block_inversion, interface or source at once'"
--- a/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml
+++ b/tests/integration/targets/firewalld/tasks/zone_target_test_cases.yml
@ -1,69 +0,0 @@
-# Test playbook for the firewalld module - source operations
-# (c) 2020, Adam Miller <admiller@redhat.com>
-
-# This file is part of Ansible
-#
-# Ansible is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Ansible is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
-
- name: firewalld dmz zone target DROP
-  firewalld:
-    zone: dmz
-    permanent: True
-    state: present
-    target: DROP
-  register: result
-
- name: assert firewalld dmz zone target DROP present worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld dmz zone target DROP rerun (verify not changed)
-  firewalld:
-    zone: dmz
-    permanent: True
-    state: present
-    target: DROP
-  register: result
-
- name: assert firewalld dmz zone target DROP present worked (verify not changed)
-  assert:
-    that:
-    - result is not changed
-
- name: firewalld dmz zone target DROP absent
-  firewalld:
-    zone: dmz
-    permanent: True
-    state: absent
-    target: DROP
-  register: result
-
- name: assert firewalld dmz zone target DROP absent worked
-  assert:
-    that:
-    - result is changed
-
- name: firewalld dmz zone target DROP rerun (verify not changed)
-  firewalld:
-    zone: dmz
-    permanent: True
-    state: absent
-    target: DROP
-  register: result
-
- name: assert firewalld dmz zone target DROP present worked (verify not changed)
-  assert:
-    that:
-    - result is not changed