Skip to content

Commit

Permalink
Merge pull request #742 from mlibrary/export_firewall8_resources
Browse files Browse the repository at this point in the history
use firewall v8 semantics for exported resources
  • Loading branch information
rrotter authored Nov 6, 2024
2 parents 8a56da5 + aee89ce commit 28d6069
Show file tree
Hide file tree
Showing 7 changed files with 14 additions and 12 deletions.
4 changes: 2 additions & 2 deletions manifests/profile/haproxy.pp
Original file line number Diff line number Diff line change
Expand Up @@ -135,8 +135,8 @@
dport => [80, 443],
source => $::ipaddress,
state => 'NEW',
action => 'accept',
tag => 'haproxy'
jump => 'accept',
tag => "${::datacenter}_haproxy"
}

@@firewall { "200 HTTP firewall6: HAProxy ${::hostname}":
Expand Down
10 changes: 6 additions & 4 deletions manifests/profile/prometheus.pp
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@
proto => 'tcp',
source => $address,
state => 'NEW',
action => 'accept',
jump => 'accept',
;

"010 prometheus public node exporter ${::hostname} ${address}":
Expand All @@ -247,11 +247,13 @@
"010 prometheus public node exporter firewall6 ${::hostname} ${address}":
tag => "firewall6-${::datacenter}_prometheus_public_node_exporter",
dport => 9100,
action => 'accept',
;

"010 prometheus public ipmi exporter firewall6 ${::hostname} ${address}":
tag => "firewall6-${::datacenter}_prometheus_public_ipmi_exporter",
dport => 9290,
action => 'accept',
;
}
}
Expand All @@ -262,7 +264,7 @@
proto => 'tcp',
source => $address,
state => 'NEW',
action => 'accept',
jump => 'accept',
;

"010 prometheus private node exporter ${::hostname} ${address}":
Expand Down Expand Up @@ -302,7 +304,7 @@
dport => 9101,
source => $::ipaddress,
state => 'NEW',
action => 'accept',
jump => 'accept',
}

@@firewall { "010 prometheus firewall6 haproxy exporter ${::hostname}":
Expand All @@ -320,7 +322,7 @@
dport => 9104,
source => $::ipaddress,
state => 'NEW',
action => 'accept',
jump => 'accept',
}

@@firewall { "010 prometheus firewall6 mysql exporter ${::hostname}":
Expand Down
2 changes: 1 addition & 1 deletion manifests/profile/prometheus/exporter/node.pp
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@
dport => 9091,
source => $address,
state => 'NEW',
action => 'accept',
jump => 'accept',
}

@@firewall { "300 pushgateway firewall6 ${::hostname} ${address}":
Expand Down
2 changes: 1 addition & 1 deletion manifests/unison/client.pp
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
dport => [$port],
source => $::ipaddress,
state => 'NEW',
action => 'accept',
jump => 'accept',
tag => "unison-client-${title}"
}

Expand Down
2 changes: 1 addition & 1 deletion spec/classes/profile/haproxy_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -306,7 +306,7 @@
it 'exports a firewall resource tagged haproxy' do
expect(exported_resources).to contain_firewall('200 HTTP: HAProxy thisnode').with(
source: my_ip,
tag: 'haproxy',
tag: 'somedc_haproxy',
)
end

Expand Down
2 changes: 1 addition & 1 deletion spec/classes/profile/prometheus/exporter/node_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@
.with_dport(9091)
.with_source(facts[:ipaddress])
.with_state('NEW')
.with_action('accept')
.with_jump('accept')
end

context 'with both public and private mlibrary_ip_addresses' do
Expand Down
4 changes: 2 additions & 2 deletions spec/classes/profile/prometheus_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,7 @@
.with_dport(port)
.with_source(facts[:ipaddress])
.with_state('NEW')
.with_action('accept')
.with_jump('accept')
end
end

Expand Down Expand Up @@ -346,7 +346,7 @@
.with_dport(port)
.with_source(ip_address)
.with_state('NEW')
.with_action('accept')
.with_jump('accept')
end
end
end
Expand Down

0 comments on commit 28d6069

Please sign in to comment.