diff --git a/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/actor.py b/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/actor.py new file mode 100644 index 0000000000..dcfd4ee071 --- /dev/null +++ b/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/actor.py @@ -0,0 +1,37 @@ +from leapp.actors import Actor +from leapp.models import FirewalldDirectConfig, FirewalldGlobalConfig, FirewallsFacts, RpmTransactionTasks +from leapp.tags import ChecksPhaseTag, IPUWorkflowTag + + +class FirewalldIptablesModules(Actor): + """ + This actor cause kernel-modules-extra to be installed if firewalld is using + iptables. + """ + + name = 'firewalld_iptables_modules' + consumes = (FirewallsFacts, FirewalldGlobalConfig, FirewalldDirectConfig) + produces = (RpmTransactionTasks,) + tags = (ChecksPhaseTag, IPUWorkflowTag) + + def process(self): + # If firewalld is not enabled then don't bother the user about its + # configuration. + for facts in self.consume(FirewallsFacts): + if not facts.firewalld.enabled: + return + + flag = False + + for config in self.consume(FirewalldGlobalConfig): + if config.firewallbackend == "iptables": + flag = True + break + + for config in self.consume(FirewalldDirectConfig): + if config.has_permanent_configuration: + flag = True + break + + if flag: + self.produce(RpmTransactionTasks(to_install=['kernel-modules-extra'])) diff --git a/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/tests/unit_tests.py b/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/tests/unit_tests.py new file mode 100644 index 0000000000..2ec2447a83 --- /dev/null +++ b/repos/system_upgrade/el9toel10/actors/firewalldiptablesmodules/tests/unit_tests.py @@ -0,0 +1,49 @@ +from leapp.models import ( + FirewalldDirectConfig, + FirewalldGlobalConfig, + FirewallsFacts, + FirewallStatus, + RpmTransactionTasks +) + + +def test_produce(current_actor_context): + status = FirewallStatus(enabled=True, active=True) + current_actor_context.feed(FirewallsFacts(firewalld=status, + iptables=status, + ip6tables=status)) + current_actor_context.feed(FirewalldGlobalConfig(firewallbackend='iptables')) + current_actor_context.run() + assert current_actor_context.consume(RpmTransactionTasks)[0].to_install[0] == 'kernel-modules-extra' + + +def test_produce_02(current_actor_context): + status = FirewallStatus(enabled=True, active=True) + current_actor_context.feed(FirewallsFacts(firewalld=status, + iptables=status, + ip6tables=status)) + current_actor_context.feed(FirewalldDirectConfig(has_permanent_configuration=True)) + current_actor_context.run() + assert current_actor_context.consume(RpmTransactionTasks)[0].to_install[0] == 'kernel-modules-extra' + + +def test_no_produce_negative(current_actor_context): + current_actor_context.feed(FirewalldGlobalConfig()) + current_actor_context.run() + assert not current_actor_context.consume(RpmTransactionTasks) + + +def test_no_produce_negative_02(current_actor_context): + status = FirewallStatus(enabled=False, active=True) + current_actor_context.feed(FirewallsFacts(firewalld=status, + iptables=status, + ip6tables=status)) + current_actor_context.feed(FirewalldGlobalConfig(firewallbackend='iptables')) + current_actor_context.run() + assert not current_actor_context.consume(RpmTransactionTasks) + + +def test_no_produce_negative_03(current_actor_context): + current_actor_context.feed(FirewalldDirectConfig()) + current_actor_context.run() + assert not current_actor_context.consume(RpmTransactionTasks)