Skip to content

Commit

Permalink
Ensure catalog compiles when endpoint is missing
Browse files Browse the repository at this point in the history 
Usually we parse the src port for incoming packets / the dst port for outgoing packets from the $endpoint param
The param is optional, in case you want to create a passive endpoint for clients with dynamic ip addresses
In those cases we still need to create firewall rules, but without src port for incoming packets / the dst port
To make this all a bit easier, we also added a new parameter, $endpoint_port, which takes precedence over parsing $endpoint.

Previously the catalog compilation failed with:
```
Evaluation Error: Left match operand must result in a String value. Got an Undef Value.
```

Because of: `if $endpoint =~  /:(\d+)$/ {`

This test verifies that the current code is broken.
  • Loading branch information
@bastelfreak
bastelfreak committed Jan 1, 2024
1 parent d522e67 commit 81c15bd
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions spec/defines/interface_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -546,6 +546,33 @@
it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0') }
it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1') }
end

# Usually we parse the src port for incoming packets / the dst port for outgoing packets from the $endpoint param
# The param is optional, in case you want to create a passive endpoint for clients with dynamic ip addresses
# In those cases we still need to create firewall rules, but without src port for incoming packets / the dst port
# To make this all a bit easier, we also added a new parameter, $endpoint_port, which takes precedence over parsing $endpoint
context '' do
let :pre_condition do
'class {"systemd":
manage_networkd => true
}'
end
let :params do
{
public_key: 'blabla==',
manage_firewall: true,
destination_addresses: [],
addresses: [{ 'Address' => '192.0.2.1/24' }],
source_addresses: ['fe80::1', '127.0.0.1'],
}
end

it { is_expected.to compile.with_all_deps }

Check failure on line 570 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on gentoo-2-x86_64  is expected to compile into a catalogue without dependency cycles

Failure/Error: it { is_expected.to compile.with_all_deps }
  error during compilation: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 570 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on archlinux-rolling-x86_64  is expected to compile into a catalogue without dependency cycles

Failure/Error: it { is_expected.to compile.with_all_deps }
  error during compilation: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 570 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on debian-11-x86_64  is expected to compile into a catalogue without dependency cycles

Failure/Error: it { is_expected.to compile.with_all_deps }
  error during compilation: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net

Check failure on line 570 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on archlinux-rolling-x86_64  is expected to compile into a catalogue without dependency cycles

Failure/Error: it { is_expected.to compile.with_all_deps }
  error during compilation: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net
it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-0').without_sport.with_dport(1234) }

Check failure on line 571 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on gentoo-2-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-0] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-0').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 571 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-0] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-0').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 571 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on debian-11-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-0] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-0').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net

Check failure on line 571 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-0] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-0').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net
it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-1').without_sport.with_dport(1234) }

Check failure on line 572 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on gentoo-2-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-1] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-1').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 572 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-1] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-1').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 572 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on debian-11-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-1] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-1').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net

Check failure on line 572 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_in_wg_as1234-1] with dport => 1234 and sport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_in_wg_as1234-1').without_sport.with_dport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net
it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0').without_dport.with_sport(1234) }

Check failure on line 573 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on gentoo-2-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-0] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 573 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-0] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 573 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on debian-11-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-0] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net

Check failure on line 573 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-0] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-0').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net
it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1').without_dport.with_sport(1234) }

Check failure on line 574 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on gentoo-2-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-1] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 574 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 8 (Ruby 3.2) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-1] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1210-752.u01o3k0fnecuzb3k2fx4wwelcf.cx.internal.cloudapp.net

Check failure on line 574 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on debian-11-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-1] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net

Check failure on line 574 in spec/defines/interface_spec.rb

View workflow job for this annotation

GitHub Actions / Puppet / 7 (Ruby 2.7) 

wireguard::interface on archlinux-rolling-x86_64  is expected to contain Nftables::Simplerule[allow_out_wg_as1234-1] with sport => 1234 and dport undefined

Failure/Error: it { is_expected.to contain_nftables__simplerule('allow_out_wg_as1234-1').without_dport.with_sport(1234) }

Puppet::PreformattedError:
  Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Left match operand must result in a String value. Got an Undef Value. (file: /home/runner/work/puppet-wireguard/puppet-wireguard/spec/fixtures/modules/wireguard/manifests/interface.pp, line: 128, column: 8) (line: 5) on node fv-az1118-740.jboa14ee0bjuvjv5ua334yvpdd.cx.internal.cloudapp.net
end
end
end
end

0 comments on commit 81c15bd

Please sign in to comment.