From f271db92154e800765e6de0e0a848f774c37eda1 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Tue, 8 Dec 2020 18:29:02 +0100
Subject: [PATCH] switch naming to puppetserver

---
 manifests/rules/out/puppet.pp         | 10 +++----
 spec/classes/rules/out/puppet_spec.rb | 39 +++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 5 deletions(-)
 create mode 100644 spec/classes/rules/out/puppet_spec.rb

diff --git a/manifests/rules/out/puppet.pp b/manifests/rules/out/puppet.pp
index 1f761917..40278316 100644
--- a/manifests/rules/out/puppet.pp
+++ b/manifests/rules/out/puppet.pp
@@ -1,19 +1,19 @@
 # manage outgoing puppet
 class nftables::rules::out::puppet (
-  Variant[String,Array[String,1]] $puppetmaster,
+  Variant[Stdlib::IP::Address,Array[Stdlib::IP::Address,1]] $puppetserver,
   Integer $puppetserver_port = 8140,
 ) {
-  any2array($puppetmaster).each |$index,$pm| {
+  Array($puppetserver, true).each |$index,$ps| {
     nftables::rule {
       "default_out-puppet-${index}":
     }
-    if $pm =~ /:/ {
+    if $ps =~ Stdlib::IP::Address::V6 {
       Nftables::Rule["default_out-puppet-${index}"] {
-        content => "ip6 daddr ${pm} tcp dport ${puppetserver_port} accept",
+        content => "ip6 daddr ${ps} tcp dport ${puppetserver_port} accept",
       }
     } else {
       Nftables::Rule["default_out-puppet-${index}"] {
-        content => "ip daddr ${pm} tcp dport ${puppetserver_port} accept",
+        content => "ip daddr ${ps} tcp dport ${puppetserver_port} accept",
       }
     }
   }
diff --git a/spec/classes/rules/out/puppet_spec.rb b/spec/classes/rules/out/puppet_spec.rb
new file mode 100644
index 00000000..77f91422
--- /dev/null
+++ b/spec/classes/rules/out/puppet_spec.rb
@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe 'nftables::rules::out::puppet' do
+  on_supported_os.each do |os, os_facts|
+    context "on #{os}" do
+      let(:facts) { os_facts }
+      let(:params) do
+        {puppetserver: '1.2.3.4'}
+      end
+
+      context 'default options' do
+        it { is_expected.to compile }
+        it { is_expected.to contain_nftables__rule('default_out-puppet-0').with_content('ip daddr 1.2.3.4 tcp dport 8140 accept') }
+      end
+      context 'with different port' do
+        let(:params) do
+          super().merge({ puppetserver_port: 8141 })
+        end
+        it { is_expected.to compile }
+        it { is_expected.to contain_nftables__rule('default_out-puppet-0').with_content('ip daddr 1.2.3.4 tcp dport 8141 accept') }
+      end
+      context 'with ipv6 address' do
+        let(:params) do
+          { puppetserver: 'fe80::1' }
+        end
+        it { is_expected.to compile }
+        it { is_expected.to contain_nftables__rule('default_out-puppet-0').with_content('ip6 daddr fe80::1 tcp dport 8140 accept') }
+      end
+      context 'with ipv6 & ipv4 address' do
+        let(:params) do
+          { puppetserver: ['fe80::1','1.2.3.4'] }
+        end
+        it { is_expected.to compile }
+        it { is_expected.to contain_nftables__rule('default_out-puppet-0').with_content('ip6 daddr fe80::1 tcp dport 8140 accept') }
+        it { is_expected.to contain_nftables__rule('default_out-puppet-1').with_content('ip daddr 1.2.3.4 tcp dport 8140 accept') }
+      end
+    end
+  end
+end