add icinga2 rule for outgoing traffic #583
Triggered via pull request
September 15, 2024 19:28
Status
Failure
Total duration
9m 58s
Artifacts
–
ci.yml
on: pull_request
Puppet
/
Static validations
30s
Matrix: Puppet / acceptance
Matrix: Puppet / unit
Puppet
/
Test suite
1s
Annotations
33 errors and 22 warnings
Puppet / Puppet 8 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L7
nftables class configure all nftables rules works idempotently with no errors
Failure/Error: apply_manifest(pp, catch_failures: true)
Beaker::Host::CommandFailure:
Host 'ubuntu2004-64-puppet8.example.com' exited with 6 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_193000853.AE8nrE.pp
Last 10 lines of output were:
Warning: /Stage[main]/Nftables/Service[nftables]: Skipping because of failed dependencies
Info: /Stage[main]/Nftables/Service[nftables]: Unscheduling all events on Service[nftables]
Info: Class[Nftables]: Unscheduling all events on Class[Nftables]
Info: Nftables::Chain[PRE]: Unscheduling all events on Nftables::Chain[PRE]
Info: Nftables::Chain[default_in]: Unscheduling all events on Nftables::Chain[default_in]
Info: Nftables::Chain[default_out]: Unscheduling all events on Nftables::Chain[default_out]
Info: Nftables::Chain[default_fwd]: Unscheduling all events on Nftables::Chain[default_fwd]
Info: Stage[main]: Unscheduling all events on Stage[main]
Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml
�[mNotice: Applied catalog in 5.20 seconds
|
Puppet / Puppet 8 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L146
nftables class configure all nftables rules Service "nftables" is expected to be running
Failure/Error: it { is_expected.to be_running }
expected Service "nftables" to be running
|
Puppet / Puppet 8 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L147
nftables class configure all nftables rules Service "nftables" is expected to be enabled
Failure/Error: it { is_expected.to be_enabled }
expected Service "nftables" to be enabled
|
Puppet / Puppet 8 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L151
nftables class configure all nftables rules File "/etc/nftables/puppet.nft" is expected to be file
Failure/Error: it { is_expected.to be_file }
expected `File "/etc/nftables/puppet.nft".file?` to be truthy, got false
|
Puppet / Puppet 8 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L155
nftables class configure all nftables rules File "/etc/nftables/puppet" is expected to be directory
Failure/Error: it { is_expected.to be_directory }
expected `File "/etc/nftables/puppet".directory?` to be truthy, got false
|
Puppet / Puppet 8 - Ubuntu 20.04
Process completed with exit code 1.
|
Puppet / Puppet 7 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L7
nftables class configure all nftables rules works idempotently with no errors
Failure/Error: apply_manifest(pp, catch_failures: true)
Beaker::Host::CommandFailure:
Host 'ubuntu2004-64-puppet7.example.com' exited with 6 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_193009438.QgsnV5.pp
Last 10 lines of output were:
Warning: /Stage[main]/Nftables/Service[nftables]: Skipping because of failed dependencies
Info: /Stage[main]/Nftables/Service[nftables]: Unscheduling all events on Service[nftables]
Info: Class[Nftables]: Unscheduling all events on Class[Nftables]
Info: Nftables::Chain[PRE]: Unscheduling all events on Nftables::Chain[PRE]
Info: Nftables::Chain[default_in]: Unscheduling all events on Nftables::Chain[default_in]
Info: Nftables::Chain[default_out]: Unscheduling all events on Nftables::Chain[default_out]
Info: Nftables::Chain[default_fwd]: Unscheduling all events on Nftables::Chain[default_fwd]
Info: Stage[main]: Unscheduling all events on Stage[main]
Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml
�[mNotice: Applied catalog in 5.53 seconds
|
Puppet / Puppet 7 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L146
nftables class configure all nftables rules Service "nftables" is expected to be running
Failure/Error: it { is_expected.to be_running }
expected Service "nftables" to be running
|
Puppet / Puppet 7 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L147
nftables class configure all nftables rules Service "nftables" is expected to be enabled
Failure/Error: it { is_expected.to be_enabled }
expected Service "nftables" to be enabled
|
Puppet / Puppet 7 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L151
nftables class configure all nftables rules File "/etc/nftables/puppet.nft" is expected to be file
Failure/Error: it { is_expected.to be_file }
expected `File "/etc/nftables/puppet.nft".file?` to be truthy, got false
|
Puppet / Puppet 7 - Ubuntu 20.04:
spec/acceptance/all_rules_spec.rb#L155
nftables class configure all nftables rules File "/etc/nftables/puppet" is expected to be directory
Failure/Error: it { is_expected.to be_directory }
expected `File "/etc/nftables/puppet".directory?` to be truthy, got false
|
Puppet / Puppet 7 - Ubuntu 20.04
Process completed with exit code 1.
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on almalinux-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on almalinux-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on centos-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on oraclelinux-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on oraclelinux-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on redhat-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on redhat-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on rocky-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on rocky-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 8 (Ruby 3.2):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on archlinux-6-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on almalinux-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on almalinux-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on centos-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on oraclelinux-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on oraclelinux-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on redhat-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on redhat-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on rocky-8-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on rocky-9-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / 7 (Ruby 2.7):
spec/classes/rules/out/icinga2_spec.rb#L12
nftables::rules::out::icinga2 on archlinux-6-x86_64 default options is expected to contain Nftables::Rule[default_out-icinga2] with content supplied string
Failure/Error: it { is_expected.to contain_nftables__rule('default_out-icinga2').with_content('tcp dport 5665 accept') }
expected that the catalogue would contain Nftables::Rule[default_out-icinga2] with content set to supplied string
|
Puppet / Test suite
Process completed with exit code 1.
|
Puppet / Puppet 8 - Debian 11:
spec/acceptance/set_spec.rb#L7
nftables class configure an nftables set works idempotently with no errors
Failure/Error: apply_manifest(pp, catch_failures: true)
Beaker::Host::CommandFailure:
Host 'debian11-64-puppet8.example.com' exited with 6 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_193047782.2aXSIy.pp
Last 10 lines of output were:
Sep 15 19:30:40 debian11-64-puppet8.example.com systemd[1]: Reloaded nftables.
Sep 15 19:30:43 debian11-64-puppet8.example.com systemd[1]: Reloading nftables.
Sep 15 19:30:43 debian11-64-puppet8.example.com systemd[1]: Reloaded nftables.
Sep 15 19:30:50 debian11-64-puppet8.example.com systemd[1]: Reloading nftables.
Sep 15 19:30:51 debian11-64-puppet8.example.com systemd[1]: nftables.service: Control process exited, code=dumped, status=11/SEGV
Sep 15 19:30:51 debian11-64-puppet8.example.com systemd[1]: Reload failed for nftables.
Info: Class[Nftables]: Unscheduling all events on Class[Nftables]
Info: Stage[main]: Unscheduling all events on Stage[main]
�[mNotice: Applied catalog in 1.04 seconds
|
Puppet / Puppet 7 - Debian 11:
spec/acceptance/set_spec.rb#L7
nftables class configure an nftables set works idempotently with no errors
Failure/Error: apply_manifest(pp, catch_failures: true)
Beaker::Host::CommandFailure:
Host 'debian11-64-puppet7.example.com' exited with 6 running:
puppet apply --verbose --detailed-exitcodes /tmp/apply_manifest_193050244.RUM4mq.pp
Last 10 lines of output were:
Sep 15 19:30:41 debian11-64-puppet7.example.com systemd[1]: Reloaded nftables.
Sep 15 19:30:45 debian11-64-puppet7.example.com systemd[1]: Reloading nftables.
Sep 15 19:30:45 debian11-64-puppet7.example.com systemd[1]: Reloaded nftables.
Sep 15 19:30:53 debian11-64-puppet7.example.com systemd[1]: Reloading nftables.
Sep 15 19:30:53 debian11-64-puppet7.example.com systemd[1]: nftables.service: Control process exited, code=dumped, status=11/SEGV
Sep 15 19:30:53 debian11-64-puppet7.example.com systemd[1]: Reload failed for nftables.
Info: Class[Nftables]: Unscheduling all events on Class[Nftables]
Info: Stage[main]: Unscheduling all events on Stage[main]
�[mNotice: Applied catalog in 1.18 seconds
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on almalinux-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on almalinux-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on centos-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on oraclelinux-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on oraclelinux-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on redhat-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on redhat-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on rocky-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on rocky-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 8 (Ruby 3.2):
spec/defines/rule_spec.rb#L29
nftables::rule on archlinux-6-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on almalinux-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on almalinux-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on centos-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on oraclelinux-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on oraclelinux-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on redhat-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on redhat-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on rocky-8-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on rocky-9-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|
Puppet / 7 (Ruby 2.7):
spec/defines/rule_spec.rb#L29
nftables::rule on archlinux-6-x86_64 with title set to <CHAIN_NAME>-<RULE> with source and content both set is expected not to compile into a catalogue without dependency cycles
Failure/Error: expect(subject).not_to compile
expected that the catalogue would not compile but it does
|