boma/roles/integration_test/molecule/default/verify.yml

19 lines
670 B
YAML
Raw Normal View History

---
# Package-install and cache-dir tasks are skipped (converge runs `firewall` tag only;
# KVM/libvirt packages cannot be fetched in the Docker container). This scenario
# verifies the nftables drop-in renders correctly.
- name: Verify
hosts: all
become: true
gather_facts: false
tasks:
- name: Read the libvirt bridge nftables drop-in
ansible.builtin.slurp:
src: /etc/nftables.d/10-libvirt-boma.nft
register: _dropin
- name: Assert drop-in contains virbr-boma accept rule
ansible.builtin.assert:
that:
- "'virbr-boma' in (_dropin.content | b64decode)"
- "'accept' in (_dropin.content | b64decode)"