On Wed, Sep 06, 2023 at 12:04:40PM +0200, Florian Westphal wrote: > Thomas Haller <thaller@xxxxxxxxxx> wrote: > > On Mon, 2023-09-04 at 10:53 +0200, Florian Westphal wrote: > > > Thomas Haller <thaller@xxxxxxxxxx> wrote: > > > > > > > > > > > > But why this "nft -f" specific detection? Why not just executable > > > > scripts? > > > > > > Because I want it to be simple, > > > > It does not seem "simple[r]" to me. The approach requires extra > > infrastructure in run-test.sh, while being less flexible. > > I can add bla.nft and use nft --check -f bla.nft. > > Or, I can add bla.sh, which does > > exec $NFT -f - <<EOF > table ... > EOF > > I see zero reason why we can't add scripts later on if there > are cases where flat-files don't work. Agreed, we need this flexibility. > At this point, its just more boilerplate to add a script wrapper > around the .nft file. > > > > I could do that, but I don't see the need for arbitrary scripts so > > > far. > > > > When building without JSON support, various tests fail, but should be > > skipped. > > > > Could we detect JSON support via .nft files? Would we drop then a JSON > > .nft file and change the check call to `nft --check -j`?). > > No, but the test that should be skipped can do > > $NFT -j list ruleset || exit 77 > > as first line of the script, no need to load any files, nft will fail > with error in case its not built with json support. This is fine to start with. > > Or maybe detection of JSON support needs to be a shell script (doing > > `ldd "$NFT_REAL" | greq libjansson`)? In that case, we would have > > features-as-shell-scripts very soon. > > Sure, I see no reason why to not have both. The flat files have the > '*nft' suffix for a reason... I think this feature approach you propose is good enough and it is rather incremental and small.
