archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #431 from resmo/fix/cs_securitygroup_rule

Browse Source 
cloudstack: fix cs_securitygroup_rule result output not always worked as expected
reviewable/pr18780/r1
Brian Coca 10 years ago
parent d20d89948d 4c24c1cbfd
commit aa86c5ff90
1 changed files with 37 additions and 38 deletions
Show Stats Download Patch File Download Diff File

73
cloud/cloudstack/cs_securitygroup_rule.py
Unescape Escape View File

@ -229,18 +229,21 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
and cidr == rule['cidr'] and cidr == rule['cidr']
def get_end_port(self):
if self.module.params.get('end_port'):
return self.module.params.get('end_port')
return self.module.params.get('start_port')
def _get_rule(self, rules): def _get_rule(self, rules):
user_security_group_name = self.module.params.get('user_security_group') user_security_group_name = self.module.params.get('user_security_group')
cidr = self.module.params.get('cidr') cidr = self.module.params.get('cidr')
protocol = self.module.params.get('protocol') protocol = self.module.params.get('protocol')
start_port = self.module.params.get('start_port') start_port = self.module.params.get('start_port')
end_port = self.module.params.get('end_port') end_port = self.get_end_port()
icmp_code = self.module.params.get('icmp_code') icmp_code = self.module.params.get('icmp_code')
icmp_type = self.module.params.get('icmp_type') icmp_type = self.module.params.get('icmp_type')
if not end_port:
end_port = start_port
if protocol in ['tcp', 'udp'] and not (start_port and end_port): if protocol in ['tcp', 'udp'] and not (start_port and end_port):
self.module.fail_json(msg="no start_port or end_port set for protocol '%s'" % protocol) self.module.fail_json(msg="no start_port or end_port set for protocol '%s'" % protocol)
@ -295,26 +298,23 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
args['protocol'] = self.module.params.get('protocol') args['protocol'] = self.module.params.get('protocol')
args['startport'] = self.module.params.get('start_port') args['startport'] = self.module.params.get('start_port')
args['endport'] = self.module.params.get('end_port') args['endport'] = self.get_end_port()
args['icmptype'] = self.module.params.get('icmp_type') args['icmptype'] = self.module.params.get('icmp_type')
args['icmpcode'] = self.module.params.get('icmp_code') args['icmpcode'] = self.module.params.get('icmp_code')
args['projectid'] = self.get_project_id() args['projectid'] = self.get_project_id()
args['securitygroupid'] = security_group['id'] args['securitygroupid'] = security_group['id']
if not args['endport']:
args['endport'] = args['startport']
rule = None rule = None
res = None res = None
type = self.module.params.get('type') sg_type = self.module.params.get('type')
if type == 'ingress': if sg_type == 'ingress':
rule = self._get_rule(security_group['ingressrule']) rule = self._get_rule(security_group['ingressrule'])
if not rule: if not rule:
self.result['changed'] = True self.result['changed'] = True
if not self.module.check_mode: if not self.module.check_mode:
res = self.cs.authorizeSecurityGroupIngress(**args) res = self.cs.authorizeSecurityGroupIngress(**args)
elif type == 'egress': elif sg_type == 'egress':
rule = self._get_rule(security_group['egressrule']) rule = self._get_rule(security_group['egressrule'])
if not rule: if not rule:
self.result['changed'] = True self.result['changed'] = True
@ -327,22 +327,25 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
poll_async = self.module.params.get('poll_async') poll_async = self.module.params.get('poll_async')
if res and poll_async: if res and poll_async:
security_group = self._poll_job(res, 'securitygroup') security_group = self._poll_job(res, 'securitygroup')
return security_group key = sg_type + "rule" # ingressrule / egressrule
if key in security_group:
rule = security_group[key][0]
return rule
def remove_rule(self): def remove_rule(self):
security_group = self.get_security_group() security_group = self.get_security_group()
rule = None rule = None
res = None res = None
type = self.module.params.get('type') sg_type = self.module.params.get('type')
if type == 'ingress': if sg_type == 'ingress':
rule = self._get_rule(security_group['ingressrule']) rule = self._get_rule(security_group['ingressrule'])
if rule: if rule:
self.result['changed'] = True self.result['changed'] = True
if not self.module.check_mode: if not self.module.check_mode:
res = self.cs.revokeSecurityGroupIngress(id=rule['ruleid']) res = self.cs.revokeSecurityGroupIngress(id=rule['ruleid'])
elif type == 'egress': elif sg_type == 'egress':
rule = self._get_rule(security_group['egressrule']) rule = self._get_rule(security_group['egressrule'])
if rule: if rule:
self.result['changed'] = True self.result['changed'] = True
@ -355,34 +358,30 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
poll_async = self.module.params.get('poll_async') poll_async = self.module.params.get('poll_async')
if res and poll_async: if res and poll_async:
res = self._poll_job(res, 'securitygroup') res = self._poll_job(res, 'securitygroup')
return security_group return rule
def get_result(self, security_group_rule): def get_result(self, security_group_rule):
type = self.module.params.get('type')
key = 'ingressrule'
if type == 'egress':
key = 'egressrule'
self.result['type'] = type self.result['type'] = self.module.params.get('type')
self.result['security_group'] = self.module.params.get('security_group') self.result['security_group'] = self.module.params.get('security_group')
if key in security_group_rule and security_group_rule[key]: if security_group_rule:
if 'securitygroupname' in security_group_rule[key][0]: rule = security_group_rule
self.result['user_security_group'] = security_group_rule[key][0]['securitygroupname'] if 'securitygroupname' in rule:
if 'cidr' in security_group_rule[key][0]: self.result['user_security_group'] = rule['securitygroupname']
self.result['cidr'] = security_group_rule[key][0]['cidr'] if 'cidr' in rule:
if 'protocol' in security_group_rule[key][0]: self.result['cidr'] = rule['cidr']
self.result['protocol'] = security_group_rule[key][0]['protocol'] if 'protocol' in rule:
if 'startport' in security_group_rule[key][0]: self.result['protocol'] = rule['protocol']
self.result['start_port'] = security_group_rule[key][0]['startport'] if 'startport' in rule:
if 'endport' in security_group_rule[key][0]: self.result['start_port'] = rule['startport']
self.result['end_port'] = security_group_rule[key][0]['endport'] if 'endport' in rule:
if 'icmpcode' in security_group_rule[key][0]: self.result['end_port'] = rule['endport']
self.result['icmp_code'] = security_group_rule[key][0]['icmpcode'] if 'icmpcode' in rule:
if 'icmptype' in security_group_rule[key][0]: self.result['icmp_code'] = rule['icmpcode']
self.result['icmp_type'] = security_group_rule[key][0]['icmptype'] if 'icmptype' in rule:
self.result['icmp_type'] = rule['icmptype']
return self.result return self.result

Write Preview
Loading…
Cancel
Save