carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-11 23:25:28 +01:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: carroarmato0:309051d47d6f0d2af75acd0ccf619bc6059582b9
Branches Tags
carroarmato0:main
carroarmato0:stable-2
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1
...
compare: carroarmato0:17f6d5f21630a8e05315241aafd2a2219d6c583d
Branches Tags
carroarmato0:stable-2
carroarmato0:main
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1

4 commits
309051d47d ... 17f6d5f216

Author SHA1 Message Date
flowerysong
17f6d5f216
Merge 0edaecdb8f into 2f699307c7 2023-11-16 05:00:41 +00:00
softwarefactory-project-zuul[bot]
2f699307c7
Merge pull request #508 from saito-hideki/pr/refactoring_ci_remote 
[CI] Refactoring CI tests for both remote and container tests

SUMMARY
Refactored CI tests:

Remove tests for Ansible Core 2.10 and 2.11 that already reached EOL.
Remote test target of ansible.posix will be the latest version of RHEL8,9 only.
The target OS of container tests has been modified, and a few OS have been removed
Add Ansible Core 2.16 and new devel branch to container and remote test target.
#506

For CI testing, other platforms can be added as needed.
ISSUE TYPE

CI tests Pull Request

COMPONENT NAME

ansible.posix

ADDITIONAL INFORMATION
None
 2023-11-16 04:34:53 +00:00
Hideki Saito
7dd5087e7b Refactoring remote and docker CI tests. 
* Removed tests for Ansible Core 2.10 and 2.11 fromn remote and container targets
* Modoifed remote and container test target OS
* Fixed #506

Signed-off-by: Hideki Saito <saito@fgrep.org>
 2023-11-16 11:56:08 +09:00
Paul Arthur
0edaecdb8f firewalld: make offline do something 2023-07-26 04:26:12 +00:00
5 changed files with 73 additions and 111 deletions
Show stats Expand all files Collapse all files

132
.azure-pipelines/azure-pipelines.yml
View file

@ -51,16 +51,29 @@ stages:
parameters: parameters:
testFormat: devel/linux/{0}/1 testFormat: devel/linux/{0}/1
targets: targets:
- name: CentOS 7
test: centos7
- name: Fedora 38 - name: Fedora 38
test: fedora38 test: fedora38
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 20.04 - name: Ubuntu 20.04
test: ubuntu2004 test: ubuntu2004
- name: Ubuntu 22.04 - name: Ubuntu 22.04
test: ubuntu2204 test: ubuntu2204
- stage: Docker_2_16
displayName: Docker 2.16
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.16/linux/{0}/1
targets:
- name: CentOS 7
test: centos7
- name: Fedora 38
test: fedora38
- name: Ubuntu 20.04
test: ubuntu2004
- name: Ubuntu 22.04
test: ubuntu2204
- stage: Docker_2_15 - stage: Docker_2_15
displayName: Docker 2.15 displayName: Docker 2.15
dependsOn: [] dependsOn: []
@ -141,44 +154,6 @@ stages:
test: ubuntu1804 test: ubuntu1804
- name: Ubuntu 20.04 - name: Ubuntu 20.04
test: ubuntu2004 test: ubuntu2004
- stage: Docker_2_11
displayName: Docker 2.11
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.11/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 18.04
test: ubuntu1804
- stage: Docker_2_10
displayName: Docker 2.10
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.10/linux/{0}/1
targets:
- name: CentOS 6
test: centos6
- name: CentOS 7
test: centos7
- name: openSUSE 15 py2
test: opensuse15py2
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 16.04
test: ubuntu1604
- name: Ubuntu 18.04
test: ubuntu1804
- stage: Docker_2_9 - stage: Docker_2_9
displayName: Docker 2.9 displayName: Docker 2.9
dependsOn: [] dependsOn: []
@ -209,16 +184,21 @@ stages:
parameters: parameters:
testFormat: devel/{0}/1 testFormat: devel/{0}/1
targets: targets:
- name: MacOS 13.2 - name: RHEL 9.3
test: macos/13.2 test: rhel/9.3
- name: RHEL 7.9 - stage: Remote_2_16
test: rhel/7.9 displayName: Remote 2.16
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.16/{0}/1
targets:
- name: RHEL 8.8 - name: RHEL 8.8
test: rhel/8.8 test: rhel/8.8
- name: RHEL 9.2 - name: RHEL 9.2
test: rhel/9.2 test: rhel/9.2
- name: FreeBSD 13.2
test: freebsd/13.2
- stage: Remote_2_15 - stage: Remote_2_15
displayName: Remote 2.15 displayName: Remote 2.15
dependsOn: [] dependsOn: []
@ -227,18 +207,12 @@ stages:
parameters: parameters:
testFormat: 2.15/{0}/1 testFormat: 2.15/{0}/1
targets: targets:
- name: MacOS 13.2
test: macos/13.2
- name: RHEL 7.9 - name: RHEL 7.9
test: rhel/7.9 test: rhel/7.9
- name: RHEL 8.7 - name: RHEL 8.7
test: rhel/8.7 test: rhel/8.7
- name: RHEL 9.1 - name: RHEL 9.1
test: rhel/9.1 test: rhel/9.1
- name: FreeBSD 12.4
test: freebsd/12.4
- name: FreeBSD 13.1
test: freebsd/13.1
- stage: Remote_2_14 - stage: Remote_2_14
displayName: Remote 2.14 displayName: Remote 2.14
dependsOn: [] dependsOn: []
@ -247,18 +221,10 @@ stages:
parameters: parameters:
testFormat: 2.14/{0}/1 testFormat: 2.14/{0}/1
targets: targets:
- name: MacOS 12.0
test: macos/12.0
- name: RHEL 7.9 - name: RHEL 7.9
test: rhel/7.9 test: rhel/7.9
- name: RHEL 8.6 - name: RHEL 8.6
test: rhel/8.6 test: rhel/8.6
- name: RHEL 9.0
test: rhel/9.0
- name: FreeBSD 12.3
test: freebsd/12.3
- name: FreeBSD 13.1
test: freebsd/13.1
- stage: Remote_2_13 - stage: Remote_2_13
displayName: Remote 2.13 displayName: Remote 2.13
dependsOn: [] dependsOn: []
@ -267,16 +233,10 @@ stages:
parameters: parameters:
testFormat: 2.13/{0}/1 testFormat: 2.13/{0}/1
targets: targets:
- name: MacOS 12.0
test: macos/12.0
- name: RHEL 7.9 - name: RHEL 7.9
test: rhel/7.9 test: rhel/7.9
- name: RHEL 8.5 - name: RHEL 8.5
test: rhel/8.5 test: rhel/8.5
- name: FreeBSD 12.3
test: freebsd/12.3
- name: FreeBSD 13.0
test: freebsd/13.0
- stage: Remote_2_12 - stage: Remote_2_12
displayName: Remote 2.12 displayName: Remote 2.12
dependsOn: [] dependsOn: []
@ -285,40 +245,10 @@ stages:
parameters: parameters:
testFormat: 2.12/{0}/1 testFormat: 2.12/{0}/1
targets: targets:
- name: MacOS 11.1
test: macos/11.1
- name: RHEL 7.9 - name: RHEL 7.9
test: rhel/7.9 test: rhel/7.9
- name: RHEL 8.4 - name: RHEL 8.4
test: rhel/8.4 test: rhel/8.4
- name: FreeBSD 13.0
test: freebsd/13.0
- stage: Remote_2_11
displayName: Remote 2.11
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.11/{0}/1
targets:
- name: MacOS 11.1
test: macos/11.1
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.3
test: rhel/8.3
- stage: Remote_2_10
displayName: Remote 2.10
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.10/{0}/1
targets:
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.2
test: rhel/8.2
- stage: Remote_2_9 - stage: Remote_2_9
displayName: Remote 2.9 displayName: Remote 2.9
dependsOn: [] dependsOn: []
@ -339,10 +269,6 @@ stages:
dependsOn: dependsOn:
- Remote_2_9 - Remote_2_9
- Docker_2_9 - Docker_2_9
- Remote_2_10
- Docker_2_10
- Remote_2_11
- Docker_2_11
- Remote_2_12 - Remote_2_12
- Docker_2_12 - Docker_2_12
- Remote_2_13 - Remote_2_13
@ -351,6 +277,8 @@ stages:
- Docker_2_14 - Docker_2_14
- Remote_2_15 - Remote_2_15
- Docker_2_15 - Docker_2_15
- Remote_2_16
- Docker_2_16
- Remote_devel - Remote_devel
- Docker_devel - Docker_devel
jobs: jobs:

2
changelogs/fragments/484-firewalld-offline.yml Normal file
View file

@ -0,0 +1,2 @@
minor_changes:
- firewalld - added offline flag implementation (https://github.com/ansible-collections/ansible.posix/pull/484)

3
changelogs/fragments/508_ci_update.yml Normal file
View file

@ -0,0 +1,3 @@
---
trivial:
- "Refactoring remote CI targets."

39
plugins/modules/firewalld.py
View file

@ -84,13 +84,15 @@ options:
type: str type: str
permanent: permanent:
description: description:
- Should this configuration be in the running firewalld configuration or persist across reboots. - Whether to apply this change to the permanent firewalld configuration.
- As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 0.3.9). - As of Ansible 2.3, permanent operations can operate on firewalld configs when it is not running (requires firewalld >= 0.3.9).
- Note that if this is C(false), immediate is assumed C(true). - Note that if this is C(false), I(immediate) defaults to C(true).
type: bool type: bool
default: false
immediate: immediate:
description: description:
- Should this configuration be applied immediately, if set as permanent. - Whether to apply this change to the runtime firewalld configuration.
- Defaults to C(true) if I(permanent=false).
type: bool type: bool
default: false default: false
state: state:
@ -112,8 +114,9 @@ options:
type: str type: str
offline: offline:
description: description:
- Whether to run this module even when firewalld is offline. - Ignores I(immediate) if I(permanent=true) and firewalld is not running.
type: bool type: bool
default: false
target: target:
description: description:
- firewalld Zone target - firewalld Zone target
@ -142,6 +145,14 @@ author:
''' '''
EXAMPLES = r''' EXAMPLES = r'''
- name: permanently enable https service, also enable it immediately if possible
ansible.posix.firewalld:
service: https
state: enabled
permanent: true
immediate: true
offline: true
- name: permit traffic in default zone for https service - name: permit traffic in default zone for https service
ansible.posix.firewalld: ansible.posix.firewalld:
service: https service: https
@ -806,12 +817,12 @@ def main():
zone=dict(type='str'), zone=dict(type='str'),
immediate=dict(type='bool', default=False), immediate=dict(type='bool', default=False),
source=dict(type='str'), source=dict(type='str'),
permanent=dict(type='bool'), permanent=dict(type='bool', default=False),
state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']), state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
timeout=dict(type='int', default=0), timeout=dict(type='int', default=0),
interface=dict(type='str'), interface=dict(type='str'),
masquerade=dict(type='str'), masquerade=dict(type='str'),
offline=dict(type='bool'), offline=dict(type='bool', default=False),
target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']), target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
), ),
supports_check_mode=True, supports_check_mode=True,
@ -832,19 +843,29 @@ def main():
timeout = module.params['timeout'] timeout = module.params['timeout']
interface = module.params['interface'] interface = module.params['interface']
masquerade = module.params['masquerade'] masquerade = module.params['masquerade']
offline = module.params['offline']
# Sanity checks # Sanity checks
FirewallTransaction.sanity_check(module) FirewallTransaction.sanity_check(module)
# If neither permanent or immediate is provided, assume immediate (as # `offline`, `immediate`, and `permanent` have a weird twisty relationship.
# written in the module's docs) if offline:
# specifying offline without permanent makes no sense
if not permanent:
module.fail_json(msg='offline cannot be enabled unless permanent changes are allowed')
# offline overrides immediate to false if firewalld is offline
if fw_offline:
immediate = False
# immediate defaults to true if permanent is not enabled
if not permanent and not immediate: if not permanent and not immediate:
immediate = True immediate = True
# Verify required params are provided
if immediate and fw_offline: if immediate and fw_offline:
module.fail_json(msg='firewall is not currently running, unable to perform immediate actions without a running firewall daemon') module.fail_json(msg='firewall is not currently running, unable to perform immediate actions without a running firewall daemon')
# Verify required params are provided
changed = False changed = False
msgs = [] msgs = []
icmp_block = module.params['icmp_block'] icmp_block = module.params['icmp_block']

8
tests/integration/targets/firewalld/tasks/service_test_cases.yml
View file

@ -20,6 +20,8 @@
firewalld: firewalld:
service: https service: https
permanent: true permanent: true
immediate: true
offline: true
state: enabled state: enabled
register: result register: result
@ -32,6 +34,8 @@
firewalld: firewalld:
service: https service: https
permanent: true permanent: true
immediate: true
offline: true
state: enabled state: enabled
register: result register: result
@ -44,6 +48,8 @@
firewalld: firewalld:
service: https service: https
permanent: true permanent: true
immediate: true
offline: true
state: disabled state: disabled
register: result register: result
@ -56,6 +62,8 @@
firewalld: firewalld:
service: https service: https
permanent: true permanent: true
immediate: true
offline: true
state: disabled state: disabled
register: result register: result