carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-13 16:15:21 +01:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: carroarmato0:6280bb8ec8fec0e2868232783482ff5b6a77494e
Branches Tags
carroarmato0:main
carroarmato0:stable-2
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1
..
compare: carroarmato0:05724a097bf53a90ace630355c5472856d717d00
Branches Tags
carroarmato0:stable-2
carroarmato0:main
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1

No commits in common. "6280bb8ec8fec0e2868232783482ff5b6a77494e" and "05724a097bf53a90ace630355c5472856d717d00" have entirely different histories.
6280bb8ec8 ... 05724a097b

6 changed files with 83 additions and 80 deletions
Show stats Expand all files Collapse all files

3
changelogs/fragments/581_ci_selinux.yml
View file

@ -1,3 +0,0 @@
---
trivial:
- selinux - conditions for selinux integration tests have been modified to be more accurate.

3
changelogs/fragments/584_firewalld_opt_type.yml
View file

@ -1,3 +0,0 @@
---
breaking_changes:
- firewalld - Changed the type of forward and masquerade options from str to bool (https://github.com/ansible-collections/ansible.posix/issues/582).

32
plugins/modules/firewalld.py
View file

@ -112,13 +112,11 @@ options:
description: description:
- The forward setting you would like to enable/disable to/from zones within firewalld. - The forward setting you would like to enable/disable to/from zones within firewalld.
- This option only is supported by firewalld v0.9.0 or later. - This option only is supported by firewalld v0.9.0 or later.
- Note that the option type is changed to bool in ansible.posix version 2.0.0 and later. type: str
type: bool
masquerade: masquerade:
description: description:
- The masquerade setting you would like to enable/disable to/from zones within firewalld. - The masquerade setting you would like to enable/disable to/from zones within firewalld.
- Note that the option type is changed to bool in ansible.posix version 2.0.0 and later. type: str
type: bool
offline: offline:
description: description:
- Ignores O(immediate) if O(permanent=true) and firewalld is not running. - Ignores O(immediate) if O(permanent=true) and firewalld is not running.
@ -877,8 +875,8 @@ def main():
state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']), state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
timeout=dict(type='int', default=0), timeout=dict(type='int', default=0),
interface=dict(type='str'), interface=dict(type='str'),
forward=dict(type='bool'), forward=dict(type='str'),
masquerade=dict(type='bool'), masquerade=dict(type='str'),
offline=dict(type='bool', default=False), offline=dict(type='bool', default=False),
target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']), target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
), ),
@ -1131,7 +1129,16 @@ def main():
msgs = msgs + transaction_msgs msgs = msgs + transaction_msgs
if forward is not None: if forward is not None:
expected_state = 'enabled' if (desired_state == 'enabled') == forward else 'disabled' # Type of forward will be changed to boolean in a future release.
forward_status = False
try:
forward_status = boolean(forward, False)
except TypeError:
module.warn('The value of the forward option is "%s". '
'The type of the option will be changed from string to boolean in a future release. '
'To avoid unexpected behavior, please change the value to boolean.' % forward)
expected_state = 'enabled' if (desired_state == 'enabled') == forward_status else 'disabled'
transaction = ForwardTransaction( transaction = ForwardTransaction(
module, module,
action_args=(), action_args=(),
@ -1145,7 +1152,16 @@ def main():
msgs = msgs + transaction_msgs msgs = msgs + transaction_msgs
if masquerade is not None: if masquerade is not None:
expected_state = 'enabled' if (desired_state == 'enabled') == masquerade else 'disabled' # Type of masquerade will be changed to boolean in a future release.
masquerade_status = True
try:
masquerade_status = boolean(masquerade, True)
except TypeError:
module.warn('The value of the masquerade option is "%s". '
'The type of the option will be changed from string to boolean in a future release. '
'To avoid unexpected behavior, please change the value to boolean.' % masquerade)
expected_state = 'enabled' if (desired_state == 'enabled') == masquerade_status else 'disabled'
transaction = MasqueradeTransaction( transaction = MasqueradeTransaction(
module, module,
action_args=(), action_args=(),

57
tests/integration/targets/firewalld/tasks/masquerade_test_cases.yml
View file

@ -114,3 +114,60 @@
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- result is not changed - result is not changed
# Validate backwards compatible behavior until masquerade is switched from string to boolean type
- name: Masquerade enabled when masquerade is non-boolean string and state is enabled
block:
- name: Testing enable masquerade
ansible.posix.firewalld:
zone: trusted
masquerade: some string
permanent: true
state: enabled
register: result
- name: Assert masquerade is enabled
ansible.builtin.assert:
that:
- result is changed
- name: Testing enable masquerade (verify not changed)
ansible.posix.firewalld:
zone: trusted
masquerade: some string
permanent: true
state: enabled
register: result
- name: Assert masquerade is enabled (verify not changed)
ansible.builtin.assert:
that:
- result is not changed
- name: Masquerade disabled when masquerade is non-boolean string and state is disabled
block:
- name: Testing disable masquerade
ansible.posix.firewalld:
zone: trusted
masquerade: some string
permanent: true
state: disabled
register: result
- name: Assert masquerade is disabled
ansible.builtin.assert:
that:
- result is changed
- name: Testing disable masquerade (verify not changed)
ansible.posix.firewalld:
zone: trusted
masquerade: some string
permanent: true
state: disabled
register: result
- name: Assert masquerade is disabled (verify not changed)
ansible.builtin.assert:
that:
- result is not changed

4
tests/integration/targets/selinux/tasks/selinux.yml
View file

@ -128,8 +128,8 @@
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- selinux_config_original | length == selinux_config_after | length - selinux_config_original | length == selinux_config_after | length
- (selinux_config_after | select("search", "^SELINUX=disabled\s*$") | list | length) > 0 - selinux_config_after[selinux_config_after.index('SELINUX=disabled')] is search("^SELINUX=\w+$")
- (selinux_config_after | select("search", "^SELINUXTYPE=targeted\s*$") | list | length) > 0 - selinux_config_after[selinux_config_after.index('SELINUXTYPE=targeted')] is search("^SELINUXTYPE=\w+$")
- name: TEST 1 | Disable SELinux again, with kernel arguments update - name: TEST 1 | Disable SELinux again, with kernel arguments update
ansible.posix.selinux: ansible.posix.selinux:

64
tests/integration/targets/sysctl/tasks/main.yml
View file

@ -230,40 +230,6 @@
that: that:
- sysctl_test4 is failed - sysctl_test4 is failed
##
## sysctl --system
##
- name: Set vm.swappiness to 10 with --system option
ansible.posix.sysctl:
name: vm.swappiness
value: 10
state: present
reload: false
sysctl_set: true
system: true
register: sysctl_system_test1
- name: Check with sysctl command
ansible.builtin.command: sysctl vm.swappiness
changed_when: false
register: sysctl_check_system1
- name: Debug sysctl_system_test1 sysctl_check_system1
ansible.builtin.debug:
var: item
verbosity: 1
with_items:
- "{{ sysctl_system_test1 }}"
- "{{ sysctl_check_system1 }}"
- name: Validate results for --system option
ansible.builtin.assert:
that:
- sysctl_system_test1 is changed
- sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]
- name: Test on RHEL VMs - name: Test on RHEL VMs
when: when:
- ansible_facts.virtualization_type != 'docker' - ansible_facts.virtualization_type != 'docker'
@ -400,33 +366,3 @@
that: that:
- stat_result.stat.islnk is defined and stat_result.stat.islnk - stat_result.stat.islnk is defined and stat_result.stat.islnk
- stat_result.stat.lnk_source == '/tmp/ansible_sysctl_test.conf' - stat_result.stat.lnk_source == '/tmp/ansible_sysctl_test.conf'
# Test sysctl: --system
- name: Set vm.swappiness to 10 with --system option
ansible.posix.sysctl:
name: vm.swappiness
value: 10
state: present
reload: false
sysctl_set: true
system: true
register: sysctl_system_test1
- name: Check with sysctl command
ansible.builtin.command: sysctl vm.swappiness
changed_when: false
register: sysctl_check_system1
- name: Debug sysctl_system_test1 sysctl_check_system1
ansible.builtin.debug:
var: item
verbosity: 1
with_items:
- "{{ sysctl_system_test1 }}"
- "{{ sysctl_check_system1 }}"
- name: Validate results for --system option
ansible.builtin.assert:
that:
- sysctl_system_test1 is changed
- sysctl_check_system1.stdout_lines == ["vm.swappiness = 10"]