Merge pull request #431 from resmo/fix/cs_securitygroup_rule
cloudstack: fix cs_securitygroup_rule result output not always worked as expected
This commit is contained in:
Brian Coca
commit
aa86c5ff90
1 changed files with 37 additions and 38 deletions
|
|
@ -229,18 +229,21 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
|
|||
and cidr == rule['cidr']
|
||||
|
||||
|
||||
def get_end_port(self):
|
||||
if self.module.params.get('end_port'):
|
||||
return self.module.params.get('end_port')
|
||||
return self.module.params.get('start_port')
|
||||
|
||||
|
||||
def _get_rule(self, rules):
|
||||
user_security_group_name = self.module.params.get('user_security_group')
|
||||
cidr = self.module.params.get('cidr')
|
||||
protocol = self.module.params.get('protocol')
|
||||
start_port = self.module.params.get('start_port')
|
||||
end_port = self.module.params.get('end_port')
|
||||
end_port = self.get_end_port()
|
||||
icmp_code = self.module.params.get('icmp_code')
|
||||
icmp_type = self.module.params.get('icmp_type')
|
||||
|
||||
if not end_port:
|
||||
end_port = start_port
|
||||
|
||||
if protocol in ['tcp', 'udp'] and not (start_port and end_port):
|
||||
self.module.fail_json(msg="no start_port or end_port set for protocol '%s'" % protocol)
|
||||
|
||||
|
|
@ -295,26 +298,23 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
|
|||
|
||||
args['protocol'] = self.module.params.get('protocol')
|
||||
args['startport'] = self.module.params.get('start_port')
|
||||
args['endport'] = self.module.params.get('end_port')
|
||||
args['endport'] = self.get_end_port()
|
||||
args['icmptype'] = self.module.params.get('icmp_type')
|
||||
args['icmpcode'] = self.module.params.get('icmp_code')
|
||||
args['projectid'] = self.get_project_id()
|
||||
args['securitygroupid'] = security_group['id']
|
||||
|
||||
if not args['endport']:
|
||||
args['endport'] = args['startport']
|
||||
|
||||
rule = None
|
||||
res = None
|
||||
type = self.module.params.get('type')
|
||||
if type == 'ingress':
|
||||
sg_type = self.module.params.get('type')
|
||||
if sg_type == 'ingress':
|
||||
rule = self._get_rule(security_group['ingressrule'])
|
||||
if not rule:
|
||||
self.result['changed'] = True
|
||||
if not self.module.check_mode:
|
||||
res = self.cs.authorizeSecurityGroupIngress(**args)
|
||||
|
||||
elif type == 'egress':
|
||||
elif sg_type == 'egress':
|
||||
rule = self._get_rule(security_group['egressrule'])
|
||||
if not rule:
|
||||
self.result['changed'] = True
|
||||
|
|
@ -327,22 +327,25 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
|
|||
poll_async = self.module.params.get('poll_async')
|
||||
if res and poll_async:
|
||||
security_group = self._poll_job(res, 'securitygroup')
|
||||
return security_group
|
||||
key = sg_type + "rule" # ingressrule / egressrule
|
||||
if key in security_group:
|
||||
rule = security_group[key][0]
|
||||
return rule
|
||||
|
||||
|
||||
def remove_rule(self):
|
||||
security_group = self.get_security_group()
|
||||
rule = None
|
||||
res = None
|
||||
type = self.module.params.get('type')
|
||||
if type == 'ingress':
|
||||
sg_type = self.module.params.get('type')
|
||||
if sg_type == 'ingress':
|
||||
rule = self._get_rule(security_group['ingressrule'])
|
||||
if rule:
|
||||
self.result['changed'] = True
|
||||
if not self.module.check_mode:
|
||||
res = self.cs.revokeSecurityGroupIngress(id=rule['ruleid'])
|
||||
|
||||
elif type == 'egress':
|
||||
elif sg_type == 'egress':
|
||||
rule = self._get_rule(security_group['egressrule'])
|
||||
if rule:
|
||||
self.result['changed'] = True
|
||||
|
|
@ -355,34 +358,30 @@ class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack):
|
|||
poll_async = self.module.params.get('poll_async')
|
||||
if res and poll_async:
|
||||
res = self._poll_job(res, 'securitygroup')
|
||||
return security_group
|
||||
return rule
|
||||
|
||||
|
||||
def get_result(self, security_group_rule):
|
||||
type = self.module.params.get('type')
|
||||
|
||||
key = 'ingressrule'
|
||||
if type == 'egress':
|
||||
key = 'egressrule'
|
||||
|
||||
self.result['type'] = type
|
||||
self.result['type'] = self.module.params.get('type')
|
||||
self.result['security_group'] = self.module.params.get('security_group')
|
||||
|
||||
if key in security_group_rule and security_group_rule[key]:
|
||||
if 'securitygroupname' in security_group_rule[key][0]:
|
||||
self.result['user_security_group'] = security_group_rule[key][0]['securitygroupname']
|
||||
if 'cidr' in security_group_rule[key][0]:
|
||||
self.result['cidr'] = security_group_rule[key][0]['cidr']
|
||||
if 'protocol' in security_group_rule[key][0]:
|
||||
self.result['protocol'] = security_group_rule[key][0]['protocol']
|
||||
if 'startport' in security_group_rule[key][0]:
|
||||
self.result['start_port'] = security_group_rule[key][0]['startport']
|
||||
if 'endport' in security_group_rule[key][0]:
|
||||
self.result['end_port'] = security_group_rule[key][0]['endport']
|
||||
if 'icmpcode' in security_group_rule[key][0]:
|
||||
self.result['icmp_code'] = security_group_rule[key][0]['icmpcode']
|
||||
if 'icmptype' in security_group_rule[key][0]:
|
||||
self.result['icmp_type'] = security_group_rule[key][0]['icmptype']
|
||||
|
||||
if security_group_rule:
|
||||
rule = security_group_rule
|
||||
if 'securitygroupname' in rule:
|
||||
self.result['user_security_group'] = rule['securitygroupname']
|
||||
if 'cidr' in rule:
|
||||
self.result['cidr'] = rule['cidr']
|
||||
if 'protocol' in rule:
|
||||
self.result['protocol'] = rule['protocol']
|
||||
if 'startport' in rule:
|
||||
self.result['start_port'] = rule['startport']
|
||||
if 'endport' in rule:
|
||||
self.result['end_port'] = rule['endport']
|
||||
if 'icmpcode' in rule:
|
||||
self.result['icmp_code'] = rule['icmpcode']
|
||||
if 'icmptype' in rule:
|
||||
self.result['icmp_type'] = rule['icmptype']
|
||||
return self.result
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue