cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

win_firewall_rule: Only report changed when change is made (#57267)

Browse source 
* Fix bug https://github.com/ansible/ansible/issues/44450

* Added tests

* I will make this CI work

* Update win_firewall_rule.ps1
This commit is contained in:
Shachaf92 2019-07-05 01:06:34 +03:00 committed by Jordan Borean
parent 6e319ff088
commit e0b8bc1ef9
3 changed files with 30 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/Fix-Expansion-of-vars-win_firewall_rule.yml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- "win_firewall_rule - Fix program var not expanding %SystemRoot% type vars (https://github.com/ansible/ansible/issues/44450)"

2
lib/ansible/modules/windows/win_firewall_rule.ps1
View file

@ -156,7 +156,7 @@ try {
# the default for enabled in module description is "true", but the actual COM object defaults to "false" when created # the default for enabled in module description is "true", but the actual COM object defaults to "false" when created
if ($null -ne $enabled) { $new_rule.Enabled = $enabled } else { $new_rule.Enabled = $true } if ($null -ne $enabled) { $new_rule.Enabled = $enabled } else { $new_rule.Enabled = $true }
if ($null -ne $description) { $new_rule.Description = $description } if ($null -ne $description) { $new_rule.Description = $description }
if ($null -ne $program -and $program -ne "any") { $new_rule.ApplicationName = $program } if ($null -ne $program -and $program -ne "any") { $new_rule.ApplicationName = [System.Environment]::ExpandEnvironmentVariables($program) }
if ($null -ne $service -and $program -ne "any") { $new_rule.ServiceName = $service } if ($null -ne $service -and $program -ne "any") { $new_rule.ServiceName = $service }
if ($null -ne $protocol -and $protocol -ne "any") { $new_rule.Protocol = Parse-ProtocolType -protocol $protocol } if ($null -ne $protocol -and $protocol -ne "any") { $new_rule.Protocol = Parse-ProtocolType -protocol $protocol }
if ($null -ne $localport -and $localport -ne "any") { $new_rule.LocalPorts = $localport } if ($null -ne $localport -and $localport -ne "any") { $new_rule.LocalPorts = $localport }

27
test/integration/targets/win_firewall_rule/tasks/main.yml
View file

@ -411,3 +411,30 @@
assert: assert:
that: that:
- add_firewall_rule_with_list_profiles.changed == true - add_firewall_rule_with_list_profiles.changed == true
# Test for variable expansion in the path
- name: Add rule with path that needs to be expanded
win_firewall_rule:
name: VarExpansionTest
enabled: yes
state: present
action: allow
direction: in
protocol: tcp
program: '%SystemRoot%\system32\svchost.exe'
- name: Add same rule with path that needs to be expanded
win_firewall_rule:
name: VarExpansionTest
enabled: yes
state: present
action: allow
direction: in
protocol: tcp
program: '%SystemRoot%\system32\svchost.exe'
register: add_firewall_rule_with_var_expand_path
- name: Check that creating same firewall rule with expanded vars identified
assert:
that:
- add_firewall_rule_with_var_expand_path.changed == false