Skip to content

Commit

Permalink
feat(firewall): add applied_to to return values
Browse files Browse the repository at this point in the history
  • Loading branch information
@jooola
jooola committed Dec 19, 2023
1 parent 2949737 commit d36a289
Show file tree
Hide file tree
Showing 2 changed files with 61 additions and 2 deletions.
62 changes: 60 additions & 2 deletions plugins/modules/firewall.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,40 @@
elements: str
returned: always
sample: []
applied_to:
description: List of Resources the Firewall is applied to.
returned: always
type: list
elements: dict
contains:
type:
description: Type of the resource.
type: str
choices: [server, label_selector]
sample: label_selector
server:
description: ID of the server.
type: int
sample: 12345
label_selector:
description: Label selector value.
type: str
sample: env=prod
applied_to_resources:
description: List of Resources the Firewall label selector is applied to.
returned: if RV(type=label_selector)
type: list
elements: dict
contains:
type:
description: Type of resource referenced.
type: str
choices: [server]
sample: server
server:
description: ID of the Server.
type: int
sample: 12345
"""

import time
Expand All @@ -184,7 +218,11 @@

from ..module_utils.hcloud import AnsibleHCloud
from ..module_utils.vendor.hcloud import APIException, HCloudException
from ..module_utils.vendor.hcloud.firewalls import BoundFirewall, FirewallRule
from ..module_utils.vendor.hcloud.firewalls import (
BoundFirewall,
FirewallResource,
FirewallRule,
)


class AnsibleHCloudFirewall(AnsibleHCloud):
Expand All @@ -198,9 +236,10 @@ def _prepare_result(self):
"name": to_native(self.hcloud_firewall.name),
"rules": [self._prepare_result_rule(rule) for rule in self.hcloud_firewall.rules],
"labels": self.hcloud_firewall.labels,
"applied_to": [self._prepare_result_applied_to(resource) for resource in self.hcloud_firewall.applied_to],
}

def _prepare_result_rule(self, rule):
def _prepare_result_rule(self, rule: FirewallRule):
return {
"direction": rule.direction,
"protocol": to_native(rule.protocol),
Expand All @@ -210,6 +249,22 @@ def _prepare_result_rule(self, rule):
"description": to_native(rule.description) if rule.description is not None else None,
}

def _prepare_result_applied_to(self, resource: FirewallResource) -> Dict[str, Any]:
result = {
"type": resource.type,
"server": to_native(resource.server.id) if resource.server is not None else None,
"label_selector": resource.label_selector.selector if resource.label_selector is not None else None,
}
if resource.applied_to_resources is not None:
result["applied_to_resources"] = [
{
"type": item.type,
"server": item.server.id if item.server is not None else None,
}
for item in resource.applied_to_resources
]
return result

def _get_firewall(self):
try:
if self.module.params.get("id") is not None:
Expand Down Expand Up @@ -239,11 +294,13 @@ def _create_firewall(self):
)
for rule in rules
]

if not self.module.check_mode:
try:
self.client.firewalls.create(**params)
except HCloudException as exception:
self.fail_json_hcloud(exception, params=params)

self._mark_as_changed()
self._get_firewall()

Expand Down Expand Up @@ -277,6 +334,7 @@ def _update_firewall(self):
]
self.hcloud_firewall.set_rules(new_rules)
self._mark_as_changed()

self._get_firewall()

def present_firewall(self):
Expand Down
1 change: 1 addition & 0 deletions tests/integration/targets/firewall/tasks/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@
- result.hcloud_firewall.rules[0].protocol == "icmp"
- result.hcloud_firewall.rules[0].source_ips == ["0.0.0.0/0", "::/0"]
- result.hcloud_firewall.labels.key == "value"
- result.hcloud_firewall.applied_to | list | count == 0

- name: Test create idempotency
hetzner.hcloud.firewall:
Expand Down

0 comments on commit d36a289

Please sign in to comment.