Browse Source
fix: do not error on unknown os_family grain
If the formula was ran on a system that reported an os_family that wasn't one of "Debian", "RedHat", "Arch", "Suse" then the map.jinja template would fail to render with "'NoneType' is not iterable. This occurs because grains.filter_by will return None when it fails match the grain to the input dictionary. The value is then blindly passed into a dict.update() which causes the failure. In this patch we ensure that the default values, as defined in defaults.yaml, are always applied when grain matching fails.tags/v1.0.0
Steven Daniele
4 years ago
3 changed files with 34 additions and 27 deletions
+ 13
- 12
firewalld/defaults.yaml
View File
| @@ -1,18 +1,19 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| --- | |||
| firewalld: | |||
| enabled: true | |||
| package: firewalld | |||
| service: firewalld | |||
| config: /etc/firewalld.conf | |||
| default: | |||
| firewalld: | |||
| enabled: true | |||
| package: firewalld | |||
| service: firewalld | |||
| config: /etc/firewalld.conf | |||
| ipset: | |||
| manage: false | |||
| pkg: ipset | |||
| ipset: | |||
| manage: false | |||
| pkg: ipset | |||
| backend: | |||
| manage: false | |||
| pkg: nftables | |||
| backend: | |||
| manage: false | |||
| pkg: nftables | |||
| ipsets: {} | |||
| ipsets: {} | |||
+ 8
- 15
firewalld/map.jinja
View File
| @@ -3,25 +3,18 @@ | |||
| {#- Start with defaults from defaults.yaml #} | |||
| {% import_yaml "firewalld/defaults.yaml" as default_settings %} | |||
| {% import_yaml "firewalld/osfamilymap.yaml" as osfamilymap %} | |||
| {#- | |||
| Setup variable using grains['os_family'] based logic, only add key:values here | |||
| that differ from whats in defaults.yaml | |||
| #} | |||
| {% set os_family_map = salt['grains.filter_by']({ | |||
| 'Debian': {}, | |||
| 'RedHat': {}, | |||
| 'Arch': {}, | |||
| 'Suse': {}, | |||
| }, grain='os_family', merge=salt['pillar.get']('firewalld:lookup')) | |||
| %} | |||
| {#- Merge the flavor_map to the default settings #} | |||
| {% do default_settings.firewalld.update(os_family_map) %} | |||
| {% set platform_defaults = salt['grains.filter_by'](default_settings, | |||
| default='default', | |||
| merge=salt['grains.filter_by'](osfamilymap, grain='os_family', | |||
| merge=salt['pillar.get']('firewalld:lookup') | |||
| ) | |||
| ) %} | |||
| {#- Merge in salt:lookup pillar #} | |||
| {% set firewalld = salt['pillar.get']( | |||
| 'firewalld', | |||
| default=default_settings.firewalld, | |||
| default=platform_defaults.firewalld, | |||
| merge=True) | |||
| %} | |||
+ 13
- 0
firewalld/osfamilymap.yaml
View File
| @@ -0,0 +1,13 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # # vim: ft=yaml | |||
| # os_family defaults | |||
| # only add key:values here that differ from whats in defaults.yaml | |||
| --- | |||
| Debian: | |||
| firewalld: {} | |||
| RedHat: | |||
| firewalld: {} | |||
| Arch: | |||
| firewalld: {} | |||
| Suse: | |||
| firewalld: {} | |||
Loading…