ExternalMirrors
/
firewalld-formula
spegling av https://github.com/saltstack-formulas/firewalld-formula
Bevaka 1
Stjärnmärk 0
Förgrening 1
Kod Ärenden 0 Släpp 14 Wiki Aktiviteter
Bläddra i källkod

fix: do not error on unknown os_family grain 

If the formula was ran on a system that reported an os_family that
wasn't one of "Debian", "RedHat", "Arch", "Suse" then the map.jinja
template would fail to render with "'NoneType' is not iterable.

This occurs because grains.filter_by will return None when it fails
match the grain to the input dictionary. The value is then blindly
passed into a dict.update() which causes the failure.

In this patch we ensure that the default values, as defined in
defaults.yaml, are always applied when grain matching fails.
tags/v1.0.0
Steven Daniele 4 år sedan
förälder
80587f9671
incheckning
94d2b0b97c
Inget konto är kopplat till bidragsgivarens mejladress
3 ändrade filer med 34 tillägg och 27 borttagningar
Unifierad Vy Visa Diff Statistik
  1. +13
    -12
      firewalld/defaults.yaml
  2. +8
    -15
      firewalld/map.jinja
  3. +13
    -0
      firewalld/osfamilymap.yaml

+ 13
- 12
firewalld/defaults.yaml Visa fil

# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# vim: ft=yaml # vim: ft=yaml
--- ---
firewalld:
enabled: true
package: firewalld
service: firewalld
config: /etc/firewalld.conf
default:
firewalld:
enabled: true
package: firewalld
service: firewalld
config: /etc/firewalld.conf


ipset:
manage: false
pkg: ipset
ipset:
manage: false
pkg: ipset


backend:
manage: false
pkg: nftables
backend:
manage: false
pkg: nftables


ipsets: {}
ipsets: {}

+ 8
- 15
firewalld/map.jinja Visa fil



{#- Start with defaults from defaults.yaml #} {#- Start with defaults from defaults.yaml #}
{% import_yaml "firewalld/defaults.yaml" as default_settings %} {% import_yaml "firewalld/defaults.yaml" as default_settings %}
{% import_yaml "firewalld/osfamilymap.yaml" as osfamilymap %}


{#-
Setup variable using grains['os_family'] based logic, only add key:values here
that differ from whats in defaults.yaml
#}
{% set os_family_map = salt['grains.filter_by']({
'Debian': {},
'RedHat': {},
'Arch': {},
'Suse': {},
}, grain='os_family', merge=salt['pillar.get']('firewalld:lookup'))
%}

{#- Merge the flavor_map to the default settings #}
{% do default_settings.firewalld.update(os_family_map) %}
{% set platform_defaults = salt['grains.filter_by'](default_settings,
default='default',
merge=salt['grains.filter_by'](osfamilymap, grain='os_family',
merge=salt['pillar.get']('firewalld:lookup')
)
) %}


{#- Merge in salt:lookup pillar #} {#- Merge in salt:lookup pillar #}
{% set firewalld = salt['pillar.get']( {% set firewalld = salt['pillar.get'](
'firewalld', 'firewalld',
default=default_settings.firewalld,
default=platform_defaults.firewalld,
merge=True) merge=True)
%} %}

+ 13
- 0
firewalld/osfamilymap.yaml Visa fil

# -*- coding: utf-8 -*-
# # vim: ft=yaml
# os_family defaults
# only add key:values here that differ from whats in defaults.yaml
---
Debian:
firewalld: {}
RedHat:
firewalld: {}
Arch:
firewalld: {}
Suse:
firewalld: {}

Write Förhandsgranska
Laddar…
Avbryt
Spara