浏览代码

Unsafe grains call in iptables formula fix

state iptables.rules may fail if grains_yaml is None

Change-Id: Ibd59c33345f1af97267a7632d3e5b64d885c41e8
master
Dzmitry Stremkouski 6 年前
父节点
当前提交
c01bfc9661
共有 1 个文件被更改,包括 7 次插入3 次删除
  1. +7
    -3
      iptables/rules.sls

+ 7
- 3
iptables/rules.sls 查看文件

@@ -55,10 +55,14 @@ iptables_{{ chain_name }}_ipv6_policy:
{%- macro load_grains_file() %}{% include grains_fragment_file %}{% endmacro %}
{%- set grains_yaml = load_grains_file()|load_yaml %}

{%- for rule in grains_yaml.iptables.rules %}
{%- set rule_name = service_name+'_'+loop.index|string %}
{%- if grains_yaml is iterable %}
{%- if grains_yaml.get('iptables',{}).rules is defined %}
{%- for rule in grains_yaml.iptables.rules %}
{%- set rule_name = service_name+'_'+loop.index|string %}
{% include "iptables/_rule.sls" %}
{%- endfor %}
{%- endfor %}
{%- endif %}
{%- endif %}

{%- endif %}
{%- endif %}

正在加载...
取消
保存