瀏覽代碼

Unsafe grains call in iptables formula fix

state iptables.rules may fail if grains_yaml is None

Change-Id: Ibd59c33345f1af97267a7632d3e5b64d885c41e8
master
Dzmitry Stremkouski 6 年之前
父節點
當前提交
c01bfc9661
共有 1 個檔案被更改,包括 7 行新增3 行删除
  1. +7
    -3
      iptables/rules.sls

+ 7
- 3
iptables/rules.sls 查看文件

@@ -55,10 +55,14 @@ iptables_{{ chain_name }}_ipv6_policy:
{%- macro load_grains_file() %}{% include grains_fragment_file %}{% endmacro %}
{%- set grains_yaml = load_grains_file()|load_yaml %}

{%- for rule in grains_yaml.iptables.rules %}
{%- set rule_name = service_name+'_'+loop.index|string %}
{%- if grains_yaml is iterable %}
{%- if grains_yaml.get('iptables',{}).rules is defined %}
{%- for rule in grains_yaml.iptables.rules %}
{%- set rule_name = service_name+'_'+loop.index|string %}
{% include "iptables/_rule.sls" %}
{%- endfor %}
{%- endfor %}
{%- endif %}
{%- endif %}

{%- endif %}
{%- endif %}

Loading…
取消
儲存