ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-25 03:41:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

iptables_state: fix per-table initialization command (#2525) (#2553)

Browse source 
* refactor initialize_from_null_state()

* Use a more neutral command (iptables -L) to load per-table needed modules.

* fix 'FutureWarning: Possible nested set at position ...' (re.sub)

* fix pylints (module + action plugin)

* unsubscriptable-object
* superfluous-parens
* consider-using-in
* unused-variable
* unused-import
* no-else-break

* cleanup other internal module_args if they exist

* add changelog fragment

* Apply suggestions from code review (changelog fragment)

Co-authored-by: Felix Fontein <felix@fontein.de>

* Remove useless plugin type in changelog fragment

Co-authored-by: Amin Vakil <info@aminvakil.com>

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Amin Vakil <info@aminvakil.com>
(cherry picked from commit 2c1ab2d384)

Co-authored-by: quidame <quidame@poivron.org>
This commit is contained in:
patchback[bot] 2021-05-18 12:27:31 +02:00 committed by GitHub
parent f1dab6d4a7
commit 62043463f3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

49
plugins/modules/system/iptables_state.py
View file

@ -232,7 +232,7 @@ import filecmp
import shutil
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils._text import to_bytes, to_native, to_text
from ansible.module_utils._text import to_bytes, to_native
IPTABLES = dict(
@ -262,7 +262,7 @@ def read_state(b_path):
lines = text.splitlines()
while '' in lines:
lines.remove('')
return (lines)
return lines
def write_state(b_path, lines, changed):
@ -282,9 +282,9 @@ def write_state(b_path, lines, changed):
if b_destdir and not os.path.exists(b_destdir) and not module.check_mode:
try:
os.makedirs(b_destdir)
except Exception as e:
except Exception as err:
module.fail_json(
msg='Error creating %s. Error code: %s. Error description: %s' % (destdir, e[0], e[1]),
msg='Error creating %s: %s' % (destdir, to_native(err)),
initial_state=lines)
changed = True
@ -295,10 +295,10 @@ def write_state(b_path, lines, changed):
if changed and not module.check_mode:
try:
shutil.copyfile(tmpfile, b_path)
except Exception as e:
except Exception as err:
path = to_native(b_path, errors='surrogate_or_strict')
module.fail_json(
msg='Error saving state into %s. Error code: %s. Error description: %s' % (path, e[0], e[1]),
msg='Error saving state into %s: %s' % (path, to_native(err)),
initial_state=lines)
return changed
@ -313,14 +313,11 @@ def initialize_from_null_state(initializer, initcommand, table):
if table is None:
table = 'filter'
tmpfd, tmpfile = tempfile.mkstemp()
with os.fdopen(tmpfd, 'w') as f:
f.write('*%s\nCOMMIT\n' % table)
initializer.append(tmpfile)
(rc, out, err) = module.run_command(initializer, check_rc=True)
commandline = list(initializer)
commandline += ['-t', table]
(rc, out, err) = module.run_command(commandline, check_rc=True)
(rc, out, err) = module.run_command(initcommand, check_rc=True)
return (rc, out, err)
return rc, out, err
def filter_and_format_state(string):
@ -328,13 +325,13 @@ def filter_and_format_state(string):
Remove timestamps to ensure idempotence between runs. Also remove counters
by default. And return the result as a list.
'''
string = re.sub('((^|\n)# (Generated|Completed)[^\n]*) on [^\n]*', '\\1', string)
string = re.sub(r'((^|\n)# (Generated|Completed)[^\n]*) on [^\n]*', r'\1', string)
if not module.params['counters']:
string = re.sub('[[][0-9]+:[0-9]+[]]', '[0:0]', string)
string = re.sub(r'\[[0-9]+:[0-9]+\]', r'[0:0]', string)
lines = string.splitlines()
while '' in lines:
lines.remove('')
return (lines)
return lines
def per_table_state(command, state):
@ -347,14 +344,14 @@ def per_table_state(command, state):
COMMAND = list(command)
if '*%s' % t in state.splitlines():
COMMAND.extend(['--table', t])
(rc, out, err) = module.run_command(COMMAND, check_rc=True)
out = re.sub('(^|\n)(# Generated|# Completed|[*]%s|COMMIT)[^\n]*' % t, '', out)
out = re.sub(' *[[][0-9]+:[0-9]+[]] *', '', out)
dummy, out, dummy = module.run_command(COMMAND, check_rc=True)
out = re.sub(r'(^|\n)(# Generated|# Completed|[*]%s|COMMIT)[^\n]*' % t, r'', out)
out = re.sub(r' *\[[0-9]+:[0-9]+\] *', r'', out)
table = out.splitlines()
while '' in table:
table.remove('')
tables[t] = table
return (tables)
return tables
def main():
@ -402,7 +399,7 @@ def main():
changed = False
COMMANDARGS = []
INITCOMMAND = [bin_iptables_save]
INITIALIZER = [bin_iptables_restore]
INITIALIZER = [bin_iptables, '-L', '-n']
TESTCOMMAND = [bin_iptables_restore, '--test']
if counters:
@ -502,7 +499,7 @@ def main():
if _back is not None:
b_back = to_bytes(_back, errors='surrogate_or_strict')
garbage = write_state(b_back, initref_state, changed)
dummy = write_state(b_back, initref_state, changed)
BACKCOMMAND = list(MAINCOMMAND)
BACKCOMMAND.append(_back)
@ -559,9 +556,7 @@ def main():
if os.path.exists(b_starter):
os.remove(b_starter)
break
else:
time.sleep(0.01)
continue
time.sleep(0.01)
(rc, stdout, stderr) = module.run_command(MAINCOMMAND)
if 'Another app is currently holding the xtables lock' in stderr:
@ -579,7 +574,7 @@ def main():
(rc, stdout, stderr) = module.run_command(SAVECOMMAND, check_rc=True)
restored_state = filter_and_format_state(stdout)
if restored_state != initref_state and restored_state != initial_state:
if restored_state not in (initref_state, initial_state):
if module.check_mode:
changed = True
else:
@ -609,7 +604,7 @@ def main():
# timeout
# * task attribute 'poll' equals 0
#
for x in range(_timeout):
for dummy in range(_timeout):
if os.path.exists(b_back):
time.sleep(1)
continue