Merge pull request #214 from saito-hideki/pr/add_firewalld_info

Add new firewalld_info module to ansible.posix collection SUMMARY Add new firewalld_info module to ansible.posix collection. Gathering information about firewalld zone settings fixes #98 ISSUE TYPE Feature Pull Request COMPONENT NAME ansible.posix.firewalld_info ADDITIONAL INFORMATION None Reviewed-by: Abhijeet Kasurde <None> Reviewed-by: Hideki Saito <saito@fgrep.org>
2026-02-04 08:01:49 +00:00 · 2021-07-21 05:19:13 +00:00 · 2021-07-21 05:19:13 +00:00 · a03e652437
commit a03e652437
parent e815909859 27434455e5
6 changed files with 523 additions and 0 deletions
--- a/tests/integration/targets/firewalld_info/aliases
+++ b/tests/integration/targets/firewalld_info/aliases
@ -0,0 +1,5 @@
+destructive
+shippable/posix/group3
+skip/aix
+skip/freebsd
+skip/osx
--- a/tests/integration/targets/firewalld_info/tasks/main.yml
+++ b/tests/integration/targets/firewalld_info/tasks/main.yml
@ -0,0 +1,52 @@
+# Test playbook for the firewalld_info module
+# (c) 2021, Hideki Saito <saito@fgrep.org>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+# This test is based on the integration test playbook for firewalld module.
+- name: Run firewalld tests
+  block:
+    - name: Ensure firewalld is installed
+      package:
+        name: firewalld
+        state: present
+      # This doesn't work for CentOS 6 because firewalld doesn't exist in CentOS6
+
+    - name: Check to make sure the firewalld python module is available.
+      shell: "{{ansible_python.executable}} -c 'import firewall'"
+      register: check_output_firewall
+      ignore_errors: true
+
+    - name: Check to make sure the dbus python module is available.
+      shell: "{{ansible_python.executable}} -c 'import dbus'"
+      register: check_output_dbus
+      ignore_errors: true
+
+    - name: Test Online Operations
+      block:
+        - name: start firewalld
+          service:
+            name: firewalld
+            state: started
+
+        - import_tasks: run_tests_in_started.yml
+      when:
+        - check_output_firewall.rc == 0
+        - check_output_dbus.rc == 0
+
+    - name: Test Offline Operations
+      block:
+        - name: stop firewalld
+          service:
+            name: firewalld
+            state: stopped
+
+        - import_tasks: run_tests_in_stopped.yml
+      when:
+        - check_output_firewall.rc == 0
+        - check_output_dbus.rc == 0
+
+  when:
+  - ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('7', '>=')
+  - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('14.04', '=='))
+  # Firewalld package on OpenSUSE (15+) require Python 3, so we skip on OpenSUSE running py2 on these newer distros
+  - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3)
--- a/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml
+++ b/tests/integration/targets/firewalld_info/tasks/run_tests_in_started.yml
@ -0,0 +1,32 @@
+# Test playbook for the firewalld_info module
+# (c) 2021, Hideki Saito <saito@fgrep.org>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+- name: Ensure firewalld_info without options
+  firewalld_info:
+  register: result
+
+- name: Assert collected_zones and undefined_zones
+  assert:
+    that:
+      - 'result.collected_zones and not result.undefined_zones'
+
+- name: Ensure firewalld_info with active_zones
+  firewalld_info:
+    active_zones: yes
+  register: result
+
+- name: Assert turn active_zones true
+  assert:
+    that:
+
+- name: Ensure firewalld_zones with zone list
+  firewalld_info:
+    zones:
+      - public
+      - invalid_zone
+  register: result
+
+- name: Assert specified zones
+  assert:
+    that:
--- a/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml
+++ b/tests/integration/targets/firewalld_info/tasks/run_tests_in_stopped.yml
@ -0,0 +1,40 @@
+# Test playbook for the firewalld_info module
+# (c) 2021, Hideki Saito <saito@fgrep.org>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+- name: Ensure firewalld_info without options
+  firewalld_info:
+  register: result
+  ignore_errors: yes
+
+- name: Assert firewalld_info fails if firewalld is not running.
+  assert:
+    that:
+      - result.failed
+      - "'firewalld probably not be running,' in result.msg"
+
+- name: Ensure firewalld_info with active_zones
+  firewalld_info:
+    active_zones: yes
+  register: result
+  ignore_errors: yes
+
+- name: Assert firewalld_info with active_zones fails if firewalld is not running.
+  assert:
+    that:
+      - result.failed
+      - "'firewalld probably not be running,' in result.msg"
+
+- name: Ensure firewalld_zones with zone list
+  firewalld_info:
+    zones:
+      - public
+      - invalid_zone
+  register: result
+  ignore_errors: yes
+
+- name: Assert firewalld_info with zones list fails if firewalld is not running.
+  assert:
+    that:
+      - result.failed
+      - "'firewalld probably not be running,' in result.msg"