Skip to content

Commit

Permalink
Removing json_query calls
Browse files Browse the repository at this point in the history
Signed-off-by: Jiri Podivin <[email protected]>
  • Loading branch information
jpodivin committed Sep 11, 2023
1 parent 68e87e1 commit 07ffcc2
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 11 deletions.
18 changes: 18 additions & 0 deletions plugins/filter/helpers.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ def filters(self):
'needs_delete': self.needs_delete,
'haskey': self.haskey,
'dict_to_list': self.dict_to_list,
'jump_chain_targets': self.jump_chain_targets
}

def needs_delete(self, container_infos, config, config_id,
Expand Down Expand Up @@ -172,3 +173,20 @@ def dict_to_list(self, data):
for k, v in data.items():
return_list.append({k: v})
return return_list

def jump_chain_targets(self, data: list, rule: dict) -> list:
"""Filters valid chain target rules satisfying conditions based on
`table`, `family` and `chain` attributes.
Used by the osp.edpm.nftables role.
"""
def _filter(item):
return (
item.get('table', 'NOTABLE') == rule.get('table', 'filter')
and item.get('family', 'NOFAMILY') == 'inet'
and item.get('chain', 'NOCHAIN') == rule.get('chain', 'INPUT'))
targets = []
for existing_rule in list(filter(_filter, data)):
for target in existing_rule.get('expr', []):
if 'target' in target.get('jump', {}).keys():
targets.append(target['jump']['target'])
return targets
16 changes: 16 additions & 0 deletions plugins/filter/jump_chain_targets.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
DOCUMENTATION:
name: jump_chain_targets
author: "EDPM team"
version_added: 2.9
short_description: Retrieve existing jump chain targets
description: |
Filters valid chain target rules satisfying conditions based on
`table`, `family` and `chain` attributes.
Used by the osp.edpm.nftables role.
EXAMPLES: |
'{{ edpm_nftables_chains_prefix }}_'~rule.get('chain', 'INPUT')
not in ( existing | osp.edpm.jump_chain_targets(rule=rule) )
RETURN:
_value:
description: list of jump chain targets
type: list
3 changes: 1 addition & 2 deletions roles/edpm_nftables/templates/jump-chain.j2
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,9 @@
{% set existing = (current_nft['stdout']|from_json)['nftables']|map(attribute='rule', default={})|list %}
{% for ruleset in edpm_nftables_rules %}
{% set rule=ruleset['rule'] %}
{% set query="[? table==`"~rule.get('table', 'filter')~"` && family==`inet` && chain==`"~rule.get('chain', 'INPUT')~"`].expr[*].jump.target" %}
{% set chain_key = rule.get('chain', 'INPUT') ~ rule.get('table', 'filter') %}
{% if chain_key not in chains.chains %}
{% if '{{ edpm_nftables_chains_prefix }}_'~rule.get('chain', 'INPUT') not in (existing|json_query(query)|flatten) %}
{% if '{{ edpm_nftables_chains_prefix }}_'~rule.get('chain', 'INPUT') not in ( existing | osp.edpm.jump_chain_targets(rule=rule) ) %}
insert rule inet {{ rule.get('table', 'filter') }} {{ rule.get('chain', 'INPUT') }} position 0 jump {{ edpm_nftables_chains_prefix }}_{{ rule.get('chain', 'INPUT') }}
{% endif %}
{% set _ = chains.chains.append(chain_key) %}
Expand Down
16 changes: 8 additions & 8 deletions roles/edpm_podman/templates/podman_network_config.j2
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
{
"name": "{{ podman_network_inspect.stdout | from_json | first | json_query('name') }}",
"id": "{{ podman_network_inspect.stdout | from_json | first | json_query('id') }}",
"driver": "{{ podman_network_inspect.stdout | from_json | first | json_query('driver') }}",
"network_interface": "{{ podman_network_inspect.stdout | from_json | first | json_query('network_interface') }}",
"created": "{{ podman_network_inspect.stdout | from_json | first | json_query('created') }}",
"name": "{{ (podman_network_inspect.stdout | from_json | first)['name'] }}",
"id": "{{ (podman_network_inspect.stdout | from_json | first)['id'] }}",
"driver": "{{ (podman_network_inspect.stdout | from_json | first)['driver'] }}",
"network_interface": "{{ (podman_network_inspect.stdout | from_json | first)['network_interface'] }}",
"created": "{{ (podman_network_inspect.stdout | from_json | first)['created'] }}",
"subnets": [
{
"subnet": "10.255.255.0/24",
Expand All @@ -15,7 +15,7 @@
}
],
"ipv6_enabled": true,
"internal": {{ podman_network_inspect.stdout | from_json | first | json_query('internal') | to_json }},
"dns_enabled": {{ podman_network_inspect.stdout | from_json | first | json_query('dns_enabled') | to_json }},
"ipam_options": {{ podman_network_inspect.stdout | from_json | first | json_query('ipam_options') | to_json }}
"internal": {{ (podman_network_inspect.stdout | from_json | first)['internal'] | to_json }},
"dns_enabled": {{ (podman_network_inspect.stdout | from_json | first)['dns_enabled'] | to_json }},
"ipam_options": {{ (podman_network_inspect.stdout | from_json | first)['ipam_options'] | to_json }}
}
2 changes: 1 addition & 1 deletion roles/env_data/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@

- name: Output installed packages
ansible.builtin.debug:
msg: "{{ ansible_facts.packages | community.general.json_query('*') | flatten | join('\n') }}"
msg: "{{ ansible_facts.packages | flatten }}"

- name: Output installed repositories
ansible.builtin.debug:
Expand Down

0 comments on commit 07ffcc2

Please sign in to comment.