Fix sg_rules

redhat-cop · Dec 2, 2024 · 00507da · 00507da
1 parent 7b9b729
commit 00507da
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 25 deletions.
diff --git a/extensions/patterns/configure_aws_network/playbooks/run_configure_aws_network.yaml b/extensions/patterns/configure_aws_network/playbooks/run_configure_aws_network.yaml
@@ -3,32 +3,13 @@
   hosts: localhost
   gather_facts: false
   tasks:
-    - name: Create a list of dictionaries for security group rules
+    - name: Get list of internal sg rules
       ansible.builtin.set_fact:
-        sg_internal_rules: >-
-          {{
-            [
-              {
-                'proto': security_group_1_proto,
-                'ports': security_group_1_port,
-                'cidr_ip': security_group_1_cidr
-              },
-              {
-                'proto': security_group_2_proto,
-                'ports': security_group_2_port,
-                'cidr_ip': security_group_2_cidr
-              },
-              {
-                'proto': security_group_3_proto,
-                'ports': security_group_3_port,
-                'cidr_ip': security_group_3_cidr
-              }
-            ] | selectattr('proto', 'defined') | selectattr('ports', 'defined') | selectattr('cidr_ip', 'defined') | list
-          }}
+        sg_rules: "{{ security_group_rules | split(';') | list }}"
 
     - name: Set default value for the security group rules if nothing is passed.
       ansible.builtin.set_fact:
-        sg_internal_rules: "{{ sg_internal_rules | default([
+        sg_internal_rules: "{{ sg_rules | default([
           {'proto': 'tcp', 'port': '22', 'cidr_ip': vpc_cidr}
         ]) }}"
 

diff --git a/extensions/patterns/configure_aws_network/template_surveys/configure_aws_network.yml b/extensions/patterns/configure_aws_network/template_surveys/configure_aws_network.yml
@@ -39,9 +39,9 @@ spec:
     required: true
 
   - type: "text"
-    question_name: "Internal Security Group rule 1 protocol"
-    question_description: "The IP protocol name. If not provided, ssh will be used"
-    variable: "security_group_1_proto"
+    question_name: "Dict of Internal Security Group rules, seperated by semi colon"
+    question_description: 'Dictionaries of Security Group Rules. e.g. {"proto": "tcp", "ports": "22", "cidr_ip": "10.1.1.0/16"}; {"proto": "tcp", "ports": "8000-8010", "cidr_ip": "10.1.1.0/16"}'
+    variable: "security_group_rules"
     required: false
 
   - type: "text"