feat(ansible): support ufw logging mode

2026-04-02 00:12:13 +00:00 · 2026-04-02 00:12:13 +00:00 · 57bc50002e
commit 57bc50002e
parent 4b884f67d6
3 changed files with 43 additions and 0 deletions
--- a/mock_ssh_test.go
+++ b/mock_ssh_test.go
@ -1574,9 +1574,20 @@ func moduleUFWWithClient(_ *Executor, client sshRunner, args map[string]any) (*T
 	port := getStringArg(args, "port", "")
 	proto := getStringArg(args, "proto", "tcp")
 	state := getStringArg(args, "state", "")
+	logging := getStringArg(args, "logging", "")

 	var cmd string

+	// Handle logging configuration.
+	if logging != "" {
+		cmd = sprintf("ufw logging %s", logging)
+		stdout, stderr, rc, err := client.Run(context.Background(), cmd)
+		if err != nil || rc != 0 {
+			return &TaskResult{Failed: true, Msg: stderr, Stdout: stdout, RC: rc}, nil
+		}
+		return &TaskResult{Changed: true}, nil
+	}
+
 	// Handle state (enable/disable)
 	if state != "" {
 		switch state {
--- a/modules.go
+++ b/modules.go
@ -2734,9 +2734,20 @@ func (e *Executor) moduleUFW(ctx context.Context, client sshExecutorClient, args
 	port := getStringArg(args, "port", "")
 	proto := getStringArg(args, "proto", "tcp")
 	state := getStringArg(args, "state", "")
+	logging := getStringArg(args, "logging", "")

 	var cmd string

+	// Handle logging configuration.
+	if logging != "" {
+		cmd = sprintf("ufw logging %s", logging)
+		stdout, stderr, rc, err := client.Run(ctx, cmd)
+		if err != nil || rc != 0 {
+			return &TaskResult{Failed: true, Msg: stderr, Stdout: stdout, RC: rc}, nil
+		}
+		return &TaskResult{Changed: true}, nil
+	}
+
 	// Handle state (enable/disable)
 	if state != "" {
 		switch state {
--- a/modules_adv_test.go
+++ b/modules_adv_test.go
@ -1383,6 +1383,27 @@ func TestModulesAdv_ModuleUFW_Good_LimitRule(t *testing.T) {
 	assert.True(t, mock.hasExecuted(`ufw limit 22/tcp`))
 }

+func TestModulesAdv_ModuleUFW_Good_LoggingMode(t *testing.T) {
+	e := NewExecutor("/tmp")
+	mock := NewMockSSHClient()
+	mock.expectCommand(`ufw logging high`, "Logging enabled\n", "", 0)
+
+	task := &Task{
+		Module: "community.general.ufw",
+		Args: map[string]any{
+			"logging": "high",
+		},
+	}
+
+	result, err := e.executeModule(context.Background(), "host1", mock, task, &Play{})
+
+	require.NoError(t, err)
+	require.NotNil(t, result)
+	assert.True(t, result.Changed)
+	assert.False(t, result.Failed)
+	assert.True(t, mock.hasExecuted(`ufw logging high`))
+}
+
 func TestModulesAdv_ModuleUFW_Good_StateCommandFailure(t *testing.T) {
 	e, mock := newTestExecutorWithMock("host1")
 	mock.expectCommand(`ufw --force enable`, "", "ERROR: problem running ufw", 1)