core/go-ansible
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

feat(ansible): support ufw rule deletion
Some checks are pending
CI / test (push) Waiting to run
Details
CI / auto-fix (push) Waiting to run
Details
CI / auto-merge (push) Waiting to run
Details

Browse source
This commit is contained in:
Virgil 2026-04-03 12:50:19 +00:00
parent 1e7deda933
commit 9dfd5b3af1
3 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
mock_ssh_test.go
View file

@ -1895,6 +1895,7 @@ func moduleUFWWithClient(_ *Executor, client sshRunner, args map[string]any) (*T
proto := getStringArg(args, "proto", "tcp")
state := getStringArg(args, "state", "")
logging := getStringArg(args, "logging", "")
deleteRule := getBoolArg(args, "delete", false)
var cmd string
@ -1941,6 +1942,9 @@ func moduleUFWWithClient(_ *Executor, client sshRunner, args map[string]any) (*T
case "limit":
cmd = sprintf("ufw limit %s/%s", port, proto)
}
if deleteRule && cmd != "" {
cmd = "ufw delete " + corexTrimPrefix(cmd, "ufw ")
}
stdout, stderr, rc, err := client.Run(context.Background(), cmd)
if err != nil || rc != 0 {

4
modules.go
View file

@ -3385,6 +3385,7 @@ func (e *Executor) moduleUFW(ctx context.Context, client sshExecutorClient, args
proto := getStringArg(args, "proto", "tcp")
state := getStringArg(args, "state", "")
logging := getStringArg(args, "logging", "")
deleteRule := getBoolArg(args, "delete", false)
var cmd string
@ -3431,6 +3432,9 @@ func (e *Executor) moduleUFW(ctx context.Context, client sshExecutorClient, args
case "limit":
cmd = sprintf("ufw limit %s/%s", port, proto)
}
if deleteRule && cmd != "" {
cmd = "ufw delete " + corexTrimPrefix(cmd, "ufw ")
}
stdout, stderr, rc, err := client.Run(ctx, cmd)
if err != nil || rc != 0 {

16
modules_adv_test.go
View file

@ -1629,6 +1629,22 @@ func TestModulesAdv_ModuleUFW_Good_LimitRule(t *testing.T) {
assert.True(t, mock.hasExecuted(`ufw limit 22/tcp`))
}
func TestModulesAdv_ModuleUFW_Good_DeleteRule(t *testing.T) {
e, mock := newTestExecutorWithMock("host1")
mock.expectCommand(`ufw delete allow 443/tcp`, "Rule deleted", "", 0)
result, err := moduleUFWWithClient(e, mock, map[string]any{
"rule": "allow",
"port": "443",
"delete": true,
})
require.NoError(t, err)
assert.True(t, result.Changed)
assert.False(t, result.Failed)
assert.True(t, mock.hasExecuted(`ufw delete allow 443/tcp`))
}
func TestModulesAdv_ModuleUFW_Good_LoggingMode(t *testing.T) {
e := NewExecutor("/tmp")
mock := NewMockSSHClient()