Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New module - meraki_mx_l7_firewall #55485

Merged
merged 10 commits into from
Jul 26, 2019
Merged

New module - meraki_mx_l7_firewall #55485

merged 10 commits into from
Jul 26, 2019

Conversation

kbreit
Copy link
Contributor

@kbreit kbreit commented Apr 18, 2019

SUMMARY

This new module allows modification and querying of MX appliance layer 7 firewall rules.

@brianberzins

Fixes #55450

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

meraki_mx_l7_firewall

ADDITIONAL INFORMATION
  - name: Create multiple firewall rules
    meraki_mx_l7_firewall:
      auth_key: '{{ auth_key }}'
      org_name: '{{test_org_name}}'
      net_name: TestNetAppliance
      state: present
      rules:
        - type: whitelisted_countries
          countries:
            - US
            - FR
        - type: blacklisted_countries
          countries:
            - CN
        - policy: deny
          type: port
          port: 8080
    delegate_to: localhost

TASK [meraki_mx_l7_firewall : debug] *******************************************
ok: [localhost] => {
        "data": {
            "rules": [
                {
                    "policy": "deny",
                    "type": "whitelistedCountries",
                    "value": [
                        "US",
                        "FR"
                    ]
                },
                {
                    "policy": "deny",
                    "type": "blacklistedCountries",
                    "value": [
                        "CN"
                    ]
                },
                {
                    "policy": "deny",
                    "type": "port",
                    "value": "8080"
                }
            ]
        },

@ansibot
Copy link
Contributor

ansibot commented Apr 18, 2019

cc @dagwieers
click here for bot help

@ansibot ansibot added affects_2.9 This issue/PR affects Ansible v2.9 cisco Cisco technologies community_review In order to be merged, this PR must follow the community review workflow. meraki Cisco Meraki community module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. networking Network category new_module This PR includes a new module. new_plugin This PR includes a new plugin. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed community_review In order to be merged, this PR must follow the community review workflow. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Apr 18, 2019
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label May 4, 2019
@kbreit kbreit changed the title New module - meraki_mx_l7_firewall [WIP] New module - meraki_mx_l7_firewall May 11, 2019
@ansibot ansibot added the WIP This issue/PR is a work in progress. Nevertheless it was shared for getting input from peers. label May 11, 2019
@ansibot ansibot removed the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label May 25, 2019
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Jun 8, 2019
@kbreit
Create rename_* functions
e41dcaa 
- is_update_required() ignores the key id
- Meraki expects one of the keys to be id
- Function temporarily renames key to appId to get around this
@kbreit kbreit force-pushed the meraki/meraki_mx_l7_firewall branch from ff1247f to e41dcaa Compare June 9, 2019 03:19
@ansibot ansibot removed the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Jun 9, 2019
@kbreit kbreit changed the title [WIP] New module - meraki_mx_l7_firewall New module - meraki_mx_l7_firewall Jun 9, 2019
@ansibot ansibot removed the WIP This issue/PR is a work in progress. Nevertheless it was shared for getting input from peers. label Jun 9, 2019
@kbreit kbreit mentioned this pull request Jun 12, 2019
Closed
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Jun 17, 2019
@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed community_review In order to be merged, this PR must follow the community review workflow. needs_triage Needs a first human triage before being processed. labels Jun 19, 2019
@kbreit
Tweak documentation and tests
380757c 
- Tests now do an include so each task doesn't need delegate_to
@ansibot ansibot added needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html and removed stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. labels Jun 19, 2019
@kbreit
Copy link
Contributor Author

kbreit commented Jun 19, 2019

@Qalthos Please take a look at this PR as it should include all your feedback.

@ansibot ansibot removed the needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html label Jun 19, 2019
@ansibot ansibot added stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. stale_review Updates were made after the last review and the last review is more than 7 days old. labels Jul 5, 2019
@ansibot ansibot added has_issue community_review In order to be merged, this PR must follow the community review workflow. and removed stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. stale_review Updates were made after the last review and the last review is more than 7 days old. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Jul 24, 2019
@pabelanger pabelanger merged commit 3cdc667 into ansible:devel Jul 26, 2019
@ansible ansible locked and limited conversation to collaborators Aug 26, 2019
@kbreit kbreit deleted the meraki/meraki_mx_l7_firewall branch November 28, 2019 20:01
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Qalthos Qalthos Qalthos approved these changes

@pabelanger pabelanger pabelanger approved these changes

Assignees
No one assigned
Labels
affects_2.9 This issue/PR affects Ansible v2.9 cisco Cisco technologies community_review In order to be merged, this PR must follow the community review workflow. has_issue meraki Cisco Meraki community module This issue/PR relates to a module. networking Network category new_module This PR includes a new module. new_plugin This PR includes a new plugin. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

New module - meraki_mx_l7_firewall
4 participants
@kbreit @ansibot @Qalthos @pabelanger