Merge pull request #1407 from rjeffman/ipaserver_firewalld_warning

Fix Ansible warnings in Firewall zone testing tasks
2026-03-26 21:33:05 +00:00 · 2026-01-09 17:44:55 +01:00
parent e4ea7c8983 b3f024869c
commit 2f34e1ac6a
3 changed files with 39 additions and 36 deletions
--- a/roles/ipabackup/tasks/restore.yml
+++ b/roles/ipabackup/tasks/restore.yml
@@ -91,20 +91,21 @@
      enabled: yes
      state: started

-  - name: Firewalld - Verify runtime zone "{{ ipabackup_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --info-zone="{{ ipabackup_firewalld_zone }}"
-      >/dev/null
+  - name: Firewalld - Verify zones
    when: ipabackup_firewalld_zone is defined
+    block:
+    - name: Firewalld - Verify runtime zone from ipabackup_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --info-zone="{{ ipabackup_firewalld_zone }}"
+        >/dev/null

-  - name: Firewalld - Verify permanent zone "{{ ipabackup_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --permanent
-      --info-zone="{{ ipabackup_firewalld_zone }}"
-      >/dev/null
-    when: ipabackup_firewalld_zone is defined
+    - name: Firewalld - Verify permanent zone from ipabackup_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --permanent
+        --info-zone="{{ ipabackup_firewalld_zone }}"
+        >/dev/null

 ### RESTORE

--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -47,20 +47,21 @@
      enabled: yes
      state: started

-  - name: Firewalld - Verify runtime zone "{{ ipareplica_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --info-zone="{{ ipareplica_firewalld_zone }}"
-      >/dev/null
+  - name: Firewalld - Verify zones
    when: ipareplica_firewalld_zone is defined
+    block:
+    - name: Firewalld - Verify runtime zone from ipareplica_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --info-zone="{{ ipareplica_firewalld_zone }}"
+        >/dev/null

-  - name: Firewalld - Verify permanent zone "{{ ipareplica_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --permanent
-      --info-zone="{{ ipareplica_firewalld_zone }}"
-      >/dev/null
-    when: ipareplica_firewalld_zone is defined
+    - name: Firewalld - Verify permanent zone from ipareplica_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --permanent
+        --info-zone="{{ ipareplica_firewalld_zone }}"
+        >/dev/null

 - name: Install - Set ipareplica_servers
  ansible.builtin.set_fact:
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -47,20 +47,21 @@
      enabled: yes
      state: started

-  - name: Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --info-zone="{{ ipaserver_firewalld_zone }}"
-      >/dev/null
+  - name: Firewalld - verify zones
    when: ipaserver_firewalld_zone is defined
+    block:
+    - name: Firewalld - Verify runtime zone from ipaserver_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --info-zone="{{ ipaserver_firewalld_zone }}"
+        >/dev/null

-  - name: Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"
-    ansible.builtin.shell: >
-      firewall-cmd
-      --permanent
-      --info-zone="{{ ipaserver_firewalld_zone }}"
-      >/dev/null
-    when: ipaserver_firewalld_zone is defined
+    - name: Firewalld - Verify permanent zone from ipaserver_firewalld_zone
+      ansible.builtin.shell: >
+        firewall-cmd
+        --permanent
+        --info-zone="{{ ipaserver_firewalld_zone }}"
+        >/dev/null

 - name: Copy external certs
  ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_external_cert.yml"