The action attribute within the firewall type has been removed.

v7.0.0 of firwall module is introducing several changes, as described in [1]. This commit is adjusting manifests to this change. [1] 8ea5f45d00 Change-Id: I31a04a83e2844fa1ec53a27fccd15fb64cafacb0
2023-09-05 09:50:13 +02:00 · 2023-09-05 09:50:13 +02:00 · b00b07af7e
commit b00b07af7e
parent f989cf07b6
4 changed files with 9 additions and 9 deletions
--- a/packstack/puppet/modules/packstack/manifests/firewall.pp
+++ b/packstack/puppet/modules/packstack/manifests/firewall.pp
@ -11,7 +11,7 @@ define packstack::firewall (
 ) {
  $ip_version = lookup('CONFIG_IP_VERSION')

-  $provider = $ip_version ? {
+  $protocol = $ip_version ? {
    'ipv6'  => 'ip6tables',
    default => 'iptables',
    # TO-DO(mmagr): Add IPv6 support when hostnames are used
@ -34,9 +34,9 @@ define packstack::firewall (
    firewall { "001 ${service_name} ${heading} ${title}":
      chain    => $chain,
      proto    => $proto,
-      action   => 'accept',
+      jump     => 'accept',
      source   => $source,
-      provider => $provider,
+      protocol => $protocol,
    }
  }
  else {
@ -44,9 +44,9 @@ define packstack::firewall (
      chain    => $chain,
      proto    => $proto,
      dport    => $ports,
-      action   => 'accept',
+      jump     => 'accept',
      source   => $source,
-      provider => $provider,
+      protocol => $protocol,
    }
  }
 }
--- a/packstack/puppet/modules/packstack/manifests/horizon.pp
+++ b/packstack/puppet/modules/packstack/manifests/horizon.pp
@ -67,7 +67,7 @@ class packstack::horizon ()
    firewall { "001 horizon ${firewall_port} incoming":
      proto  => 'tcp',
      dport  => [$firewall_port],
-      action => 'accept',
+      jump   => 'accept',
    }

    if str2bool($::selinux) {
--- a/packstack/puppet/modules/packstack/manifests/nova/vncproxy.pp
+++ b/packstack/puppet/modules/packstack/manifests/nova/vncproxy.pp
@ -14,6 +14,6 @@ class packstack::nova::vncproxy ()
    firewall { '001 novncproxy incoming':
      proto  => 'tcp',
      dport  => ['6080'],
-      action => 'accept',
+      jump   => 'accept',
    }
 }
--- a/packstack/puppet/modules/packstack/manifests/provision/bridge.pp
+++ b/packstack/puppet/modules/packstack/manifests/provision/bridge.pp
@ -43,14 +43,14 @@ class packstack::provision::bridge ()
      if $public_bridge_name != '' {
        firewall { '000 forward out':
          chain    => 'FORWARD',
-          action   => 'accept',
+          jump     => 'accept',
          outiface => $public_bridge_name,
          proto    => 'all',
        }

        firewall { '000 forward in':
          chain   => 'FORWARD',
-          action  => 'accept',
+          jump    => 'accept',
          iniface => $public_bridge_name,
          proto   => 'all',
        }