bug fix

Yohann0617 · Dec 19, 2024 · d7b6fa5 · d7b6fa5
1 parent 6a2f2a4
commit d7b6fa5
Showing 1 changed file with 31 additions and 2 deletions.
diff --git a/src/main/java/com/yohann/ocihelper/config/OracleInstanceFetcher.java b/src/main/java/com/yohann/ocihelper/config/OracleInstanceFetcher.java
@@ -1345,11 +1345,40 @@ public void releaseSecurityRule(Vcn vcn, Integer type) {
                 inList = Arrays.asList(in4, in6);
                 outList = Arrays.asList(out4, out6);
         }
+
+        GetSecurityListRequest getSecurityListRequest = GetSecurityListRequest.builder().securityListId(vcn.getDefaultSecurityListId()).build();
+        GetSecurityListResponse getSecurityListResponse = virtualNetworkClient.getSecurityList(getSecurityListRequest);
+        List<IngressSecurityRule> ingressSecurityRules = getSecurityListResponse.getSecurityList().getIngressSecurityRules();
+        if (ingressSecurityRules.isEmpty()) {
+            ingressSecurityRules = inList;
+        } else {
+            for (IngressSecurityRule rule : ingressSecurityRules) {
+                for (IngressSecurityRule in : inList) {
+                    if (!rule.getSource().contains(in.getSource()) && !rule.getProtocol().equals(in.getProtocol())) {
+                        ingressSecurityRules.add(in);
+                    }
+                }
+            }
+        }
+        List<EgressSecurityRule> egressSecurityRules = getSecurityListResponse.getSecurityList().getEgressSecurityRules();
+        if (egressSecurityRules.isEmpty()) {
+            egressSecurityRules = outList;
+        } else {
+            for (EgressSecurityRule rule : egressSecurityRules) {
+                for (EgressSecurityRule out : outList) {
+                    if (!rule.getDestination().contains(out.getDestination()) &&
+                            !rule.getProtocol().equals(out.getProtocol()) &&
+                            !rule.getDestinationType().equals(out.getDestinationType())) {
+                        egressSecurityRules.add(out);
+                    }
+                }
+            }
+        }
         virtualNetworkClient.updateSecurityList(UpdateSecurityListRequest.builder()
                 .securityListId(vcn.getDefaultSecurityListId())
                 .updateSecurityListDetails(UpdateSecurityListDetails.builder()
-                        .ingressSecurityRules(inList)
-                        .egressSecurityRules(outList)
+                        .ingressSecurityRules(ingressSecurityRules)
+                        .egressSecurityRules(egressSecurityRules)
                         .build())
                 .build());
         log.info("用户：[{}] ，区域：[{}] 放行了 VCN：{} 的安全列表中 {} 的所有端口及协议",