Inject user provided nft rules

This change ensures that user provided rules are injected into the edpm_nftables_src directory and loaded during rule generation. The change adds a new variable to facilitate a user interface for rule injection edpm_nftables_user_rules. Signed-off-by: Brendan Shephard <[email protected]>
openstack-k8s-operators · Nov 18, 2024 · fe86852 · fe86852
1 parent 998ae17
commit fe86852
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/roles/edpm_nftables/tasks/configure.yml b/roles/edpm_nftables/tasks/configure.yml
@@ -31,6 +31,12 @@
         src: base-rules.yaml.j2
         mode: "0644"
 
+    - name: Write user rules snippet
+      ansible.builtin.copy:
+        dest: "{{ edpm_nftables_src }}/edpm-nftables-user-rules.yaml"
+        content: "{{ edpm_nftables_user_rules }}"
+        mode: "0644"
+
 - name: IPtables compatibility layout
   become: true
   block: