Part of this description is copied from the GitHub PR.
The zip function used here is insufficient for comparing rules.
As mentioned in the docs of Python:
The iterator stops when the shortest input iterable is exhausted
Here is a example how this could cause a issue, in Python:
first = [{"key": "value1"}, {"key": "value2"}]
second = [{"key": "value1"}]
zipped = list(zip(first, second))
zipped[0][0] == zipped[0][1]
#TrueTo test this with the module:
Run this code in a testing VyOS:
vyos delete firewall set firewall name test default-action 'drop' set firewall name test rule 1 action 'accept' set firewall name test rule 1 protocol 'all' set firewall name test rule 2 action 'drop' set firewall name test rule 2 protocol 'all'
(those rules don't make any sense. This is just an example!)
with this ansible code, I would expect only the first rule to remain:
yaml
- name: Set firewall rules
vyos.vyos.vyos_firewall_rules:
config:
- afi: ipv4
rule_sets:
- default_action: drop
name: test
rules:
- action: accept
protocol: all
number: 1
state: overriddenCurrently, this does nothing.