Change Details

//Part of this description is copied from the GitHub PR.// The `zip` function used [here](https://github.com/vyos/vyos.vyos/blob/main/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py#L1138) is insufficient for comparing rules. As mentioned in the [docs](https://docs.python.org/3.3/library/functions.html#zip) of Python: > The iterator stops when the shortest input iterable is exhausted Here is a example how this could cause a issue, in Python: ``` first = [{"key": "value1"}, {"key": "value2"}] second = [{"key": "value1"}] zipped = list(zip(first, second)) zipped[0][0] == zipped[0][1] #True ``` To test this with the module: Run this code in a testing VyOS: ```vyos delete firewall set firewall name test default-action 'drop' set firewall name test rule 1 action 'accept' set firewall name test rule 1 protocol 'all' set firewall name test rule 2 action 'drop' set firewall name test rule 2 protocol 'all' ``` (those rules don't make any sense. This is just an example!) with this ansible code, I would expect only the first rule to remain: ```yaml - name: Set firewall rules vyos.vyos.vyos_firewall_rules: config: - afi: ipv4 rule_sets: - default_action: drop name: test rules: - action: accept protocol: all number: 1 state: overridden ``` Currently, this does nothing. I have already made the code change for this. The PR will be created shortly after this issue.

//Part of this description is copied from the GitHub PR.// The `zip` function used [here](https://github.com/vyos/vyos.vyos/blob/main/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py#L1138) is insufficient for comparing rules. As mentioned in the [docs](https://docs.python.org/3.3/library/functions.html#zip) of Python: > The iterator stops when the shortest input iterable is exhausted Here is a example how this could cause a issue, in Python: ``` first = [{"key": "value1"}, {"key": "value2"}] second = [{"key": "value1"}] zipped = list(zip(first, second)) zipped[0][0] == zipped[0][1] #True ``` To test this with the module: Run this code in a testing VyOS: ```vyos delete firewall set firewall name test default-action 'drop' set firewall name test rule 1 action 'accept' set firewall name test rule 1 protocol 'all' set firewall name test rule 2 action 'drop' set firewall name test rule 2 protocol 'all' ``` (those rules don't make any sense. This is just an example!) with this ansible code, I would expect only the first rule to remain: ```yaml - name: Set firewall rules vyos.vyos.vyos_firewall_rules: config: - afi: ipv4 rule_sets: - default_action: drop name: test rules: - action: accept protocol: all number: 1 state: overridden ``` Currently, this does nothing.

//Part of this description is copied from the GitHub PR.// The `zip` function used [here](https://github.com/vyos/vyos.vyos/blob/main/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py#L1138) is insufficient for comparing rules. As mentioned in the [docs](https://docs.python.org/3.3/library/functions.html#zip) of Python: > The iterator stops when the shortest input iterable is exhausted Here is a example how this could cause a issue, in Python: ``` first = [{"key": "value1"}, {"key": "value2"}] second = [{"key": "value1"}] zipped = list(zip(first, second)) zipped[0][0] == zipped[0][1] #True ``` To test this with the module: Run this code in a testing VyOS: ```vyos delete firewall set firewall name test default-action 'drop' set firewall name test rule 1 action 'accept' set firewall name test rule 1 protocol 'all' set firewall name test rule 2 action 'drop' set firewall name test rule 2 protocol 'all' ``` (those rules don't make any sense. This is just an example!) with this ansible code, I would expect only the first rule to remain: ```yaml - name: Set firewall rules vyos.vyos.vyos_firewall_rules: config: - afi: ipv4 rule_sets: - default_action: drop name: test rules: - action: accept protocol: all number: 1 state: overridden ``` Currently, this does nothing. I have already made the code change for this. The PR will be created shortly after this issue.