From 6b6e5665aa29e7cf8ff7a0d736239681c09ecb3d Mon Sep 17 00:00:00 2001 From: Andrea Tosatto Date: Tue, 12 Sep 2017 16:24:09 +0200 Subject: [PATCH] make os_security_group_rule idempotent (#23707) * Fix issue #19610 --- .../cloud/openstack/os_security_group_rule.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/ansible/modules/cloud/openstack/os_security_group_rule.py b/lib/ansible/modules/cloud/openstack/os_security_group_rule.py index 1ca7f39c9b..dcd260155e 100644 --- a/lib/ansible/modules/cloud/openstack/os_security_group_rule.py +++ b/lib/ansible/modules/cloud/openstack/os_security_group_rule.py @@ -208,12 +208,17 @@ def _ports_match(protocol, module_min, module_max, rule_min, rule_max): if module_max and int(module_max) == -1: module_max = None - # Check if user is supplying None values for full TCP/UDP port range. - if protocol in ['tcp', 'udp'] and module_min is None and module_max is None: - if (rule_min and int(rule_min) == 1 - and rule_max and int(rule_max) == 65535): - # (None, None) == (1, 65535) - return True + # Check if the user is supplying -1 or None values for full TPC/UDP port range. + if protocol in ['tcp', 'udp'] or protocol is None: + if module_min and module_max and int(module_min) == int(module_max) == -1: + module_min = None + module_max = None + + if ((module_min is None and module_max is None) and + (rule_min and int(rule_min) == 1 and + rule_max and int(rule_max) == 65535)): + # (None, None) == (1, 65535) + return True # Sanity check to make sure we don't have type comparison issues. if module_min: