From eaf238b033a0504c48440cf85982a2b89851059d Mon Sep 17 00:00:00 2001
From: snowjet <rarm.jet@gmail.com>
Date: Mon, 18 Feb 2019 21:03:27 +1100
Subject: [PATCH] Adds toggle port security on network create (#37390)

Added a new property, 'port_security_enabled' which is a boolean to
enable or disable port_security during network creation. The default
behaviour will enable port security, security group and anti spoofing
will act as before. When the attribute is set to False, security
group and anti spoofing are disabled on the ports created on this
network.

Shade supports this option in versions > 1.27.1
---
 .../modules/cloud/openstack/os_network.py     | 20 +++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/lib/ansible/modules/cloud/openstack/os_network.py b/lib/ansible/modules/cloud/openstack/os_network.py
index 9515479c83..f699b4ac2f 100644
--- a/lib/ansible/modules/cloud/openstack/os_network.py
+++ b/lib/ansible/modules/cloud/openstack/os_network.py
@@ -69,7 +69,15 @@ options:
    availability_zone:
      description:
        - Ignored. Present for backwards compatibility
-requirements: ["openstacksdk"]
+   port_security_enabled:
+     description:
+        -  Whether port security is enabled on the network or not.
+           Network will use OpenStack defaults if this option is
+           not utilised.
+     type: bool
+     version_added: "2.8"
+requirements:
+     - "openstacksdk"
 '''
 
 EXAMPLES = '''
@@ -155,7 +163,8 @@ def main():
         provider_network_type=dict(required=False),
         provider_segmentation_id=dict(required=False),
         state=dict(default='present', choices=['absent', 'present']),
-        project=dict(default=None)
+        project=dict(default=None),
+        port_security_enabled=dict(default=False, type='bool')
     )
 
     module_kwargs = openstack_module_kwargs()
@@ -170,6 +179,7 @@ def main():
     provider_network_type = module.params['provider_network_type']
     provider_segmentation_id = module.params['provider_segmentation_id']
     project = module.params.get('project')
+    port_security_enabled = module.params['port_security_enabled']
 
     sdk, cloud = openstack_cloud_from_module(module)
     try:
@@ -196,10 +206,12 @@ def main():
 
                 if project_id is not None:
                     net = cloud.create_network(name, shared, admin_state_up,
-                                               external, provider, project_id)
+                                               external, provider, project_id,
+                                               port_security_enabled=port_security_enabled)
                 else:
                     net = cloud.create_network(name, shared, admin_state_up,
-                                               external, provider)
+                                               external, provider,
+                                               port_security_enabled=port_security_enabled)
                 changed = True
             else:
                 changed = False