Merge pull request #45 from am-beta/feature/routing-policy-rule

Network: support for [RoutingPolicyRule] and its most common parameters
kpfleming · Feb 15, 2025 · c321424 · c321424
2 parents c38aadb + abf8f6b
commit c321424
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,7 @@ for emergencies or non-content releases).
 
 ## [Unreleased]
 
+- Added `routing_policy_rules` block to the `network` role.
 - Added `table` parameter to the options of the elements of `routes` in
   the `network` role.
 

diff --git a/src/roles/network/meta/argument_specs.yml b/src/roles/network/meta/argument_specs.yml
@@ -235,6 +235,26 @@ argument_specs:
               table:
                 description: The routing table to add this route to.
                 type: str
+          routing_policy_rules:
+            description: Rules for policy-based routing.
+            type: list
+            elements: dict
+            options:
+              from:
+                description: Source address prefix to match.
+                type: str
+              to:
+                description: Destination address prefix to match.
+                type: str
+              firewall_mark:
+                description: Netfilter firewall mark to match.
+                type: str
+              table:
+                description: Routing table to look up in case of match.
+                type: str
+              priority:
+                description: Priority of this rule.
+                type: int
           dhcpv4:
             description: Attributes of the DHCPv4 client on the network.
             type: dict

diff --git a/src/roles/network/templates/network.j2 b/src/roles/network/templates/network.j2
@@ -132,6 +132,23 @@
 {% endif %}
 {% endfor %}
 
+{% endfor %}
+{% endif %}
+{% if "routing_policy_rules" in network -%}
+{% for v in network.routing_policy_rules -%}
+[RoutingPolicyRule]
+{% for arg, value in v.items() %}
+{% if value is string or value is integer %}
+{{ network_routing_policy_rule_arguments[arg] }}={{ value }}
+{% elif value is boolean %}
+{{ network_routing_policy_rule_arguments[arg] }}={{ value|ternary('yes','no') }}
+{% else %}
+{% for v in value %}
+{{ network_routing_policy_rule_arguments[arg] }}={{ v }}
+{% endfor %}
+{% endif %}
+{% endfor %}
+
 {% endfor %}
 {% endif %}
 {% if "cake" in network -%}

diff --git a/workflow-support/parameter_mapping.yml b/workflow-support/parameter_mapping.yml
@@ -89,6 +89,13 @@ network_route_arguments:
   type: Type
   table: Table
 
+network_routing_policy_rule_arguments:
+  from: From
+  to: To
+  firewall_mark: FirewallMark
+  table: Table
+  priority: Priority
+
 network_dhcpv4_arguments:
   client_identifier: ClientIdentifier
   hostname: Hostname

diff --git a/workflow-support/templates/network-vars.yml.j2 b/workflow-support/templates/network-vars.yml.j2
@@ -18,3 +18,5 @@ network_dhcpv6_arguments: {{ network_dhcpv6_arguments }}
 network_ipv6acceptra_arguments: {{ network_ipv6acceptra_arguments }}
 
 network_cake_arguments: {{ network_cake_arguments }}
+
+network_routing_policy_rule_arguments: {{ network_routing_policy_rule_arguments }}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -18,3 +18,5 @@ network_dhcpv6_arguments: {{ network_dhcpv6_arguments }}
		network_ipv6acceptra_arguments: {{ network_ipv6acceptra_arguments }}

		network_cake_arguments: {{ network_cake_arguments }}

		network_routing_policy_rule_arguments: {{ network_routing_policy_rule_arguments }}