Add/remove interfaces to zone using PCI device ID

[BrennanPaciorek]

• Add/remove interfaces to a zone using PCI ID (formatted XXXX:XXXX, VendorID:DeviceID)
  • Collision of interfaces with the same PCI ID (while unlikely) is handled by applying the play to each interface with the PCI id
  • fixes RHBZ 2100939
  • Useful as it allows control nodes to manage interfaces by what a device is rather than what interface name it was assigned.
• Added Network Manger interfacing in the same capacity to which firewall-cmd interacts with Network Manager for interfaces
  • See --[add/remove/change]-interface at https://firewalld.org/documentation/man-pages/firewall-cmd.html

[BrennanPaciorek]

I'm still tweaking the test, as there will likely be variance in the PCI ids of valid interfaces for each operating system.

[liangwen12year]

The following is what currently in the firewall_lib.py, you may make proper changes to that if you plan to stick with interface as the key name for PCI ID.

  interface:
    description:
      List of interface name strings.
    required: false
    type: list
    elements: str

[richm]

[citest commit:ed1b763a125d77dec38ef56204c30e6fa542e9dc]

[richm]

[citest commit:ed1b763a125d77dec38ef56204c30e6fa542e9dc]

[BrennanPaciorek]

I need to update the test for this feature, specifically to check for dbus errors in case there is no "stdout" when fetching FIREWALL_BACKEND nevermind, its probably not an issue that an dbus error is raised, just that its not being parsed correctly

[richm]

CI test failures

• the */ansible-2.12/(citool) failures are due to a bad CI change - just ignore these
• the */ansible-2.9/(citool) failures are due to a bug in the role:

  
  TASK [get backend from dbus] ***************************************************
  Tuesday 19 July 2022  16:15:44 +0000 (0:00:00.052)       0:00:08.915 ********** 
  fatal: [sut]: FAILED! => {
  "changed": false,
  "cmd": "dbus-send --system --print-reply --type=method_call --dest=org.fedoraproject.FirewallD1 /org/fedoraproject/FirewallD1/config org.freedesktop.DBus.Properties.Get string:org.fedoraproject.FirewallD1.config string:FirewallBackend",
  "rc": 2
  }

MSG:

[Errno 2] No such file or directory: b'dbus-send' ...ignoring

TASK [get backend from result] ***** Tuesday 19 July 2022 16:15:44 +0000 (0:00:00.391) 0:00:09.307 ** fatal: [sut]: FAILED! => {}

MSG:

The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'

The error appears to be in '/WORKDIR/dist-git-firewall-gh87-jMYE8r/tests/tests_interface_pci.yml': line 21, column 7, but may be elsewhere in the file depending on the exact syntax problem.

you can ignore the other failures

[BrennanPaciorek]

Okay that should fix the testsuite, CI tests just need to be run to be sure. All feedback has been implemented in the same update to the branch

[richm]

[citest]

[richm]

ok - lgtm - @vrindle @liangwen12year ?

[richm]

ok - I think this is ready to merge, unless there are any other objections?

[vrindle]

LGTM