From 6f3e70313ec33d515cb47eea1a1b0da5e473b9aa Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien@redhat.com>
Date: Mon, 2 Apr 2018 09:07:53 -0700
Subject: [PATCH] masquerade: stop using YAQL for iptables data

See https://bugs.launchpad.net/tripleo/+bug/1760211 but the YAQL + Heat
format hasn't helped us to build the data needed by Puppet to create
IPtables rules for masquerading.

We'll solve it in puppet-tripleo with native hash iterations, so for
that we just export MasqueradeNetworks to Hiera and we'll use this data
from the puppet module directly.

Depends-On: I8dda3c164de90954855979529de4f1100a858b45

Related-Bug: #1760211
Change-Id: I81379cf93f505fb65c1ad7e6a2adcc6942b04bc0
---
 puppet/services/masquerade-networks.yaml | 27 +++---------------------
 1 file changed, 3 insertions(+), 24 deletions(-)

diff --git a/puppet/services/masquerade-networks.yaml b/puppet/services/masquerade-networks.yaml
index f152374db3..2f748f8ca6 100644
--- a/puppet/services/masquerade-networks.yaml
+++ b/puppet/services/masquerade-networks.yaml
@@ -41,28 +41,7 @@ outputs:
     value:
       service_name: masquerade_networks
       config_settings:
-        tripleo.masquerade_networks.firewall_rules:
-          repeat:
-             for_each:
-                NETWORK: {get_param: MasqueradeNetworks}
-                INDEX:
-                  yaql:
-                    expression: range(len($.data)).select(str($))
-                    data: {get_param: MasqueradeNetworks}
-                DESTINATIONS:
-                  yaql:
-                    expression: $.data.values().select(' - ' + $.join('\n - '))
-                    data: {get_param: MasqueradeNetworks}
-             template: >
-               '137 routed_network return_INDEX':
-                 table: 'nat'
-                 source: 'NETWORK'
-                 destination:
-                   DESTINATIONS
-                 jump: 'RETURN'
-               '138 routed_network masquerade_INDEX':
-                 table: 'nat'
-                 source: 'NETWORK'
-                 jump: 'MASQUERADE'
-      step_config: ''
+        masquerade_networks: {get_param: MasqueradeNetworks}
+      step_config: |
+        include tripleo::masquerade_networks
       upgrade_tasks: []