From f7aa994f343a8b27bb4d3806df65261f7dab92b9 Mon Sep 17 00:00:00 2001
From: Ryan Rotter <rrotter@users.noreply.github.com>
Date: Wed, 6 Nov 2024 12:28:35 -0500
Subject: [PATCH] prometheus firewall temp fixup

We were setting both action and jump on the same exported resource
because 'action' override doesn't clear the 'jump' default.
---
 manifests/profile/prometheus.pp | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/manifests/profile/prometheus.pp b/manifests/profile/prometheus.pp
index c7cee274b..10b5e2d1b 100644
--- a/manifests/profile/prometheus.pp
+++ b/manifests/profile/prometheus.pp
@@ -243,17 +243,24 @@
         tag   => "${::datacenter}_prometheus_public_ipmi_exporter",
         dport => 9290,
       ;
+    }
+
+    @@firewall {
+      default:
+        proto  => 'tcp',
+        source => $address,
+        state  => 'NEW',
+        action => 'accept',
+      ;
 
       "010 prometheus public node exporter firewall6 ${::hostname} ${address}":
         tag    => "firewall6-${::datacenter}_prometheus_public_node_exporter",
         dport  => 9100,
-        action => 'accept',
       ;
 
       "010 prometheus public ipmi exporter firewall6 ${::hostname} ${address}":
         tag    => "firewall6-${::datacenter}_prometheus_public_ipmi_exporter",
         dport  => 9290,
-        action => 'accept',
       ;
     }
   }