From 76c1abf44764778aa6e11bae57df5ee5f69a947b Mon Sep 17 00:00:00 2001
From: Jonas L <jooola@users.noreply.github.com>
Date: Wed, 4 Oct 2023 10:59:50 +0200
Subject: [PATCH] fix: firewall port argument is required with udp or tcp
 (#345)

##### SUMMARY

When managing a tcp/udp firewall rule, provide a clear error message
when the port is missing from the rule.

Closes #344

##### ISSUE TYPE

- Bugfix Pull Request


##### COMPONENT NAME

hcloud_firewall
---
 ...require-firewall-port-argument-on-tcp-or-udp-protocol.yaml | 2 ++
 plugins/modules/hcloud_firewall.py                            | 4 ++++
 2 files changed, 6 insertions(+)
 create mode 100644 changelogs/fragments/require-firewall-port-argument-on-tcp-or-udp-protocol.yaml

diff --git a/changelogs/fragments/require-firewall-port-argument-on-tcp-or-udp-protocol.yaml b/changelogs/fragments/require-firewall-port-argument-on-tcp-or-udp-protocol.yaml
new file mode 100644
index 0000000..8474078
--- /dev/null
+++ b/changelogs/fragments/require-firewall-port-argument-on-tcp-or-udp-protocol.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+  - hcloud_firewall - The port argument is required when the firewall rule protocol is `udp` or `tcp`.
diff --git a/plugins/modules/hcloud_firewall.py b/plugins/modules/hcloud_firewall.py
index 9669cc1..f2ee2c0 100644
--- a/plugins/modules/hcloud_firewall.py
+++ b/plugins/modules/hcloud_firewall.py
@@ -314,6 +314,10 @@ class AnsibleHCloudFirewall(AnsibleHCloud):
                         description={"type": "str"},
                     ),
                     required_together=[["direction", "protocol"]],
+                    required_if=[
+                        ["protocol", "udp", ["port"]],
+                        ["protocol", "tcp", ["port"]],
+                    ],
                 ),
                 labels={"type": "dict"},
                 state={