# Ansible playbook to push policy for a specific list.
# Travis - Check Point SE
# June 2022
# O_o tHe pAcKeTs nEvEr LiE o_O #

---

- hosts: checkpoint_mgmt  # Tells Ansible which plugin to use.
  connection: httpapi  # Determines connection.
  tasks:

    - name: Gather All Packages  # Connects to the manager and pulls all packages with full details.
      check_point.mgmt.cp_mgmt_package_facts:
        details_level: full
        limit: 50
        offset: 0
      register: result  # Registers the returned JSON response as a variable.
      
    - set_fact:  # Creating a list from the Package object in the JSON.
        package_list: "{{result.ansible_facts.packages.packages | list }}"
        push_list:  # List the policy packages you want to install here.
          - Standard
          - AddPolicyNamesHere
      
    - name: Push Policy to All Packages listed.  # Loops through the packages and targets and pushes policy.
      check_point.mgmt.cp_mgmt_install_policy:
        access: true
        policy_package: "{{ item.0.name }}"
        targets: "{{ item.1.name }}"
      when: item.0.name in push_list  # This is the condition that checks the list above and omits whatever is not on the list.
      loop: "{{ package_list| subelements('installation-targets') }}"