Add additional security group rules support

When customizing Amphora, like syslog forwarding support, we need to add
some rules to octavia_sec_grp. This change allows us to specify
additional rules using variables.

Change-Id: Ia0388171b784615924f5a5dafb5e160e942123db

defaults/main.yml

@@ -337,6 +337,8 @@ octavia_amp_image_resource:
 
 # Name of the Octavia security group
 octavia_security_group_name: octavia_sec_grp
+# Additional rules to add to the security group for the amphora
+octavia_security_group_additional_rules: []
 # Restrict access to only authorized hosts
 octavia_security_group_rule_cidr: "{{ octavia_management_net_subnet_cidr }}"
 # ssh enabled - switch to True if you need ssh access to the amphora

releasenotes/notes/add-additional-security-group-rules-support-99470d209ffa97c4.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - Added a new variable ``octavia_security_group_additional_rules``
+    that allows configuration of additional security group rules for
+    Amphora.

tasks/octavia_resources.yml

@@ -97,6 +97,7 @@
             {% if octavia_management_net_dhcp %}
             {%   set _ = rules.append(_octavia_security_rule_dhcp) %}
             {% endif %}
+            {% set _ = rules.extend(octavia_security_group_additional_rules) %}
             {{ rules }}
     openstack_resources_network: |-
       {% set network_resources = _octavia_security_groups %}