cmr migration: add firewallrule export + import step and new description version

Checklist

• [x] Checked if it requires a pylibjuju change?
• ~~[ ] Added integration tests for the PR?~~

Description of change

• small refactoring of the state.firewallrule struct by adding getter and removing direct access to the members
• moving WellKnownServiceType to core/firewall
• adds firewall rules export to migration steps
• adds firewall rules import to migration steps
• refactor transaction handling of firewallrules

QA steps

firewallrules in the db

regression only, as it still needs the import steps.

sh
❯ juju set-firewall-rule ssh --whitelist 192.168.1.0/16


~
❯ juju firewall-rules
Service  Whitelist subnets
ssh      192.168.1.0/16

migration

sh
juju bootstrap dst
juju bootstrap src
juju add-model blog
juju deploy wordpress
juju set-firewall-rule ssh --whitelist 192.168.1.0/16

❯ juju list-firewall-rules
Service  Whitelist subnets
ssh      192.168.1.0/16

juju migrate blog dst
juju switch dst:admin/blog

❯ juju list-firewall-rules
Service  Whitelist subnets
ssh      192.168.1.0/16

firewallrules applied check on AWS

cmr

juju add-model blog
juju deploy wikimedia
juju machines  status "blocked" because database required
juju add-model db
juju deploy mysql
juju set-firewall-rule juju-application-offer <ip_from_wikimedia>/32
juju offer mysql:db
juju switch blog
juju add-relation wikimedia:db mysql:db
juju status -> status "running"
</ip_from_wikimedia>

• in securitygroups settings of the juju-db-machine-0 you should see one additional row with the source being /32 e.g.

cmr migration

is not part of this pr and should be done in another pr. Related to migrating the offer and setting the watcher appropriately.

该提问来源于开源项目：juju/juju