ansible/test/integration/targets/meraki_nat/tasks/tests.yml

363 lines
8.6 KiB
YAML
Raw Normal View History

# Test code for the Meraki NAT module
# Copyright: (c) 2019, Kevin Breit (@kbreit)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
---
- block:
- name: Create test network
meraki_network:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
type: appliance
- name: Create 1:1 rule with check mode
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_one:
- name: Service behind NAT
public_ip: 1.2.1.2
lan_ip: 192.168.128.1
uplink: internet1
allowed_inbound:
- protocol: tcp
destination_ports:
- 80
allowed_ips:
- 10.10.10.10
register: create_one_one_check
check_mode: yes
- debug:
var: create_one_one_check
- assert:
that:
- create_one_one_check is changed
- name: Create 1:1 rule
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_one:
- name: Service behind NAT
public_ip: 1.2.1.2
lan_ip: 192.168.128.1
uplink: internet1
allowed_inbound:
- protocol: tcp
destination_ports:
- 80
allowed_ips:
- 10.10.10.10
register: create_one_one
- debug:
var: create_one_one
- assert:
that:
- create_one_one is changed
- name: Create 1:1 rule with idempotency
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_one:
- name: Service behind NAT
public_ip: 1.2.1.2
lan_ip: 192.168.128.1
uplink: internet1
allowed_inbound:
- protocol: tcp
destination_ports:
- 80
allowed_ips:
- 10.10.10.10
register: create_one_one_idempotent
- debug:
var: create_one_one_idempotent
- assert:
that:
- create_one_one_idempotent is not changed
- name: Create 1:many rule with check mode
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_many:
- public_ip: 1.1.1.1
uplink: internet1
port_rules:
- name: Test rule
protocol: tcp
public_port: 10
local_ip: 192.168.128.1
local_port: 11
allowed_ips:
- any
register: create_one_many_check
check_mode: yes
- debug:
var: create_one_many_check
- assert:
that:
- create_one_many_check is changed
- name: Create 1:many rule
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_many:
- public_ip: 1.1.1.1
uplink: internet1
port_rules:
- name: Test rule
protocol: tcp
public_port: 10
local_ip: 192.168.128.1
local_port: 11
allowed_ips:
- any
register: create_one_many
- debug:
var: create_one_many
- assert:
that:
- create_one_many is changed
- name: Create 1:many rule with idempotency
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
one_to_many:
- public_ip: 1.1.1.1
uplink: internet1
port_rules:
- name: Test rule
protocol: tcp
public_port: 10
local_ip: 192.168.128.1
local_port: 11
allowed_ips:
- any
register: create_one_many_idempotent
- debug:
var: create_one_many_idempotent
- assert:
that:
- create_one_many_idempotent is not changed
- name: Create port forwarding rule with check mode
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
port_forwarding:
- name: Test map
lan_ip: 192.168.128.1
uplink: both
protocol: tcp
allowed_ips:
- 1.1.1.1
public_port: 10
local_port: 11
register: create_pf_check
check_mode: yes
- debug:
var: create_pf_check
- assert:
that:
- create_pf_check is changed
- name: Create port forwarding rule
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
port_forwarding:
- name: Test map
lan_ip: 192.168.128.1
uplink: both
protocol: tcp
allowed_ips:
- 1.1.1.1
public_port: 10
local_port: 11
register: create_pf
- debug:
var: create_pf
- assert:
that:
- create_pf is changed
- name: Create port forwarding rule with idempotency
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
port_forwarding:
- name: Test map
lan_ip: 192.168.128.1
uplink: both
protocol: tcp
allowed_ips:
- 1.1.1.1
public_port: 10
local_port: 11
register: create_pf_idempotent
- debug:
var: create_pf_idempotent
- assert:
that:
- create_pf_idempotent is not changed
- create_pf_idempotent.data.port_forwarding is defined
- name: Create multiple rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: present
port_forwarding:
- name: Test map
lan_ip: 192.168.128.1
uplink: both
protocol: tcp
allowed_ips:
- 1.1.1.2
public_port: 10
local_port: 11
one_to_many:
- public_ip: 1.1.1.3
uplink: internet1
port_rules:
- name: Test rule
protocol: tcp
public_port: 10
local_ip: 192.168.128.1
local_port: 11
allowed_ips:
- any
register: create_multiple
- debug:
var: create_multiple
- assert:
that:
- create_multiple is changed
- create_multiple.data.one_to_many is defined
- create_multiple.data.port_forwarding is defined
- assert:
that:
- create_multiple is changed
- create_multiple.data.one_to_many is defined
- create_multiple.data.port_forwarding is defined
- create_multiple.diff.before.one_to_many is defined
- create_multiple.diff.before.port_forwarding is defined
- create_multiple.diff.after.one_to_many is defined
- create_multiple.diff.after.port_forwarding is defined
- name: Query all NAT rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: query
subset: all
register: query_all
- debug:
var: query_all
- name: Query 1:1 NAT rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: query
subset: '1:1'
register: query_1to1
- debug:
var: query_1to1
- name: Query 1:many NAT rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: query
subset: '1:many'
register: query_1tomany
- debug:
var: query_1tomany
- name: Query port forwarding rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: query
subset: port_forwarding
register: query_pf
- debug:
var: query_pf
- name: Query multiple rules
meraki_nat:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: query
subset:
- '1:1'
- '1:many'
register: query_multiple
- debug:
var: query_multiple
always:
- name: Delete test network
meraki_network:
auth_key: '{{auth_key}}'
org_name: '{{test_org_name}}'
net_name: '{{test_net_name}}'
state: absent