100 lines
2.9 KiB
YAML
100 lines
2.9 KiB
YAML
|
---
|
||
|
- debug:
|
||
|
msg: Start nxos_acls overridden integration tests connection={{ansible_connection}}"
|
||
|
|
||
|
- include_tasks: populate_config.yaml
|
||
|
|
||
|
- block:
|
||
|
- name: Overridden (first test)
|
||
|
nxos_acls:
|
||
|
config:
|
||
|
- afi: ipv4
|
||
|
acls:
|
||
|
- name: NewACL
|
||
|
aces:
|
||
|
- grant: deny
|
||
|
source:
|
||
|
address: 192.0.2.0
|
||
|
wildcard_bits: 0.0.255.255
|
||
|
destination:
|
||
|
any: true
|
||
|
protocol: eigrp
|
||
|
- remark: Example for overridden state
|
||
|
state: overridden
|
||
|
register: result
|
||
|
|
||
|
- assert:
|
||
|
that:
|
||
|
- "result.changed==True"
|
||
|
- "'no ip access-list ACL1v4' in result.commands"
|
||
|
- "'no ip access-list ACL2v4' in result.commands"
|
||
|
- "'no ipv6 access-list ACL1v6' in result.commands"
|
||
|
- "'no ipv6 access-list ACL2v6' in result.commands"
|
||
|
- "'ip access-list NewACL' in result.commands"
|
||
|
- "'deny eigrp 192.0.2.0 0.0.255.255 any' in result.commands"
|
||
|
- "'remark Example for overridden state' in result.commands"
|
||
|
- "result.commands|length==7"
|
||
|
|
||
|
- name: Gather acls post facts
|
||
|
nxos_facts: &facts
|
||
|
gather_subset:
|
||
|
- "!all"
|
||
|
- "!min"
|
||
|
gather_network_resources: acls
|
||
|
|
||
|
- assert:
|
||
|
that:
|
||
|
- "ansible_facts.network_resources.acls == result.after"
|
||
|
|
||
|
- include_tasks: populate_config.yaml
|
||
|
|
||
|
- name: Overridden (second test)
|
||
|
nxos_acls: &overridden
|
||
|
config:
|
||
|
- afi: ipv6
|
||
|
acls:
|
||
|
- name: ACL1v6
|
||
|
aces:
|
||
|
- grant: deny
|
||
|
protocol: udp
|
||
|
destination:
|
||
|
any: true
|
||
|
source:
|
||
|
host: 2001:db8:3431::12
|
||
|
port_protocol:
|
||
|
lt: 35
|
||
|
sequence: 10
|
||
|
state: overridden
|
||
|
register: result
|
||
|
|
||
|
- assert:
|
||
|
that:
|
||
|
- "result.changed==True"
|
||
|
- "'no ip access-list ACL1v4' in result.commands"
|
||
|
- "'no ip access-list ACL2v4' in result.commands"
|
||
|
- "'no ipv6 access-list ACL2v6' in result.commands"
|
||
|
- "'no ip access-list NewACL' in result.commands"
|
||
|
- "'ipv6 access-list ACL1v6' in result.commands"
|
||
|
- "'no 10 permit sctp any any' in result.commands"
|
||
|
- "'no 20 remark IPv6 ACL' in result.commands"
|
||
|
- "'10 deny udp host 2001:db8:3431::12 lt 35 any' in result.commands"
|
||
|
- "result.commands|length==8"
|
||
|
|
||
|
- name: Gather acls post facts
|
||
|
nxos_facts: *facts
|
||
|
|
||
|
- assert:
|
||
|
that:
|
||
|
- "ansible_facts.network_resources.acls == result.after"
|
||
|
|
||
|
- name: Idempotence - overridden
|
||
|
nxos_acls: *overridden
|
||
|
register: result
|
||
|
|
||
|
- assert:
|
||
|
that:
|
||
|
- "result.changed == false"
|
||
|
|
||
|
always:
|
||
|
- include_tasks: remove_config.yaml
|