adds apm module to manage network access components for APM (#59993)

This commit is contained in:
Wojciech Wypior 2019-08-07 14:44:57 +01:00 committed by Tim Rupp
parent 47e3ed8100
commit 7b97abf6a2
3 changed files with 1341 additions and 0 deletions

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,98 @@
{
"kind": "tm:apm:resource:network-access:network-accessstate",
"name": "test",
"partition": "Common",
"fullPath": "/Common/test",
"generation": 1140,
"selfLink": "https://localhost/mgmt/tm/apm/resource/network-access/~Common~test?ver=12.1.4",
"addressSpaceDhcpRequestsExcluded": "true",
"addressSpaceExcludeDnsName": [
"baz.com",
"bazfoo.com"
],
"addressSpaceIncludeDnsName": [
"foo.com",
"bar.com"
],
"addressSpaceLocDnsServersExcluded": "true",
"addressSpaceLocalSubnetsExcluded": "true",
"addressSpaceProtect": "false",
"applicationLaunchWarning": "true",
"autoLaunch": "false",
"clientInterfaceSpeed": 100000000,
"clientIpFilterEngine": "false",
"clientPowerManagement": "ignore",
"clientProxy": "false",
"clientProxyAddress": "any6",
"clientProxyEnforceSubnets": "true",
"clientProxyIgnoreAutoConfigError": "false",
"clientProxyLocalBypass": "false",
"clientProxyPort": 0,
"clientProxyUseHttpPac": "false",
"clientProxyUseLocalProxy": "false",
"clientTrayIcon": "true",
"compression": "none",
"customizationGroup": "/Common/test_resource_network_access_customization",
"customizationGroupReference": {
"link": "https://localhost/mgmt/tm/apm/policy/customization-group/~Common~test_resource_network_access_customization?ver=12.1.4"
},
"dnsEnforceSearchOrder": "true",
"dnsPrimary": "any6",
"dnsRegisterConnection": "false",
"dnsSecondary": "any6",
"dnsUseDnsSuffixForRegistration": "false",
"dtls": "false",
"dtlsPort": 4433,
"executeLogoffScripts": "false",
"idleTimeoutThreshold": 0,
"idleTimeoutWindow": 0,
"ipv6DnsPrimary": "any6",
"ipv6DnsSecondary": "any6",
"ipv6LeasepoolName": "/Common/ipv6lease",
"ipv6LeasepoolNameReference": {
"link": "https://localhost/mgmt/tm/apm/resource/ipv6-leasepool/~Common~ipv6lease?ver=12.1.4"
},
"leasepoolName": "/Common/ipv4lease",
"leasepoolNameReference": {
"link": "https://localhost/mgmt/tm/apm/resource/leasepool/~Common~ipv4lease?ver=12.1.4"
},
"locationSpecific": "true",
"microsoftNetworkClient": "true",
"microsoftNetworkServer": "false",
"networkTunnel": "enabled",
"preserveSourcePortStrict": "none",
"provideClientCert": "true",
"proxyArp": "false",
"snat": "automap",
"splitTunneling": "true",
"supportedIpVersion": "ipv4-ipv6",
"syncWithActiveDirectory": "false",
"type": "network-access",
"winsPrimary": "any6",
"winsSecondary": "any6",
"addressSpaceExcludeSubnet": [
{
"subnet": "192.168.1.0/24"
},
{
"subnet": "192.168.2.1/32"
}
],
"addressSpaceIncludeSubnet": [
{
"subnet": "10.10.10.1/32"
},
{
"subnet": "10.11.11.0/24"
}
],
"ipv6AddressSpaceIncludeSubnet": [
{
"subnet": "2607:f0d0:1002:51::4/128"
}
],
"optimizedAppReference": {
"link": "https://localhost/mgmt/tm/apm/resource/network-access/~Common~test/optimized-app?ver=12.1.4",
"isSubcollection": true
}
}

View file

@ -0,0 +1,211 @@
# -*- coding: utf-8 -*-
#
# Copyright: (c) 2019, F5 Networks Inc.
# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import os
import json
import pytest
import sys
if sys.version_info < (2, 7):
pytestmark = pytest.mark.skip("F5 Ansible modules require Python >= 2.7")
from ansible.module_utils.basic import AnsibleModule
try:
from library.modules.bigip_apm_network_access import ApiParameters
from library.modules.bigip_apm_network_access import ModuleParameters
from library.modules.bigip_apm_network_access import ModuleManager
from library.modules.bigip_apm_network_access import ArgumentSpec
# In Ansible 2.8, Ansible changed import paths.
from test.units.compat import unittest
from test.units.compat.mock import Mock
from test.units.compat.mock import patch
from test.units.modules.utils import set_module_args
except ImportError:
from ansible.modules.network.f5.bigip_apm_network_access import ApiParameters
from ansible.modules.network.f5.bigip_apm_network_access import ModuleParameters
from ansible.modules.network.f5.bigip_apm_network_access import ModuleManager
from ansible.modules.network.f5.bigip_apm_network_access import ArgumentSpec
# Ansible 2.8 imports
from units.compat import unittest
from units.compat.mock import Mock
from units.compat.mock import patch
from units.modules.utils import set_module_args
fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures')
fixture_data = {}
def load_fixture(name):
path = os.path.join(fixture_path, name)
if path in fixture_data:
return fixture_data[path]
with open(path) as f:
data = f.read()
try:
data = json.loads(data)
except Exception:
pass
fixture_data[path] = data
return data
class TestParameters(unittest.TestCase):
def test_module_parameters(self):
args = dict(
name='foo',
ip_version='ipv4',
split_tunnel=True,
description='foobar',
allow_local_subnet=True,
allow_local_dns=True,
snat_pool='foo_pool',
dtls=True,
dtls_port=4443,
ipv4_lease_pool='ipv4lease',
excluded_ipv4_adresses=[dict(subnet='10.10.10.1')],
ipv4_address_space=[dict(subnet='192.168.1.0/24')],
dns_address_space=['foobar.com'],
excluded_dns_addresses=['bar-foo.org']
)
p = ModuleParameters(params=args)
assert p.name == 'foo'
assert p.ip_version == 'ipv4'
assert p.split_tunnel == 'true'
assert p.allow_local_subnet == 'true'
assert p.allow_local_dns == 'true'
assert p.snat_pool == '/Common/foo_pool'
assert p.description == 'foobar'
assert p.dtls == 'true'
assert p.dtls_port == 4443
assert p.ipv4_lease_pool == '/Common/ipv4lease'
assert p.excluded_ipv4_adresses == [dict(subnet='10.10.10.1/32')]
assert p.ipv4_address_space == [dict(subnet='192.168.1.0/24')]
assert p.dns_address_space == ['foobar.com']
assert p.excluded_dns_addresses == ['bar-foo.org']
def test_api_parameters(self):
args = load_fixture('load_apm_network_access.json')
p = ApiParameters(params=args)
assert p.name == 'test'
assert p.ip_version == 'ipv4-ipv6'
assert p.split_tunnel == 'true'
assert p.allow_local_subnet == 'true'
assert p.allow_local_dns == 'true'
assert p.snat_pool == 'automap'
assert p.dtls == 'false'
assert p.dtls_port == 4433
assert p.ipv4_lease_pool == '/Common/ipv4lease'
assert p.excluded_ipv4_adresses == [
dict(subnet='192.168.1.0/24'),
dict(subnet='192.168.2.1/32')
]
assert p.ipv4_address_space == [
dict(subnet='10.10.10.1/32'),
dict(subnet='10.11.11.0/24')
]
assert p.dns_address_space == ['foo.com', 'bar.com']
assert p.excluded_dns_addresses == ['baz.com', 'bazfoo.com']
assert p.ipv6_address_space == [dict(subnet="2607:f0d0:1002:51::4/128")]
class TestManager(unittest.TestCase):
def setUp(self):
self.spec = ArgumentSpec()
def test_create_ipv4_net_access(self, *args):
set_module_args(dict(
name='foo',
ip_version='ipv4',
split_tunnel=True,
description='foobar',
allow_local_subnet=True,
allow_local_dns=True,
snat_pool='foo_pool',
dtls=True,
dtls_port=4443,
ipv4_lease_pool='ipv4lease',
excluded_ipv4_adresses=[dict(subnet='10.10.10.1')],
ipv4_address_space=[dict(subnet='192.168.1.0/24')],
dns_address_space=['foobar.com'],
excluded_dns_addresses=['bar-foo.org'],
provider=dict(
server='localhost',
password='password',
user='admin'
)
))
module = AnsibleModule(
argument_spec=self.spec.argument_spec,
supports_check_mode=self.spec.supports_check_mode,
)
# Override methods in the specific type of manager
mm = ModuleManager(module=module)
mm.exists = Mock(return_value=False)
mm.create_on_device = Mock(return_value=True)
results = mm.exec_module()
assert results['changed'] is True
assert results['ip_version'] == 'ipv4'
assert results['split_tunnel'] == 'yes'
assert results['allow_local_subnet'] == 'yes'
assert results['allow_local_dns'] == 'yes'
assert results['snat_pool'] == '/Common/foo_pool'
assert results['description'] == 'foobar'
assert results['dtls'] == 'yes'
assert results['dtls_port'] == 4443
assert results['ipv4_lease_pool'] == '/Common/ipv4lease'
assert results['excluded_ipv4_adresses'] == [dict(subnet='10.10.10.1')]
assert results['ipv4_address_space'] == [dict(subnet='192.168.1.0/24')]
assert results['dns_address_space'] == ['foobar.com']
assert results['excluded_dns_addresses'] == ['bar-foo.org']
def test_update_ipv4_net_access(self, *args):
set_module_args(dict(
name='test',
excluded_ipv4_adresses=[dict(subnet='10.10.10.1')],
ipv4_address_space=[dict(subnet='192.168.1.0/24')],
provider=dict(
server='localhost',
password='password',
user='admin'
)
))
current = ApiParameters(params=load_fixture('load_apm_network_access.json'))
module = AnsibleModule(
argument_spec=self.spec.argument_spec,
supports_check_mode=self.spec.supports_check_mode,
)
# Override methods in the specific type of manager
mm = ModuleManager(module=module)
mm.exists = Mock(return_value=True)
mm.update_on_device = Mock(return_value=True)
mm.read_current_from_device = Mock(return_value=current)
results = mm.exec_module()
assert results['changed'] is True
assert results['excluded_ipv4_adresses'] == [dict(subnet='10.10.10.1')]
assert results['ipv4_address_space'] == [dict(subnet='192.168.1.0/24')]