NXOS NXAPI TLS & Cipher (#43651)

* Testing commands over various nxapi levels of cipher and ssl strengths.

* Reworked nxos nxapi ssl/tlv transport testing

* Added additional nxos nxapi httpapi local transport test suite

* Added meta: end_play to nxos nxapi transports task to
prevent execution unless nxos_ssl is defined.

* Refactored nxos nxapi tls and cipher options testing

* Removed blank line

* Renamed variable ssl to the more appropriate ciphers

* After each transport perumation test reset nxapi on the switch to
ensure no previous configuration is still present on the next test.

* 43651: Removed unnecessary changes to nxos_nxapi & removed hard-coded
nxapi port numbers.

test/integration/targets/nxos_nxapi_transports/defaults/main.yaml

@@ -0,0 +1,2 @@
+---
+testcase: "*"

test/integration/targets/nxos_nxapi_transports/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+  - prepare_nxos_tests

test/integration/targets/nxos_nxapi_transports/tasks/main.yaml

@@ -0,0 +1,2 @@
+---
+- { include: nxapi.yaml, tags: ['nxapi'] }

test/integration/targets/nxos_nxapi_transports/tasks/nxapi.yaml

@@ -0,0 +1,24 @@
+---
+
+- block:
+
+  - set_fact:
+      tls:
+        - [ yes, no, no ]
+        - [ no, yes, no ]
+        - [ no, no, yes ]
+  - set_fact:
+      ciphers:
+        - yes
+        - no
+
+  - name: NXAPI various transport tests with different TLS and ciphers 
+    vars:
+      tlsv1_2: "{{ item[0][0] }}"
+      tlsv1_1: "{{ item[0][1] }}"
+      tlsv1_0: "{{ item[0][2] }}"
+      ssl_strong_ciphers: "{{ item[1] }}"
+    include: targets/nxos_nxapi_transports/tests/nxapi/assert_test.yaml
+    loop: "{{ tls | product(ciphers) | list }}"
+
+  when: (platform is match("N9K") or platform is match("N3K") or platform is match("N9K-F") or platform is match("N35") or platform is match("N3L")) and major_version is version('9.2', '>=')

test/integration/targets/nxos_nxapi_transports/tests/nxapi/assert_test.yaml

@@ -0,0 +1,38 @@
+- block:
+
+  - debug: msg="START nxapi/setup_test.yaml"
+
+  - name: "Configure NXAPI tlsv1_2={{ tlsv1_2 }}, tlsv1_1={{ tlsv1_1 }}, tlsv1_0={{ tlsv1_0 }}, ssl_strong_ciphers={{ ssl_strong_ciphers }}"
+    nxos_nxapi:
+      enable_http: no
+      enable_https: yes
+      https_port: 443
+      tlsv1_2: "{{ tlsv1_2 }}"
+      tlsv1_1: "{{ tlsv1_1 }}"
+      tlsv1_0: "{{ tlsv1_0 }}"
+      ssl_strong_ciphers: "{{ ssl_strong_ciphers }}"
+    connection: network_cli
+    register: result
+
+  - name: Assert NXAPI setup test  was successful
+    assert: &assert_false
+       that:
+          - "result.failed == false"
+
+  - name: Assert transports
+    include: targets/nxos_nxapi_transports/tests/nxapi/assert_transports.yaml
+
+  - debug: msg="END nxapi/setup_test.yaml"
+
+  always:
+  - name: Cleanup - Disable NXAPI
+    nxos_nxapi:
+      state: absent
+    connection: network_cli
+    register: result
+
+  - name: Cleanup - Re-enable NXAPI
+    nxos_nxapi:
+      state: present
+    connection: network_cli
+    register: result

test/integration/targets/nxos_nxapi_transports/tests/nxapi/assert_transports.yaml

@@ -0,0 +1,26 @@
+---
+
+- nxos_command:
+    commands:
+      - show hostname
+  connection: httpapi
+  vars:
+    ansible_httpapi_use_ssl: yes
+    ansible_httpapi_validate_certs: no
+  register: result
+
+- name: Assert command over connection httpapi was successful
+  assert:
+     that:
+        - "result.failed == false"
+
+- nxos_command:
+    commands:
+      - show hostname
+    provider: "{{ nxapi_ssl }}"
+  register: result
+
+- name: Assert command over nxapi_ssl provider was successful
+  assert:
+     that:
+        - "result.failed == false"