--- - debug: msg: "START vyos_firewall_rules replaced integration tests on connection={{ ansible_connection }}" - include_tasks: _remove_config.yaml - include_tasks: _populate.yaml - block: - name: Replace device configurations of listed firewall rules with provided configurations vyos_firewall_rules: &replaced config: - afi: 'ipv6' rule_sets: - name: 'UPLINK' description: 'This is ipv6 specific rule-set' default_action: 'accept' - afi: 'ipv4' rule_sets: - name: 'INBOUND' description: 'IPv4 INBOUND rule set' default_action: 'accept' rules: - number: 101 action: 'accept' description: 'Rule 101 is configured by Ansible' ipsec: 'match-ipsec' - number: 104 action: 'reject' description: 'Rule 104 is configured by Ansible' ipsec: 'match-none' state: replaced register: result - name: Assert that correct set of commands were generated assert: that: - "{{ replaced['commands'] | symmetric_difference(result['commands']) |length == 0 }}" - name: Assert that before dicts are correctly generated assert: that: - "{{ populate | symmetric_difference(result['before']) |length == 0 }}" - name: Assert that after dict is correctly generated assert: that: - "{{ replaced['after'] | symmetric_difference(result['after']) |length == 0 }}" - name: Replace device configurations of listed firewall rules with provided configurarions (IDEMPOTENT) vyos_firewall_rules: *replaced register: result - name: Assert that task was idempotent assert: that: - "result['changed'] == false" - name: Assert that before dict is correctly generated assert: that: - "{{ replaced['after'] | symmetric_difference(result['before']) |length == 0 }}" always: - include_tasks: _remove_config.yaml