--- - debug: msg: Start nxos_acls merged integration tests connection={{ansible_connection}}" - include_tasks: remove_config.yaml - block: - name: Merged nxos_acls: &merged config: - afi: ipv4 acls: - name: ACL1v4 aces: - grant: deny destination: address: 192.0.2.64 wildcard_bits: 0.0.0.255 source: any: true port_protocol: lt: 25 protocol: tcp protocol_options: tcp: ack: true fin: true sequence: 50 - grant: permit protocol: ip source: any: true destination: any: true fragments: true log: true sequence: 20 - afi: ipv6 acls: - name: ACL1v6 aces: - grant: permit sequence: 10 source: any: true destination: host: 2001:db8:12::128 protocol: sctp state: merged register: result - assert: that: - "result.changed == True" - "'ip access-list ACL1v4' in result.commands" - "'20 permit ip any any fragments log' in result.commands" - "'50 deny tcp any lt smtp 192.0.2.64 0.0.0.255 ack fin' in result.commands" - "'ipv6 access-list ACL1v6' in result.commands" - "'10 permit sctp any host 2001:db8:12::128' in result.commands" - "result.commands | length == 5 " - name: Gather acls facts nxos_facts: gather_subset: - "!all" - "!min" gather_network_resources: acls - assert: that: - "ansible_facts.network_resources.acls == result.after" - name: Idempotence - Merged nxos_acls: *merged register: result - assert: that: - "result.changed == false" - name: Update one parameter of an ACE nxos_acls: config: - afi: ipv4 acls: - name: ACL1v4 aces: - grant: permit protocol: tcp source: any: true destination: any: true sequence: 20 precedence: 5 state: merged register: result - assert: that: - "result.changed == True" - "'ip access-list ACL1v4' in result.commands" - "'no 20' in result.commands" - "'20 permit tcp any any fragments precedence critical log' in result.commands" always: - include_tasks: remove_config.yaml