db783eb2b9
* Initial commit for module - Module can query or modify network services on Meraki gear - Check mode supported - Integration tests included * Small change to examples * Move mutual exclusive to build in approach * Sanity err * Split integration tests into two files to avoid delegate_to * Add the integration tests, woops
196 lines
4.8 KiB
YAML
196 lines
4.8 KiB
YAML
# Test code for the Meraki modules
|
|
# Copyright: (c) 2019, Kevin Breit (@kbreit)
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
---
|
|
- block:
|
|
- name: Create network
|
|
meraki_network:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
type: appliance
|
|
register: create
|
|
|
|
- set_fact:
|
|
net_id: create.data.id
|
|
|
|
- name: Set icmp service to blocked with check mode
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: ICMP
|
|
access: blocked
|
|
register: icmp_blocked_check
|
|
check_mode: yes
|
|
|
|
- debug:
|
|
var: icmp_blocked_check
|
|
|
|
- assert:
|
|
that:
|
|
- icmp_blocked_check.data is defined
|
|
- icmp_blocked_check is changed
|
|
|
|
- name: Set icmp service to blocked
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: ICMP
|
|
access: blocked
|
|
register: icmp_blocked
|
|
|
|
- debug:
|
|
var: icmp_blocked
|
|
|
|
- assert:
|
|
that:
|
|
- icmp_blocked.data is defined
|
|
- icmp_blocked is changed
|
|
|
|
- name: Set icmp service to blocked with idempotency
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: ICMP
|
|
access: blocked
|
|
register: icmp_blocked_idempotent
|
|
|
|
- debug:
|
|
var: icmp_blocked_idempotent
|
|
|
|
- assert:
|
|
that:
|
|
- icmp_blocked_idempotent.data is defined
|
|
- icmp_blocked_idempotent is not changed
|
|
|
|
- name: Set icmp service to restricted with check mode
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: web
|
|
access: restricted
|
|
allowed_ips:
|
|
- 192.0.1.1
|
|
- 192.0.1.2
|
|
check_mode: yes
|
|
register: web_restricted_check
|
|
|
|
- debug:
|
|
var: web_restricted_check
|
|
|
|
- assert:
|
|
that:
|
|
- web_restricted_check.data is defined
|
|
- web_restricted_check is changed
|
|
|
|
- name: Set icmp service to restricted
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: web
|
|
access: restricted
|
|
allowed_ips:
|
|
- 192.0.1.1
|
|
- 192.0.1.2
|
|
register: web_restricted
|
|
|
|
- debug:
|
|
var: web_restricted
|
|
|
|
- assert:
|
|
that:
|
|
- web_restricted.data is defined
|
|
- web_restricted is changed
|
|
|
|
- name: Set icmp service to restricted with idempotency
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: web
|
|
access: restricted
|
|
allowed_ips:
|
|
- 192.0.1.1
|
|
- 192.0.1.2
|
|
register: web_restricted_idempotent
|
|
|
|
- debug:
|
|
var: web_restricted_idempotent
|
|
|
|
- assert:
|
|
that:
|
|
- web_restricted_idempotent.data is defined
|
|
- web_restricted_idempotent is not changed
|
|
|
|
- name: Test error for access restricted and allowed_ips
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: present
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: web
|
|
access: unrestricted
|
|
allowed_ips:
|
|
- 192.0.1.1
|
|
- 192.0.1.2
|
|
register: access_error
|
|
ignore_errors: yes
|
|
|
|
- assert:
|
|
that:
|
|
- 'access_error.msg == "allowed_ips is only allowed when access is restricted."'
|
|
|
|
- name: Query appliance services
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: query
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
register: query_appliance
|
|
|
|
- debug:
|
|
var: query_appliance
|
|
|
|
- assert:
|
|
that:
|
|
- query_appliance.data is defined
|
|
|
|
- name: Query services
|
|
meraki_firewalled_services:
|
|
auth_key: '{{ auth_key }}'
|
|
state: query
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|
|
service: ICMP
|
|
register: query_service
|
|
|
|
- debug:
|
|
var: query_service
|
|
|
|
- assert:
|
|
that:
|
|
- query_service.data is defined
|
|
|
|
#############################################################################
|
|
# Tear down starts here
|
|
#############################################################################
|
|
always:
|
|
- name: Delete all networks
|
|
meraki_network:
|
|
auth_key: '{{ auth_key }}'
|
|
state: absent
|
|
org_name: '{{test_org_name}}'
|
|
net_name: IntTestNetworkAppliance
|