d5b04aa1f1
* cloudstack: test: cs_network_acl: add check_mode tests * cloudstack: test: cs_pod: add check_mode tests * cloudstack: test: cs_user: add check_mode tests * cloudstack: test: cs_sshkeypair: add check_mode tests * cloudstack: test: cs_project: add check_mode tests * cloudstack: test: cs_vpc: add check_mode tests * cloudstack: test: cs_vpn_gateway: add check_mode tests * cloudstack: test: cs_volume: add check_mode tests * cloudstack: test: cs_vmsnapshot: add check_mode tests * cloudstack: test: cs_account: add check_mode tests * cloudstack: test: cs_affinitygroup: add check_mode tests * cloudstack: test: cs_cluster: add check_mode tests * cloudstack: test: cs_domain: add check_mode tests * cloudstack: test: cs_instancegroup: add check_mode tests * cloudstack: test: cs_iso: add check_mode tests * cloudstack: test: cs_loadbalancer_rule: add check_mode tests * cloudstack: test: cs_portforward: add check_mode tests * cloudstack: test: cs_resourcelimit: add check_mode tests * cloudstack: test: cs_securitygroup: add check_mode tests * cloudstack: test: cs_securitygroup_rule: add check_mode tests * cloudstack: test: cs_configuration: add check_mode tests * cloudstack: test: cs_firewall: add check_mode tests * cloudstack: test: cs_instance: add check_mode tests * cloudstack: query current tags from API Fixes unexpected tags returned in check mode.
171 lines
4.2 KiB
YAML
171 lines
4.2 KiB
YAML
---
|
|
- name: test remove http range rule in check mode
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
start_port: 8000
|
|
end_port: 8888
|
|
cidr: 1.2.3.4/32
|
|
state: absent
|
|
register: sg_rule
|
|
check_mode: true
|
|
- name: verify create http range rule in check mode
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'ingress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.protocol == 'tcp'
|
|
- sg_rule.start_port == 8000
|
|
- sg_rule.end_port == 8888
|
|
- sg_rule.cidr == '1.2.3.4/32'
|
|
|
|
- name: test remove http range rule
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
start_port: 8000
|
|
end_port: 8888
|
|
cidr: 1.2.3.4/32
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify create http range rule
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'ingress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.protocol == 'tcp'
|
|
- sg_rule.start_port == 8000
|
|
- sg_rule.end_port == 8888
|
|
- sg_rule.cidr == '1.2.3.4/32'
|
|
|
|
- name: test remove http range rule idempotence
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
start_port: 8000
|
|
end_port: 8888
|
|
cidr: 1.2.3.4/32
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify create http range rule idempotence
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- not sg_rule|changed
|
|
|
|
- name: test remove single port udp rule in check mode
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
port: 5353
|
|
protocol: udp
|
|
type: egress
|
|
user_security_group: '{{ cs_resource_prefix }}_sg'
|
|
state: absent
|
|
register: sg_rule
|
|
check_mode: true
|
|
- name: verify remove single port udp rule in check mode
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'egress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.protocol == 'udp'
|
|
- sg_rule.start_port == 5353
|
|
- sg_rule.end_port == 5353
|
|
- sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'
|
|
|
|
- name: test remove single port udp rule
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
port: 5353
|
|
protocol: udp
|
|
type: egress
|
|
user_security_group: '{{ cs_resource_prefix }}_sg'
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify remove single port udp rule
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'egress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.protocol == 'udp'
|
|
- sg_rule.start_port == 5353
|
|
- sg_rule.end_port == 5353
|
|
- sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'
|
|
|
|
- name: test remove single port udp rule idempotence
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
port: 5353
|
|
protocol: udp
|
|
type: egress
|
|
user_security_group: '{{ cs_resource_prefix }}_sg'
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify remove single port udp rule idempotence
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- not sg_rule|changed
|
|
|
|
- name: test remove icmp rule in check mode
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
protocol: icmp
|
|
type: ingress
|
|
icmp_type: -1
|
|
icmp_code: -1
|
|
state: absent
|
|
register: sg_rule
|
|
check_mode: true
|
|
- name: verify icmp rule in check mode
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'ingress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.cidr == '0.0.0.0/0'
|
|
- sg_rule.protocol == 'icmp'
|
|
- sg_rule.icmp_code == -1
|
|
- sg_rule.icmp_type == -1
|
|
|
|
- name: test remove icmp rule
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
protocol: icmp
|
|
type: ingress
|
|
icmp_type: -1
|
|
icmp_code: -1
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify icmp rule
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- sg_rule|changed
|
|
- sg_rule.type == 'ingress'
|
|
- sg_rule.security_group == 'default'
|
|
- sg_rule.cidr == '0.0.0.0/0'
|
|
- sg_rule.protocol == 'icmp'
|
|
- sg_rule.icmp_code == -1
|
|
- sg_rule.icmp_type == -1
|
|
|
|
- name: test remove icmp rule idempotence
|
|
cs_securitygroup_rule:
|
|
security_group: default
|
|
protocol: icmp
|
|
type: ingress
|
|
icmp_type: -1
|
|
icmp_code: -1
|
|
state: absent
|
|
register: sg_rule
|
|
- name: verify icmp rule idempotence
|
|
assert:
|
|
that:
|
|
- sg_rule|success
|
|
- not sg_rule|changed
|