7307339a7e
* Added nxos_acls module * Adding tests * Added integration tests * Integration tests update * Updated documentation * Replaced state changes * Added warning detection * Added port-protocol mapping * Added change * Merge update changes * Completed integration tests, rtt * Added unit tests * Linting Added metaclass info * Changed port protocol to str * Fixed shippable errors, added examples * Fixed type error, updated examples
108 lines
3 KiB
YAML
108 lines
3 KiB
YAML
---
|
|
- debug:
|
|
msg: Start nxos_acls merged integration tests connection={{ansible_connection}}"
|
|
|
|
- include_tasks: remove_config.yaml
|
|
|
|
- block:
|
|
- name: Merged
|
|
nxos_acls: &merged
|
|
config:
|
|
- afi: ipv4
|
|
acls:
|
|
- name: ACL1v4
|
|
aces:
|
|
- grant: deny
|
|
destination:
|
|
address: 192.0.2.64
|
|
wildcard_bits: 0.0.0.255
|
|
source:
|
|
any: true
|
|
port_protocol:
|
|
lt: 25
|
|
protocol: tcp
|
|
protocol_options:
|
|
tcp:
|
|
ack: true
|
|
fin: true
|
|
sequence: 50
|
|
- grant: permit
|
|
protocol: ip
|
|
source:
|
|
any: true
|
|
destination:
|
|
any: true
|
|
fragments: true
|
|
log: true
|
|
sequence: 20
|
|
|
|
- afi: ipv6
|
|
acls:
|
|
- name: ACL1v6
|
|
aces:
|
|
- grant: permit
|
|
sequence: 10
|
|
source:
|
|
any: true
|
|
destination:
|
|
host: 2001:db8:12::128
|
|
protocol: sctp
|
|
state: merged
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result.changed == True"
|
|
- "'ip access-list ACL1v4' in result.commands"
|
|
- "'20 permit ip any any fragments log' in result.commands"
|
|
- "'50 deny tcp any lt smtp 192.0.2.64 0.0.0.255 ack fin' in result.commands"
|
|
- "'ipv6 access-list ACL1v6' in result.commands"
|
|
- "'10 permit sctp any host 2001:db8:12::128' in result.commands"
|
|
- "result.commands | length == 5 "
|
|
|
|
- name: Gather acls facts
|
|
nxos_facts:
|
|
gather_subset:
|
|
- "!all"
|
|
- "!min"
|
|
gather_network_resources: acls
|
|
|
|
- assert:
|
|
that:
|
|
- "ansible_facts.network_resources.acls == result.after"
|
|
|
|
- name: Idempotence - Merged
|
|
nxos_acls: *merged
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result.changed == false"
|
|
|
|
- name: Update one parameter of an ACE
|
|
nxos_acls:
|
|
config:
|
|
- afi: ipv4
|
|
acls:
|
|
- name: ACL1v4
|
|
aces:
|
|
- grant: permit
|
|
protocol: tcp
|
|
source:
|
|
any: true
|
|
destination:
|
|
any: true
|
|
sequence: 20
|
|
precedence: 5
|
|
state: merged
|
|
register: result
|
|
|
|
- assert:
|
|
that:
|
|
- "result.changed == True"
|
|
- "'ip access-list ACL1v4' in result.commands"
|
|
- "'no 20' in result.commands"
|
|
- "'20 permit tcp any any fragments precedence critical log' in result.commands"
|
|
|
|
always:
|
|
- include_tasks: remove_config.yaml
|