diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
| commit | a453ac31f3428614cceb99027f8efbdb9258a40b (patch) | |
| tree | f61f87408f32a8511cbd91799f9cececb53e0374 /collections-debian-merged/ansible_collections/cisco/asa/tests/integration | |
| parent | Initial commit. (diff) | |
| download | ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.tar.xz ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.zip | |
Adding upstream version 2.10.7+merged+base+2.10.8+dfsg.upstream/2.10.7+merged+base+2.10.8+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collections-debian-merged/ansible_collections/cisco/asa/tests/integration')
84 files changed, 3488 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg new file mode 100644 index 00000000..d12c1efe --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg @@ -0,0 +1,4 @@ +[persistent_connection] +command_timeout = 100 +connect_timeout = 100 +connect_retry_timeout = 100 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network new file mode 100644 index 00000000..50b13099 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network @@ -0,0 +1 @@ +asa
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml new file mode 100644 index 00000000..d45342df --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml @@ -0,0 +1,34 @@ +--- +- debug: msg="START cli/basic.yaml" + +- name: Basic ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: Basic ACL idempotency + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-BASIC + provider: '{{ cli }}' + +- debug: msg="END cli/basic.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml new file mode 100644 index 00000000..bc3a5413 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/full_name_match.yaml" + +- name: Basic ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC2 extended permit tcp any any eq www + - access-list ACL-BASIC2 extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: Should not match for ACL-BASIC2 + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-BASIC + - clear configure access-list ACL-BASIC2 + provider: '{{ cli }}' + +- debug: msg="END cli/full_name_match.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml new file mode 100644 index 00000000..fafea5fc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml @@ -0,0 +1,43 @@ +--- +- debug: msg="START cli/insert.yaml" + +- name: Create ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-INSERT extended permit tcp any any eq www + - access-list ACL-INSERT extended permit tcp any any eq https + +- name: Insert on first line + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-INSERT extended permit tcp any any eq www + - access-list ACL-INSERT extended permit tcp any any eq https + - access-list ACL-INSERT line 1 extended permit tcp any any eq ssh + +- name: Show ACL + register: result + cisco.asa.asa_command: + provider: '{{ cli }}' + commands: show run access-list ACL-INSERT + +- name: Show me + debug: + var: result + +- name: + assert: + that: + - result.stdout_lines[0][0].rstrip() == 'access-list ACL-INSERT extended permit + tcp any any eq ssh' + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-INSERT + provider: '{{ cli }}' + +- debug: msg="END cli/insert.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml new file mode 100644 index 00000000..852a6bee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml new file mode 100644 index 00000000..23d65c7e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml @@ -0,0 +1,2 @@ +--- +dependencies: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml new file mode 100644 index 00000000..4a37ae1f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml @@ -0,0 +1,21 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + delegate_to: localhost + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg new file mode 100644 index 00000000..1dabc77c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg @@ -0,0 +1,5 @@ +access-list test_access; 2 elements; name hash: 0xaf1b712e +access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors +access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 +access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml new file mode 100644 index 00000000..dafe55db --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml @@ -0,0 +1,62 @@ +--- +- name: Populate Config + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - name: test_R1_traffic + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml new file mode 100644 index 00000000..74e21f61 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml @@ -0,0 +1,21 @@ +--- +- name: Populate Network Object-group + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..f2d64eab --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove Config + cisco.asa.asa_acls: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml new file mode 100644 index 00000000..50921c3b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove configured Object group + cisco.asa.asa_ogs: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml new file mode 100644 index 00000000..00edc194 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml @@ -0,0 +1,64 @@ +--- +- debug: + msg: Start Deleted integration state for asa_acls ansible_connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Delete attributes of provided configured ACLs + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + - name: test_global_access + state: deleted + + - assert: + that: + - result.commands|length == 3 + - result.changed == true + - result.commands|symmetric_difference(deleted.commands) == [] + + - name: Delete attributes of all configured interfaces (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that the previous delete task was idempotent + assert: + that: + - result.commands|length == 0 + - result.changed == false + + - include_tasks: _remove_config.yaml + + - include_tasks: _populate_config.yaml + + - name: Delete all off ACLs configured + register: result + cisco.asa.asa_acls: &id002 + state: deleted + + - assert: + that: + - result.commands|length == 4 + - result.changed == true + - result.commands|symmetric_difference(delete_all.commands) == [] + + - name: Delete ACL attributes of provided configured interfaces based on AFI + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id002 + + - name: Assert that the previous delete task was idempotent + assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml new file mode 100644 index 00000000..6f465b60 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml @@ -0,0 +1,59 @@ +--- +- debug: + msg: START asa_acls empty_config.yaml integration tests on connection={{ ansible_connection + }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' + +- name: Parsed with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state parsed' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml new file mode 100644 index 00000000..f9d44bfb --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml @@ -0,0 +1,24 @@ +--- +- debug: + msg: START asa_acls gathered integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Gather the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_acls: + config: + state: gathered + + - assert: + that: + - gathered['config']['acls'] | symmetric_difference(result.gathered.acls) == [] + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml new file mode 100644 index 00000000..a1e10613 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml @@ -0,0 +1,130 @@ +--- +- debug: + msg: START Merged asa_acls state for integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml + +- block: + + - name: Merge provided configuration with device configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol: icmp + protocol_options: + icmp: + alternate_address: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - grant: deny + line: 3 + protocol: tcp + protocol_options: + tcp: true + source: + host: 198.51.110.0 + destination: + any: true + port_protocol: + eq: www + log: default + - grant: deny + line: 4 + protocol: tcp + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged + + - assert: + that: + - result.commands|length == 7 + - result.changed == true + - result.commands|symmetric_difference(merged.commands) == [] + + - name: Merge provided configuration with device configuration (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml new file mode 100644 index 00000000..1e0378b2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml @@ -0,0 +1,66 @@ +--- +- debug: + msg: START Overridden asa_acls state for integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Override device configuration of all interfaces with provided configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + state: overridden + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Override device configuration of all interfaces with provided configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml new file mode 100644 index 00000000..af24ffa4 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml @@ -0,0 +1,16 @@ +--- +- debug: + msg: START asa_acls parsed integration tests on connection={{ ansible_connection + }} + +- name: Parse the commands for provided configuration + become: true + register: result + cisco.asa.asa_acls: + running_config: "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + +- assert: + that: + - result.changed == false + - parsed['config']['acls']|symmetric_difference(result.parsed.acls) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml new file mode 100644 index 00000000..6a448b9e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml @@ -0,0 +1,112 @@ +--- +- debug: + msg: Start asa_acls rendered integration tests ansible_connection={{ ansible_connection + }} + +- block: + + - name: Rendered the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol: icmp + protocol_options: + icmp: + alternate_address: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - grant: deny + line: 3 + protocol: tcp + protocol_options: + tcp: true + source: + host: 198.51.110.0 + destination: + any: true + port_protocol: + eq: www + log: default + - grant: deny + line: 4 + protocol: tcp + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: rendered + + - assert: + that: + - result.changed == false + - result.rendered|symmetric_difference(merged.commands) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml new file mode 100644 index 00000000..16849c8f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml @@ -0,0 +1,83 @@ +--- +- debug: + msg: START Replaced asa_acls state for integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Replaces device configuration of listed interfaces with provided configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.3.0 + netmask: 255.255.255.0 + destination: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + state: replaced + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(replaced.commands) == [] + + - name: Replaces device configuration of listed interfaces with provided configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml new file mode 100644 index 00000000..3fec4608 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml @@ -0,0 +1,139 @@ +--- +- debug: + msg: START asa_acls round trip integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Apply the provided configuration (base config) + register: base_config + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged + + - name: Gather ACLs facts + cisco.asa.asa_facts: + gather_subset: + - '!all' + - '!min' + gather_network_resources: + - acls + + - name: Apply the configuration which need to be reverted + register: result + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + state: overridden + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Revert back to base config using facts round trip + register: revert + cisco.asa.asa_acls: + config: "{{ ansible_facts['network_resources']['acls'] }}" + state: overridden + + - assert: + that: + - revert.commands|length == 6 + - revert.changed == true + - revert.commands|symmetric_difference(rtt.commands) == [] + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml new file mode 100644 index 00000000..281cb8d6 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml @@ -0,0 +1,158 @@ +--- +deleted: + commands: + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +delete_all: + commands: + - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +merged: + commands: + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny icmp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 alternate-address log errors + - access-list test_access line 3 extended deny tcp host 198.51.110.0 any eq www log default + - access-list test_access line 4 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - access-list test_global_access line 1 extended deny tcp any any eq www log errors + - access-list test_global_access line 2 extended deny tcp interface management interface management eq www log warnings + - access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive +replaced: + commands: + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.3.0 255.255.255.0 192.0.4.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - access-list test_global_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www +overridden: + commands: + - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www + - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default +gathered: + config: + acls: + - aces: + - destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + grant: deny + line: 1 + log: default + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + - destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + grant: deny + line: 2 + log: errors + protocol: igrp + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + acl_type: extended + name: test_access + - aces: + - destination: + any: true + port_protocol: + eq: www + grant: deny + line: 1 + log: errors + protocol: tcp + protocol_options: + tcp: true + source: + any: true + acl_type: extended + name: test_global_access + - aces: + - destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + grant: deny + inactive: true + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + acl_type: extended + name: test_R1_traffic +parsed: + config: + acls: + - aces: + - destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + grant: deny + line: 1 + log: default + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + - destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + grant: deny + line: 2 + log: errors + protocol: igrp + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + acl_type: extended + name: test_access + - aces: + - destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + grant: deny + inactive: true + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + acl_type: extended + name: test_R1_traffic +rtt: + commands: + - no access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - access-list test_global_access line 1 extended deny tcp any any eq www log errors + - access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml new file mode 100644 index 00000000..6ba1e96a --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml @@ -0,0 +1,20 @@ +--- +- debug: msg="START cli/bad_operator.yaml" + +- name: test bad operator + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + - show interfaces GigabitEthernet 0/0 + wait_for: + + - result[0] contains 'Description: Foo' + +- assert: + that: + - result.failed == true + - result.msg is defined + +- debug: msg="END cli/bad_operator.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml new file mode 100644 index 00000000..ea8960bd --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml @@ -0,0 +1,19 @@ +--- +- debug: msg="START cli/contains.yaml" + +- name: test contains operator + register: result + cisco.asa.asa_command: + commands: + - show version + - show interface + wait_for: + - result[0] contains 'Cisco Adaptive Security Appliance Software Version' + - result[1] contains 'Hardware' + +- assert: + that: + - result.changed == false + - result.stdout is defined + +- debug: msg="END cli/contains.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml new file mode 100644 index 00000000..2cc9c6e7 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml @@ -0,0 +1,28 @@ +--- +- debug: msg="START cli/invalid.yaml" + +- name: run invalid command + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show foo + +- assert: + that: + - result.failed + +- name: run commands that include invalid command + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + - show foo + +- assert: + that: + - result.failed + ignore_errors: true + +- debug: msg="END cli/invalid.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml new file mode 100644 index 00000000..73a8780d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml @@ -0,0 +1,28 @@ +--- +- debug: msg="START cli/output.yaml" + +- name: get output for single command + register: result + cisco.asa.asa_command: + commands: + - show version + +- assert: + that: + - result.changed == false + - result.stdout is defined + +- name: get output for multiple commands + register: result + cisco.asa.asa_command: + commands: + - show version + - show interface + +- assert: + that: + - result.changed == false + - result.stdout is defined + - result.stdout | length == 2 + +- debug: msg="END cli/output.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml new file mode 100644 index 00000000..10f2e636 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml @@ -0,0 +1,18 @@ +--- +- debug: msg="START cli/timeout.yaml" + +- name: test bad condition + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + wait_for: + - result[0] contains bad_value_string + +- assert: + that: + - result.failed == true + - result.msg is defined + +- debug: msg="END cli/timeout.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml new file mode 100644 index 00000000..62cc1ae1 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml @@ -0,0 +1,7 @@ +--- +- include: cli.yaml + tags: + - cli + +- include: redirection.yaml + when: ansible_version.full is version('2.10.0', '>=') diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml new file mode 100644 index 00000000..922d23fe --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/redirection' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 new file mode 100644 index 00000000..779b731e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 @@ -0,0 +1,3 @@ +object-group network OG-ANSIBLE-TEMPLATE + description this is a test + network-object host 192.168.99.12 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 new file mode 100644 index 00000000..762e73de --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 @@ -0,0 +1,4 @@ +object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + description this is a test + network-object 10.0.0.0 255.255.255.0 + network-object 10.1.0.0 255.255.255.0 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml new file mode 100644 index 00000000..ef6dd275 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml @@ -0,0 +1,50 @@ +--- +- debug: msg="START cli/backup.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- name: collect any backup files + find: + paths: '{{ role_path }}/backup' + pattern: '{{ inventory_hostname_short }}_config*' + register: backup_files + connection: local + +- name: delete backup files + file: + path: '{{ item.path }}' + state: absent + with_items: '{{backup_files.files|default([])}}' + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + backup: true + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: collect any backup files + find: + paths: '{{ role_path }}/backup' + pattern: '{{ inventory_hostname_short }}_config*' + register: backup_files + connection: local + +- assert: + that: + - backup_files.files is defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- debug: msg="END cli/backup.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml new file mode 100644 index 00000000..e6ea89de --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/basic.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + +- assert: + that: + - result.changed == false + - result.updates is not defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- debug: msg="END cli/basic.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml new file mode 100644 index 00000000..f6583293 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml @@ -0,0 +1,41 @@ +--- +- debug: msg="START cli/defaults.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- name: configure device with defaults included + register: result + cisco.asa.asa_config: + src: defaults/config.j2 + defaults: true + +- debug: var=result + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with defaults included + register: result + cisco.asa.asa_config: + src: defaults/config.j2 + defaults: true + +- debug: var=result + +- assert: + that: + - result.changed == false + - result.updates is not defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- debug: msg="END cli/defaults.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml new file mode 100644 index 00000000..927d1485 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml @@ -0,0 +1,37 @@ +--- +- debug: msg="START cli/force.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + match: none + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + match: none + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- debug: msg="END cli/force.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml new file mode 100644 index 00000000..24d8d114 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml @@ -0,0 +1,34 @@ +--- +- debug: msg="START cli/more_system.yaml" + +- name: Prepare tunnel-group + cisco.asa.asa_config: + before: tunnel-group 192.0.2.1 type ipsec-l2l + lines: + - tunnel-group 192.0.2.1 ipsec-attributes + +- name: Setup tunnel-group + cisco.asa.asa_config: + parents: tunnel-group 192.0.2.1 ipsec-attributes + lines: + - ikev1 pre-shared-key abc123 + passwords: true + +- name: Test idempotency + register: result + cisco.asa.asa_config: + parents: tunnel-group 192.0.2.1 ipsec-attributes + lines: + - ikev1 pre-shared-key abc123 + passwords: true + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - clear configure tunnel-group 192.0.2.1 + +- debug: msg="END cli/more_system.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml new file mode 100644 index 00000000..a6357d67 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml @@ -0,0 +1,39 @@ +--- +- debug: msg="START cli/removal_error.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OGA-GOOGLE-DNS + +- name: configure test object-group + register: result + cisco.asa.asa_config: + parents: object-group network OGA-GOOGLE-DNS + lines: network-object host 8.8.8.8 + +- name: configure test access-list + cisco.asa.asa_config: + lines: access-list ANSIBLE-DNS extended permit udp any object-group OGA-GOOGLE-DNS + eq domain + +- name: try to remove object-group (should fail) + ignore_errors: true + register: result + cisco.asa.asa_config: + commands: + - no object-group network OGA-GOOGLE-DNS + +- name: Last command should fail + assert: + that: + - result.failed == true + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ANSIBLE-DNS + - no object-group network OGA-GOOGLE-DNS + +- debug: msg="END cli/removal_error.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml new file mode 100644 index 00000000..17ff240c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml @@ -0,0 +1,40 @@ +--- +- debug: msg="START cli/sublevel.yaml" + +- name: setup test + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-SUBLEVEL + +- name: configure sub level command + register: result + cisco.asa.asa_config: + lines: + - network-object host 192.168.10.1 + parents: + - object-group network OG-ANSIBLE-SUBLEVEL + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-SUBLEVEL' in result.updates" + - "'network-object host 192.168.10.1' in result.updates" + +- name: configure sub level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - network-object host 192.168.10.1 + parents: + - object-group network OG-ANSIBLE-SUBLEVEL + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-SUBLEVEL + +- debug: msg="END cli/sublevel.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml new file mode 100644 index 00000000..dfd91ca5 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml @@ -0,0 +1,62 @@ +--- +- debug: msg="START cli/sublevel_block.yaml" + +- name: setup + register: object_group + cisco.asa.asa_command: + commands: + - show run object-group + +- name: setup + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE + match: none + +- name: configure sub level command using block replace + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE + replace: block + after: + - exit + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' in result.updates" + - "'network-object 192.168.20.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' in result.updates" + +- name: check sub level command using block replace + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE + replace: block + after: + - exit + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE + +- debug: msg="END cli/sublevel_block.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml new file mode 100644 index 00000000..6dc6032d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml @@ -0,0 +1,67 @@ +--- +- debug: msg="START cli/sublevel_exact.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + before: + - no object-group network OG-ANSIBLE-EXACT + after: + - exit + +- name: configure sub level command using exact match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + after: + - exit + match: exact + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-EXACT' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' in result.updates" + - "'network-object 192.168.20.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' in result.updates" + - "'network-object 192.168.50.0 255.255.255.0' not in result.updates" + +- name: check sub level command using exact match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + after: + - exit + match: exact + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-EXACT + +- debug: msg="END cli/sublevel_exact.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml new file mode 100644 index 00000000..79259e05 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml @@ -0,0 +1,63 @@ +--- +- debug: msg="START cli/sublevel_strict.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + before: + - no object-group network OG-ANSIBLE-STRICT + after: + - exit + +- name: configure sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + match: strict + +- assert: + that: + - result.changed == false + +- name: check sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + after: + - exit + match: strict + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-STRICT' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' not in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' not in result.updates" + - "'network-object 192.168.50.0 255.255.255.0' not in result.updates" + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-STRICT + +- debug: msg="END cli/sublevel_strict.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml new file mode 100644 index 00000000..9998d7b9 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml @@ -0,0 +1,70 @@ +--- +- debug: msg="START cli/sublevel_strict_mul_parents.yaml on connection={{ ansible_connection}}" + +- name: setup + cisco.asa.asa_config: + lines: + - class-map c1 + - match default-inspection-traffic + - policy-map p1 + - class c1 + match: none + +- name: configure sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - inspect ftp + - inspect tftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == true + - "'inspect ftp' in result.updates" + - "'inspect tftp' in result.updates" + +- name: change sub level command order and config with strict match + register: result + cisco.asa.asa_config: + lines: + - inspect tftp + - inspect ftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == true + - "'inspect ftp' in result.updates" + - "'inspect tftp' in result.updates" + +- name: Config sub level command with strict match (Idempotency) + register: result + cisco.asa.asa_config: + lines: + - inspect ftp + - inspect tftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no policy-map p1 + - no class-map c1 + match: strict + +- debug: msg="END cli/sublevel_strict_mul_parents.yaml on connection={{ ansible_connection + }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml new file mode 100644 index 00000000..62e0b47d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/toplevel.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - hostname firewall + +- name: configure top level command + register: result + cisco.asa.asa_config: + lines: + - hostname foo + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + +- name: configure top level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml new file mode 100644 index 00000000..0ea5bf5e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml @@ -0,0 +1,42 @@ +--- +- debug: msg="START cli/toplevel_after.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - snmp-server contact ansible + - hostname firewall + +- name: configure top level command with before + register: result + cisco.asa.asa_config: + lines: + - hostname foo + after: + - snmp-server contact bar + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + - "'snmp-server contact bar' in result.updates" + +- name: configure top level command with before idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + after: + - snmp-server contact foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no snmp-server contact + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_after.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml new file mode 100644 index 00000000..37341bff --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml @@ -0,0 +1,42 @@ +--- +- debug: msg="START cli/toplevel_before.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - snmp-server contact ansible + - hostname firewall + +- name: configure top level command with before + register: result + cisco.asa.asa_config: + lines: + - hostname foo + before: + - snmp-server contact bar + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + - "'snmp-server contact bar' in result.updates" + +- name: configure top level command with before idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + before: + - snmp-server contact foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no snmp-server contact + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_before.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml new file mode 100644 index 00000000..88382130 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START cli/toplevel_nonidempotent.yaml" + +- name: setup + cisco.asa.asa_config: + backup: true + +- name: configure top level command + register: result + cisco.asa.asa_config: + lines: + - hostname foo + match: strict + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + +- name: configure top level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + match: strict + +- assert: + that: + - result.changed == true + +- name: teardown + cisco.asa.asa_config: + lines: + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_nonidempotent.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml new file mode 100644 index 00000000..8c2a03e6 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START redirection/shortname.yaml on connection={{ ansible_connection }}" + +- name: Use src with module alias + register: result + cisco.asa.config: + src: basic/config.j2 + +- assert: + that: + # make sure that the template content was read and not the path + - result.failed == false + +- name: use module alias to take configuration backup + register: result + cisco.asa.config: + backup: true + backup_options: + filename: backup_with_alias.cfg + dir_path: '{{ role_path }}/backup_test_dir/{{ inventory_hostname_short }}' + +- assert: + that: + - result.changed == true + +- name: check if the backup file exist + find: + paths: '{{ role_path }}/backup_test_dir/{{ inventory_hostname_short }}/backup_with_alias.cfg' + register: backup_file + connection: local + +- assert: + that: + - backup_file.files is defined + +- debug: msg="END redirection/shortname.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml new file mode 100644 index 00000000..c8efaa17 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml @@ -0,0 +1,17 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: run test cases (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml new file mode 100644 index 00000000..f4ce2502 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml @@ -0,0 +1,26 @@ +--- +- debug: msg="START cli/all_facts.yaml on connection={{ ansible_connection }}" + +- name: test getting all facts + register: result + cisco.asa.asa_facts: + gather_subset: + - all + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'config' in result.ansible_facts.ansible_net_gather_subset" + - "'hardware' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - result.ansible_facts.ansible_net_memfree_mb > 1 + - result.ansible_facts.ansible_net_memtotal_mb > 1 + +- assert: + that: '{{ item.value.spacetotal_kb }} > {{ item.value.spacefree_kb }}' + loop: "{{ lookup('dict', result.ansible_facts.ansible_net_filesystems_info, wantlist=True)\ + \ }}" + +- debug: msg="END cli/all_facts.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml new file mode 100644 index 00000000..cd2e01dc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml @@ -0,0 +1,25 @@ +--- +- debug: msg="START cli/default_facts.yaml on connection={{ ansible_connection }}" + +- name: test getting default facts + register: result + cisco.asa.asa_facts: + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'hardware' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - "'config' not in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - result.ansible_facts.ansible_net_memtotal_mb > 10 + - result.ansible_facts.ansible_net_config is not defined + +- assert: + that: '{{ item.value.spacetotal_kb }} > {{ item.value.spacefree_kb }}' + loop: "{{ lookup('dict', result.ansible_facts.ansible_net_filesystems_info, wantlist=True)\ + \ }}" + +- debug: msg="END cli/default.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml new file mode 100644 index 00000000..45371923 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START cli/invalid_subset.yaml on connection={{ ansible_connection + }}" + +- name: test invalid subset (foobar) + register: result + ignore_errors: true + cisco.asa.asa_facts: + gather_subset: + - foobar + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - result.failed == true + - result.msg == 'Subset must be one of [config, default, hardware], + got foobar' + +- name: test subset specified multiple times + register: result + ignore_errors: true + cisco.asa.asa_facts: + gather_subset: + - '!hardware' + - hardware + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - result.failed == true + - result.msg == 'Bad subset' + ignore_errors: true + +- debug: msg="END cli/invalid_subset.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml new file mode 100644 index 00000000..c21fc46c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml @@ -0,0 +1,22 @@ +--- +- debug: msg="START cli/not_hardware_facts.yaml on connection={{ ansible_connection + }}" + +- name: test not hardware + register: result + cisco.asa.asa_facts: + gather_subset: + - '!hardware' + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'config' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - "'hardware' not in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is not defined + - result.ansible_facts.ansible_net_filesystems_info is not defined + +- debug: msg="END cli/not_hardware_facts.yaml on connection={{ ansible_connection + }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml new file mode 100644 index 00000000..10c0fabc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +testcase: '*' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml new file mode 100644 index 00000000..a0421f54 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml @@ -0,0 +1,19 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml new file mode 100644 index 00000000..1399b0e2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml @@ -0,0 +1,516 @@ +--- +- name: remove test config if any + ignore_errors: true + cisco.asa.asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 + +- block: + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 0 + register: result + cisco.asa.asa_og: &id001 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: &id002 + that: + - result.changed == true + + - name: idempotence check + register: result + cisco.asa.asa_og: *id001 + + - assert: &id004 + that: + - result.changed == false + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + + - name: STAGE 1 + register: result + cisco.asa.asa_og: &id003 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id003 + + - assert: *id004 + + - name: STAGE 1/B + register: result + cisco.asa.asa_og: + name: '{{ name }}' + group_type: network-object + state: present + + - assert: *id004 + + - set_fact: + name: ansible_test_1 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + + - name: STAGE 2 + register: result + cisco.asa.asa_og: &id005 + name: '{{ name }}' + group_type: network-object + state: present + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id005 + + - assert: *id004 + + - name: STAGE 2b + register: result + cisco.asa.asa_og: &id006 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id006 + + - assert: *id004 + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 3 + register: result + cisco.asa.asa_og: &id007 + name: '{{ name }}' + group_type: network-object + state: absent + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id007 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 4 + register: result + cisco.asa.asa_og: &id008 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id008 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + address: + - 10.0.0.0 255.0.0.0 + - 1.0.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 5 + register: result + cisco.asa.asa_og: &id009 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id009 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 9.9.9.9 + - 8.8.8.8 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 6 + register: result + cisco.asa.asa_og: &id010 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id010 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - www + - '1024' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1024 10024 + + - name: STAGE 7 + register: result + cisco.asa.asa_og: &id011 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id011 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1 100 + + - name: STAGE 8 + register: result + cisco.asa.asa_og: &id012 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id012 + + - assert: *id004 + + - name: STAGE 9 + register: result + cisco.asa.asa_og: &id013 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: absent + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id013 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1 100 + + - name: STAGE 10 + register: result + cisco.asa.asa_og: &id014 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id014 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - www + - kerberos + description: th1s_ISWhatitIS + port_range: + - 1024 1234 + + - name: STAGE 11 + register: result + cisco.asa.asa_og: &id015 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id015 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination eq 8080 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 12 + register: result + cisco.asa.asa_og: &id016 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id016 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 13 + register: result + cisco.asa.asa_og: &id017 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id017 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 14 + register: result + cisco.asa.asa_og: &id018 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: absent + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id018 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 15 + register: result + cisco.asa.asa_og: &id019 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id019 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 16 + register: result + cisco.asa.asa_og: &id020 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id020 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination eq 8080 + description: th1s_ISWhatitIS + + - name: STAGE 17 + register: result + cisco.asa.asa_og: &id021 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id021 + + - assert: *id004 + + always: + - name: remove test config if any + ignore_errors: true + cisco.asa.asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml new file mode 100644 index 00000000..852a6bee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml new file mode 100644 index 00000000..4a37ae1f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml @@ -0,0 +1,21 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + delegate_to: localhost + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg new file mode 100644 index 00000000..ead97272 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg @@ -0,0 +1,8 @@ +object-group network test_og_network + description test_og_network + network-object host 192.0.2.1 + network-object 192.0.2.0 255.255.255.0 +object-group network test_network_og + network-object 2001:db8:3::/64 +object-group service test_og_service + service-object tcp-udp
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml new file mode 100644 index 00000000..ec02e549 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml @@ -0,0 +1,45 @@ +--- +- name: Populate Config + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..53a5bb95 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove Config + cisco.asa.asa_ogs: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml new file mode 100644 index 00000000..921ea76c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml @@ -0,0 +1,61 @@ +--- +- debug: + msg: Start asa_ogs deleted integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Delete given module attributes + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + - object_type: security + object_groups: + - name: test_og_security + state: deleted + + - assert: + that: + - result.commands|length == 2 + - result.changed == true + - result.commands|symmetric_difference(deleted.commands) == [] + + - name: Delete given module attributes (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.changed == false + + - include_tasks: _populate_config.yaml + + - name: Delete ALL configured module attributes + register: result + cisco.asa.asa_ogs: + state: deleted + + - assert: + that: + - result.commands|length == 4 + - result.changed == true + - result.commands|symmetric_difference(delete_all.commands) == [] + + - name: Delete ALL configured module attributes (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: + state: deleted + + - assert: + that: + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml new file mode 100644 index 00000000..3b0deb5c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml @@ -0,0 +1,60 @@ +--- +- debug: + msg: START asa_ogs empty_config.yaml integration tests on connection={{ + ansible_connection }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' + +- name: Parsed with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state + parsed' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml new file mode 100644 index 00000000..21f404c3 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml @@ -0,0 +1,63 @@ +--- +- debug: + msg: START asa_ogs gathered integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Populate Config for Gather facts + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + address: + - 192.0.2.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + tag: + - 10 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - name: Gather the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_ogs: + config: + state: gathered + + - name: Assert + assert: + that: + - gathered['config'] | symmetric_difference(result.gathered) == [] + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml new file mode 100644 index 00000000..aac3b3ff --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml @@ -0,0 +1,73 @@ +--- +- debug: + msg: Start asa_ogs merged integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Merge the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - assert: + that: + - result.commands|length == 21 + - result.changed == true + - result.commands|symmetric_difference(merged.commands) == [] + + - name: Merge the provided configuration with the exisiting running configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml new file mode 100644 index 00000000..d153a9ae --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml @@ -0,0 +1,52 @@ +--- +- debug: + msg: Start asa_ogs overridden integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Overridden module attributes of given object-group + become: true + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_override + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: overridden + + - assert: + that: + - result.commands|length == 15 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Overridden module attributes of given object-group (IDEMPOTENT) + become: true + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml new file mode 100644 index 00000000..638a9ed4 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml @@ -0,0 +1,16 @@ +--- +- debug: + msg: START asa_ogs parsed integration tests on connection={{ ansible_connection + }} + +- name: Parse the commands for provided configuration + become: true + register: result + cisco.asa.asa_ogs: + running_config: "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + +- assert: + that: + - result.changed == false + - parsed['config']|symmetric_difference(result.parsed) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml new file mode 100644 index 00000000..d7098b76 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml @@ -0,0 +1,58 @@ +--- +- debug: + msg: Start asa_ogs rendered integration tests ansible_connection={{ + ansible_connection }} + +- block: + + - name: Render the commands for provided configuration + become: true + register: result + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: rendered + + - assert: + that: + - result.changed == false + - result.rendered|symmetric_difference(merged.commands) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml new file mode 100644 index 00000000..990f12c9 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml @@ -0,0 +1,52 @@ +--- +- debug: + msg: Start asa_ogs replced integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Replace module attributes of given object-group + become: true + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_replace + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: replaced + + - assert: + that: + - result.commands|length == 12 + - result.changed == true + - result.commands|symmetric_difference(replaced.commands) == [] + + - name: Replace module attributes of given object-group (IDEMPOTENT) + become: true + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml new file mode 100644 index 00000000..7733ae0f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml @@ -0,0 +1,106 @@ +--- +- debug: + msg: START asa_ogs round trip integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Apply the provided configuration (Base config) + register: base_config + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - name: Gather Object group facts + cisco.asa.asa_facts: + gather_subset: + - '!all' + - '!min' + gather_network_resources: + - ogs + + - name: Apply the provided configuration (config to be reverted) + register: result + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_override + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: overridden + + - assert: + that: + - result.commands|length == 15 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Revert back to base config using facts round trip + register: revert + cisco.asa.asa_ogs: + config: "{{ ansible_facts['network_resources']['ogs'] }}" + state: overridden + + - assert: + that: + - revert.commands|length == 24 + - revert.changed == true + - revert.commands|symmetric_difference(rtt.commands) == [] + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml new file mode 100644 index 00000000..0249da18 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml @@ -0,0 +1,149 @@ +--- +deleted: + commands: + - no object-group network test_og_network + - no object-group security test_og_security +delete_all: + commands: + - no object-group network test_og_network + - no object-group network test_network_og + - no object-group security test_og_security + - no object-group user test_og_user +merged: + commands: + - object-group security test_og_security + - description test_security + - security-group name test_1 + - security-group name test_2 + - security-group tag 10 + - security-group tag 20 + - object-group network test_og_network + - description test_og_network + - network-object 192.0.2.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 + - network-object host 192.0.2.1 + - network-object host 192.0.2.2 + - object-group network test_network_og + - description test_network_og + - network-object host 192.0.3.1 + - network-object host 192.0.3.2 + - network-object 2001:db8:3::/64 + - object-group user test_og_user + - description test_user + - user LOCAL\new_user_1 + - user LOCAL\new_user_2 +replaced: + commands: + - object-group protocol test_og_protocol + - description test_og_protocol + - protocol tcp + - protocol udp + - object-group network test_og_network + - description test_og_network_replace + - no network-object 192.0.2.0 255.255.255.0 + - no network-object 198.51.100.0 255.255.255.0 + - network-object 192.0.3.0 255.255.255.0 + - no network-object host 192.0.2.1 + - no network-object host 192.0.2.2 + - network-object host 192.0.3.1 +overridden: + commands: + - no object-group security test_og_security + - no object-group user test_og_user + - object-group protocol test_og_protocol + - description test_og_protocol + - protocol tcp + - protocol udp + - object-group network test_og_network + - description test_og_network_override + - no network-object 192.0.2.0 255.255.255.0 + - no network-object 198.51.100.0 255.255.255.0 + - network-object 192.0.3.0 255.255.255.0 + - no network-object host 192.0.2.1 + - no network-object host 192.0.2.2 + - network-object host 192.0.3.1 + - no object-group network test_network_og +gathered: + config: + - object_groups: + - description: test_network_og + name: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + - description: test_og_network + name: test_og_network + network_object: + address: + - 192.0.2.0 255.255.255.0 + host: + - 192.0.2.1 + object_type: network + - object_groups: + - description: test_security + name: test_og_security + security_group: + sec_name: + - test_1 + tag: + - "10" + object_type: security + - object_groups: + - description: test_user + name: test_og_user + user_object: + user: + - domain: LOCAL + name: new_user_1 + - domain: LOCAL + name: new_user_2 + object_type: user +parsed: + config: + - object_groups: + - name: test_network_og + network_object: + ipv6_address: + - 2001:db8:3::/64 + - description: test_og_network + name: test_og_network + network_object: + address: + - 192.0.2.0 255.255.255.0 + host: + - 192.0.2.1 + object_type: network + - object_groups: + - name: test_og_service + service_object: + protocol: + - tcp-udp + object_type: service +rtt: + commands: + - no object-group protocol test_og_protocol + - object-group security test_og_security + - description test_security + - security-group name test_2 + - security-group name test_1 + - security-group tag 10 + - security-group tag 20 + - object-group network test_og_network + - description test_og_network + - no network-object 192.0.3.0 255.255.255.0 + - network-object 192.0.2.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 + - no network-object host 192.0.3.1 + - network-object host 192.0.2.1 + - network-object host 192.0.2.2 + - object-group network test_network_og + - description test_network_og + - network-object host 192.0.3.1 + - network-object host 192.0.3.2 + - network-object 2001:db8:3::/64 + - object-group user test_og_user + - description test_user + - user LOCAL\new_user_1 + - user LOCAL\new_user_2 |