diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
| commit | a453ac31f3428614cceb99027f8efbdb9258a40b (patch) | |
| tree | f61f87408f32a8511cbd91799f9cececb53e0374 /collections-debian-merged/ansible_collections/cisco/asa/tests | |
| parent | Initial commit. (diff) | |
| download | ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.tar.xz ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.zip | |
Adding upstream version 2.10.7+merged+base+2.10.8+dfsg.upstream/2.10.7+merged+base+2.10.8+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collections-debian-merged/ansible_collections/cisco/asa/tests')
117 files changed, 5599 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/.gitignore b/collections-debian-merged/ansible_collections/cisco/asa/tests/.gitignore new file mode 100644 index 00000000..ea1472ec --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/.gitignore @@ -0,0 +1 @@ +output/ diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg new file mode 100644 index 00000000..d12c1efe --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/network-integration.cfg @@ -0,0 +1,4 @@ +[persistent_connection] +command_timeout = 100 +connect_timeout = 100 +connect_retry_timeout = 100 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network new file mode 100644 index 00000000..50b13099 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/target-prefixes.network @@ -0,0 +1 @@ +asa
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml new file mode 100644 index 00000000..d45342df --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/basic.yaml @@ -0,0 +1,34 @@ +--- +- debug: msg="START cli/basic.yaml" + +- name: Basic ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: Basic ACL idempotency + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-BASIC + provider: '{{ cli }}' + +- debug: msg="END cli/basic.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml new file mode 100644 index 00000000..bc3a5413 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/full_name_match.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/full_name_match.yaml" + +- name: Basic ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC2 extended permit tcp any any eq www + - access-list ACL-BASIC2 extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: Should not match for ACL-BASIC2 + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-BASIC extended permit tcp any any eq www + - access-list ACL-BASIC extended permit tcp any any eq https + +- assert: + that: + - result.changed == true + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-BASIC + - clear configure access-list ACL-BASIC2 + provider: '{{ cli }}' + +- debug: msg="END cli/full_name_match.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml new file mode 100644 index 00000000..fafea5fc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acl/tests/cli/insert.yaml @@ -0,0 +1,43 @@ +--- +- debug: msg="START cli/insert.yaml" + +- name: Create ACL + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-INSERT extended permit tcp any any eq www + - access-list ACL-INSERT extended permit tcp any any eq https + +- name: Insert on first line + register: result + cisco.asa.asa_acl: + provider: '{{ cli }}' + lines: + - access-list ACL-INSERT extended permit tcp any any eq www + - access-list ACL-INSERT extended permit tcp any any eq https + - access-list ACL-INSERT line 1 extended permit tcp any any eq ssh + +- name: Show ACL + register: result + cisco.asa.asa_command: + provider: '{{ cli }}' + commands: show run access-list ACL-INSERT + +- name: Show me + debug: + var: result + +- name: + assert: + that: + - result.stdout_lines[0][0].rstrip() == 'access-list ACL-INSERT extended permit + tcp any any eq ssh' + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ACL-INSERT + provider: '{{ cli }}' + +- debug: msg="END cli/insert.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml new file mode 100644 index 00000000..852a6bee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml new file mode 100644 index 00000000..23d65c7e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/meta/main.yaml @@ -0,0 +1,2 @@ +--- +dependencies: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml new file mode 100644 index 00000000..4a37ae1f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/cli.yaml @@ -0,0 +1,21 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + delegate_to: localhost + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg new file mode 100644 index 00000000..1dabc77c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg @@ -0,0 +1,5 @@ +access-list test_access; 2 elements; name hash: 0xaf1b712e +access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors +access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 +access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml new file mode 100644 index 00000000..dafe55db --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml @@ -0,0 +1,62 @@ +--- +- name: Populate Config + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - name: test_R1_traffic + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml new file mode 100644 index 00000000..74e21f61 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml @@ -0,0 +1,21 @@ +--- +- name: Populate Network Object-group + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..f2d64eab --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove Config + cisco.asa.asa_acls: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml new file mode 100644 index 00000000..50921c3b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_remove_og_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove configured Object group + cisco.asa.asa_ogs: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml new file mode 100644 index 00000000..00edc194 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/deleted.yaml @@ -0,0 +1,64 @@ +--- +- debug: + msg: Start Deleted integration state for asa_acls ansible_connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Delete attributes of provided configured ACLs + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + - name: test_global_access + state: deleted + + - assert: + that: + - result.commands|length == 3 + - result.changed == true + - result.commands|symmetric_difference(deleted.commands) == [] + + - name: Delete attributes of all configured interfaces (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that the previous delete task was idempotent + assert: + that: + - result.commands|length == 0 + - result.changed == false + + - include_tasks: _remove_config.yaml + + - include_tasks: _populate_config.yaml + + - name: Delete all off ACLs configured + register: result + cisco.asa.asa_acls: &id002 + state: deleted + + - assert: + that: + - result.commands|length == 4 + - result.changed == true + - result.commands|symmetric_difference(delete_all.commands) == [] + + - name: Delete ACL attributes of provided configured interfaces based on AFI + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id002 + + - name: Assert that the previous delete task was idempotent + assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml new file mode 100644 index 00000000..6f465b60 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/empty_config.yaml @@ -0,0 +1,59 @@ +--- +- debug: + msg: START asa_acls empty_config.yaml integration tests on connection={{ ansible_connection + }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' + +- name: Parsed with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_acls: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state parsed' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml new file mode 100644 index 00000000..f9d44bfb --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/gathered.yaml @@ -0,0 +1,24 @@ +--- +- debug: + msg: START asa_acls gathered integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Gather the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_acls: + config: + state: gathered + + - assert: + that: + - gathered['config']['acls'] | symmetric_difference(result.gathered.acls) == [] + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml new file mode 100644 index 00000000..a1e10613 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml @@ -0,0 +1,130 @@ +--- +- debug: + msg: START Merged asa_acls state for integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml + +- block: + + - name: Merge provided configuration with device configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol: icmp + protocol_options: + icmp: + alternate_address: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - grant: deny + line: 3 + protocol: tcp + protocol_options: + tcp: true + source: + host: 198.51.110.0 + destination: + any: true + port_protocol: + eq: www + log: default + - grant: deny + line: 4 + protocol: tcp + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged + + - assert: + that: + - result.commands|length == 7 + - result.changed == true + - result.commands|symmetric_difference(merged.commands) == [] + + - name: Merge provided configuration with device configuration (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml new file mode 100644 index 00000000..1e0378b2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/overridden.yaml @@ -0,0 +1,66 @@ +--- +- debug: + msg: START Overridden asa_acls state for integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Override device configuration of all interfaces with provided configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + state: overridden + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Override device configuration of all interfaces with provided configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml new file mode 100644 index 00000000..af24ffa4 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/parsed.yaml @@ -0,0 +1,16 @@ +--- +- debug: + msg: START asa_acls parsed integration tests on connection={{ ansible_connection + }} + +- name: Parse the commands for provided configuration + become: true + register: result + cisco.asa.asa_acls: + running_config: "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + +- assert: + that: + - result.changed == false + - parsed['config']['acls']|symmetric_difference(result.parsed.acls) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml new file mode 100644 index 00000000..6a448b9e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml @@ -0,0 +1,112 @@ +--- +- debug: + msg: Start asa_acls rendered integration tests ansible_connection={{ ansible_connection + }} + +- block: + + - name: Rendered the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol: icmp + protocol_options: + icmp: + alternate_address: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - grant: deny + line: 3 + protocol: tcp + protocol_options: + tcp: true + source: + host: 198.51.110.0 + destination: + any: true + port_protocol: + eq: www + log: default + - grant: deny + line: 4 + protocol: tcp + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: rendered + + - assert: + that: + - result.changed == false + - result.rendered|symmetric_difference(merged.commands) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml new file mode 100644 index 00000000..16849c8f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml @@ -0,0 +1,83 @@ +--- +- debug: + msg: START Replaced asa_acls state for integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Replaces device configuration of listed interfaces with provided configuration + register: result + cisco.asa.asa_acls: &id001 + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.3.0 + netmask: 255.255.255.0 + destination: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + state: replaced + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(replaced.commands) == [] + + - name: Replaces device configuration of listed interfaces with provided configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_acls: *id001 + + - name: Assert that task was idempotent + assert: + that: + - result.commands|length == 0 + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml new file mode 100644 index 00000000..3fec4608 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml @@ -0,0 +1,139 @@ +--- +- debug: + msg: START asa_acls round trip integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_network_og.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Apply the provided configuration (base config) + register: base_config + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + log: errors + - name: test_global_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors + - name: test_R1_traffic + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true + state: merged + + - name: Gather ACLs facts + cisco.asa.asa_facts: + gather_subset: + - '!all' + - '!min' + gather_network_resources: + - acls + + - name: Apply the configuration which need to be reverted + register: result + cisco.asa.asa_acls: + config: + acls: + - name: test_access + acl_type: extended + aces: + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default + state: overridden + + - assert: + that: + - result.commands|length == 6 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Revert back to base config using facts round trip + register: revert + cisco.asa.asa_acls: + config: "{{ ansible_facts['network_resources']['acls'] }}" + state: overridden + + - assert: + that: + - revert.commands|length == 6 + - revert.changed == true + - revert.commands|symmetric_difference(rtt.commands) == [] + always: + + - include_tasks: _remove_config.yaml + - include_tasks: _remove_og_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml new file mode 100644 index 00000000..281cb8d6 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml @@ -0,0 +1,158 @@ +--- +deleted: + commands: + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +delete_all: + commands: + - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +merged: + commands: + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny icmp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 alternate-address log errors + - access-list test_access line 3 extended deny tcp host 198.51.110.0 any eq www log default + - access-list test_access line 4 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - access-list test_global_access line 1 extended deny tcp any any eq www log errors + - access-list test_global_access line 2 extended deny tcp interface management interface management eq www log warnings + - access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive +replaced: + commands: + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.3.0 255.255.255.0 192.0.4.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - access-list test_global_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www +overridden: + commands: + - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive + - no access-list test_global_access line 1 extended deny tcp any any eq www log errors + - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www + - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default +gathered: + config: + acls: + - aces: + - destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + grant: deny + line: 1 + log: default + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + - destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + grant: deny + line: 2 + log: errors + protocol: igrp + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + acl_type: extended + name: test_access + - aces: + - destination: + any: true + port_protocol: + eq: www + grant: deny + line: 1 + log: errors + protocol: tcp + protocol_options: + tcp: true + source: + any: true + acl_type: extended + name: test_global_access + - aces: + - destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + grant: deny + inactive: true + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + acl_type: extended + name: test_R1_traffic +parsed: + config: + acls: + - aces: + - destination: + address: 192.0.3.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + grant: deny + line: 1 + log: default + protocol: tcp + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + - destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + grant: deny + line: 2 + log: errors + protocol: igrp + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + acl_type: extended + name: test_access + - aces: + - destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + grant: deny + inactive: true + line: 1 + protocol: tcp + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + acl_type: extended + name: test_R1_traffic +rtt: + commands: + - no access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors + - access-list test_global_access line 1 extended deny tcp any any eq www log errors + - access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml new file mode 100644 index 00000000..6ba1e96a --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/bad_operator.yaml @@ -0,0 +1,20 @@ +--- +- debug: msg="START cli/bad_operator.yaml" + +- name: test bad operator + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + - show interfaces GigabitEthernet 0/0 + wait_for: + + - result[0] contains 'Description: Foo' + +- assert: + that: + - result.failed == true + - result.msg is defined + +- debug: msg="END cli/bad_operator.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml new file mode 100644 index 00000000..ea8960bd --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/contains.yaml @@ -0,0 +1,19 @@ +--- +- debug: msg="START cli/contains.yaml" + +- name: test contains operator + register: result + cisco.asa.asa_command: + commands: + - show version + - show interface + wait_for: + - result[0] contains 'Cisco Adaptive Security Appliance Software Version' + - result[1] contains 'Hardware' + +- assert: + that: + - result.changed == false + - result.stdout is defined + +- debug: msg="END cli/contains.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml new file mode 100644 index 00000000..2cc9c6e7 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/invalid.yaml @@ -0,0 +1,28 @@ +--- +- debug: msg="START cli/invalid.yaml" + +- name: run invalid command + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show foo + +- assert: + that: + - result.failed + +- name: run commands that include invalid command + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + - show foo + +- assert: + that: + - result.failed + ignore_errors: true + +- debug: msg="END cli/invalid.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml new file mode 100644 index 00000000..73a8780d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/output.yaml @@ -0,0 +1,28 @@ +--- +- debug: msg="START cli/output.yaml" + +- name: get output for single command + register: result + cisco.asa.asa_command: + commands: + - show version + +- assert: + that: + - result.changed == false + - result.stdout is defined + +- name: get output for multiple commands + register: result + cisco.asa.asa_command: + commands: + - show version + - show interface + +- assert: + that: + - result.changed == false + - result.stdout is defined + - result.stdout | length == 2 + +- debug: msg="END cli/output.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml new file mode 100644 index 00000000..10f2e636 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_command/tests/cli/timeout.yaml @@ -0,0 +1,18 @@ +--- +- debug: msg="START cli/timeout.yaml" + +- name: test bad condition + register: result + ignore_errors: true + cisco.asa.asa_command: + commands: + - show version + wait_for: + - result[0] contains bad_value_string + +- assert: + that: + - result.failed == true + - result.msg is defined + +- debug: msg="END cli/timeout.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml new file mode 100644 index 00000000..05ca0d6b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml new file mode 100644 index 00000000..62cc1ae1 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/main.yaml @@ -0,0 +1,7 @@ +--- +- include: cli.yaml + tags: + - cli + +- include: redirection.yaml + when: ansible_version.full is version('2.10.0', '>=') diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml new file mode 100644 index 00000000..922d23fe --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tasks/redirection.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/redirection' + patterns: '{{ testcase }}.yaml' + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 new file mode 100644 index 00000000..779b731e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/basic/config.j2 @@ -0,0 +1,3 @@ +object-group network OG-ANSIBLE-TEMPLATE + description this is a test + network-object host 192.168.99.12 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 new file mode 100644 index 00000000..762e73de --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/templates/defaults/config.j2 @@ -0,0 +1,4 @@ +object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + description this is a test + network-object 10.0.0.0 255.255.255.0 + network-object 10.1.0.0 255.255.255.0 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml new file mode 100644 index 00000000..ef6dd275 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/backup.yaml @@ -0,0 +1,50 @@ +--- +- debug: msg="START cli/backup.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- name: collect any backup files + find: + paths: '{{ role_path }}/backup' + pattern: '{{ inventory_hostname_short }}_config*' + register: backup_files + connection: local + +- name: delete backup files + file: + path: '{{ item.path }}' + state: absent + with_items: '{{backup_files.files|default([])}}' + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + backup: true + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: collect any backup files + find: + paths: '{{ role_path }}/backup' + pattern: '{{ inventory_hostname_short }}_config*' + register: backup_files + connection: local + +- assert: + that: + - backup_files.files is defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- debug: msg="END cli/backup.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml new file mode 100644 index 00000000..e6ea89de --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/basic.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/basic.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + +- assert: + that: + - result.changed == false + - result.updates is not defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE + +- debug: msg="END cli/basic.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml new file mode 100644 index 00000000..f6583293 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/defaults.yaml @@ -0,0 +1,41 @@ +--- +- debug: msg="START cli/defaults.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- name: configure device with defaults included + register: result + cisco.asa.asa_config: + src: defaults/config.j2 + defaults: true + +- debug: var=result + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with defaults included + register: result + cisco.asa.asa_config: + src: defaults/config.j2 + defaults: true + +- debug: var=result + +- assert: + that: + - result.changed == false + - result.updates is not defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- debug: msg="END cli/defaults.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml new file mode 100644 index 00000000..927d1485 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/force.yaml @@ -0,0 +1,37 @@ +--- +- debug: msg="START cli/force.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- name: configure device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + match: none + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: check device with config + register: result + cisco.asa.asa_config: + src: basic/config.j2 + match: none + +- assert: + that: + - result.changed == true + - result.updates is defined + +- name: teardown + cisco.asa.asa_config: + commands: + - no object-group network OG-ANSIBLE-TEMPLATE-DEFAULT + +- debug: msg="END cli/force.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml new file mode 100644 index 00000000..24d8d114 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/more_system.yaml @@ -0,0 +1,34 @@ +--- +- debug: msg="START cli/more_system.yaml" + +- name: Prepare tunnel-group + cisco.asa.asa_config: + before: tunnel-group 192.0.2.1 type ipsec-l2l + lines: + - tunnel-group 192.0.2.1 ipsec-attributes + +- name: Setup tunnel-group + cisco.asa.asa_config: + parents: tunnel-group 192.0.2.1 ipsec-attributes + lines: + - ikev1 pre-shared-key abc123 + passwords: true + +- name: Test idempotency + register: result + cisco.asa.asa_config: + parents: tunnel-group 192.0.2.1 ipsec-attributes + lines: + - ikev1 pre-shared-key abc123 + passwords: true + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - clear configure tunnel-group 192.0.2.1 + +- debug: msg="END cli/more_system.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml new file mode 100644 index 00000000..a6357d67 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/removal_error.yaml @@ -0,0 +1,39 @@ +--- +- debug: msg="START cli/removal_error.yaml" + +- name: setup + ignore_errors: true + cisco.asa.asa_config: + commands: + - no object-group network OGA-GOOGLE-DNS + +- name: configure test object-group + register: result + cisco.asa.asa_config: + parents: object-group network OGA-GOOGLE-DNS + lines: network-object host 8.8.8.8 + +- name: configure test access-list + cisco.asa.asa_config: + lines: access-list ANSIBLE-DNS extended permit udp any object-group OGA-GOOGLE-DNS + eq domain + +- name: try to remove object-group (should fail) + ignore_errors: true + register: result + cisco.asa.asa_config: + commands: + - no object-group network OGA-GOOGLE-DNS + +- name: Last command should fail + assert: + that: + - result.failed == true + +- name: teardown + cisco.asa.asa_config: + commands: + - clear configure access-list ANSIBLE-DNS + - no object-group network OGA-GOOGLE-DNS + +- debug: msg="END cli/removal_error.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml new file mode 100644 index 00000000..17ff240c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel.yaml @@ -0,0 +1,40 @@ +--- +- debug: msg="START cli/sublevel.yaml" + +- name: setup test + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-SUBLEVEL + +- name: configure sub level command + register: result + cisco.asa.asa_config: + lines: + - network-object host 192.168.10.1 + parents: + - object-group network OG-ANSIBLE-SUBLEVEL + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-SUBLEVEL' in result.updates" + - "'network-object host 192.168.10.1' in result.updates" + +- name: configure sub level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - network-object host 192.168.10.1 + parents: + - object-group network OG-ANSIBLE-SUBLEVEL + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-SUBLEVEL + +- debug: msg="END cli/sublevel.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml new file mode 100644 index 00000000..dfd91ca5 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_block.yaml @@ -0,0 +1,62 @@ +--- +- debug: msg="START cli/sublevel_block.yaml" + +- name: setup + register: object_group + cisco.asa.asa_command: + commands: + - show run object-group + +- name: setup + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE + match: none + +- name: configure sub level command using block replace + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE + replace: block + after: + - exit + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' in result.updates" + - "'network-object 192.168.20.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' in result.updates" + +- name: check sub level command using block replace + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE + replace: block + after: + - exit + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE + +- debug: msg="END cli/sublevel_block.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml new file mode 100644 index 00000000..6dc6032d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_exact.yaml @@ -0,0 +1,67 @@ +--- +- debug: msg="START cli/sublevel_exact.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + before: + - no object-group network OG-ANSIBLE-EXACT + after: + - exit + +- name: configure sub level command using exact match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + after: + - exit + match: exact + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-EXACT' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' in result.updates" + - "'network-object 192.168.20.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' in result.updates" + - "'network-object 192.168.50.0 255.255.255.0' not in result.updates" + +- name: check sub level command using exact match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-EXACT + after: + - exit + match: exact + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-EXACT + +- debug: msg="END cli/sublevel_exact.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml new file mode 100644 index 00000000..79259e05 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict.yaml @@ -0,0 +1,63 @@ +--- +- debug: msg="START cli/sublevel_strict.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + - network-object 192.168.50.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + before: + - no object-group network OG-ANSIBLE-STRICT + after: + - exit + +- name: configure sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.20.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.40.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + match: strict + +- assert: + that: + - result.changed == false + +- name: check sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - network-object 192.168.10.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + - network-object 192.168.30.0 255.255.255.0 + parents: + - object-group network OG-ANSIBLE-STRICT + after: + - exit + match: strict + +- assert: + that: + - result.changed == true + - "'object-group network OG-ANSIBLE-STRICT' in result.updates" + - "'network-object 192.168.10.0 255.255.255.0' not in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.30.0 255.255.255.0' in result.updates" + - "'network-object 192.168.40.0 255.255.255.0' not in result.updates" + - "'network-object 192.168.50.0 255.255.255.0' not in result.updates" + +- name: teardown + cisco.asa.asa_config: + lines: + - no object-group network OG-ANSIBLE-STRICT + +- debug: msg="END cli/sublevel_strict.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml new file mode 100644 index 00000000..9998d7b9 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/sublevel_strict_mul_parents.yaml @@ -0,0 +1,70 @@ +--- +- debug: msg="START cli/sublevel_strict_mul_parents.yaml on connection={{ ansible_connection}}" + +- name: setup + cisco.asa.asa_config: + lines: + - class-map c1 + - match default-inspection-traffic + - policy-map p1 + - class c1 + match: none + +- name: configure sub level command using strict match + register: result + cisco.asa.asa_config: + lines: + - inspect ftp + - inspect tftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == true + - "'inspect ftp' in result.updates" + - "'inspect tftp' in result.updates" + +- name: change sub level command order and config with strict match + register: result + cisco.asa.asa_config: + lines: + - inspect tftp + - inspect ftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == true + - "'inspect ftp' in result.updates" + - "'inspect tftp' in result.updates" + +- name: Config sub level command with strict match (Idempotency) + register: result + cisco.asa.asa_config: + lines: + - inspect ftp + - inspect tftp + parents: + - policy-map p1 + - class c1 + match: strict + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no policy-map p1 + - no class-map c1 + match: strict + +- debug: msg="END cli/sublevel_strict_mul_parents.yaml on connection={{ ansible_connection + }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml new file mode 100644 index 00000000..62e0b47d --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel.yaml @@ -0,0 +1,35 @@ +--- +- debug: msg="START cli/toplevel.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - hostname firewall + +- name: configure top level command + register: result + cisco.asa.asa_config: + lines: + - hostname foo + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + +- name: configure top level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml new file mode 100644 index 00000000..0ea5bf5e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_after.yaml @@ -0,0 +1,42 @@ +--- +- debug: msg="START cli/toplevel_after.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - snmp-server contact ansible + - hostname firewall + +- name: configure top level command with before + register: result + cisco.asa.asa_config: + lines: + - hostname foo + after: + - snmp-server contact bar + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + - "'snmp-server contact bar' in result.updates" + +- name: configure top level command with before idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + after: + - snmp-server contact foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no snmp-server contact + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_after.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml new file mode 100644 index 00000000..37341bff --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_before.yaml @@ -0,0 +1,42 @@ +--- +- debug: msg="START cli/toplevel_before.yaml" + +- name: setup + cisco.asa.asa_config: + lines: + - snmp-server contact ansible + - hostname firewall + +- name: configure top level command with before + register: result + cisco.asa.asa_config: + lines: + - hostname foo + before: + - snmp-server contact bar + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + - "'snmp-server contact bar' in result.updates" + +- name: configure top level command with before idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + before: + - snmp-server contact foo + +- assert: + that: + - result.changed == false + +- name: teardown + cisco.asa.asa_config: + lines: + - no snmp-server contact + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_before.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml new file mode 100644 index 00000000..88382130 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/cli/toplevel_nonidempotent.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START cli/toplevel_nonidempotent.yaml" + +- name: setup + cisco.asa.asa_config: + backup: true + +- name: configure top level command + register: result + cisco.asa.asa_config: + lines: + - hostname foo + match: strict + +- assert: + that: + - result.changed == true + - "'hostname foo' in result.updates" + +- name: configure top level command idempotent check + register: result + cisco.asa.asa_config: + lines: + - hostname foo + match: strict + +- assert: + that: + - result.changed == true + +- name: teardown + cisco.asa.asa_config: + lines: + - hostname {{ inventory_hostname_short }} + +- debug: msg="END cli/toplevel_nonidempotent.yaml" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml new file mode 100644 index 00000000..8c2a03e6 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_config/tests/redirection/shortname.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START redirection/shortname.yaml on connection={{ ansible_connection }}" + +- name: Use src with module alias + register: result + cisco.asa.config: + src: basic/config.j2 + +- assert: + that: + # make sure that the template content was read and not the path + - result.failed == false + +- name: use module alias to take configuration backup + register: result + cisco.asa.config: + backup: true + backup_options: + filename: backup_with_alias.cfg + dir_path: '{{ role_path }}/backup_test_dir/{{ inventory_hostname_short }}' + +- assert: + that: + - result.changed == true + +- name: check if the backup file exist + find: + paths: '{{ role_path }}/backup_test_dir/{{ inventory_hostname_short }}/backup_with_alias.cfg' + register: backup_file + connection: local + +- assert: + that: + - backup_file.files is defined + +- debug: msg="END redirection/shortname.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml new file mode 100644 index 00000000..a845c24b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml new file mode 100644 index 00000000..c8efaa17 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/cli.yaml @@ -0,0 +1,17 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: run test cases (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml new file mode 100644 index 00000000..f4ce2502 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/all_facts.yaml @@ -0,0 +1,26 @@ +--- +- debug: msg="START cli/all_facts.yaml on connection={{ ansible_connection }}" + +- name: test getting all facts + register: result + cisco.asa.asa_facts: + gather_subset: + - all + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'config' in result.ansible_facts.ansible_net_gather_subset" + - "'hardware' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - result.ansible_facts.ansible_net_memfree_mb > 1 + - result.ansible_facts.ansible_net_memtotal_mb > 1 + +- assert: + that: '{{ item.value.spacetotal_kb }} > {{ item.value.spacefree_kb }}' + loop: "{{ lookup('dict', result.ansible_facts.ansible_net_filesystems_info, wantlist=True)\ + \ }}" + +- debug: msg="END cli/all_facts.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml new file mode 100644 index 00000000..cd2e01dc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/default_facts.yaml @@ -0,0 +1,25 @@ +--- +- debug: msg="START cli/default_facts.yaml on connection={{ ansible_connection }}" + +- name: test getting default facts + register: result + cisco.asa.asa_facts: + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'hardware' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - "'config' not in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is defined + - result.ansible_facts.ansible_net_memtotal_mb > 10 + - result.ansible_facts.ansible_net_config is not defined + +- assert: + that: '{{ item.value.spacetotal_kb }} > {{ item.value.spacefree_kb }}' + loop: "{{ lookup('dict', result.ansible_facts.ansible_net_filesystems_info, wantlist=True)\ + \ }}" + +- debug: msg="END cli/default.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml new file mode 100644 index 00000000..45371923 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/invalid_subset.yaml @@ -0,0 +1,36 @@ +--- +- debug: msg="START cli/invalid_subset.yaml on connection={{ ansible_connection + }}" + +- name: test invalid subset (foobar) + register: result + ignore_errors: true + cisco.asa.asa_facts: + gather_subset: + - foobar + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - result.failed == true + - result.msg == 'Subset must be one of [config, default, hardware], + got foobar' + +- name: test subset specified multiple times + register: result + ignore_errors: true + cisco.asa.asa_facts: + gather_subset: + - '!hardware' + - hardware + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - result.failed == true + - result.msg == 'Bad subset' + ignore_errors: true + +- debug: msg="END cli/invalid_subset.yaml on connection={{ ansible_connection }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml new file mode 100644 index 00000000..c21fc46c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_facts/tests/cli/not_hardware.yaml @@ -0,0 +1,22 @@ +--- +- debug: msg="START cli/not_hardware_facts.yaml on connection={{ ansible_connection + }}" + +- name: test not hardware + register: result + cisco.asa.asa_facts: + gather_subset: + - '!hardware' + provider: '{{ cli }}' + +- assert: + that: + - result.changed == false + - "'config' in result.ansible_facts.ansible_net_gather_subset" + - "'default' in result.ansible_facts.ansible_net_gather_subset" + - "'hardware' not in result.ansible_facts.ansible_net_gather_subset" + - result.ansible_facts.ansible_net_filesystems is not defined + - result.ansible_facts.ansible_net_filesystems_info is not defined + +- debug: msg="END cli/not_hardware_facts.yaml on connection={{ ansible_connection + }}" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml new file mode 100644 index 00000000..10c0fabc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +testcase: '*' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml new file mode 100644 index 00000000..a0421f54 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/cli.yaml @@ -0,0 +1,19 @@ +--- +- name: collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml new file mode 100644 index 00000000..1399b0e2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_og/tests/cli/asa_og.yaml @@ -0,0 +1,516 @@ +--- +- name: remove test config if any + ignore_errors: true + cisco.asa.asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 + +- block: + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 0 + register: result + cisco.asa.asa_og: &id001 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: &id002 + that: + - result.changed == true + + - name: idempotence check + register: result + cisco.asa.asa_og: *id001 + + - assert: &id004 + that: + - result.changed == false + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + + - name: STAGE 1 + register: result + cisco.asa.asa_og: &id003 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id003 + + - assert: *id004 + + - name: STAGE 1/B + register: result + cisco.asa.asa_og: + name: '{{ name }}' + group_type: network-object + state: present + + - assert: *id004 + + - set_fact: + name: ansible_test_1 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + + - name: STAGE 2 + register: result + cisco.asa.asa_og: &id005 + name: '{{ name }}' + group_type: network-object + state: present + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id005 + + - assert: *id004 + + - name: STAGE 2b + register: result + cisco.asa.asa_og: &id006 + name: '{{ name }}' + group_type: network-object + state: present + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id006 + + - assert: *id004 + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 3 + register: result + cisco.asa.asa_og: &id007 + name: '{{ name }}' + group_type: network-object + state: absent + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id007 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 4 + register: result + cisco.asa.asa_og: &id008 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id008 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + address: + - 10.0.0.0 255.0.0.0 + - 1.0.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 5 + register: result + cisco.asa.asa_og: &id009 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id009 + + - assert: *id004 + + - set_fact: + name: ansible_test_2 + host_ip: + - 9.9.9.9 + - 8.8.8.8 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + + - name: STAGE 6 + register: result + cisco.asa.asa_og: &id010 + name: '{{ name }}' + group_type: network-object + state: replace + host_ip: '{{ host_ip }}' + ip_mask: '{{ address }}' + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id010 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - www + - '1024' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1024 10024 + + - name: STAGE 7 + register: result + cisco.asa.asa_og: &id011 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id011 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1 100 + + - name: STAGE 8 + register: result + cisco.asa.asa_og: &id012 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id012 + + - assert: *id004 + + - name: STAGE 9 + register: result + cisco.asa.asa_og: &id013 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: absent + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id013 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - 1 100 + + - name: STAGE 10 + register: result + cisco.asa.asa_og: &id014 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id014 + + - assert: *id004 + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - www + - kerberos + description: th1s_ISWhatitIS + port_range: + - 1024 1234 + + - name: STAGE 11 + register: result + cisco.asa.asa_og: &id015 + name: '{{ name }}' + protocol: tcp-udp + port_eq: '{{ port_eq }}' + port_range: '{{ port_range }}' + group_type: port-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id015 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination eq 8080 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 12 + register: result + cisco.asa.asa_og: &id016 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id016 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 13 + register: result + cisco.asa.asa_og: &id017 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: present + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id017 + + - assert: *id004 + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 14 + register: result + cisco.asa.asa_og: &id018 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: absent + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id018 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 15 + register: result + cisco.asa.asa_og: &id019 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id019 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 16 + register: result + cisco.asa.asa_og: &id020 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id020 + + - assert: *id004 + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination eq 8080 + description: th1s_ISWhatitIS + + - name: STAGE 17 + register: result + cisco.asa.asa_og: &id021 + name: '{{ name }}' + service_cfg: '{{ service_cfg }}' + group_type: service-object + state: replace + description: '{{ description }}' + + - assert: *id002 + + - name: idempotence check + register: result + cisco.asa.asa_og: *id021 + + - assert: *id004 + + always: + - name: remove test config if any + ignore_errors: true + cisco.asa.asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml new file mode 100644 index 00000000..852a6bee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml new file mode 100644 index 00000000..4a37ae1f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/cli.yaml @@ -0,0 +1,21 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + delegate_to: localhost + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg new file mode 100644 index 00000000..ead97272 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_parsed.cfg @@ -0,0 +1,8 @@ +object-group network test_og_network + description test_og_network + network-object host 192.0.2.1 + network-object 192.0.2.0 255.255.255.0 +object-group network test_network_og + network-object 2001:db8:3::/64 +object-group service test_og_service + service-object tcp-udp
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml new file mode 100644 index 00000000..ec02e549 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml @@ -0,0 +1,45 @@ +--- +- name: Populate Config + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..53a5bb95 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_remove_config.yaml @@ -0,0 +1,4 @@ +--- +- name: Remove Config + cisco.asa.asa_ogs: + state: deleted diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml new file mode 100644 index 00000000..921ea76c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/deleted.yaml @@ -0,0 +1,61 @@ +--- +- debug: + msg: Start asa_ogs deleted integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Delete given module attributes + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + - object_type: security + object_groups: + - name: test_og_security + state: deleted + + - assert: + that: + - result.commands|length == 2 + - result.changed == true + - result.commands|symmetric_difference(deleted.commands) == [] + + - name: Delete given module attributes (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.changed == false + + - include_tasks: _populate_config.yaml + + - name: Delete ALL configured module attributes + register: result + cisco.asa.asa_ogs: + state: deleted + + - assert: + that: + - result.commands|length == 4 + - result.changed == true + - result.commands|symmetric_difference(delete_all.commands) == [] + + - name: Delete ALL configured module attributes (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: + state: deleted + + - assert: + that: + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml new file mode 100644 index 00000000..3b0deb5c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/empty_config.yaml @@ -0,0 +1,60 @@ +--- +- debug: + msg: START asa_ogs empty_config.yaml integration tests on connection={{ + ansible_connection }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' + +- name: Parsed with empty config should give appropriate error message + register: result + ignore_errors: true + cisco.asa.asa_ogs: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state + parsed' diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml new file mode 100644 index 00000000..21f404c3 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml @@ -0,0 +1,63 @@ +--- +- debug: + msg: START asa_ogs gathered integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Populate Config for Gather facts + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + address: + - 192.0.2.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + tag: + - 10 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - name: Gather the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_ogs: + config: + state: gathered + + - name: Assert + assert: + that: + - gathered['config'] | symmetric_difference(result.gathered) == [] + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml new file mode 100644 index 00000000..aac3b3ff --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml @@ -0,0 +1,73 @@ +--- +- debug: + msg: Start asa_ogs merged integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Merge the provided configuration with the exisiting running configuration + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - assert: + that: + - result.commands|length == 21 + - result.changed == true + - result.commands|symmetric_difference(merged.commands) == [] + + - name: Merge the provided configuration with the exisiting running configuration + (IDEMPOTENT) + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml new file mode 100644 index 00000000..d153a9ae --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml @@ -0,0 +1,52 @@ +--- +- debug: + msg: Start asa_ogs overridden integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Overridden module attributes of given object-group + become: true + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_override + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: overridden + + - assert: + that: + - result.commands|length == 15 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Overridden module attributes of given object-group (IDEMPOTENT) + become: true + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml new file mode 100644 index 00000000..638a9ed4 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/parsed.yaml @@ -0,0 +1,16 @@ +--- +- debug: + msg: START asa_ogs parsed integration tests on connection={{ ansible_connection + }} + +- name: Parse the commands for provided configuration + become: true + register: result + cisco.asa.asa_ogs: + running_config: "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + +- assert: + that: + - result.changed == false + - parsed['config']|symmetric_difference(result.parsed) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml new file mode 100644 index 00000000..d7098b76 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml @@ -0,0 +1,58 @@ +--- +- debug: + msg: Start asa_ogs rendered integration tests ansible_connection={{ + ansible_connection }} + +- block: + + - name: Render the commands for provided configuration + become: true + register: result + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: rendered + + - assert: + that: + - result.changed == false + - result.rendered|symmetric_difference(merged.commands) == [] diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml new file mode 100644 index 00000000..990f12c9 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml @@ -0,0 +1,52 @@ +--- +- debug: + msg: Start asa_ogs replced integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml +- include_tasks: _populate_config.yaml + +- block: + + - name: Replace module attributes of given object-group + become: true + register: result + cisco.asa.asa_ogs: &id001 + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_replace + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: replaced + + - assert: + that: + - result.commands|length == 12 + - result.changed == true + - result.commands|symmetric_difference(replaced.commands) == [] + + - name: Replace module attributes of given object-group (IDEMPOTENT) + become: true + register: result + cisco.asa.asa_ogs: *id001 + + - assert: + that: + - result.commands|length == 0 + - result.changed == false + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml new file mode 100644 index 00000000..7733ae0f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml @@ -0,0 +1,106 @@ +--- +- debug: + msg: START asa_ogs round trip integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Apply the provided configuration (Base config) + register: base_config + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 192.0.3.1 + - 192.0.3.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL + state: merged + + - name: Gather Object group facts + cisco.asa.asa_facts: + gather_subset: + - '!all' + - '!min' + gather_network_resources: + - ogs + + - name: Apply the provided configuration (config to be reverted) + register: result + cisco.asa.asa_ogs: + config: + - object_type: network + object_groups: + - name: test_og_network + description: test_og_network_override + network_object: + host: + - 192.0.3.1 + address: + - 192.0.3.0 255.255.255.0 + - object_type: protocol + object_groups: + - name: test_og_protocol + description: test_og_protocol + protocol_object: + protocol: + - tcp + - udp + state: overridden + + - assert: + that: + - result.commands|length == 15 + - result.changed == true + - result.commands|symmetric_difference(overridden.commands) == [] + + - name: Revert back to base config using facts round trip + register: revert + cisco.asa.asa_ogs: + config: "{{ ansible_facts['network_resources']['ogs'] }}" + state: overridden + + - assert: + that: + - revert.commands|length == 24 + - revert.changed == true + - revert.commands|symmetric_difference(rtt.commands) == [] + always: + + - include_tasks: _remove_config.yaml diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml new file mode 100644 index 00000000..0249da18 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml @@ -0,0 +1,149 @@ +--- +deleted: + commands: + - no object-group network test_og_network + - no object-group security test_og_security +delete_all: + commands: + - no object-group network test_og_network + - no object-group network test_network_og + - no object-group security test_og_security + - no object-group user test_og_user +merged: + commands: + - object-group security test_og_security + - description test_security + - security-group name test_1 + - security-group name test_2 + - security-group tag 10 + - security-group tag 20 + - object-group network test_og_network + - description test_og_network + - network-object 192.0.2.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 + - network-object host 192.0.2.1 + - network-object host 192.0.2.2 + - object-group network test_network_og + - description test_network_og + - network-object host 192.0.3.1 + - network-object host 192.0.3.2 + - network-object 2001:db8:3::/64 + - object-group user test_og_user + - description test_user + - user LOCAL\new_user_1 + - user LOCAL\new_user_2 +replaced: + commands: + - object-group protocol test_og_protocol + - description test_og_protocol + - protocol tcp + - protocol udp + - object-group network test_og_network + - description test_og_network_replace + - no network-object 192.0.2.0 255.255.255.0 + - no network-object 198.51.100.0 255.255.255.0 + - network-object 192.0.3.0 255.255.255.0 + - no network-object host 192.0.2.1 + - no network-object host 192.0.2.2 + - network-object host 192.0.3.1 +overridden: + commands: + - no object-group security test_og_security + - no object-group user test_og_user + - object-group protocol test_og_protocol + - description test_og_protocol + - protocol tcp + - protocol udp + - object-group network test_og_network + - description test_og_network_override + - no network-object 192.0.2.0 255.255.255.0 + - no network-object 198.51.100.0 255.255.255.0 + - network-object 192.0.3.0 255.255.255.0 + - no network-object host 192.0.2.1 + - no network-object host 192.0.2.2 + - network-object host 192.0.3.1 + - no object-group network test_network_og +gathered: + config: + - object_groups: + - description: test_network_og + name: test_network_og + network_object: + host: + - 192.0.3.1 + ipv6_address: + - 2001:db8:3::/64 + - description: test_og_network + name: test_og_network + network_object: + address: + - 192.0.2.0 255.255.255.0 + host: + - 192.0.2.1 + object_type: network + - object_groups: + - description: test_security + name: test_og_security + security_group: + sec_name: + - test_1 + tag: + - "10" + object_type: security + - object_groups: + - description: test_user + name: test_og_user + user_object: + user: + - domain: LOCAL + name: new_user_1 + - domain: LOCAL + name: new_user_2 + object_type: user +parsed: + config: + - object_groups: + - name: test_network_og + network_object: + ipv6_address: + - 2001:db8:3::/64 + - description: test_og_network + name: test_og_network + network_object: + address: + - 192.0.2.0 255.255.255.0 + host: + - 192.0.2.1 + object_type: network + - object_groups: + - name: test_og_service + service_object: + protocol: + - tcp-udp + object_type: service +rtt: + commands: + - no object-group protocol test_og_protocol + - object-group security test_og_security + - description test_security + - security-group name test_2 + - security-group name test_1 + - security-group tag 10 + - security-group tag 20 + - object-group network test_og_network + - description test_og_network + - no network-object 192.0.3.0 255.255.255.0 + - network-object 192.0.2.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 + - no network-object host 192.0.3.1 + - network-object host 192.0.2.1 + - network-object host 192.0.2.2 + - object-group network test_network_og + - description test_network_og + - network-object host 192.0.3.1 + - network-object host 192.0.3.2 + - network-object 2001:db8:3::/64 + - object-group user test_og_user + - description test_user + - user LOCAL\new_user_1 + - user LOCAL\new_user_2 diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.10.txt b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.10.txt new file mode 100644 index 00000000..3d2a4f58 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.10.txt @@ -0,0 +1 @@ +plugins/action/asa.py action-plugin-docs # base class for deprecated network platform modules using `connection: local` diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.9.txt b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.9.txt new file mode 100644 index 00000000..f7c35cc1 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/ignore-2.9.txt @@ -0,0 +1,5 @@ +plugins/modules/asa_acl.py validate-modules:deprecation-mismatch +plugins/modules/asa_acl.py validate-modules:invalid-documentation +plugins/modules/asa_og.py validate-modules:deprecation-mismatch +plugins/modules/asa_og.py validate-modules:invalid-documentation +plugins/action/asa.py action-plugin-docs # base class for deprecated network platform modules using `connection: local` diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/requirements.txt b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/requirements.txt new file mode 100644 index 00000000..3e3a9669 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/sanity/requirements.txt @@ -0,0 +1,4 @@ +packaging # needed for update-bundled and changelog +sphinx ; python_version >= '3.5' # docs build requires python 3+ +sphinx-notfound-page ; python_version >= '3.5' # docs build requires python 3+ +straight.plugin ; python_version >= '3.5' # needed for hacking/build-ansible.py which will host changelog generation and requires python 3+ diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/builtins.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/builtins.py new file mode 100644 index 00000000..bfc8adfb --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/builtins.py @@ -0,0 +1,34 @@ +# (c) 2014, Toshio Kuratomi <tkuratomi@ansible.com> +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +# +# Compat for python2.7 +# + +# One unittest needs to import builtins via __import__() so we need to have +# the string that represents it +try: + import __builtin__ +except ImportError: + BUILTINS = "builtins" +else: + BUILTINS = "__builtin__" diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/mock.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/mock.py new file mode 100644 index 00000000..2ea98a17 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/mock.py @@ -0,0 +1,128 @@ +# pylint: skip-file +# (c) 2014, Toshio Kuratomi <tkuratomi@ansible.com> +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +""" +Compat module for Python3.x's unittest.mock module +""" +import sys + +# Python 2.7 + +# Note: Could use the pypi mock library on python3.x as well as python2.x. It +# is the same as the python3 stdlib mock library + +try: + # Allow wildcard import because we really do want to import all of mock's + # symbols into this compat shim + # pylint: disable=wildcard-import,unused-wildcard-import + from unittest.mock import * +except ImportError: + # Python 2 + # pylint: disable=wildcard-import,unused-wildcard-import + try: + from mock import * + except ImportError: + print("You need the mock library installed on python2.x to run tests") + + +# Prior to 3.4.4, mock_open cannot handle binary read_data +if sys.version_info >= (3,) and sys.version_info < (3, 4, 4): + file_spec = None + + def _iterate_read_data(read_data): + # Helper for mock_open: + # Retrieve lines from read_data via a generator so that separate calls to + # readline, read, and readlines are properly interleaved + sep = b"\n" if isinstance(read_data, bytes) else "\n" + data_as_list = [l + sep for l in read_data.split(sep)] + + if data_as_list[-1] == sep: + # If the last line ended in a newline, the list comprehension will have an + # extra entry that's just a newline. Remove this. + data_as_list = data_as_list[:-1] + else: + # If there wasn't an extra newline by itself, then the file being + # emulated doesn't have a newline to end the last line remove the + # newline that our naive format() added + data_as_list[-1] = data_as_list[-1][:-1] + + for line in data_as_list: + yield line + + def mock_open(mock=None, read_data=""): + """ + A helper function to create a mock to replace the use of `open`. It works + for `open` called directly or used as a context manager. + + The `mock` argument is the mock object to configure. If `None` (the + default) then a `MagicMock` will be created for you, with the API limited + to methods or attributes available on standard file handles. + + `read_data` is a string for the `read` methoddline`, and `readlines` of the + file handle to return. This is an empty string by default. + """ + + def _readlines_side_effect(*args, **kwargs): + if handle.readlines.return_value is not None: + return handle.readlines.return_value + return list(_data) + + def _read_side_effect(*args, **kwargs): + if handle.read.return_value is not None: + return handle.read.return_value + return type(read_data)().join(_data) + + def _readline_side_effect(): + if handle.readline.return_value is not None: + while True: + yield handle.readline.return_value + for line in _data: + yield line + + global file_spec + if file_spec is None: + import _io + + file_spec = list( + set(dir(_io.TextIOWrapper)).union(set(dir(_io.BytesIO))) + ) + + if mock is None: + mock = MagicMock(name="open", spec=open) + + handle = MagicMock(spec=file_spec) + handle.__enter__.return_value = handle + + _data = _iterate_read_data(read_data) + + handle.write.return_value = None + handle.read.return_value = None + handle.readline.return_value = None + handle.readlines.return_value = None + + handle.read.side_effect = _read_side_effect + handle.readline.side_effect = _readline_side_effect() + handle.readlines.side_effect = _readlines_side_effect + + mock.return_value = handle + return mock diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/unittest.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/unittest.py new file mode 100644 index 00000000..df3379b8 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/compat/unittest.py @@ -0,0 +1,39 @@ +# (c) 2014, Toshio Kuratomi <tkuratomi@ansible.com> +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +""" +Compat module for Python2.7's unittest module +""" + +import sys + +# Allow wildcard import because we really do want to import all of +# unittests's symbols into this compat shim +# pylint: disable=wildcard-import,unused-wildcard-import +if sys.version_info < (2, 7): + try: + # Need unittest2 on python2.6 + from unittest2 import * + except ImportError: + print("You need unittest2 installed on python2.6.x to run tests") +else: + from unittest import * diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/loader.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/loader.py new file mode 100644 index 00000000..c21188ee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/loader.py @@ -0,0 +1,116 @@ +# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com> +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import os + +from ansible.errors import AnsibleParserError +from ansible.parsing.dataloader import DataLoader +from ansible.module_utils._text import to_bytes, to_text + + +class DictDataLoader(DataLoader): + def __init__(self, file_mapping=None): + file_mapping = {} if file_mapping is None else file_mapping + assert type(file_mapping) == dict + + super(DictDataLoader, self).__init__() + + self._file_mapping = file_mapping + self._build_known_directories() + self._vault_secrets = None + + def load_from_file(self, path, cache=True, unsafe=False): + path = to_text(path) + if path in self._file_mapping: + return self.load(self._file_mapping[path], path) + return None + + # TODO: the real _get_file_contents returns a bytestring, so we actually convert the + # unicode/text it's created with to utf-8 + def _get_file_contents(self, path): + path = to_text(path) + if path in self._file_mapping: + return (to_bytes(self._file_mapping[path]), False) + else: + raise AnsibleParserError("file not found: %s" % path) + + def path_exists(self, path): + path = to_text(path) + return path in self._file_mapping or path in self._known_directories + + def is_file(self, path): + path = to_text(path) + return path in self._file_mapping + + def is_directory(self, path): + path = to_text(path) + return path in self._known_directories + + def list_directory(self, path): + ret = [] + path = to_text(path) + for x in list(self._file_mapping.keys()) + self._known_directories: + if x.startswith(path): + if os.path.dirname(x) == path: + ret.append(os.path.basename(x)) + return ret + + def is_executable(self, path): + # FIXME: figure out a way to make paths return true for this + return False + + def _add_known_directory(self, directory): + if directory not in self._known_directories: + self._known_directories.append(directory) + + def _build_known_directories(self): + self._known_directories = [] + for path in self._file_mapping: + dirname = os.path.dirname(path) + while dirname not in ("/", ""): + self._add_known_directory(dirname) + dirname = os.path.dirname(dirname) + + def push(self, path, content): + rebuild_dirs = False + if path not in self._file_mapping: + rebuild_dirs = True + + self._file_mapping[path] = content + + if rebuild_dirs: + self._build_known_directories() + + def pop(self, path): + if path in self._file_mapping: + del self._file_mapping[path] + self._build_known_directories() + + def clear(self): + self._file_mapping = dict() + self._known_directories = [] + + def get_basedir(self): + return os.getcwd() + + def set_vault_secrets(self, vault_secrets): + self._vault_secrets = vault_secrets diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/path.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/path.py new file mode 100644 index 00000000..3bd0cdee --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/path.py @@ -0,0 +1,10 @@ +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +from ansible_collections.cisco.asa.tests.unit.compat.mock import MagicMock +from ansible.utils.path import unfrackpath + + +mock_unfrackpath_noop = MagicMock( + spec_set=unfrackpath, side_effect=lambda x, *args, **kwargs: x +) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/procenv.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/procenv.py new file mode 100644 index 00000000..e02cae04 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/procenv.py @@ -0,0 +1,94 @@ +# (c) 2016, Matt Davis <mdavis@ansible.com> +# (c) 2016, Toshio Kuratomi <tkuratomi@ansible.com> +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import sys +import json + +from contextlib import contextmanager +from io import BytesIO, StringIO +from ansible_collections.cisco.asa.tests.unit.compat import unittest +from ansible.module_utils.six import PY3 +from ansible.module_utils._text import to_bytes + + +@contextmanager +def swap_stdin_and_argv(stdin_data="", argv_data=tuple()): + """ + context manager that temporarily masks the test runner's values for stdin and argv + """ + real_stdin = sys.stdin + real_argv = sys.argv + + if PY3: + fake_stream = StringIO(stdin_data) + fake_stream.buffer = BytesIO(to_bytes(stdin_data)) + else: + fake_stream = BytesIO(to_bytes(stdin_data)) + + try: + sys.stdin = fake_stream + sys.argv = argv_data + + yield + finally: + sys.stdin = real_stdin + sys.argv = real_argv + + +@contextmanager +def swap_stdout(): + """ + context manager that temporarily replaces stdout for tests that need to verify output + """ + old_stdout = sys.stdout + + if PY3: + fake_stream = StringIO() + else: + fake_stream = BytesIO() + + try: + sys.stdout = fake_stream + + yield fake_stream + finally: + sys.stdout = old_stdout + + +class ModuleTestCase(unittest.TestCase): + def setUp(self, module_args=None): + if module_args is None: + module_args = { + "_ansible_remote_tmp": "/tmp", + "_ansible_keep_remote_files": False, + } + + args = json.dumps(dict(ANSIBLE_MODULE_ARGS=module_args)) + + # unittest doesn't have a clean place to use a context manager, so we have to enter/exit manually + self.stdin_swap = swap_stdin_and_argv(stdin_data=args) + self.stdin_swap.__enter__() + + def tearDown(self): + # unittest doesn't have a clean place to use a context manager, so we have to enter/exit manually + self.stdin_swap.__exit__(None, None, None) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/vault_helper.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/vault_helper.py new file mode 100644 index 00000000..b34ae134 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/vault_helper.py @@ -0,0 +1,42 @@ +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from ansible.module_utils._text import to_bytes + +from ansible.parsing.vault import VaultSecret + + +class TextVaultSecret(VaultSecret): + """A secret piece of text. ie, a password. Tracks text encoding. + + The text encoding of the text may not be the default text encoding so + we keep track of the encoding so we encode it to the same bytes.""" + + def __init__(self, text, encoding=None, errors=None, _bytes=None): + super(TextVaultSecret, self).__init__() + self.text = text + self.encoding = encoding or "utf-8" + self._bytes = _bytes + self.errors = errors or "strict" + + @property + def bytes(self): + """The text encoded with encoding, unless we specifically set _bytes.""" + return self._bytes or to_bytes( + self.text, encoding=self.encoding, errors=self.errors + ) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/yaml_helper.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/yaml_helper.py new file mode 100644 index 00000000..5df30aae --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/mock/yaml_helper.py @@ -0,0 +1,167 @@ +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +import io +import yaml + +from ansible.module_utils.six import PY3 +from ansible.parsing.yaml.loader import AnsibleLoader +from ansible.parsing.yaml.dumper import AnsibleDumper + + +class YamlTestUtils(object): + """Mixin class to combine with a unittest.TestCase subclass.""" + + def _loader(self, stream): + """Vault related tests will want to override this. + + Vault cases should setup a AnsibleLoader that has the vault password.""" + return AnsibleLoader(stream) + + def _dump_stream(self, obj, stream, dumper=None): + """Dump to a py2-unicode or py3-string stream.""" + if PY3: + return yaml.dump(obj, stream, Dumper=dumper) + else: + return yaml.dump(obj, stream, Dumper=dumper, encoding=None) + + def _dump_string(self, obj, dumper=None): + """Dump to a py2-unicode or py3-string""" + if PY3: + return yaml.dump(obj, Dumper=dumper) + else: + return yaml.dump(obj, Dumper=dumper, encoding=None) + + def _dump_load_cycle(self, obj): + # Each pass though a dump or load revs the 'generation' + # obj to yaml string + string_from_object_dump = self._dump_string(obj, dumper=AnsibleDumper) + + # wrap a stream/file like StringIO around that yaml + stream_from_object_dump = io.StringIO(string_from_object_dump) + loader = self._loader(stream_from_object_dump) + # load the yaml stream to create a new instance of the object (gen 2) + obj_2 = loader.get_data() + + # dump the gen 2 objects directory to strings + string_from_object_dump_2 = self._dump_string( + obj_2, dumper=AnsibleDumper + ) + + # The gen 1 and gen 2 yaml strings + self.assertEqual(string_from_object_dump, string_from_object_dump_2) + # the gen 1 (orig) and gen 2 py object + self.assertEqual(obj, obj_2) + + # again! gen 3... load strings into py objects + stream_3 = io.StringIO(string_from_object_dump_2) + loader_3 = self._loader(stream_3) + obj_3 = loader_3.get_data() + + string_from_object_dump_3 = self._dump_string( + obj_3, dumper=AnsibleDumper + ) + + self.assertEqual(obj, obj_3) + # should be transitive, but... + self.assertEqual(obj_2, obj_3) + self.assertEqual(string_from_object_dump, string_from_object_dump_3) + + def _old_dump_load_cycle(self, obj): + """Dump the passed in object to yaml, load it back up, dump again, compare.""" + stream = io.StringIO() + + yaml_string = self._dump_string(obj, dumper=AnsibleDumper) + self._dump_stream(obj, stream, dumper=AnsibleDumper) + + yaml_string_from_stream = stream.getvalue() + + # reset stream + stream.seek(0) + + loader = self._loader(stream) + # loader = AnsibleLoader(stream, vault_password=self.vault_password) + obj_from_stream = loader.get_data() + + stream_from_string = io.StringIO(yaml_string) + loader2 = self._loader(stream_from_string) + # loader2 = AnsibleLoader(stream_from_string, vault_password=self.vault_password) + obj_from_string = loader2.get_data() + + stream_obj_from_stream = io.StringIO() + stream_obj_from_string = io.StringIO() + + if PY3: + yaml.dump( + obj_from_stream, stream_obj_from_stream, Dumper=AnsibleDumper + ) + yaml.dump( + obj_from_stream, stream_obj_from_string, Dumper=AnsibleDumper + ) + else: + yaml.dump( + obj_from_stream, + stream_obj_from_stream, + Dumper=AnsibleDumper, + encoding=None, + ) + yaml.dump( + obj_from_stream, + stream_obj_from_string, + Dumper=AnsibleDumper, + encoding=None, + ) + + yaml_string_stream_obj_from_stream = stream_obj_from_stream.getvalue() + yaml_string_stream_obj_from_string = stream_obj_from_string.getvalue() + + stream_obj_from_stream.seek(0) + stream_obj_from_string.seek(0) + + if PY3: + yaml_string_obj_from_stream = yaml.dump( + obj_from_stream, Dumper=AnsibleDumper + ) + yaml_string_obj_from_string = yaml.dump( + obj_from_string, Dumper=AnsibleDumper + ) + else: + yaml_string_obj_from_stream = yaml.dump( + obj_from_stream, Dumper=AnsibleDumper, encoding=None + ) + yaml_string_obj_from_string = yaml.dump( + obj_from_string, Dumper=AnsibleDumper, encoding=None + ) + + assert yaml_string == yaml_string_obj_from_stream + assert ( + yaml_string + == yaml_string_obj_from_stream + == yaml_string_obj_from_string + ) + assert ( + yaml_string + == yaml_string_obj_from_stream + == yaml_string_obj_from_string + == yaml_string_stream_obj_from_stream + == yaml_string_stream_obj_from_string + ) + assert obj == obj_from_stream + assert obj == obj_from_string + assert obj == yaml_string_obj_from_stream + assert obj == yaml_string_obj_from_string + assert ( + obj + == obj_from_stream + == obj_from_string + == yaml_string_obj_from_stream + == yaml_string_obj_from_string + ) + return { + "obj": obj, + "yaml_string": yaml_string, + "yaml_string_from_stream": yaml_string_from_stream, + "obj_from_stream": obj_from_stream, + "obj_from_string": obj_from_string, + "yaml_string_obj_from_string": yaml_string_obj_from_string, + } diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/conftest.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/conftest.py new file mode 100644 index 00000000..e19a1e04 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/conftest.py @@ -0,0 +1,40 @@ +# Copyright (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import json + +import pytest + +from ansible.module_utils.six import string_types +from ansible.module_utils._text import to_bytes +from ansible.module_utils.common._collections_compat import MutableMapping + + +@pytest.fixture +def patch_ansible_module(request, mocker): + if isinstance(request.param, string_types): + args = request.param + elif isinstance(request.param, MutableMapping): + if "ANSIBLE_MODULE_ARGS" not in request.param: + request.param = {"ANSIBLE_MODULE_ARGS": request.param} + if "_ansible_remote_tmp" not in request.param["ANSIBLE_MODULE_ARGS"]: + request.param["ANSIBLE_MODULE_ARGS"][ + "_ansible_remote_tmp" + ] = "/tmp" + if ( + "_ansible_keep_remote_files" + not in request.param["ANSIBLE_MODULE_ARGS"] + ): + request.param["ANSIBLE_MODULE_ARGS"][ + "_ansible_keep_remote_files" + ] = False + args = json.dumps(request.param) + else: + raise Exception( + "Malformed data to the patch_ansible_module pytest fixture" + ) + + mocker.patch("ansible.module_utils.basic._ANSIBLE_ARGS", to_bytes(args)) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/asa_module.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/asa_module.py new file mode 100644 index 00000000..b86ebbb1 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/asa_module.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- + +# (c) 2019, Ansible by Red Hat, inc +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import os +import json + +from ansible_collections.cisco.asa.tests.unit.modules.utils import ( + AnsibleExitJson, + AnsibleFailJson, + ModuleTestCase, +) + + +fixture_path = os.path.join(os.path.dirname(__file__), "fixtures") +fixture_data = {} + + +def load_fixture(name): + path = os.path.join(fixture_path, name) + + if path in fixture_data: + return fixture_data[path] + + with open(path) as f: + data = f.read() + + try: + data = json.loads(data) + except Exception: + pass + + fixture_data[path] = data + return data + + +class TestAsaModule(ModuleTestCase): + def execute_module( + self, + failed=False, + changed=False, + commands=None, + sort=True, + defaults=False, + ): + + self.load_fixtures(commands) + + if failed: + result = self.failed() + self.assertTrue(result["failed"], result) + else: + result = self.changed(changed) + self.assertEqual(result["changed"], changed, result) + + if commands is not None: + if sort: + self.assertEqual( + sorted(commands), + sorted(result["commands"]), + result["commands"], + ) + else: + self.assertEqual( + commands, result["commands"], result["commands"] + ) + + return result + + def failed(self): + with self.assertRaises(AnsibleFailJson) as exc: + self.module.main() + + result = exc.exception.args[0] + self.assertTrue(result["failed"], result) + return result + + def changed(self, changed=False): + with self.assertRaises(AnsibleExitJson) as exc: + self.module.main() + + result = exc.exception.args[0] + self.assertEqual(result["changed"], changed, result) + return result + + def load_fixtures(self, commands=None): + pass diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/__init__.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/__init__.py diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg new file mode 100644 index 00000000..a40a861f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg @@ -0,0 +1,11 @@ +access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) + alert-interval 300 +access-list test_global_access; 1 elements; name hash: 0xaa83124c +access-list test_global_access line 1 extended deny tcp any any eq www log errors interval 300 (hitcnt=0) 0x849e9e8f +access-list test_global_access line 2 remark test global remark +access-list test_access; 2 elements; name hash: 0x96b5d78b +access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default (hitcnt=0) 0xdc46eb6e +access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors interval 300 (hitcnt=0) 0x831d8948 +access-list test_access line 3 extended permit ip host 192.0.2.2 any interval 300 (hitcnt=0) 0x831d897d +access-list test_R1_traffic; 1 elements; name hash: 0x2c20a0c +access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive (hitcnt=0) (inactive) 0x11821a52
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_dir b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_dir new file mode 100644 index 00000000..cd8caa3f --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_dir @@ -0,0 +1,10 @@ + +Directory of disk0:/ + +11 drwx 4096 04:49:48 May 16 2019 smart-log +7 -rwx 0 05:56:43 Nov 22 2019 use_ttyS0 +8 drwx 4096 04:45:10 May 16 2019 log +13 drwx 4096 04:49:52 May 16 2019 coredumpinfo + +1 file(s) total size: 0 bytes +8571076608 bytes total (8549351424 bytes free/99% free)
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_memory b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_memory new file mode 100644 index 00000000..13bea8cb --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_memory @@ -0,0 +1,14 @@ +Free memory: 7176970240 bytes (84%) +Used memory: 2590688668 bytes (16%) +------------- ------------------ +Total memory: 8589934592 bytes (100%) + +Virtual platform memory +----------------------- +Provisioned 8192 MB +Allowed 4096 MB + +Note: Free memory is the free system memory. Additional memory may + be available from memory pools internal to the firewall process. + Use 'show memory detail' to see this information, but use it + with care since it may cause CPU hogs and packet loss under load.
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_version b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_version new file mode 100644 index 00000000..d652d7be --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_facts_show_version @@ -0,0 +1,50 @@ + +Cisco Adaptive Security Appliance Software Version 9.10(1)11 +Firepower Extensible Operating System Version 2.4(1.227) +Device Manager Version 7.10(1) + +Compiled on Thu 21-Feb-19 14:10 PST by builders +System image file is "boot:/asa9101-11-smp-k8.bin" +Config file at boot was "startup-config" + +ciscoasa up 21 days 7 hours + +Hardware: ASAv, 8192 MB RAM, CPU Xeon E5 series 2300 MHz, 1 CPU (2 cores) +Model Id: ASAv10 +Internal ATA Compact Flash, 10240MB +Slot 1: ATA Compact Flash, 10240MB +BIOS Flash Firmware Hub @ 0x0, 0KB + + + 0: Ext: Management0/0 : address is 02ac.8ef2.59aa, irq 0 + 1: Ext: GigabitEthernet0/0 : address is 024e.1f85.94da, irq 0 + +License mode: AWS Licensing +License state: LICENSED + +Licensed features for this platform: +Maximum VLANs : 50 +Inside Hosts : Unlimited +Failover : Active/Standby +Encryption-DES : Enabled +Encryption-3DES-AES : Enabled +Security Contexts : 0 +Carrier : Enabled +AnyConnect Premium Peers : 250 +AnyConnect Essentials : Disabled +Other VPN Peers : 250 +Total VPN Peers : 250 +AnyConnect for Mobile : Enabled +AnyConnect for Cisco VPN Phone : Enabled +Advanced Endpoint Assessment : Enabled +Shared License : Disabled +Total TLS Proxy Sessions : 498 +Botnet Traffic Filter : Enabled +Cluster : Disabled + +Serial Number: 9AWFX1S46VQ + +Image type : Release +Key version : A + +Configuration last modified by enable_15 at 06:41:15.559 UTC Fri Nov 22 2019
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_og_config.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_og_config.cfg new file mode 100644 index 00000000..27f22120 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_og_config.cfg @@ -0,0 +1,5 @@ +object-group network test_nets +description ansible_test object-group description +network-object host 8.8.8.8 +network-object 192.168.0.0 255.255.0.0 +group-object awx_lon diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_ogs_config.cfg b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_ogs_config.cfg new file mode 100644 index 00000000..6f5025fc --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_ogs_config.cfg @@ -0,0 +1,7 @@ +object-group network test_og_network + description test_og_network + network-object host 192.0.2.1 + network-object 192.0.2.0 255.255.255.0 +object-group service test_og_service + service-object ipinip + service-object tcp-udp
\ No newline at end of file diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py new file mode 100644 index 00000000..ef5ea440 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py @@ -0,0 +1,568 @@ +# +# (c) 2019, Ansible by Red Hat, inc +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +# + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import sys + +import pytest + +# These tests and/or the module under test are unstable on Python 3.5. +# See: https://app.shippable.com/github/ansible/ansible/runs/161331/15/tests +# This is most likely due to CPython 3.5 not maintaining dict insertion order. +pytestmark = pytest.mark.skipif( + sys.version_info[:2] == (3, 5), + reason="Tests and/or module are unstable on Python 3.5.", +) + +from ansible_collections.cisco.asa.tests.unit.compat.mock import patch +from ansible_collections.cisco.asa.plugins.modules import asa_acls +from ansible_collections.cisco.asa.tests.unit.modules.utils import ( + set_module_args, +) +from .asa_module import TestAsaModule, load_fixture + + +class TestAsaAclsModule(TestAsaModule): + module = asa_acls + + def setUp(self): + super(TestAsaAclsModule, self).setUp() + + self.mock_get_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.get_config" + ) + self.get_config = self.mock_get_config.start() + + self.mock_load_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.load_config" + ) + self.load_config = self.mock_load_config.start() + + self.mock_get_resource_connection_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.cfg.base." + "get_resource_connection" + ) + self.get_resource_connection_config = ( + self.mock_get_resource_connection_config.start() + ) + + self.mock_get_resource_connection_facts = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.resource_module." + "get_resource_connection" + ) + self.get_resource_connection_facts = ( + self.mock_get_resource_connection_facts.start() + ) + + self.mock_edit_config = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.providers.providers.CliProvider.edit_config" + ) + self.edit_config = self.mock_edit_config.start() + + self.mock_execute_show_command = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.facts.acls.acls." + "AclsFacts.get_acls_config" + ) + self.execute_show_command = self.mock_execute_show_command.start() + + def tearDown(self): + super(TestAsaAclsModule, self).tearDown() + self.mock_get_resource_connection_config.stop() + self.mock_get_resource_connection_facts.stop() + self.mock_edit_config.stop() + self.mock_get_config.stop() + self.mock_load_config.stop() + self.mock_execute_show_command.stop() + + def load_fixtures(self, commands=None): + def load_from_file(*args, **kwargs): + return load_fixture("asa_acls_config.cfg") + + self.execute_show_command.side_effect = load_from_file + + def test_asa_acls_merged(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + aces=[ + dict( + destination=dict( + object_group="test_network_og", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=2, + log="default", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + object_group="test_og_network" + ), + ) + ], + acl_type="extended", + name="test_global_access", + ) + ] + ), + state="merged", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "access-list test_global_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default" + ] + self.assertEqual(result["commands"], commands) + + def test_asa_acls_merged_idempotent(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + aces=[ + dict( + destination=dict( + any="true", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="errors", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict(any="true"), + ), + dict(line=2, remark="test global remark"), + ], + acl_type="extended", + name="test_global_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="192.0.3.0", + netmask="255.255.255.0", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="default", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="192.0.2.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict( + address="198.51.110.0", + netmask="255.255.255.0", + ), + grant="deny", + line=2, + log="errors", + protocol="igrp", + protocol_options=dict(igrp="true"), + source=dict( + address="198.51.100.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict(any="true"), + grant="permit", + line=3, + protocol="ip", + protocol_options=dict(ip="true"), + source=dict(host="192.0.2.2"), + ), + ], + acl_type="extended", + name="test_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="2001:fc8:0:4::/64", + port_protocol=dict(eq="telnet"), + ), + grant="deny", + inactive="true", + line=1, + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="2001:db8:0:3::/64", + port_protocol=dict(eq="www"), + ), + ) + ], + acl_type="extended", + name="test_R1_traffic", + ), + ] + ), + state="merged", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_acls_replaced(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + name="test_access", + acl_type="extended", + aces=[ + dict( + destination=dict( + address="198.51.102.0", + netmask="255.255.255.0", + ), + grant="deny", + line=1, + log="default", + protocol="igrp", + protocol_options=dict(igrp="true"), + source=dict( + address="198.51.101.0", + netmask="255.255.255.0", + ), + time_range="temp", + ) + ], + ) + ] + ), + state="replaced", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", + "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "access-list test_access line 1 extended deny igrp 198.51.101.0 255.255.255.0 198.51.102.0 255.255.255.0 log default time-range temp", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_acls_replaced_idempotent(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + aces=[ + dict( + destination=dict( + any="true", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="errors", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict(any="true"), + ), + dict(line=2, remark="test global remark"), + ], + acl_type="extended", + name="test_global_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="192.0.3.0", + netmask="255.255.255.0", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="default", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="192.0.2.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict( + address="198.51.110.0", + netmask="255.255.255.0", + ), + grant="deny", + line=2, + log="errors", + protocol="igrp", + protocol_options=dict(igrp="true"), + source=dict( + address="198.51.100.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict(any="true"), + grant="permit", + line=3, + protocol="ip", + protocol_options=dict(ip="true"), + source=dict(host="192.0.2.2"), + ), + ], + acl_type="extended", + name="test_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="2001:fc8:0:4::/64", + port_protocol=dict(eq="telnet"), + ), + grant="deny", + inactive="true", + line=1, + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="2001:db8:0:3::/64", + port_protocol=dict(eq="www"), + ), + ) + ], + acl_type="extended", + name="test_R1_traffic", + ), + ] + ), + state="replaced", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_acls_overridden(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + name="test_global_access", + acl_type="extended", + aces=[ + dict( + destination=dict( + address="198.51.110.0", + netmask="255.255.255.0", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="errors", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="198.51.100.0", + netmask="255.255.255.0", + ), + ) + ], + ) + ] + ), + state="overridden", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "no access-list test_global_access line 2 remark test global remark", + "no access-list test_global_access line 1 extended deny tcp any any eq www log errors", + "no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive", + "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", + "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "access-list test_global_access line 1 extended deny tcp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 eq www log errors", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_acls_overridden_idempotent(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + aces=[ + dict( + destination=dict( + any="true", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="errors", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict(any="true"), + ), + dict(line=2, remark="test global remark"), + ], + acl_type="extended", + name="test_global_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="192.0.3.0", + netmask="255.255.255.0", + port_protocol=dict(eq="www"), + ), + grant="deny", + line=1, + log="default", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="192.0.2.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict( + address="198.51.110.0", + netmask="255.255.255.0", + ), + grant="deny", + line=2, + log="errors", + protocol="igrp", + protocol_options=dict(igrp="true"), + source=dict( + address="198.51.100.0", + netmask="255.255.255.0", + ), + ), + dict( + destination=dict(any="true"), + grant="permit", + line=3, + protocol="ip", + protocol_options=dict(ip="true"), + source=dict(host="192.0.2.2"), + ), + ], + acl_type="extended", + name="test_access", + ), + dict( + aces=[ + dict( + destination=dict( + address="2001:fc8:0:4::/64", + port_protocol=dict(eq="telnet"), + ), + grant="deny", + inactive="true", + line=1, + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="2001:db8:0:3::/64", + port_protocol=dict(eq="www"), + ), + ) + ], + acl_type="extended", + name="test_R1_traffic", + ), + ] + ), + state="overridden", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_acls_delete_by_acl(self): + set_module_args( + dict( + config=dict( + acls=[ + dict(name="test_global_access"), + dict(name="test_R1_traffic"), + ] + ), + state="deleted", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive", + "no access-list test_global_access line 2 remark test global remark", + "no access-list test_global_access line 1 extended deny tcp any any eq www log errors", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_acls_deleted_all(self): + set_module_args(dict(state="deleted")) + result = self.execute_module(changed=True) + commands = [ + "no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive", + "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", + "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "no access-list test_global_access line 2 remark test global remark", + "no access-list test_global_access line 1 extended deny tcp any any eq www log errors", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_acls_rendered(self): + set_module_args( + dict( + config=dict( + acls=[ + dict( + name="test_access", + acl_type="extended", + aces=[ + dict( + destination=dict( + address="192.0.3.0", + netmask="255.255.255.0", + ), + grant="deny", + line=1, + log="default", + protocol="tcp", + protocol_options=dict(tcp="true"), + source=dict( + address="192.0.2.0", + netmask="255.255.255.0", + ), + ) + ], + ) + ] + ), + state="rendered", + ) + ) + commands = [ + "access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 log default" + ] + result = self.execute_module(changed=False) + self.assertEqual(result["rendered"], commands) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_facts.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_facts.py new file mode 100644 index 00000000..46c3f91c --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_facts.py @@ -0,0 +1,100 @@ +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from ansible_collections.cisco.asa.tests.unit.compat.mock import patch +from ansible_collections.cisco.asa.plugins.modules import asa_facts +from ansible_collections.cisco.asa.tests.unit.modules.utils import ( + set_module_args, +) +from .asa_module import TestAsaModule, load_fixture + + +class TestAsaFactsModule(TestAsaModule): + + module = asa_facts + + def setUp(self): + super(TestAsaFactsModule, self).setUp() + self.mock_run_commands = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.facts.legacy.base.run_commands" + ) + self.run_commands = self.mock_run_commands.start() + + self.mock_get_resource_connection = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.facts.facts.get_resource_connection" + ) + self.get_resource_connection = ( + self.mock_get_resource_connection.start() + ) + + self.mock_get_capabilities = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.facts.legacy.base.get_capabilities" + ) + self.get_capabilities = self.mock_get_capabilities.start() + self.get_capabilities.return_value = { + "device_info": { + "network_os": "asa", + "network_os_hostname": "ciscoasa", + "network_os_image": "flash0:/vasa-adventerprisek9-m", + "network_os_version": "9.10(1)11", + }, + "network_api": "cliconf", + } + + def tearDown(self): + super(TestAsaFactsModule, self).tearDown() + self.mock_run_commands.stop() + self.mock_get_capabilities.stop() + + def load_fixtures(self, commands=None): + def load_from_file(*args, **kwargs): + commands = kwargs["commands"] + output = list() + + for command in commands: + filename = str(command).split(" | ")[0].replace(" ", "_") + output.append(load_fixture("asa_facts_%s" % filename)) + return output + + self.run_commands.side_effect = load_from_file + + def test_asa_facts_stacked(self): + set_module_args(dict(gather_subset="default")) + result = self.execute_module() + self.assertEqual( + result["ansible_facts"]["ansible_net_serialnum"], "9AWFX1S46VQ" + ) + self.assertEqual(result["ansible_facts"]["ansible_net_system"], "asa") + + def test_asa_facts_filesystems_info(self): + set_module_args(dict(gather_subset="hardware")) + result = self.execute_module() + self.assertEqual( + result["ansible_facts"]["ansible_net_filesystems_info"]["disk0:"][ + "spacetotal_kb" + ], + 8370192.0, + ) + self.assertEqual( + result["ansible_facts"]["ansible_net_filesystems_info"]["disk0:"][ + "spacefree_kb" + ], + 8348976.0, + ) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_og.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_og.py new file mode 100644 index 00000000..938fc291 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_og.py @@ -0,0 +1,126 @@ +# -*- coding: utf-8 -*- + +# (c) 2019, Ansible by Red Hat, inc +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from ansible_collections.cisco.asa.tests.unit.compat.mock import patch +from ansible_collections.cisco.asa.plugins.modules import asa_og +from ansible_collections.cisco.asa.tests.unit.modules.utils import ( + set_module_args, +) +from .asa_module import TestAsaModule, load_fixture + + +class TestAsaOgModule(TestAsaModule): + + module = asa_og + + def setUp(self): + super(TestAsaOgModule, self).setUp() + + self.mock_get_config = patch( + "ansible_collections.cisco.asa.plugins.modules.asa_og.get_config" + ) + self.get_config = self.mock_get_config.start() + + self.mock_load_config = patch( + "ansible_collections.cisco.asa.plugins.modules.asa_og.load_config" + ) + self.load_config = self.mock_load_config.start() + + self.mock_get_connection = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.asa.get_connection" + ) + self.get_connection = self.mock_get_connection.start() + + def tearDown(self): + super(TestAsaOgModule, self).tearDown() + self.mock_get_config.stop() + self.mock_load_config.stop() + + def load_fixtures(self, commands=None): + self.get_config.return_value = load_fixture( + "asa_og_config.cfg" + ).strip() + self.load_config.return_value = dict(diff=None, session="session") + + def test_asa_og_idempotent(self): + set_module_args( + dict( + name="test_nets", + group_type="network-object", + host_ip=["8.8.8.8"], + ip_mask=["192.168.0.0 255.255.0.0"], + group_object=["awx_lon"], + description="ansible_test object-group description", + state="present", + ) + ) + commands = [] + self.execute_module(changed=False, commands=commands) + + def test_asa_og_add(self): + set_module_args( + dict( + name="test_nets", + group_type="network-object", + host_ip=["8.8.8.8", "8.8.4.4"], + ip_mask=["192.168.0.0 255.255.0.0", "10.0.0.0 255.255.255.0"], + group_object=["awx_lon", "awx_ams"], + description="ansible_test object-group description", + state="present", + ) + ) + commands = [ + "object-group network test_nets", + "network-object host 8.8.4.4", + "network-object 10.0.0.0 255.255.255.0", + "group-object awx_ams", + ] + self.execute_module(changed=True, commands=commands) + + def test_asa_og_replace(self): + set_module_args( + dict( + name="test_nets", + group_type="network-object", + host_ip=["8.8.4.4"], + ip_mask=["10.0.0.0 255.255.255.0"], + group_object=["awx_ams"], + description="ansible_test custom description", + state="replace", + ) + ) + commands = [ + "object-group network test_nets", + "description ansible_test custom description", + "no network-object host 8.8.8.8", + "network-object host 8.8.4.4", + "no network-object 192.168.0.0 255.255.0.0", + "network-object 10.0.0.0 255.255.255.0", + "no group-object awx_lon", + "group-object awx_ams", + ] + self.execute_module(changed=True, commands=commands) + + def test_asa_og_remove(self): + set_module_args( + dict( + name="test_nets", + group_type="network-object", + host_ip=["8.8.8.8"], + group_object=["awx_lon"], + state="absent", + ) + ) + commands = [ + "object-group network test_nets", + "no network-object host 8.8.8.8", + "no group-object awx_lon", + ] + self.execute_module(changed=True, commands=commands) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py new file mode 100644 index 00000000..ca5f8ec4 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py @@ -0,0 +1,353 @@ +# +# (c) 2019, Ansible by Red Hat, inc +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +# + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +import sys + +import pytest + +# These tests and/or the module under test are unstable on Python 3.5. +# See: https://app.shippable.com/github/ansible/ansible/runs/161331/15/tests +# This is most likely due to CPython 3.5 not maintaining dict insertion order. +pytestmark = pytest.mark.skipif( + sys.version_info[:2] == (3, 5), + reason="Tests and/or module are unstable on Python 3.5.", +) + +from ansible_collections.cisco.asa.tests.unit.compat.mock import patch +from ansible_collections.cisco.asa.plugins.modules import asa_ogs +from ansible_collections.cisco.asa.tests.unit.modules.utils import ( + set_module_args, +) +from .asa_module import TestAsaModule, load_fixture + + +class TestAsaOGsModule(TestAsaModule): + module = asa_ogs + + def setUp(self): + super(TestAsaOGsModule, self).setUp() + + self.mock_get_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.get_config" + ) + self.get_config = self.mock_get_config.start() + + self.mock_load_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.load_config" + ) + self.load_config = self.mock_load_config.start() + + self.mock_get_resource_connection_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.cfg.base." + "get_resource_connection" + ) + self.get_resource_connection_config = ( + self.mock_get_resource_connection_config.start() + ) + + self.mock_get_resource_connection_facts = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.resource_module." + "get_resource_connection" + ) + self.get_resource_connection_facts = ( + self.mock_get_resource_connection_facts.start() + ) + + self.mock_edit_config = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.providers.providers.CliProvider.edit_config" + ) + self.edit_config = self.mock_edit_config.start() + + self.mock_execute_show_command = patch( + "ansible_collections.cisco.asa.plugins.module_utils.network.asa.facts.ogs.ogs." + "OGsFacts.get_og_data" + ) + self.execute_show_command = self.mock_execute_show_command.start() + + def tearDown(self): + super(TestAsaOGsModule, self).tearDown() + self.mock_get_resource_connection_config.stop() + self.mock_get_resource_connection_facts.stop() + self.mock_edit_config.stop() + self.mock_get_config.stop() + self.mock_load_config.stop() + self.mock_execute_show_command.stop() + + def load_fixtures(self, commands=None, transport="cli"): + def load_from_file(*args, **kwargs): + return load_fixture("asa_ogs_config.cfg") + + self.execute_show_command.side_effect = load_from_file + + def test_asa_ogs_merged(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + name="test_network_og", + description="test network og", + network_object=dict( + host=["192.0.3.1", "192.0.3.2"], + ipv6_address=["2001:db8:0:3::/64"], + ), + ) + ], + object_type="network", + ) + ], + state="merged", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "object-group network test_network_og", + "description test network og", + "network-object host 192.0.3.1", + "network-object host 192.0.3.2", + "network-object 2001:db8:0:3::/64", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_ogs_merged_idempotent(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + description="test_og_network", + name="test_og_network", + network_object=dict( + host=["192.0.2.1"], + address=["192.0.2.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ), + dict( + object_groups=[ + dict( + name="test_og_service", + service_object=dict( + protocol=["ipinip", "tcp-udp"] + ), + ) + ], + object_type="service", + ), + ], + state="merged", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_ogs_replaced(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + name="test_og_network", + description="test_og_network_replace", + network_object=dict( + host=["192.0.3.1"], + address=["192.0.3.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ) + ], + state="replaced", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "object-group network test_og_network", + "description test_og_network_replace", + "no network-object 192.0.2.0 255.255.255.0", + "network-object 192.0.3.0 255.255.255.0", + "no network-object host 192.0.2.1", + "network-object host 192.0.3.1", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_ogs_replaced_idempotent(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + description="test_og_network", + name="test_og_network", + network_object=dict( + host=["192.0.2.1"], + address=["192.0.2.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ), + dict( + object_groups=[ + dict( + name="test_og_service", + service_object=dict( + protocol=["ipinip", "tcp-udp"] + ), + ) + ], + object_type="service", + ), + ], + state="replaced", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_ogs_overridden(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + name="test_og_network", + description="test_og_network_override", + network_object=dict( + host=["192.0.3.1"], + address=["192.0.3.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ) + ], + state="overridden", + ) + ) + result = self.execute_module(changed=True) + commands = [ + "no object-group service test_og_service", + "object-group network test_og_network", + "description test_og_network_override", + "no network-object 192.0.2.0 255.255.255.0", + "network-object 192.0.3.0 255.255.255.0", + "no network-object host 192.0.2.1", + "network-object host 192.0.3.1", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_ogs_overridden_idempotent(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + description="test_og_network", + name="test_og_network", + network_object=dict( + host=["192.0.2.1"], + address=["192.0.2.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ), + dict( + object_groups=[ + dict( + name="test_og_service", + service_object=dict( + protocol=["ipinip", "tcp-udp"] + ), + ) + ], + object_type="service", + ), + ], + state="overridden", + ) + ) + self.execute_module(changed=False, commands=[], sort=True) + + def test_asa_ogs_delete_by_name(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[dict(name="test_og_network")], + object_type="network", + ) + ], + state="deleted", + ) + ) + result = self.execute_module(changed=True) + commands = ["no object-group network test_og_network"] + self.assertEqual(result["commands"], commands) + + def test_asa_ogs_deleted_all(self): + set_module_args(dict(state="deleted")) + result = self.execute_module(changed=True) + commands = [ + "no object-group network test_og_network", + "no object-group service test_og_service", + ] + self.assertEqual(result["commands"], commands) + + def test_asa_ogs_rendered(self): + set_module_args( + dict( + config=[ + dict( + object_groups=[ + dict( + description="test_og_network", + name="test_og_network", + network_object=dict( + host=["192.0.2.1"], + address=["192.0.2.0 255.255.255.0"], + ), + ) + ], + object_type="network", + ), + dict( + object_groups=[ + dict( + name="test_og_service", + service_object=dict( + protocol=["ipinip", "tcp-udp"] + ), + ) + ], + object_type="service", + ), + ], + state="rendered", + ) + ) + commands = [ + "object-group network test_og_network", + "description test_og_network", + "network-object 192.0.2.0 255.255.255.0", + "network-object host 192.0.2.1", + "object-group service test_og_service", + "service-object ipinip", + "service-object tcp-udp", + ] + result = self.execute_module(changed=False) + self.assertEqual(result["rendered"], commands) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/utils.py b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/utils.py new file mode 100644 index 00000000..9258b663 --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/modules/utils.py @@ -0,0 +1,51 @@ +from __future__ import absolute_import, division, print_function + +__metaclass__ = type +import json + +from ansible_collections.cisco.asa.tests.unit.compat import unittest +from ansible_collections.cisco.asa.tests.unit.compat.mock import patch +from ansible.module_utils import basic +from ansible.module_utils._text import to_bytes + + +def set_module_args(args): + if "_ansible_remote_tmp" not in args: + args["_ansible_remote_tmp"] = "/tmp" + if "_ansible_keep_remote_files" not in args: + args["_ansible_keep_remote_files"] = False + + args = json.dumps({"ANSIBLE_MODULE_ARGS": args}) + basic._ANSIBLE_ARGS = to_bytes(args) + + +class AnsibleExitJson(Exception): + pass + + +class AnsibleFailJson(Exception): + pass + + +def exit_json(*args, **kwargs): + if "changed" not in kwargs: + kwargs["changed"] = False + raise AnsibleExitJson(kwargs) + + +def fail_json(*args, **kwargs): + kwargs["failed"] = True + raise AnsibleFailJson(kwargs) + + +class ModuleTestCase(unittest.TestCase): + def setUp(self): + self.mock_module = patch.multiple( + basic.AnsibleModule, exit_json=exit_json, fail_json=fail_json + ) + self.mock_module.start() + self.mock_sleep = patch("time.sleep") + self.mock_sleep.start() + set_module_args({}) + self.addCleanup(self.mock_module.stop) + self.addCleanup(self.mock_sleep.stop) diff --git a/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/requirements.txt b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/requirements.txt new file mode 100644 index 00000000..a9772bea --- /dev/null +++ b/collections-debian-merged/ansible_collections/cisco/asa/tests/unit/requirements.txt @@ -0,0 +1,42 @@ +boto3 +placebo +pycrypto +passlib +pypsrp +python-memcached +pytz +pyvmomi +redis +requests +setuptools > 0.6 # pytest-xdist installed via requirements does not work with very old setuptools (sanity_ok) +unittest2 ; python_version < '2.7' +importlib ; python_version < '2.7' +netaddr +ipaddress +netapp-lib +solidfire-sdk-python + +# requirements for F5 specific modules +f5-sdk ; python_version >= '2.7' +f5-icontrol-rest ; python_version >= '2.7' +deepdiff + +# requirement for Fortinet specific modules +pyFMG + +# requirement for aci_rest module +xmljson + +# requirement for winrm connection plugin tests +pexpect + +# requirement for the linode module +linode-python # APIv3 +linode_api4 ; python_version > '2.6' # APIv4 + +# requirement for the gitlab module +python-gitlab +httmock + +# requirment for kubevirt modules +openshift ; python_version >= '2.7' |