diff options
Diffstat (limited to 'ansible_collections/cisco/meraki/tests')
100 files changed, 13224 insertions, 0 deletions
diff --git a/ansible_collections/cisco/meraki/tests/integration/inventory.networking b/ansible_collections/cisco/meraki/tests/integration/inventory.networking new file mode 100644 index 000000000..ab8958954 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/inventory.networking @@ -0,0 +1,42 @@ +# This is the configuration template for ansible-test network-integration tests. +# +# You do not need this template if you are: +# +# 1) Running integration tests without using ansible-test. +# 2) Using the `--platform` option to provision temporary network instances on EC2. +# +# If you do not want to use the automatically provisioned temporary network instances, +# fill in the @VAR placeholders below and save this file without the .template extension. +# +# NOTE: Automatic provisioning of network instances on EC2 requires an ansible-core-ci API key. + +[meraki] +localhost ansible_connection="local" + +[meraki:vars] +auth_key=b4aa1133085792857ae08a22ed01bc99b7e9c97d +test_org_id=133277 +test_org_name=kbreit@insight.com +test_net_name=Home - Appliance +test_net_id=N_624874448297678702 +test_switch_net_name=Home - Switch +test_wireless_net_name=Home - Wireless +test_appliance_net_name=Home - Appliance +test_template_name=AnsibleTemplate +test_template_id=L_624874448297661409 +email_prefix=meraki +email_domain=kevinbreit.net +serial=Q2BN-MCH8-VEL5 +serial_switch=Q2HP-2C6E-GTLD +serial_wireless=Q2KD-83UG-JL8X +serial_switch_l3=QBSB-VLNE-E299 +serial_appliance=Q2BN-MCH8-VEL5 +# serial=QBSC-HJSL-A64F +# serial=Q2HD-DPPR-QTAE +# serial=Q2HP-2C6E-GTLD + +### +# Example +# +# [vyos] +# vyos01.example.net ansible_connection=local ansible_network_os="vyos" ansible_user=admin ansible_ssh_pass=mypassword diff --git a/ansible_collections/cisco/meraki/tests/integration/inventory.networking.template b/ansible_collections/cisco/meraki/tests/integration/inventory.networking.template new file mode 100644 index 000000000..3057b7f2f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/inventory.networking.template @@ -0,0 +1,37 @@ +# This is the configuration template for ansible-test network-integration tests. +# +# You do not need this template if you are: +# +# 1) Running integration tests without using ansible-test. +# 2) Using the `--platform` option to provision temporary network instances on EC2. +# +# If you do not want to use the automatically provisioned temporary network instances, +# fill in the @VAR placeholders below and save this file without the .template extension. +# +# NOTE: Automatic provisioning of network instances on EC2 requires an ansible-core-ci API key. + +[meraki] +localhost ansible_connection="local" + +[meraki:vars] +auth_key=abc1234567890 +test_org_id=12345 +test_org_name=YourOrg +test_net_name=YourNet +test_net_id=54321 +test_switch_net_name=Switch Net +test_wireless_net_name=Wireless Net +test_template_name=YourTemplate +test_template_id=L_12345 +email_prefix=YourEmail +email_domain=YourDomain +serial=YourSerial +serial_switch=YourSwitchSerial +serial_switch_l3=YourL3SwitchSerial + + +### +# Example +# +# [vyos] +# vyos01.example.net ansible_connection=local ansible_network_os="vyos" ansible_user=admin ansible_ssh_pass=mypassword diff --git a/ansible_collections/cisco/meraki/tests/integration/target-prefixes.network b/ansible_collections/cisco/meraki/tests/integration/target-prefixes.network new file mode 100644 index 000000000..2516cd48f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/target-prefixes.network @@ -0,0 +1 @@ +meraki diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/tasks/main.yml new file mode 100644 index 000000000..768e1d251 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_action_batch/tasks/main.yml @@ -0,0 +1,325 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Query all Action Batches + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + delegate_to: localhost + register: query_all + + - name: Query all Action Batches + ansible.builtin.set_fact: + batch_id: '{{ query_all.data[0].id }}' + + - name: Asserting a values query_all.data and query_all + ansible.builtin.assert: + that: + - query_all.data is defined + - query_all is not changed + + - name: Query one Action Batch job + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + action_batch_id: '{{ batch_id }}' + delegate_to: localhost + register: query_one + + - name: Debug query_one + ansible.builtin.debug: + var: query_one | length + + - name: Assert if query_one.data has been changed + ansible.builtin.assert: + that: + - query_one.data is defined + + - name: Create an Action Batch job + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + actions: + - resource: '/organizations/{{ test_org_id }}/networks' + operation: 'create' + body: + name: 'AnsibleActionBatch1' + productTypes: + - 'switch' + delegate_to: localhost + register: create_one + + - name: Assert a various values + ansible.builtin.assert: + that: + - create_one.data.id is defined + - create_one.data.status.completed == false + - create_one.data.actions.0.resource == '/organizations/{{ test_org_id }}/networks' + - create_one.data.actions.0.operation == 'create' + - create_one.data.actions.0.body.name == 'AnsibleActionBatch1' + - create_one.data.actions[0].body.product_types[0] == 'switch' + + - name: Set fact new_batch_id + ansible.builtin.set_fact: + new_batch_id: '{{ create_one.data.id }}' + + - name: Create an Action Batch job to be deleted later + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + actions: + - resource: '/organizations/{{ test_org_id }}/networks' + operation: 'create' + body: + name: 'AnsibleActionBatch100' + productTypes: + - 'switch' + delegate_to: localhost + register: batch_delete_id + + - name: Set fact deletable_batch_id + ansible.builtin.set_fact: + deletable_batch_id: '{{ batch_delete_id.data.id }}' + + - name: Update Action Batch job with a body + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + action_batch_id: '{{ new_batch_id }}' + actions: + - resource: '/organizations/{{ test_org_id }}/networks' + operation: 'create' + body: + name: 'AnsibleActionBatch1' + productTypes: + - 'switch' + delegate_to: localhost + register: create_one_idempotent + failed_when: false + changed_when: false + + - name: Asset a value create_one_idempotent.msg + ansible.builtin.assert: + that: + - create_one_idempotent.msg == 'Body cannot be updated on existing job.' + + - name: Update Action Batch job + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + action_batch_id: '{{ new_batch_id }}' + synchronous: false + delegate_to: localhost + register: update_one + + - name: Assert a value update_one + ansible.builtin.assert: + that: + - update_one.data.id is defined + - update_one is changed + + - name: Update Action Batch job with idempotentcy + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + action_batch_id: '{{ new_batch_id }}' + synchronous: false + delegate_to: localhost + register: update_one_idempotent + + - name: Assert value update_one_idempotent + ansible.builtin.assert: + that: + - update_one_idempotent.data.id is defined + - update_one_idempotent is not changed + + - name: Create an Action Batch job with multiple actions + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + actions: + - resource: '/organizations/{{ test_org_id }}/networks' + operation: 'create' + body: + name: 'AnsibleActionBatch2' + productTypes: + - 'switch' + - resource: '/organizations/{{ test_org_id }}/networks' + operation: 'create' + body: + name: 'AnsibleActionBatch3' + productTypes: + - 'switch' + delegate_to: localhost + register: create_two + + - name: Set fact create_two_batch_id + ansible.builtin.set_fact: + create_two_batch_id: '{{ create_two.data.id }}' + + - name: Set single action job as confirmed + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + action_batch_id: '{{ new_batch_id }}' + confirmed: true + delegate_to: localhost + register: confirm_one + + - name: Assert confirm_one + ansible.builtin.assert: + that: + - confirm_one.data.id is defined + - confirm_one is changed + + - name: Set two action job as confirmed + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + action_batch_id: '{{ create_two_batch_id }}' + confirmed: true + delegate_to: localhost + register: confirm_two + + - name: Assert confirm_two + ansible.builtin.assert: + that: + - confirm_two.data.id is defined + - confirm_two is changed + + - name: Gather newly created networks + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + action_batch_id: '{{ create_two_batch_id }}' + delegate_to: localhost + register: gather_networks + + - name: If value is not equal Validation failed... + ansible.builtin.assert: + that: + - gather_networks.data.actions.0.status.errors.0 != 'Validation failed\: Name has already been taken' + + - name: Set fact new_networks + ansible.builtin.set_fact: + new_networks: "{{ gather_networks.data.status.created_resources | selectattr('uri', 'defined') | map(attribute='uri') | list | unique }}" + + - name: Initialize an empty list + ansible.builtin.set_fact: + delete_actions: [] + + - name: Set fact delete_actions + ansible.builtin.set_fact: + delete_actions: "{{ delete_actions + [{'resource': item, 'operation': 'destroy'}] }}" + loop: '{{ new_networks }}' + + - name: Create an Action Batch job to delete newly created networks + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + actions: '{{ delete_actions }}' + delegate_to: localhost + register: delete_two + + - name: Set fact deletable_bat + ansible.builtin.set_fact: + deletable_batch_id: '{{ delete_two.data.id }}' + + - name: Delete an Action Batch job + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: absent + action_batch_id: '{{ deletable_batch_id }}' + actions: '{{ delete_actions }}' + delegate_to: localhost + register: delete_two_networks + + always: + - name: Get network ID for AnsibleActionBatch2 + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + net_name: AnsibleActionBatch2 + delegate_to: localhost + register: aab2 + + - name: Set value aab2_id + ansible.builtin.set_fact: + aab2_id: '{{ aab2.data.id }}' + failed_when: false + changed_when: false + + - name: Get network ID for AnsibleActionBatch3 + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + net_name: AnsibleActionBatch3 + delegate_to: localhost + register: aab3 + + - name: Set value aab3_id + ansible.builtin.set_fact: + aab3_id: '{{ aab3.data.id }}' + failed_when: false + changed_when: false + + - name: Delete new networks before other tests + meraki_action_batch: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: present + confirmed: true + actions: + - resource: '/networks/{{ aab2_id }}' + operation: 'destroy' + - resource: '/networks/{{ aab3_id }}' + operation: 'destroy' + delegate_to: localhost + register: delete_networks + when: + - aab2 is defined + - aab3 is defined + + # - name: Get all action batch jobs + # meraki_action_batch: + # auth_key: '{{ auth_key }}' + # org_name: '{{ test_org_name }}' + # state: query + # delegate_to: localhost + # register: all_jobs + + # - ansible.builtin.debug: + # var: all_jobs + + # - name: Delete all action batch jobs + # meraki_action_batch: + # auth_key: '{{ auth_key }}' + # org_name: '{{ test_org_name }}' + # state: absent + # action_batch_id: '{{ item.id }}' + # loop: '{{ all_jobs.data }}' + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/tasks/main.yml new file mode 100644 index 000000000..89374c0b4 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_admin/tasks/main.yml @@ -0,0 +1,428 @@ +# Test code for the Meraki Admin module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create new administrator in check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jane Doe + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + org_access: read-only + delegate_to: localhost + check_mode: true + register: create_org_check + + - name: Create new admin check mode assertion + ansible.builtin.assert: + that: + - create_org_check is changed + - 'create_org_check.data.name == "Jane Doe"' + + - name: Create new administrator + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jane Doe + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + org_access: read-only + delegate_to: localhost + register: create_orgaccess + + - name: Create new admin assertion + ansible.builtin.assert: + that: + - create_orgaccess.changed == true + - 'create_orgaccess.data.name == "Jane Doe"' + + - name: Delete recently created administrator with check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + delegate_to: localhost + register: delete_one_check + check_mode: true + + - name: Assert if delete_one_check has been changed + ansible.builtin.assert: + that: + - delete_one_check is changed + + - name: Delete recently created administrator + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + delegate_to: localhost + register: delete_one + + - name: Create new administrator with org_id + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + name: Jane Doe + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + orgAccess: read-only + delegate_to: localhost + register: create_orgaccess_id + + - name: Create new admin assertion + ansible.builtin.assert: + that: + - create_orgaccess_id.changed == true + - 'create_orgaccess_id.data.name == "Jane Doe"' + + - name: Create administrator with tags with check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: John Doe + email: '{{ email_prefix }}+johndoe@{{ email_domain }}' + orgAccess: none + tags: + - tag: production + access: read-only + - tag: beta + access: full + delegate_to: localhost + register: create_tags_check + check_mode: true + + - name: Assert if create_tags_check has been changed + ansible.builtin.assert: + that: + - create_tags_check is changed + - create_tags_check.data.name == "John Doe" + - create_tags_check.data.tags | length == 2 + + - name: Create administrator with tags + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: John Doe + email: '{{ email_prefix }}+johndoe@{{ email_domain }}' + orgAccess: none + tags: + - tag: production + access: read-only + - tag: beta + access: full + delegate_to: localhost + register: create_tags + + - name: Assert if create_tags has been changed + ansible.builtin.assert: + that: + - create_tags.changed == true + - create_tags.data.name == "John Doe" + - create_tags.data.tags | length == 2 + + - name: Create administrator with invalid tags + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jake Doe + email: '{{ email_prefix }}+jakedoe@{{ email_domain }}' + orgAccess: none + tags: + - tag: production + access: read-only + - tag: alpha + access: invalid + delegate_to: localhost + register: create_tags_invalid + failed_when: false + changed_when: false + + - name: Assert if create_tags_invalid + ansible.builtin.assert: + that: + - '"400" in create_tags_invalid.msg' + - '"must be one of" in create_tags_invalid.msg' + + - name: Create administrator with invalid tag permission + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jake Doe + email: '{{ email_prefix }}+jakedoe@{{ email_domain }}' + orgAccess: none + tags: + - tag: production + access: read-only + - tag: beta + access: invalid + delegate_to: localhost + register: create_tags_invalid_permission + failed_when: false + changed_when: false + + - name: Assert if create_tags_invalid_permission + ansible.builtin.assert: + that: + - '"400" in create_tags_invalid_permission.msg' + - '"must be one of" in create_tags_invalid_permission.msg' + + - name: Make sure TestNet and TestNet2 are created + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ item }}' + type: switch + register: new_networks + loop: + - TestNet + - TestNet2 + + - name: Set facts testnet_id, testnet2_id + ansible.builtin.set_fact: + testnet_id: new_networks.results[0].data.id + testnet2_id: new_networks.results[1].data.id + + - name: Create administrator with networks with check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: read-only + - id: testnet2_id + access: full + delegate_to: localhost + register: create_network_check + check_mode: true + + - name: Assert if create_network_check has been changed + ansible.builtin.assert: + that: + - create_network_check is changed + - create_network_check.data.name == "Jim Doe" + - create_network_check.data.networks | length == 2 + + - name: Create administrator with networks + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: read-only + - network: TestNet2 + access: full + delegate_to: localhost + register: create_network + + - name: Assert if create_network has been changed + ansible.builtin.assert: + that: + - create_network.changed == true + - create_network.data.name == "Jim Doe" + - create_network.data.networks | length == 2 + + - name: Update administrator with check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: full + delegate_to: localhost + register: update_network_check + check_mode: true + + - name: Debug update_network_check + ansible.builtin.debug: + var: update_network_check + + - name: Assert if update_network_check has been changed + ansible.builtin.assert: + that: + - update_network_check is changed + - update_network_check.data.networks.0.access == "full" + - update_network_check.data.networks | length == 1 + + - name: Update administrator + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: full + delegate_to: localhost + register: update_network + + - name: Assert if update_network has been changed + ansible.builtin.assert: + that: + - update_network.changed == true + - update_network.data.networks.0.access == "full" + - update_network.data.networks | length == 1 + + - name: Update administrator for idempotency check with check mode + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: full + delegate_to: localhost + register: update_network_idempotent_check + check_mode: true + + - name: Debug update_network_idempotent_check + ansible.builtin.debug: + var: update_network_idempotent_check + + - name: Assert if update_network_idempotent_check has not changed + ansible.builtin.assert: + that: + - update_network_idempotent_check is not changed + + - name: Update administrator for idempotency + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: Jim Doe + email: '{{ email_prefix }}+jimdoe@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNet + access: full + delegate_to: localhost + register: update_network_idempotent + + - name: Assert if update_network_idempotent has been not changed + ansible.builtin.assert: + that: + - update_network_idempotent.changed == false + - update_network_idempotent.data is defined + + - name: Create administrator with invalid network + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + name: John Doe + email: '{{ email_prefix }}+John@{{ email_domain }}' + orgAccess: none + networks: + - network: TestNetFake + access: read-only + delegate_to: localhost + register: create_network_invalid + failed_when: false + changed_when: false + + - name: Assert if message in create_network_invalid + ansible.builtin.assert: + that: + - '"No network found with the name" in create_network_invalid.msg' + # - '"400" in create_network_invalid.msg' + + - name: Query all administrators + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + delegate_to: localhost + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data | length == 4 + - query_all.changed == False + + - name: Query admin by name + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + name: Jane Doe + delegate_to: localhost + register: query_name + + - name: Query admin by email + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + email: '{{ email_prefix }}+janedoe@{{ email_domain }}' + delegate_to: localhost + register: query_email + + - name: Check the name and email of query_name, query_email + ansible.builtin.assert: + that: + - query_name.data.name == "Jane Doe" + - 'query_email.data.email == "{{ email_prefix }}+janedoe@{{ email_domain }}"' + + always: + ############################################################################# + # Tear down starts here + ############################################################################# + - name: Delete administrators + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + email: '{{ item }}' + delegate_to: localhost + register: delete_all + failed_when: false + changed_when: false + loop: + - '{{ email_prefix }}+janedoe@{{ email_domain }}' + - '{{ email_prefix }}+johndoe@{{ email_domain }}' + - '{{ email_prefix }}+jimdoe@{{ email_domain }}' + + - name: Query all administrators + cisco.meraki.meraki_admin: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + delegate_to: localhost + register: query_all_deleted + + - name: Assert query_all_deleted + ansible.builtin.assert: + that: + - query_all_deleted.data | length == 1 diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/aliases diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/tasks/main.yml new file mode 100644 index 000000000..de9d20524 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_alert/tasks/main.yml @@ -0,0 +1,356 @@ +# Test code for the Meraki modules +# Copyright: (c) 2020, 2023 Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create network with type wireless + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + + - name: Create webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + name: Test webhook + url: "https://webhook.site/f113313e-fbad-464d-9fbe-ed2392e1ee8c" + shared_secret: "abc123" + delegate_to: localhost + register: webhook + + - name: Update settings with check mode + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + http_server_ids: + - "aHR0cHM6Ly93ZWJob29rLnNpdGUvZjExMzMxM2UtZmJhZC00NjRkLTlmYmUtZWQyMzkyZTFlZThjCg==" + alerts: + - alert_type: "gatewayDown" + enabled: true + filters: + timeout: 60 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + - alert_type: "usageAlert" + enabled: true + filters: + period: 1200 + threshold: 104857600 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: true + snmp: false + delegate_to: localhost + register: update_check + check_mode: true + + - name: Assert update_check + ansible.builtin.assert: + that: + - update_check.data is defined + - update_check.diff is defined + - update_check is changed + - update_check.data.default_destinations.http_server_ids | length == 1 + + - name: Update settings + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + alerts: + - alert_type: "gatewayDown" + enabled: true + filters: + timeout: 60 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + - alert_type: "usageAlert" + enabled: true + filters: + period: 1200 + threshold: 104857600 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: true + snmp: false + delegate_to: localhost + register: update + + - name: Assert update + ansible.builtin.assert: + that: + - update.data is defined + - update.diff is defined + - update is changed + - update.data.default_destinations.emails | length == 2 + + - name: Update settings idempotent + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + alerts: + - alert_type: "gatewayDown" + enabled: true + filters: + timeout: 60 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: false + snmp: false + - alert_type: "usageAlert" + enabled: true + filters: + period: 1200 + threshold: 104857600 + alert_destinations: + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + all_admins: true + snmp: false + delegate_to: localhost + register: update_idempotent + + - name: Assert update_idempotent + ansible.builtin.assert: + that: + - update_idempotent.data is defined + - update_idempotent is not changed + + - name: Remove Email from settings + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + emails: [] + alerts: + - alert_type: "gatewayDown" + enabled: true + filters: + timeout: 60 + alert_destinations: + all_admins: false + snmp: false + emails: [] + - alert_type: "usageAlert" + enabled: true + filters: + period: 1200 + threshold: 104857600 + alert_destinations: + all_admins: true + snmp: false + delegate_to: localhost + register: removeemailupdate + + - name: Assert remove email update + ansible.builtin.assert: + that: + - removeemailupdate.data is defined + - removeemailupdate.diff is defined + - removeemailupdate is changed + - removemeailupdate.data.default_destinations.email is not defined + + - name: Remove email settings idempotent + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + alerts: + - alert_type: "gatewayDown" + enabled: true + filters: + timeout: 60 + alert_destinations: + all_admins: false + snmp: false + emails: [] + - alert_type: "usageAlert" + enabled: true + filters: + period: 1200 + threshold: 104857600 + alert_destinations: + all_admins: true + snmp: false + delegate_to: localhost + register: removeemailupdate_idempotent + + - name: Remove Email Assert update_idempotent + ansible.builtin.assert: + that: + - removeemailupdate_idempotent.data is defined + - removeemailupdate_idempotent is not changed + + - name: Set default destination email address and HTTP server ID + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + http_server_ids: + - '{{ webhook.data.id }}' + delegate_to: localhost + register: set_default_lists + + - name: Assert default destination items + ansible.builtin.assert: + that: + - set_default_lists.data is defined + - set_default_lists is changed + - set_default_lists.data.default_destinations.emails | length == 2 + - set_default_lists.data.default_destinations.http_server_ids| length == 1 + + - name: Update default destinations without HTTP server IDs for testing purposes + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + emails: + - '{{ email_prefix }}@{{ email_domain }}' + - '{{ email_prefix }}2@{{ email_domain }}' + delegate_to: localhost + + - name: Query all settings + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + delegate_to: localhost + register: query_for_webhook + + - name: Check for HTTP server IDs + ansible.builtin.assert: + that: + - query_for_webhook.data.default_destinations.http_server_ids | length == 1 + + - name: Clear default destination email addresses + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + emails: + - + delegate_to: localhost + register: clear_emails + + - name: Assert emails were cleared + ansible.builtin.assert: + that: + - clear_emails.data.default_destinations.emails | length == 0 + + - name: Clear default destination HTTP server IDs + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + default_destinations: + all_admins: false + snmp: false + http_server_ids: + - + delegate_to: localhost + register: clear_http_ids + + - name: Assert that HTTP servers were cleared + ansible.builtin.assert: + that: + - clear_http_ids.data.default_destinations.http_server_ids | length == 0 + + - name: Query all settings + cisco.meraki.meraki_alert: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + delegate_to: localhost + register: query_all + + - name: Asset query_all + ansible.builtin.assert: + that: + - query_all.data is defined + + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/tasks/main.yml new file mode 100644 index 000000000..9fd5b0dba --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_config_template/tasks/main.yml @@ -0,0 +1,210 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of test + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Query all configuration templates + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + register: get_all + + - name: Delete non-existant configuration template + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + config_template: FakeConfigTemplate + register: deleted + failed_when: false + changed_when: false + + - name: Assert a delated.msg + ansible.builtin.assert: + that: + - '"No configuration template named" in deleted.msg' + + - name: Create a network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + type: appliance + delegate_to: localhost + register: net_info + + - name: Set fact net_id + ansible.builtin.set_fact: + net_id: '{{ net_info.data.id }}' + + - name: Bind a template to a network with check mode + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + config_template: '{{ test_template_name }}' + check_mode: true + register: bind_check + + - name: Bind a template to a network + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + config_template: '{{ test_template_name }}' + register: bind + + - name: Assert bind + ansible.builtin.assert: + that: + bind.changed == True + + - name: Assert if bind_check has been changed + ansible.builtin.assert: + that: + bind_check is changed + + - name: Bind a template to a network when it's already bound + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + config_template: '{{ test_template_name }}' + register: bind_invalid + failed_when: false + changed_when: false + + - name: Assert if bind_invalid has been not changed + ansible.builtin.assert: + that: + - bind_invalid.changed == False + + - name: Unbind a template from a network + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + config_template: '{{ test_template_name }}' + register: unbind + + - name: Assert if unbind has been changed + ansible.builtin.assert: + that: + unbind.changed == True + + - name: Unbind a template from a network when it's not bound + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + config_template: '{{ test_template_name }}' + register: unbind_invalid + + - name: Assert if unbind_invalid has been not changed + ansible.builtin.assert: + that: + unbind_invalid.changed == False + + - name: Bind a template to a network via id + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + config_template: '{{ test_template_name }}' + register: bind_id + + - name: Assert if bind_id has been changed + ansible.builtin.assert: + that: + bind_id.changed == True + + - name: Bind a template to a network via id for idempotency + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + config_template: '{{ test_template_name }}' + register: bind_id_idempotent + + - name: Assert bind_id_idempotent + ansible.builtin.assert: + that: + - bind_id_idempotent.changed == False + - bind_id_idempotent.data is defined + + - name: Unbind a template from a network via id with check mode + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + config_template: '{{ test_template_name }}' + check_mode: true + register: unbind_id_check + + - name: Assert if unbind_id_check has been changed + ansible.builtin.assert: + that: + unbind_id_check is changed + + - name: Unbind a template from a network via id + cisco.meraki.meraki_config_template: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + config_template: '{{ test_template_name }}' + register: unbind_id + + - name: Assert if unbind_id_check has been changed + ansible.builtin.assert: + that: + unbind_id.changed == True + + # This is disabled by default since they can't be created via API + # - name: Delete sacrificial template with check mode + # cisco.meraki.meraki_config_template: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{ test_org_name }}' + # config_template: sacrificial_template + # check_mode: true + # register: delete_template_check + + # This is disabled by default since they can't be created via API + # - name: Delete sacrificial template + # cisco.meraki.meraki_config_template: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{ test_org_name }}' + # config_template: sacrificial_template + # output_level: debug + # register: delete_template + + # - ansible.builtin.debug: + # var: delete_template + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/aliases new file mode 100644 index 000000000..89aea537d --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/aliases @@ -0,0 +1 @@ +unsupported
\ No newline at end of file diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/tasks/main.yml new file mode 100644 index 000000000..17d5407c9 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_device/tasks/main.yml @@ -0,0 +1,265 @@ +--- +- name: Block of tests + block: + # This is commented out because a device cannot be unclaimed via API + # - name: Claim a device into an organization + # cisco.meraki.meraki_device: + # auth_key: '{{ auth_key }}' + # org_name: '{{ test_org_name }}' + # serial: '{{ serial }}' + # state: present + # delegate_to: localhost + # register: claim_device_org + + # - ansible.builtin.assert: + # that: + # - claim_device_org.changed == true + + - name: Create network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + type: appliance + state: present + register: net_info + + - name: Set fact net_id + ansible.builtin.set_fact: + net_id: '{{ net_info.data.id }}' + + - name: Query status of all devices in an organization + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + state: query + delegate_to: localhost + register: query_device_org + + - name: Debug query_device_org + ansible.builtin.debug: + msg: '{{ query_device_org }}' + + - name: Claim a device into a network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + state: present + delegate_to: localhost + register: claim_device + + - name: Debug claim_device + ansible.builtin.debug: + msg: '{{ claim_device }}' + + - name: Assert if claim_device has been changed + ansible.builtin.assert: + that: + - claim_device.changed == true + + - name: Query all devices in one network by network ID + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + state: query + delegate_to: localhost + register: query_one_net_id + + - name: Debug query_one_net_id + ansible.builtin.debug: + msg: '{{ query_one_net_id }}' + + - name: Query all devices in one network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: query + delegate_to: localhost + register: query_one_net + + - name: Debug query_one_net + ansible.builtin.debug: + msg: '{{ query_one_net }}' + + - name: Query device by serial + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + serial: '{{ serial }}' + state: query + delegate_to: localhost + register: query_serial_no_net + + - name: Debug query_serial_no_net + ansible.builtin.debug: + msg: '{{ query_serial_no_net }}' + + - name: Query device by serial + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + state: query + delegate_to: localhost + register: query_serial + + - name: Debug query_serial + ansible.builtin.debug: + msg: '{{ query_serial }}' + + - name: Assert if query_serial has been not changed + ansible.builtin.assert: + that: + - query_serial.changed == False + + - name: Query uplink information for a device + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + state: query + query: uplink + delegate_to: localhost + register: query_serial_uplink + + - name: Debug query_serial_uplink + ansible.builtin.debug: + msg: '{{ query_serial_uplink }}' + + - name: Query LLDP/CDP information about a device + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + lldp_cdp_timespan: 6000 + state: query + query: lldp_cdp + delegate_to: localhost + register: query_serial_lldp_cdp + + - name: Debug query_serial_lldp_cdp + ansible.builtin.debug: + msg: '{{ query_serial_lldp_cdp }}' + + - name: Query a device by hostname + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + hostname: test-hostname + state: query + delegate_to: localhost + register: query_hostname + + - name: Debug query_hostname + ansible.builtin.debug: + msg: '{{ query_hostname }}' + + - name: Query a device by model + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + model: MR26 + state: query + delegate_to: localhost + register: query_model + + - name: Debug query_model + ansible.builtin.debug: + msg: '{{ query_model }}' + + - name: Change device name for future test + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + hostname: mx60-temporary + address: 1060 W. Addison St., Chicago, IL + lat: 41.948038 + lng: -87.65568 + tags: recently-added + state: present + move_map_marker: true + note: Test device notes + delegate_to: localhost + register: update_device + + - name: Update a device + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + hostname: mx60 + address: 1060 W. Addison St., Chicago, IL + lat: 41.948038 + lng: -87.65568 + tags: recently-added + state: present + move_map_marker: true + note: Test device notes + delegate_to: localhost + register: update_device + + - name: Assert update_device + ansible.builtin.assert: + that: + - update_device.changed == true + - update_device.data.0.notes == "Test device notes" + - '"1060 W. Addison St., Chicago, IL" in update_device.data.0.address' + + - name: Update a device with idempotency + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + name: mx60 + address: 1060 W. Addison St., Chicago, IL + lat: 41.948038 + lng: -87.65568 + tags: recently-added + state: present + move_map_marker: true + note: Test device notes + delegate_to: localhost + register: update_device_idempotent + + - name: Debug update_device_idempotent + ansible.builtin.debug: + msg: '{{ update_device_idempotent }}' + + - name: Assert update_device_idempotent + ansible.builtin.assert: + that: + - update_device_idempotent.changed == False + - update_device_idempotent.data is defined + + always: + - name: Remove a device from a network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + serial: '{{ serial }}' + state: absent + delegate_to: localhost + register: delete_device + + - name: Debug delete_device + ansible.builtin.debug: + msg: '{{ delete_device }}' + + - name: Assert if delete_device has been changed + ansible.builtin.assert: + that: + - delete_device.changed == true diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/main.yml new file mode 100644 index 000000000..60aa04a96 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Firewalled Services module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/tests.yml new file mode 100644 index 000000000..bcb329e3a --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_firewalled_services/tasks/tests.yml @@ -0,0 +1,234 @@ +# Test code for the Meraki modules +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + type: appliance + register: create + + - name: Set fact net_id + ansible.builtin.set_fact: + net_id: '{{ create.data.id }}' + + - name: Set icmp service to blocked with check mode + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: ICMP + access: blocked + register: icmp_blocked_check + check_mode: true + + - name: Debug icmp_blocked_check + ansible.builtin.debug: + var: icmp_blocked_check + + - name: Assert if icmp_blocked_check has been changed + ansible.builtin.assert: + that: + - icmp_blocked_check.data is defined + - icmp_blocked_check is changed + + - name: Set icmp service to blocked + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: ICMP + access: blocked + register: icmp_blocked + + - name: Debug icmp_blocked + ansible.builtin.debug: + var: icmp_blocked + + - name: Assert ig icmp_blocked has been changed + ansible.builtin.assert: + that: + - icmp_blocked.data is defined + - icmp_blocked is changed + + - name: Set icmp service to blocked with idempotency + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: ICMP + access: blocked + register: icmp_blocked_idempotent + + - name: Debug icmp_blocked_idempotent + ansible.builtin.debug: + var: icmp_blocked_idempotent + + - name: Assert icmp_blocked_idempotent + ansible.builtin.assert: + that: + - icmp_blocked_idempotent.data is defined + - icmp_blocked_idempotent is not changed + + - name: Set icmp service to restricted with check mode + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: web + access: restricted + allowed_ips: + - 192.0.1.1 + - 192.0.1.2 + check_mode: true + register: web_restricted_check + + - name: Debug web_restricted_check + ansible.builtin.debug: + var: web_restricted_check + + - name: Assert web_restricted_check + ansible.builtin.assert: + that: + - web_restricted_check.data is defined + - web_restricted_check is changed + + - name: Set icmp service to restricted + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: web + access: restricted + allowed_ips: + - 192.0.1.1 + - 192.0.1.2 + register: web_restricted + + - name: Debug web_restricted + ansible.builtin.debug: + var: web_restricted + + - name: Assert web_restricted + ansible.builtin.assert: + that: + - web_restricted.data is defined + - web_restricted is changed + + - name: Set icmp service to restricted with idempotency + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: web + access: restricted + allowed_ips: + - 192.0.1.1 + - 192.0.1.2 + register: web_restricted_idempotent + + - name: Debug web_restricted_idempotent + ansible.builtin.debug: + var: web_restricted_idempotent + + - name: Assert web_restricted_idempotent + ansible.builtin.assert: + that: + - web_restricted_idempotent.data is defined + - web_restricted_idempotent is not changed + + - name: Test error for access restricted and allowed_ips + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: web + access: unrestricted + allowed_ips: + - 192.0.1.1 + - 192.0.1.2 + register: access_error + failed_when: false + changed_when: false + + - name: Assert access_error + ansible.builtin.assert: + that: + - 'access_error.msg == "allowed_ips is only allowed when access is restricted."' + + - name: Query appliance services with net_id + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + register: query_appliance_id + + - name: Debug query_appliance_id + ansible.builtin.debug: + var: query_appliance_id + + - name: Assert query_appliance_id + ansible.builtin.assert: + that: + - query_appliance_id.data is defined + + + - name: Query appliance services + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + register: query_appliance + + - name: Debug query_appliance + ansible.builtin.debug: + var: query_appliance + + - name: Assert query_appliance + ansible.builtin.assert: + that: + - query_appliance.data is defined + + - name: Query services + cisco.meraki.meraki_firewalled_services: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + service: ICMP + register: query_service + + - name: Debug query_service + ansible.builtin.debug: + var: query_service + + - name: Assert query_service + ansible.builtin.assert: + that: + - query_service.data is defined + +############################################################################# +# Tear down starts here +############################################################################# + always: + - name: Delete all networks + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/tasks/main.yml new file mode 100644 index 000000000..56c98e50f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_management_interface/tasks/main.yml @@ -0,0 +1,298 @@ +# Test code for the Meraki Management Interface module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Set fact net_name + ansible.builtin.set_fact: + net_name: TestNet - Appliance + + - name: 'Create test network {{ net_name }}' + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_name: '{{ net_name }}' + type: appliance + delegate_to: localhost + register: net + + - name: Set fact net_id + ansible.builtin.set_fact: + net_id: '{{ net.data.id }}' + + - name: Test providing wan_enabled to an MS network + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ test_switch_net_name }}' + serial: '{{ serial_switch }}' + wan1: + wan_enabled: enabled + using_static_ip: false + delegate_to: localhost + register: ms_not_configured + + - name: Debug ms_not_configured + ansible.builtin.debug: + var: ms_not_configured + + - name: Assert ms_not_configured + ansible.builtin.assert: + that: + - ms_not_configured.data is defined + + - name: Set management interface on switch + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ test_switch_net_name }}' + serial: '{{ serial_switch }}' + wan1: + using_static_ip: false + vlan: 3 + delegate_to: localhost + register: set_switch_mgmt + + - name: Debug set_switch_mgmt + ansible.builtin.debug: + var: set_switch_mgmt + + - name: Assert set_switch_mgmt has been defined + ansible.builtin.assert: + that: + - set_switch_mgmt.data is defined + + - name: Query non-MX network + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: query + org_id: '{{ test_org_id }}' + net_id: '{{ test_switch_net_name }}' + serial: '{{ serial_switch }}' + delegate_to: localhost + register: non_mx_network + + - name: Debug non_mx_network + ansible.builtin.debug: + var: non_mx_network + + - name: Assert non_mx_network + ansible.builtin.assert: + that: + - non_mx_network.data is defined + + - name: Reset management interface on switch + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ test_switch_net_name }}' + serial: '{{ serial_switch }}' + wan1: + using_static_ip: false + vlan: 1 + delegate_to: localhost + register: reset_switch_mgmt + + - name: Debug reset_switch_mgmt + ansible.builtin.debug: + var: reset_switch_mgmt + + - name: Assert reset_switch_mgmt + ansible.builtin.assert: + that: + - reset_switch_mgmt.data is defined + + - name: Set WAN1 as DHCP in check mode + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan1: + wan_enabled: enabled + using_static_ip: false + vlan: 1 + delegate_to: localhost + register: set_wan1_check + check_mode: true + + - name: Debug set_wan1_check + ansible.builtin.debug: + var: set_wan1_check + + - name: Assert set_wan1_check + ansible.builtin.assert: + that: + - set_wan1_check is changed + - set_wan1_check.data is defined + + - name: Set WAN1 as DHCP + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan1: + wan_enabled: enabled + using_static_ip: false + vlan: 1 + delegate_to: localhost + register: set_wan1 + + - name: Debug set_wan1 + ansible.builtin.debug: + var: set_wan1 + + - name: Assert set_wan1 + ansible.builtin.assert: + that: + - set_wan1 is changed + - set_wan1.data is defined + + - name: Set WAN1 as DHCP with idempotency + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan1: + wan_enabled: enabled + using_static_ip: false + vlan: 1 + delegate_to: localhost + register: set_wan1_idempotent + + - name: Debug set_wan1_idempotent + ansible.builtin.debug: + var: set_wan1_idempotent + + - name: Assert set_wan1_idempotent + ansible.builtin.assert: + that: + - set_wan1_idempotent is not changed + - set_wan1_idempotent.data is defined + + - name: Set WAN2 as static IP + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan2: + wan_enabled: enabled + using_static_ip: true + static_ip: 192.168.16.195 + static_gateway_ip: 192.168.16.1 + static_subnet_mask: 255.255.255.0 + static_dns: + - 1.1.1.1 + vlan: 1 + delegate_to: localhost + register: set_wan2 + + - name: Debug set_wan2 + ansible.builtin.debug: + var: set_wan2 + + - name: Assert set_wan2 + ansible.builtin.assert: + that: + - set_wan2 is changed + - set_wan2.data is defined + + - name: Test too many DNS servers + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan1: + wan_enabled: enabled + using_static_ip: true + static_ip: 192.0.1.2 + static_gateway_ip: 192.0.1.1 + static_subnet_mask: 255.255.255.0 + static_dns: + - 1.1.1.1 + - 8.8.8.8 + - 4.4.4.4 + vlan: 1 + delegate_to: localhost + register: too_many_dns + failed_when: false + changed_when: false + + - name: Debug too_many_dns + ansible.builtin.debug: + var: too_many_dns + + - name: Assert too_many_dns + ansible.builtin.assert: + that: + - 'too_many_dns.msg == "Maximum number of static DNS addresses is 2."' + + - name: Query management information + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + delegate_to: localhost + register: query_mx + + - name: Debug query_mx + ansible.builtin.debug: + var: query_mx + + - name: Assert query_mx + ansible.builtin.assert: + that: + - query_mx.data is defined + + always: + ############################################################################ + # Tear down starts here + ############################################################################ + - name: Reset settings for all interfaces + cisco.meraki.meraki_management_interface: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{ test_org_id }}' + net_id: '{{ net_id }}' + serial: '{{ serial }}' + wan1: + wan_enabled: disabled + using_static_ip: false + wan2: + wan_enabled: enabled + using_static_ip: false + delegate_to: localhost + failed_when: false + changed_when: false + + # Network deletion is commented out since this requires a device in a network + # - name: Delete network + # cisco.meraki.meraki_network: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{ test_org_name }}' + # net_name: '{{ net_name }}' + # delegate_to: localhost + # register: delete_network diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/tasks/main.yml new file mode 100644 index 000000000..1390c2ecc --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l3_firewall/tasks/main.yml @@ -0,0 +1,212 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create wireless network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetWireless + type: wireless + delegate_to: localhost + register: new_net + + - name: Set fact new_net + ansible.builtin.set_fact: + net: '{{ new_net.data.id }}' + + - name: Check rule values are lowercase + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: TestNetWireless + state: query + number: 0 + delegate_to: localhost + register: query + + - name: Debug query + ansible.builtin.debug: + var: query + + - name: Assert query + ansible.builtin.assert: + that: + - query.data.rules.0.policy == 'deny' + - query.data.rules.0.protocol == 'any' + - query.data.rules.0.dest_port == 'any' + - query.data.rules.0.dest_cidr == 'local lan' + - query.data.rules.0.comment == 'Wireless clients accessing LAN' + - query.data.rules.1.policy == 'allow' + - query.data.rules.1.protocol == 'any' + - query.data.rules.1.dest_port == 'any' + - query.data.rules.1.dest_cidr == 'any' + - query.data.rules.1.comment == 'Default rule' + + - name: Create single firewall rule with check mode + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + rules: + - comment: Integration test rule + policy: allow + protocol: tcp + dest_port: 80 + dest_cidr: 192.0.2.0/24 + allow_lan_access: false + delegate_to: localhost + check_mode: true + register: create_one_check + + - name: Debug create_one_check + ansible.builtin.debug: + msg: '{{ create_one_check }}' + + - name: Assert create_one_check + ansible.builtin.assert: + that: + - create_one_check.data.0.comment == 'Integration test rule' + - create_one_check.data.1.policy == 'deny' + - create_one_check.data is defined + - create_one_check is changed + + - name: Create single firewall rule + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + rules: + - comment: Integration test rule + policy: allow + protocol: tcp + dest_port: 80 + dest_cidr: 192.0.2.0/24 + allow_lan_access: false + delegate_to: localhost + register: create_one + + - name: Debug create_one + ansible.builtin.debug: + msg: '{{ create_one }}' + + - name: Assert create_one + ansible.builtin.assert: + that: + - create_one.data.rules.0.comment == 'Integration test rule' + - create_one.data.rules.1.policy == 'deny' + - create_one.data is defined + + - name: Enable local LAN access with check mode + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + allow_lan_access: true + delegate_to: localhost + check_mode: true + register: enable_lan_check + + - name: Debug enable_lan_check + ansible.builtin.debug: + var: enable_lan_check + + - name: Assert enable_lan_check + ansible.builtin.assert: + that: + - enable_lan_check.data.rules.1.policy == 'allow' + - enable_lan_check is changed + + - name: Enable local LAN access + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + allow_lan_access: true + delegate_to: localhost + register: enable_lan + + - name: Assert enable_lan + ansible.builtin.assert: + that: + - enable_lan.data.rules.1.policy == 'allow' + + - name: Update rules without specifying LAN access with check mode + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + rules: + - comment: Integration test rule + policy: allow + protocol: tcp + dest_port: 8080 + dest_cidr: 192.0.2.0/24 + delegate_to: localhost + register: update_one_check + + - name: Debug update_one_check + ansible.builtin.debug: + msg: '{{ update_one_check }}' + + - name: Assert update_one_check + ansible.builtin.assert: + that: + - update_one_check.data.rules.0.comment == 'Integration test rule' + - update_one_check.data is defined + + - name: Query firewall rules + cisco.meraki.meraki_mr_l3_firewall: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + delegate_to: localhost + register: query + + - name: Debug query + ansible.builtin.debug: + msg: '{{ query }}' + + - name: Assert query + ansible.builtin.assert: + that: + - query.data.rules.1.comment == 'Wireless clients accessing LAN' + - query.data.rules.2.comment == 'Default rule' + - query.changed == False + +############################################################################ +# Tear down starts here +############################################################################ + always: + - name: Delete wireless SSID + cisco.meraki.meraki_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + number: 1 + delegate_to: localhost + + - name: Delete wireless network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/main.yml new file mode 100644 index 000000000..878b2a45b --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki modules + +# Copyright: (c) 2022, Joshua Coronado (@joshuajcoronado) <joshua@coronado.io> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/tests.yml new file mode 100644 index 000000000..3cb74be6f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_l7_firewall/tasks/tests.yml @@ -0,0 +1,520 @@ +# Test code for the Meraki modules + +# Copyright: (c) 2022, Joshua Coronado (@joshuajcoronado) <joshua@coronado.io> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: TestNet + state: present + type: wireless + register: new_net + + - name: Query existing network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: TestNet + state: present + type: wireless + register: new_net + + - name: Set fact new_net + ansible.builtin.set_fact: + net: '{{ new_net.data.id }}' + + - name: Create wireless SSID + cisco.meraki.meraki_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + name: TestSSID + + - name: Query firewall rules + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: query + ssid: TestSSID + register: query + + - name: Assert query.data is defined + ansible.builtin.assert: + that: + - query.data is defined + + - name: Query firewall application categories + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: query + categories: true + register: query_categories + + - name: Assert query_categories.data is defined + ansible.builtin.assert: + that: + - query_categories.data is defined + + - name: Set firewall rules to empty array + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + rules: [] + ssid: TestSSID + register: empty_list + + - name: Debug query + ansible.builtin.debug: + var: query + + - name: Assert the rules are empty + ansible.builtin.assert: + that: + - empty_list.data.rules | length == 0 + + - name: Set firewall rules to empty array with idempotency + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + rules: [] + ssid: TestSSID + register: empty_list_idempotent + + - name: Debug empty_list_idempotent + ansible.builtin.debug: + var: empty_list_idempotent + + - name: Assert rules list is still empty + ansible.builtin.assert: + that: + - empty_list_idempotent.data.rules | length == 0 + - empty_list_idempotent is not changed + + - name: Create firewall rule for IP range in check mode + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_check + check_mode: true + + - name: Debug create_ip_range_check + ansible.builtin.debug: + var: create_ip_range_check + + - name: Assert create_ip_range_check is changed + ansible.builtin.assert: + that: + - create_ip_range_check is changed + + - name: Create firewall rule for IP range + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range + + - name: Debug create_ip_range + ansible.builtin.debug: + var: create_ip_range + + - name: Assert firewalls rules have a single rule + ansible.builtin.assert: + that: + - create_ip_range is changed + - create_ip_range.data.rules | length == 1 + + - name: Create firewall rule for IP range with idempotency with check mode + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent_check + check_mode: true + + - name: Assert create_ip_range_idempotent_check is not changed + ansible.builtin.assert: + that: + - create_ip_range_idempotent_check is not changed + + - name: Create firewall rule for IP range with idempotency + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent + + - name: Assert create_ip_range_idempotent is not changed + ansible.builtin.assert: + that: + - create_ip_range_idempotent is not changed + + - name: Create firewall rule for IP and port + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.1:23 + register: create_ip_range_port + + - name: Debug create_ip_range_port + ansible.builtin.debug: + var: create_ip_range_port + + - name: Assert create_ip_range_port is changed + ansible.builtin.assert: + that: + - create_ip_range_port is changed + + - name: Create firewall rule for IP range + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range + + - name: Debug create_ip_range + ansible.builtin.debug: + var: create_ip_range + + - name: Assert create_ip_range has changed and has a rule + ansible.builtin.assert: + that: + - create_ip_range is changed + - create_ip_range.data.rules | length == 1 + + - name: Create firewall rule for IP range with idempotency with check mode + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent_check + check_mode: true + + - name: Assert create_ip_range_idempotent_check is not changed + ansible.builtin.assert: + that: + - create_ip_range_idempotent_check is not changed + + - name: Create firewall rule for IP range with idempotency + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent + + - name: Assert create_ip_range_idempotent is not changed + ansible.builtin.assert: + that: + - create_ip_range_idempotent is not changed + + - name: Create firewall rule for application + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: application + application: + name: facebook + register: application_rule + + - name: Assert application_rule is changed + ansible.builtin.assert: + that: + - application_rule is changed + - application_rule.data.rules is defined + + - name: Create firewall rule for application via ID + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: application + application: + id: meraki:layer7/application/205 + register: application_rule_id + + - name: Assert application_rule_id is changed + ansible.builtin.assert: + that: + - application_rule_id is changed + + - name: Create firewall rule for invalid application + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: application + application: + name: ansible + register: application_rule_invalid + ignore_errors: true + + - name: Create firewall rule for application category + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: application_category + application: + name: Advertising + register: application_category_rule + + - name: Debug application_category_rule + ansible.builtin.debug: + var: application_category_rule + + - name: Assert application_category_rule is changed + ansible.builtin.assert: + that: + - application_category_rule is changed + + - name: Create firewall rule for application category with ID and conflict + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: application_category + application: + id: meraki:layer7/category/27 + register: application_category_rule_id_conflict + + - name: Assert application_category_rule_id_conflict is not changed + ansible.builtin.assert: + that: + - application_category_rule_id_conflict is not changed + + - name: Create firewall rule for application category with ID + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: application_category + application: + id: meraki:layer7/category/24 + register: application_category_rule_id + + - name: Assert application_category_rule_id is changed + ansible.builtin.assert: + that: + - application_category_rule_id is changed + + - name: Create firewall rule for host + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: host + host: asdf.com + register: host_rule + + - name: Assert host_rule is changed + ansible.builtin.assert: + that: + - host_rule is changed + + - name: Create firewall rule for port + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + ssid: TestSSID + rules: + - type: port + port: 1234 + register: port_rule + + - name: Assert port_rule is changed + ansible.builtin.assert: + that: + - port_rule is changed + + - name: Create multiple firewall rules + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: application_category + application: + id: meraki:layer7/category/27 + - policy: deny + type: port + port: 8080 + register: multiple_rules + + - name: Debug multiple_rules + ansible.builtin.debug: + var: multiple_rules + + - name: Assert multiple_rules.data.rules | length == 2 + ansible.builtin.assert: + that: + - multiple_rules.data.rules | length == 2 + - multiple_rules is changed + + ######################################### + ## Tests for argument completeness ## + ######################################### + + - name: Test application_category incomplete arguments + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: application_category + register: error_app_cat + ignore_errors: true + + - name: Assert application argument is required when type is application_category + ansible.builtin.assert: + that: + - 'error_app_cat.msg == "application argument is required when type is application_category."' + + - name: Test application incomplete arguments + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: application + register: error_app_cat + ignore_errors: true + + - name: Assert application argument is required when type is application + ansible.builtin.assert: + that: + - 'error_app_cat.msg == "application argument is required when type is application."' + + - name: Test host incomplete arguments + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: host + register: error_app_cat + ignore_errors: true + + - name: Assert host argument is required when type is host + ansible.builtin.assert: + that: + - 'error_app_cat.msg == "host argument is required when type is host."' + + - name: Test port incomplete arguments + cisco.meraki.meraki_mr_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + ssid: TestSSID + state: present + rules: + - type: port + register: error_app_cat + ignore_errors: true + + - name: Assert port argument is required when type is port + ansible.builtin.assert: + that: + - 'error_app_cat.msg == "port argument is required when type is port."' + +############################################################################ +# Tear down starts here +############################################################################ + always: + - name: Delete wireless SSID + cisco.meraki.meraki_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + name: TestSSID + + - name: Delete wireless network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/aliases diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/tasks/main.yml new file mode 100644 index 000000000..987d099c4 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_radio/tasks/main.yml @@ -0,0 +1,166 @@ +# Test code for the Meraki modules +# Copyright: (c) 2021, Tyler Christiansen (@supertylerc) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create network with type wireless + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + register: created_network + + - name: Setting the net_id + ansible.builtin.set_fact: + created_net_id: '{{ created_network.data.id }}' + + - name: Add access points to network + cisco.meraki.meraki_device: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_id: '{{ created_net_id }}' + serial: "{{ serial_wireless }}" + delegate_to: localhost + + - name: Create RF profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_id: '{{ created_net_id }}' + state: present + name: Test Profile + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 40 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: create + + - name: Set fact create + ansible.builtin.set_fact: + profile_id: "{{ create.data.id }}" + + - name: Configure AP radios in check mode + cisco.meraki.meraki_mr_radio: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_id: '{{ created_net_id }}' + state: present + serial: "{{ serial_wireless }}" + five_ghz_settings: + channel: 40 + channel_width: 20 + target_power: 10 + two_four_ghz_settings: + channel: 1 + target_power: 10 + rf_profile_name: Test Profile + delegate_to: localhost + register: create_check + check_mode: true + + - name: Assert create_check + ansible.builtin.assert: + that: + - create_check.data is defined + - create_check is changed + + - name: Query a device radio + cisco.meraki.meraki_mr_radio: + auth_key: '{{ auth_key }}' + serial: "{{ serial_wireless }}" + state: query + delegate_to: localhost + register: query_one + + - name: Assert query_one + ansible.builtin.assert: + that: + - query_one.data is defined + + - name: Configure AP radios + cisco.meraki.meraki_mr_radio: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_id: '{{ created_net_id }}' + state: present + serial: "{{ serial_wireless }}" + five_ghz_settings: + channel: 100 + channel_width: 20 + target_power: 10 + two_four_ghz_settings: + channel: 1 + target_power: 10 + rf_profile_name: Test Profile + delegate_to: localhost + register: update + + - name: Assert update + ansible.builtin.assert: + that: + - update.data is defined + - update is changed + + - name: Configure AP radios + cisco.meraki.meraki_mr_radio: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_id: '{{ created_net_id }}' + state: present + serial: "{{ serial_wireless }}" + five_ghz_settings: + channel: 100 + channel_width: 20 + target_power: 10 + two_four_ghz_settings: + channel: 1 + target_power: 10 + rf_profile_name: Test Profile + delegate_to: localhost + register: update_idempotent + + - name: Assert update_idempotent + ansible.builtin.assert: + that: + - update_idempotent.data is defined + - update_idempotent is not changed + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ created_net_id }}' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/aliases diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/tasks/main.yml new file mode 100644 index 000000000..ad5f9b6e2 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_rf_profile/tasks/main.yml @@ -0,0 +1,342 @@ +# Test code for the Meraki modules +# Copyright: (c) 2020, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create network with type wireless + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + + - name: Create RF profile in check mode + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + name: Test Profile + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 40 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: create_check + check_mode: true + + - name: Assert create_check + ansible.builtin.assert: + that: + - create_check.data is defined + - create_check is changed + + - name: Create RF profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + name: Test Profile + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 40 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: create + + - name: Set fact profile_id + ansible.builtin.set_fact: + profile_id: '{{ create.data.id }}' + + - name: Query all RF profiles + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + delegate_to: localhost + register: query_one + + - name: Assert query_one + ansible.builtin.assert: + that: + - query_one.data is defined + + - name: Update profile with check mode + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + profile_id: '{{ profile_id }}' + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -75 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: update_check + check_mode: true + + - name: Assert update_check + ansible.builtin.assert: + that: + - update_check.data is defined + - update_check is changed + + - name: Update profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + profile_id: '{{ profile_id }}' + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -75 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: update + + - name: Assert update + ansible.builtin.assert: + that: + - update.data is defined + - update is changed + + - name: Update profile with idempotency + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + profile_id: '{{ profile_id }}' + band_selection_type: ap + client_balancing_enabled: true + ap_band_settings: + mode: dual + band_steering_enabled: true + five_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -65 + channel_width: 20 + valid_auto_channels: + - 36 + - 44 + two_four_ghz_settings: + max_power: 10 + min_bitrate: 12 + min_power: 8 + rxsop: -75 + ax_enabled: false + valid_auto_channels: + - 1 + delegate_to: localhost + register: update_idempotent + + - name: Assert update_idempotent + ansible.builtin.assert: + that: + - update_idempotent.data is defined + - update_idempotent is not changed + + - name: Query one RF profile by ID + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + profile_id: '{{ profile_id }}' + delegate_to: localhost + register: query_one_id + + - name: Assert query_one_id + ansible.builtin.assert: + that: + - query_one_id.data is defined + + - name: Query one RF profile by name + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + name: Test Profile + delegate_to: localhost + register: query_one_name + + - name: Assert query_one_name + ansible.builtin.assert: + that: + - query_one_name.data is defined + + - name: Delete RF profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: absent + profile_id: '{{ profile_id }}' + delegate_to: localhost + register: delete + + - name: Assert delete + ansible.builtin.assert: + that: + - delete.data is defined + - delete is changed + +- name: "Test RFProfile Bugfix from !281" + block: + - name: Create RF Profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + name: "RF Profile - !281" + band_selection_type: ap + ap_band_settings: + mode: 'dual' + five_ghz_settings: + channel_width: 40 + two_four_ghz_settings: + ax_enabled: 'no' + state: present + register: create_281 + + - name: Assert create_281 + ansible.builtin.assert: + that: + - create_281.data is defined + - create_281 is changed + + - name: Create RF Profile - Idempotent + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + name: "RF Profile - !281" + band_selection_type: ap + ap_band_settings: + mode: 'dual' + five_ghz_settings: + channel_width: 40 + two_four_ghz_settings: + ax_enabled: 'no' + state: present + register: idempotent_281 + + - name: Assert idempotent_281 + ansible.builtin.assert: + that: + - idempotent_281.data is defined + - idempotent_281 is not changed + + - name: Clean Up RF Profile + cisco.meraki.meraki_mr_rf_profile: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + name: "RF Profile - !281" + state: absent + register: delete_281 + + - name: Assert delete_281 + ansible.builtin.assert: + that: + - delete_281.data is defined + - delete_281 is changed + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/aliases diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/tasks/main.yml new file mode 100644 index 000000000..3010d421f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mr_settings/tasks/main.yml @@ -0,0 +1,108 @@ +# Test code for the Meraki modules +# Copyright: (c) 2020, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create network with type wireless + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + + - name: Query all settings + cisco.meraki.meraki_mr_settings: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: query + delegate_to: localhost + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + - name: Assert query_all.data + ansible.builtin.assert: + that: + - query_all.data is defined + + - name: Configure settings with check mode + cisco.meraki.meraki_mr_settings: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + upgrade_strategy: minimize_upgrade_time + ipv6_bridge_enabled: false + led_lights_on: true + location_analytics_enabled: true + meshing_enabled: true + delegate_to: localhost + register: settings_check + check_mode: true + + - name: Assert settings_check + ansible.builtin.assert: + that: + - settings_check.data is defined + - settings_check is changed + + - name: Configure settings + cisco.meraki.meraki_mr_settings: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + upgrade_strategy: minimize_upgrade_time + ipv6_bridge_enabled: false + led_lights_on: true + location_analytics_enabled: true + meshing_enabled: true + delegate_to: localhost + register: settings + + - name: Assert settings.data + ansible.builtin.assert: + that: + - settings.data is defined + - settings is changed + + - name: Configure settings with idempotency + cisco.meraki.meraki_mr_settings: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + state: present + upgrade_strategy: minimize_upgrade_time + ipv6_bridge_enabled: false + led_lights_on: true + location_analytics_enabled: true + meshing_enabled: true + delegate_to: localhost + register: settings_idempotent + + - name: Assert settings_idempotent + ansible.builtin.assert: + that: + - settings_idempotent.data is defined + - settings_idempotent is not changed + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkWireless + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/main.yml new file mode 100644 index 000000000..f671fc928 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Webhooks module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/tests.yml new file mode 100644 index 000000000..8c92d9c11 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_list/tasks/tests.yml @@ -0,0 +1,132 @@ +# Test code for the Meraki Webhook module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + type: switch + + - name: Set access list in check mode + meraki_switch_access_list: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + rules: + - comment: Fake rule + policy: allow + ip_version: ipv4 + protocol: udp + src_cidr: 192.0.1.0/24 + src_port: "4242" + dst_cidr: 1.2.3.4/32 + dst_port: "80" + vlan: "100" + register: create_check + check_mode: true + + - name: Assert create_check + ansible.builtin.assert: + that: + - create_check is changed + - create_check.data is defined + + - name: Debug create_check + ansible.builtin.debug: + var: create_check + + - name: Set access list + meraki_switch_access_list: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + rules: + - comment: Fake rule + policy: allow + ip_version: ipv4 + protocol: udp + src_cidr: 192.0.1.0/24 + src_port: "4242" + dst_cidr: 1.2.3.4/32 + dst_port: "80" + vlan: "100" + register: create + + - name: Assert create + ansible.builtin.assert: + that: + - create is changed + - create.data is defined + + - name: Debug create + ansible.builtin.debug: + var: create + + - name: Set access list with idempotency + meraki_switch_access_list: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + rules: + - comment: Fake rule + policy: allow + ip_version: ipv4 + protocol: udp + src_cidr: 192.0.1.0/24 + src_port: 4242 + dst_cidr: 1.2.3.4/32 + dst_port: 80 + vlan: 100 + register: create_idempotent + + - name: Debug create_idempotent + ansible.builtin.debug: + var: create_idempotent + + - name: Assert create_idempotent + ansible.builtin.assert: + that: + - create_idempotent is not changed + - create_idempotent.data is defined + + - name: Query access lists + meraki_switch_access_list: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + register: query + + - name: Debug query + ansible.builtin.debug: + var: query + + - name: Assert query + ansible.builtin.assert: + that: + - query.data is defined + + ############################################################################# + # Tear down starts here + ############################################################################# + always: + - name: Delete test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_policies/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_policies/tasks/main.yml new file mode 100644 index 000000000..9ba1d64dc --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_access_policies/tasks/main.yml @@ -0,0 +1,561 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2022, Marcin Woźniak (@y0rune) <y0rune@aol.com> + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + +- name: Testing - created "Meraki authentication" + block: + - name: Query all access polices + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: query_all + + - name: Create access policy with auth_method is "Meraki authentication" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + auth_method: "Meraki authentication" + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: create_access_policy + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right name of policy + ansible.builtin.assert: + that: + - create_access_policy is changed + - query_one.data.name == "Meraki authentication policy" + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "Meraki authentication" with guest_vlan + block: + - name: Create access policy with auth_method is "Meraki authentication" with guest_vlan + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + auth_method: "Meraki authentication" + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + guest_vlan: 10 + delegate_to: localhost + register: create_access_policy_guest_vlan + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right guest_vlan + ansible.builtin.assert: + that: + - query_one.data.guest_vlan_id == 10 + - create_access_policy_guest_vlan is changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "my RADIUS Server" and updated the same policy + block: + - name: Create access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Meraki authentication policy" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + delegate_to: localhost + register: create_access_policy_my_radius_server + + - name: Update the same access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Meraki authentication policy" + number: 1 + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + delegate_to: localhost + register: update_access_policy_my_radius_server + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right host in radius_server + ansible.builtin.assert: + that: + - query_one.data.radius_servers.0.host == '192.0.1.18' + - query_one.data.guest_vlan_id == 10 + - create_access_policy_my_radius_server is changed + - update_access_policy_my_radius_server is not changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "my RADIUS Server" with accounting + block: + - name: Create access policy with auth_method is "my RADIUS Server" with accounting + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + host_mode: "Single-Host" + access_policy_type: "802.1x" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: true + radius_accounting_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + voice_vlan_clients: false + delegate_to: localhost + register: create_access_policy_my_radius_server_accounting + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right host in accounting servers + ansible.builtin.assert: + that: + - query_one.data.radius_accounting_servers.0.host == '192.0.1.18' + - create_access_policy_my_radius_server_accounting is changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "my RADIUS Server" with accounting and removed accounting + block: + - name: Create access policy with auth_method is "my RADIUS Server" with accounting + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + host_mode: "Single-Host" + access_policy_type: "802.1x" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: true + radius_accounting_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + voice_vlan_clients: false + delegate_to: localhost + register: create_access_policy_my_radius_server_accounting + + - name: Update access policy with auth_method is "my RADIUS Server" with accounting + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + number: 1 + name: "Updated Meraki authentication policy" + host_mode: "Single-Host" + access_policy_type: "802.1x" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.20 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + voice_vlan_clients: false + delegate_to: localhost + register: update_access_policy_my_radius_server_accounting + + - name: Query one access policy when was updated + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right host in accounting servers + ansible.builtin.assert: + that: + - query_one.data.radius_servers.0.host == '192.0.1.20' + - update_access_policy_my_radius_server_accounting is changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "my RADIUS Server" and added accounting + block: + - name: Create access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Meraki authentication policy" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + delegate_to: localhost + register: create_access_policy_my_radius_server + + - name: Update access policy with auth_method is "my RADIUS Server" with accounting + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + host_mode: "Single-Host" + access_policy_type: "802.1x" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: true + radius_accounting_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + voice_vlan_clients: false + delegate_to: localhost + register: update_access_policy_my_radius_server_accounting + + - name: Query one access policy when was updated + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right host in accounting servers + ansible.builtin.assert: + that: + - query_one.data.radius_servers.0.host == '192.0.1.18' + - query_one.data.radius_accounting_servers.0.host == '192.0.1.18' + - update_access_policy_my_radius_server_accounting is changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "my RADIUS Server" with accounting and removed accounting + block: + - name: Create access policy with auth_method is "my RADIUS Server" with accounting + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Meraki authentication policy" + host_mode: "Single-Host" + access_policy_type: "802.1x" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: true + radius_accounting_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + voice_vlan_clients: false + delegate_to: localhost + register: create_access_policy_my_radius_server_accounting + + - name: Update access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Meraki authentication policy" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + delegate_to: localhost + register: update_access_policy_my_radius_server + + - name: Query one access policy when was updated + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right host in accounting servers + ansible.builtin.assert: + that: + - query_one.data.radius_servers.0.host == '192.0.1.18' + - update_access_policy_my_radius_server is changed + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "Meraki authentication" and changed it into "my RADIUS Server" + block: + - name: Create access policy with auth_method is "Meraki authentication" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: present + name: "Authentication policy" + auth_method: "Meraki authentication" + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: create_access_policy + + - name: Update access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Authentication policy" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + delegate_to: localhost + register: update_access_policy_my_radius_server + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right name of policy + ansible.builtin.assert: + that: + - update_access_policy_my_radius_server is changed + - query_one.data.radius_servers.0.host == '192.0.1.18' + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy + +- name: Testing - created "Meraki authentication" with RADIUS attribute specyfing group policy + block: + - name: Create access policy with auth_method is "my RADIUS Server" + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + access_policy_type: "802.1x" + host_mode: "Single-Host" + state: present + name: "Authentication policy" + auth_method: "my RADIUS server" + radius_servers: + - host: 192.0.1.18 + port: 7890 + secret: secret123 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + radius_coa_enabled: false + radius_accounting_enabled: false + guest_vlan: 10 + voice_vlan_clients: false + radius_attribute_group_policy_name: "Filter-Id" + delegate_to: localhost + register: create_access_policy_my_radius_server + + - name: Query one access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + number: 1 + delegate_to: localhost + register: query_one + + - name: Checking if the query one access policy returns right name of policy + ansible.builtin.assert: + that: + - create_access_policy_my_radius_server is changed + - query_one.data.radius_group_attribute == '11' + + always: + - name: Delete access policy + cisco.meraki.meraki_ms_access_policies: + auth_key: "{{ auth_key }}" + state: absent + number: 1 + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + delegate_to: localhost + register: delete_access_policy diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_l3_interface/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_l3_interface/tasks/main.yml new file mode 100644 index 000000000..b32135cd1 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_l3_interface/tasks/main.yml @@ -0,0 +1,236 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create network with type switch + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - name: Claim a device into a network + meraki_device: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + serial: '{{ serial_switch_l3 }}' + state: present + delegate_to: localhost + + - name: Query all l3 interfaces + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: query + serial: '{{ serial_switch_l3 }}' + delegate_to: localhost + register: query_all + + - set_fact: + interface_id_1: '{{query_all.data.1.interface_id}}' + ignore_errors: true + + - assert: + that: + - query_all.data is defined + - query_all.data | length > 0 + + - name: Query one l3 interface + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: query + serial: '{{ serial_switch_l3 }}' + name: Test L3 interface + delegate_to: localhost + register: query_one + + - assert: + that: + - query_one.data is defined + + - name: Create l3 interface in check mode + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + # default_gateway: "192.168.2.1" + ospf_settings: + area: 0 + cost: 1 + is_passive_enabled: true + delegate_to: localhost + check_mode: true + register: create_check + + - assert: + that: + - create_check.data is defined + - create_check is changed + + - name: Create l3 interface + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + # default_gateway: "192.168.2.1" + ospf_settings: + area: 0 + cost: 1 + is_passive_enabled: true + delegate_to: localhost + register: create + + - set_fact: + interface_id_1: '{{create.data.interface_id}}' + + - assert: + that: + - create.data is defined + - create is changed + + - name: Update l3 interface with check mode + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + ospf_settings: + area: 0 + cost: 2 + is_passive_enabled: false + delegate_to: localhost + register: update_check + check_mode: true + + - assert: + that: + - update_check.data is defined + - update_check is changed + + - name: Update l3 interface + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + ospf_settings: + area: 0 + cost: 2 + is_passive_enabled: false + delegate_to: localhost + register: update + + - assert: + that: + - update.data is defined + - update is changed + + - name: Update l3 interface idempotent + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + ospf_settings: + area: 0 + cost: 2 + is_passive_enabled: false + delegate_to: localhost + register: update_idempotent + + - assert: + that: + update_idempotent is not changed + + - name: Update l3 interface idempotent with check mode + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + ospf_settings: + area: 0 + cost: 2 + is_passive_enabled: false + delegate_to: localhost + register: update_idempotent_check + check_mode: true + + - assert: + that: + update_idempotent_check is not changed + + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete l3 interface with check mode + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: absent + serial: '{{ serial_switch_l3 }}' + interface_id: '{{ item }}' + delegate_to: localhost + check_mode: true + register: delete_check + loop: + - '{{interface_id_1}}' + + - assert: + that: + - delete_check is changed + + - name: Delete l3 interface + meraki_ms_l3_interface: + auth_key: '{{ auth_key }}' + state: absent + serial: '{{ serial_switch_l3 }}' + interface_id: '{{ interface_id_1 }}' + delegate_to: localhost + register: delete + + - assert: + that: + - delete is changed + + # - name: Delete network + # meraki_network: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{test_org_name}}' + # net_name: IntTestNetworkSwitch + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/tasks/main.yml new file mode 100644 index 000000000..848f57b40 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_link_aggregation/tasks/main.yml @@ -0,0 +1,130 @@ +# Test code for the Meraki MS Link Aggregation module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + type: switch + register: test_net + + - name: Add device to network + cisco.meraki.meraki_device: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + serial: "{{ serial_switch }}" + delegate_to: localhost + + - name: Create LAG + cisco.meraki.meraki_ms_link_aggregation: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + switch_ports: + - serial: "{{ serial_switch }}" + port_id: "1" + - serial: "{{ serial_switch }}" + port_id: "2" + delegate_to: localhost + register: create_ports + + - name: Debug create_ports + ansible.builtin.debug: + var: create_ports + + - name: Set fact create_ports + ansible.builtin.set_fact: + lag_id: "{{ create_ports.data.id }}" + + - name: Update LAG + cisco.meraki.meraki_ms_link_aggregation: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + lag_id: "{{ lag_id }}" + switch_ports: + - serial: "{{ serial_switch }}" + port_id: "1" + - serial: "{{ serial_switch }}" + port_id: "2" + - serial: "{{ serial_switch }}" + port_id: "3" + - serial: "{{ serial_switch }}" + port_id: "4" + delegate_to: localhost + register: update_ports + + - name: Assert update_ports + ansible.builtin.assert: + that: + - update_ports is changed + + - name: Update LAG with idempotency + cisco.meraki.meraki_ms_link_aggregation: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + lag_id: "{{ lag_id }}" + switch_ports: + - serial: "{{ serial_switch }}" + port_id: "1" + - serial: "{{ serial_switch }}" + port_id: "2" + - serial: "{{ serial_switch }}" + port_id: "3" + - serial: "{{ serial_switch }}" + port_id: "4" + delegate_to: localhost + register: update_ports_idempotent + + - name: Assert update_ports_idempotent + ansible.builtin.assert: + that: + - update_ports_idempotent is not changed + + - name: Query all LAGs + cisco.meraki.meraki_ms_link_aggregation: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + delegate_to: localhost + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + always: + - name: Delete LAG + cisco.meraki.meraki_ms_link_aggregation: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + net_name: "{{ test_switch_net_name }}" + lag_id: "{{ lag_id }}" + delegate_to: localhost + + # - name: Delete test network + # meraki_network: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{ test_org_name }}' + # net_name: '{{ test_switch_net_name }}' + # register: delete_net diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_ospf/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_ospf/tasks/main.yml new file mode 100644 index 000000000..f7b0f92b5 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_ospf/tasks/main.yml @@ -0,0 +1,141 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create network with type switch + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - name: Claim a device into a network + cisco.meraki.meraki_device: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + serial: "{{ serial_switch_l3 }}" + state: present + delegate_to: localhost + + - name: Query OSPF settings + cisco.meraki.meraki_ms_ospf: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + state: query + delegate_to: localhost + register: query_all + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data is defined + + - name: Enable OSPF with check mode + cisco.meraki.meraki_ms_ospf: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + state: present + enabled: true + hello_timer: 20 + dead_timer: 60 + areas: + - area_id: 0 + area_name: Backbone + area_type: normal + - area_id: 1 + area_name: Office + area_type: nssa + md5_authentication_enabled: true + md5_authentication_key: + id: 1 + passphrase: "secretpass" + check_mode: true + register: enable_check_mode + + - name: Assert enable_check_mode + ansible.builtin.assert: + that: + - enable_check_mode.data is defined + + - name: Enable OSPF + cisco.meraki.meraki_ms_ospf: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + state: present + enabled: true + hello_timer: 20 + dead_timer: 60 + areas: + - area_id: 0 + area_name: Backbone + area_type: normal + - area_id: 1 + area_name: Office + area_type: nssa + md5_authentication_enabled: true + md5_authentication_key: + id: 1 + passphrase: "secretpass" + register: enable + + - name: Assert enable + ansible.builtin.assert: + that: + - enable.data is defined + + - name: Enable OSPF with idempotency + cisco.meraki.meraki_ms_ospf: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + state: present + enabled: true + hello_timer: 20 + dead_timer: 60 + areas: + - area_id: 0 + area_name: Backbone + area_type: normal + - area_id: 1 + area_name: Office + area_type: nssa + md5_authentication_enabled: true + md5_authentication_key: + id: 1 + passphrase: "secretpass" + delegate_to: localhost + register: enable_ospf_idempotent + + - name: Debug enable_ospf_idempotent + ansible.builtin.debug: + var: enable_ospf_idempotent + + - name: Assert enable_ospf_idempotent + ansible.builtin.assert: + that: + - enable_ospf_idempotent is not changed + - enable_ospf_idempotent.data is defined + + ############################################################################# + # Tear down starts here + ############################################################################# + + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + net_name: IntTestNetworkSwitch + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/tasks/main.yml new file mode 100644 index 000000000..7362d39c9 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack/tasks/main.yml @@ -0,0 +1,215 @@ +# Test code for the Meraki Switch Stack module +# Copyright: (c) 2020, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create network with type switch + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - name: Set fact create_net_switch + ansible.builtin.set_fact: + net_id: '{{ create_net_switch.data.id }}' + + - name: Claim devices into network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net_id }}' + serial: '{{ item }}' + state: present + delegate_to: localhost + register: claim_device + loop: + - "QBSB-BPR6-PRER" + - "QBSB-VLNE-E299" + - "QBSB-D75G-PXCG" + + - name: Create new stack + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + name: Test stack + serials: + - "QBSB-BPR6-PRER" + - "QBSB-VLNE-E299" + register: create + + - name: Debug create + ansible.builtin.debug: + var: create + + - name: Set fact create + ansible.builtin.set_fact: + stack_id: '{{ create.data.id }}' + + - name: Assert create + ansible.builtin.assert: + that: + - create.data is defined + - create is changed + + - name: Add switch to stack + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + serials: + - "QBSB-D75G-PXCG" + register: add_stack + + - name: Assert add_stack + ansible.builtin.assert: + that: + - add_stack.data is defined + - add_stack.data.serials | length == 3 + - add_stack is changed + + - name: Add switch to stack idempotent + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + serials: + - "QBSB-D75G-PXCG" + register: add_stack_idempotent + + - name: Assert add_stack_idempotent + ansible.builtin.assert: + that: + - add_stack_idempotent.data is defined + - add_stack_idempotent.data.serials | length == 3 + - add_stack_idempotent is not changed + + - name: Remove switch from stack + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + serials: + - "QBSB-D75G-PXCG" + register: remove_from_stack + + - name: Debug remove_from_stack + ansible.builtin.debug: + var: remove_from_stack + + - name: Assert remove_from_stack + ansible.builtin.assert: + that: + - remove_from_stack.data is defined + - remove_from_stack.data.serials | length == 2 + - remove_from_stack is changed + + - name: Remove switch from stack idempotent + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + serials: + - "QBSB-D75G-PXCG" + register: remove_from_stack_idempotent + + - name: Debug remove_from_stack_idempotent + ansible.builtin.debug: + var: remove_from_stack_idempotent + + - name: Assert remove_from_stack_idempotent + ansible.builtin.assert: + that: + - remove_from_stack_idempotent.data is defined + - remove_from_stack_idempotent.data.serials | length == 2 + - remove_from_stack_idempotent is not changed + + - name: Query all stacks in the network + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data is defined + - query_all is not changed + + - name: Query one stack + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + register: query_one + + - name: Debug query_one + ansible.builtin.debug: + var: query_one + + - name: Assert query_one + ansible.builtin.assert: + that: + - query_one.data is defined + - query_one is not changed + + - name: Query one stack using name + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + name: Test stack + register: query_one_name + + - name: Debug query_one_name + ansible.builtin.debug: + var: query_one_name + + - name: Assert query_one_name + ansible.builtin.assert: + that: + - query_one_name.data is defined + - query_one_name is not changed + + always: + - name: Delete stack + cisco.meraki.meraki_ms_stack: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + stack_id: '{{ stack_id }}' + register: delete + + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_switch_net_name }}' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack_l3_interface/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack_l3_interface/tasks/main.yml new file mode 100644 index 000000000..04bdaf015 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_stack_l3_interface/tasks/main.yml @@ -0,0 +1,281 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create network with type switch + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - set_fact: + net_id: '{{create_net_switch.data.id}}' + + - name: Create new stack + meraki_switch_stack: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + name: Test stack + serials: + - "QBSB-BPR6-PRER" + - "QBSB-VLNE-E299" + - "QBSB-D75G-PXCG" + register: stack + + - set_fact: + stack_id: '{{stack.data.id}}' + + - name: Create l3 interface with check mode + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + default_gateway: "192.168.3.1" + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: create_check + check_mode: true + + - assert: + that: + - create_check.data is defined + - create_check is changed + + - name: Create l3 interface + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + default_gateway: "192.168.3.1" + name: "Test L3 interface 2" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: create + + - assert: + that: + - create.data is defined + - create is changed + + - name: Query all l3 interfaces + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + state: query + stack_id: '{{ stack_id }}' + delegate_to: localhost + register: query_l3 + + - set_fact: + interface_id_1: '{{create.data.interface_id}}' + + - name: Query one l3 interface + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + state: query + stack_id: '{{ stack_id }}' + interface_id: '{{interface_id_1}}' + delegate_to: localhost + register: query_one + + - debug: + var: query_one + + - name: Update l3 interface with check mode + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + name: "Test L3 interface 3" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + interface_id: '{{interface_id_1}}' + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: update_check + check_mode: true + + - assert: + that: + - update_check.data is defined + - update_check is changed + + - name: Update l3 interface + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + name: "Test L3 interface 3" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + interface_id: '{{interface_id_1}}' + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: update + + - assert: + that: + - update.data is defined + - update is changed + + - name: Update l3 interface idempotent + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + name: "Test L3 interface 3" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: update_idempotent + + - assert: + that: + update_idempotent is not changed + + - name: Update l3 interface idempotent with check mode + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + name: "Test L3 interface 3" + subnet: "192.168.3.0/24" + interface_ip: "192.168.3.2" + multicast_routing: disabled + vlan_id: 11 + delegate_to: localhost + register: update_idempotent_check + check_mode: true + + - assert: + that: + update_idempotent_check is not changed + + + - name: Query all l3 interfaces + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + state: query + stack_id: '{{ stack_id }}' + delegate_to: localhost + register: query_l3 + + - debug: + var: query_l3 + + - set_fact: + interface_id_1: '{{query_l3.data[0].interface_id}}' + ignore_errors: true + + - assert: + that: + - query_l3.data is defined + - query_l3.data | length > 0 + + - name: Query one l3 interface + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{ stack_id }}' + name: Test L3 interface + delegate_to: localhost + register: query_one + + - assert: + that: + - query_one.data is defined + + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete l3 interface with check mode + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + interface_id: '{{ item }}' + delegate_to: localhost + check_mode: true + register: delete_check + loop: + - '{{interface_id_1}}' + + - assert: + that: + - delete_check is changed + + - name: Delete l3 interface + meraki_ms_stack_l3_interface: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + stack_id: '{{stack_id}}' + interface_id: '{{ interface_id_1 }}' + delegate_to: localhost + register: delete + + - assert: + that: + - delete is changed + + - name: Remove switches from stack + meraki_switch_stack: + auth_key: '{{auth_key}}' + state: absent + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + name: Test stack + register: stack + + # - name: Delete network + # meraki_network: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{test_org_name}}' + # net_name: IntTestNetworkSwitch + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/tasks/main.yml new file mode 100644 index 000000000..6c09875ee --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_storm_control/tasks/main.yml @@ -0,0 +1,113 @@ +# Test code for the Meraki modules +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Create switch network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: Home - Switch + timezone: America/Chicago + type: switch + delegate_to: localhost + register: net + + - name: Set fact net + ansible.builtin.set_fact: + net_id: '{{ net.data.id }}' + + - name: Add device to network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: Home - Switch + serial: '{{ serial_switch_l3 }}' + delegate_to: localhost + + - name: Reset data + cisco.meraki.meraki_ms_storm_control: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: Home - Switch + broadcast_threshold: 100 + multicast_threshold: 100 + unknown_unicast_threshold: 100 + delegate_to: localhost + + - name: Set broadcast settings + cisco.meraki.meraki_ms_storm_control: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: Home - Switch + broadcast_threshold: 75 + multicast_threshold: 70 + unknown_unicast_threshold: 65 + delegate_to: localhost + register: set_all + + - name: Assert set_all + ansible.builtin.assert: + that: + - set_all is changed + - set_all.data is defined + - set_all.diff is defined + - set_all.diff.before is defined + - set_all.diff.after is defined + - '{{ set_all.data.broadcast_threshold }} == 75' + - '{{ set_all.data.multicast_threshold }} == 70' + - '{{ set_all.data.unknown_unicast_threshold }} == 65' + + - name: Set broadcast settings with idempotency + cisco.meraki.meraki_ms_storm_control: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: Home - Switch + broadcast_threshold: 75 + multicast_threshold: 70 + unknown_unicast_threshold: 65 + delegate_to: localhost + register: set_all_idempotent + + - name: Assert set_all_idempotent + ansible.builtin.assert: + that: + - set_all_idempotent is not changed + - set_all_idempotent.data is defined + - '{{ set_all_idempotent.data.broadcast_threshold }} == 75' + - '{{ set_all_idempotent.data.multicast_threshold }} == 70' + - '{{ set_all_idempotent.data.unknown_unicast_threshold }} == 65' + + - name: Query storm control settings + cisco.meraki.meraki_ms_storm_control: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: Home - Switch + delegate_to: localhost + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data is defined + + # always: + # - name: Delete switch network + # cisco.meraki.meraki_network: + # auth_key: '{{ auth_key }}' + # state: absent + # org_name: '{{ test_org_name }}' + # net_name: Home - Switch + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/tasks/main.yml new file mode 100644 index 000000000..3ebd43ec3 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ms_switchport/tasks/main.yml @@ -0,0 +1,782 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + +- name: Query all switchports + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: query + serial: '{{ serial_switch }}' + delegate_to: localhost + register: query_all + +- name: Debug query_all + ansible.builtin.debug: + msg: '{{ query_all }}' + +- name: Query one switchport + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: query + serial: '{{ serial_switch }}' + number: 1 + delegate_to: localhost + register: query_one + +- name: Debug query_all + ansible.builtin.debug: + msg: '{{ query_one }}' + +- name: Enable switchport with check mode + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Temporary + delegate_to: localhost + check_mode: true + register: update_port_true_check + +- name: Debug update_port_true_check + ansible.builtin.debug: + msg: '{{ update_port_true_check }}' + +- name: Assert update_port_true_check + ansible.builtin.assert: + that: + - update_port_true_check is changed + - update_port_true_check.data is defined + +- name: Enable switchport + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + delegate_to: localhost + register: update_port_true + +- name: Debug update_port_true + ansible.builtin.debug: + msg: '{{ update_port_true }}' + +- name: Assert update_port_true + ansible.builtin.assert: + that: + - update_port_true.data.enabled == True + +- name: Disable switchport + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: false + delegate_to: localhost + register: update_port_false + +- name: Debug update_port_false + ansible.builtin.debug: + msg: '{{ update_port_false }}' + +- name: Assert update_port_false + ansible.builtin.assert: + that: + - update_port_false.data.enabled == False + +- name: Name switchport + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + name: Test Port + delegate_to: localhost + register: update_port_name + +- name: Debug update_port_name + ansible.builtin.debug: + msg: '{{ update_port_name }}' + +- name: Assert update_port_name + ansible.builtin.assert: + that: + - update_port_name.data.name == 'Test Port' + +- name: Configure access port with check mode + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + delegate_to: localhost + check_mode: true + register: update_access_port_changed + +- name: Debug update_access_port_changed + ansible.builtin.debug: + msg: '{{ update_access_port_changed }}' + +- name: Assert update_access_port_changed + ansible.builtin.assert: + that: + - update_access_port_changed is changed + - update_access_port_changed.data is defined + +- name: Configure access port + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + delegate_to: localhost + register: update_access_port + +- name: Debug update_access_port + ansible.builtin.debug: + msg: '{{ update_access_port }}' + +- name: Assert update_access_port + ansible.builtin.assert: + that: + - update_access_port.data.vlan == 10 + +- name: Configure flexible stacking + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch_l3 }}' + number: 7 + enabled: true + flexible_stacking_enabled: true + delegate_to: localhost + register: flex_stacking_enabled + +- name: Debug flex_stacking_enabled + ansible.builtin.debug: + msg: '{{ flex_stacking_enabled }}' + +- name: Assert flex_stacking_enabled + ansible.builtin.assert: + that: + - flex_stacking_enabled.data.flexible_stacking_enabled == true + +# - name: Configure adaptive policy and SGT +# cisco.meraki.meraki_ms_switchport: +# auth_key: '{{ auth_key }}' +# state: present +# serial: '{{ serial_switch_l3 }}' +# number: 7 +# enabled: true +# adaptive_policy_group_id: "1234" +# peer_sgt_capable: true +# delegate_to: localhost +# register: adaptive_policy + +# - ansible.builtin.debug: +# msg: '{{adaptive_policy}}' + +# - ansible.builtin.assert: +# that: +# - adaptive_policy.data.adaptive_policy_group_id == "1234" +# - adaptive_policy.data.peer_sgt_capable == true + +- name: Configure port as trunk + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 8 + enabled: true + name: Test Port + type: trunk + vlan: 10 + allowed_vlans: 10, 100, 200 + delegate_to: localhost + +- name: Remove VLAN on switchport + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 8 + enabled: true + type: trunk + vlan: 0 + delegate_to: localhost + register: remove_vlan + +- name: Debug remove_vlan + ansible.builtin.debug: + msg: '{{ remove_vlan }}' + +- name: Assert remove_vlan + ansible.builtin.assert: + that: + - remove_vlan.data.vlan == None + +- name: Convert trunk port to access + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 8 + enabled: true + name: Test Port + type: access + vlan: 10 + delegate_to: localhost + +- name: Test converted port for idempotency + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 8 + enabled: true + name: Test Port + type: access + vlan: 10 + delegate_to: localhost + register: convert_idempotent + +- name: Assert convert_idempotent + ansible.builtin.assert: + that: + - convert_idempotent.changed == False + +- name: Change voice VLAN for next task + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + voice_vlan: 12 + delegate_to: localhost + register: update_port_vvlan + +- name: Configure access port with voice VLAN + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + voice_vlan: 11 + delegate_to: localhost + register: update_port_vvlan + +- name: Debug update_port_vvlan + ansible.builtin.debug: + msg: '{{ update_port_vvlan }}' + +- name: Assert update_port_vvlan + ansible.builtin.assert: + that: + - update_port_vvlan.data.voice_vlan == 11 + - update_port_vvlan.changed == True + +- name: Check access port for idempotenty + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + voice_vlan: 11 + delegate_to: localhost + register: update_port_access_idempotent + +- name: Debug update_port_access_idempotent + ansible.builtin.debug: + msg: '{{ update_port_access_idempotent }}' + +- name: Assert update_port_access_idempotent + ansible.builtin.assert: + that: + - update_port_access_idempotent.changed == False + - update_port_access_idempotent.data is defined + +- name: Configure access port removing voice VLAN + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Test Port + tags: desktop + type: access + vlan: 10 + voice_vlan_state: absent + delegate_to: localhost + register: update_port_remove_vvlan + +- name: Debut update_port_remove_vvlan + ansible.builtin.debug: + msg: '{{ update_port_remove_vvlan }}' + +- name: Assert + ansible.builtin.assert: + that: + - update_port_remove_vvlan.data.voice_vlan == None + - update_port_remove_vvlan.changed == True + +- name: Configure trunk port + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Server port + tags: server + type: trunk + allowed_vlans: all + vlan: 8 + delegate_to: localhost + register: update_trunk + +- name: Debug update_trunk + ansible.builtin.debug: + msg: '{{ update_trunk }}' + +- name: Assert update_trunk + ansible.builtin.assert: + that: + - update_trunk.data.tags.0 == 'server' + - update_trunk.data.type == 'trunk' + - update_trunk.data.allowed_vlans == 'all' + +- name: Configure trunk port with specific VLANs + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Server port + tags: server + type: trunk + vlan: 8 + allowed_vlans: + - 10 + - 15 + - 20 + delegate_to: localhost + register: update_trunk + +- name: Debug update_trunk + ansible.builtin.debug: + msg: '{{ update_trunk }}' + +- name: Assert update_trunk + ansible.builtin.assert: + that: + - update_trunk.data.tags.0 == 'server' + - update_trunk.data.type == 'trunk' + - update_trunk.data.allowed_vlans == '8,10,15,20' + +- name: Configure trunk port with specific VLANs and native VLAN + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Server port + tags: server + type: trunk + vlan: 2 + allowed_vlans: + - 10 + - 15 + - 20 + delegate_to: localhost + register: update_trunk + +- name: Debug update_trunk + ansible.builtin.debug: + msg: '{{ update_trunk }}' + +- name: Assert update_trunk + ansible.builtin.assert: + that: + - update_trunk.data.tags.0 == 'server' + - update_trunk.data.type == 'trunk' + - update_trunk.data.allowed_vlans == '2,10,15,20' + +- name: Check for idempotency on trunk port + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + name: Server port + tags: server + type: trunk + vlan: 2 + allowed_vlans: + - 10 + - 15 + - 20 + delegate_to: localhost + register: update_trunk_idempotent + +- name: Debug update_trunk_idempotent + ansible.builtin.debug: + msg: '{{ update_trunk_idempotent }}' + +- name: Assert update_trunk_idempotent + ansible.builtin.assert: + that: + - update_trunk_idempotent.changed == False + - update_trunk_idempotent.data is defined + +# - name: Enable Sticky MAC Using Replace +# cisco.meraki.meraki_ms_switchport: +# auth_key: '{{ auth_key }}' +# state: present +# serial: '{{ serial_switch }}' +# number: 7 +# enabled: true +# type: access +# access_policy_type: "Sticky MAC allow list" +# sticky_mac_allow_list: +# macs: +# - "aa:aa:bb:bb:cc:cc" +# state: replaced +# sticky_mac_allow_list_limit: 1 +# delegate_to: localhost +# register: sticky_mac_allow_replace + +# - name: Debug sticky_mac_allow_replace +# ansible.builtin.debug: +# msg: '{{ sticky_mac_allow_replace }}' + +# - name: Assert sticky_mac_allow_replace +# ansible.builtin.assert: +# that: +# - sticky_mac_allow_replace.data.sticky_mac_allow_list_limit == 1 +# - sticky_mac_allow_replace.data.sticky_mac_allow_list == ["aa:aa:bb:bb:cc:cc"] + +- name: Enable Sticky MAC Using Replace Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "Sticky MAC allow list" + sticky_mac_allow_list: + macs: + - "aa:aa:bb:bb:cc:cc" + state: replaced + sticky_mac_allow_list_limit: 1 + delegate_to: localhost + register: idempotent_sticky_mac_allow_replace + +- name: Debug idempotent_sticky_mac_allow_replace + ansible.builtin.debug: + msg: '{{ idempotent_sticky_mac_allow_replace }}' + +- name: Assert idempotent_mac_allow_replace + ansible.builtin.assert: + that: + - idempotent_sticky_mac_allow_replace.changed == False + - idempotent_sticky_mac_allow_replace.data is defined + +- name: Enable Sticky MAC Using Merge + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "Sticky MAC allow list" + sticky_mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: merged + sticky_mac_allow_list_limit: 2 + delegate_to: localhost + register: sticky_mac_allow_merge + +- name: Debug sticky_mac_allow_merge + ansible.builtin.debug: + msg: '{{ sticky_mac_allow_merge }}' + +- name: Assert sticky_mac_allow_merge + ansible.builtin.assert: + that: + - sticky_mac_allow_merge.data.sticky_mac_allow_list_limit == 2 + - sticky_mac_allow_merge.data.sticky_mac_allow_list == ["aa:aa:bb:bb:cc:cc", "11:aa:bb:bb:cc:cc"] + +- name: Enable Sticky MAC Using Merge Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "Sticky MAC allow list" + sticky_mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: merged + sticky_mac_allow_list_limit: 2 + delegate_to: localhost + register: idempotent_sticky_mac_allow_merge + +- name: Debug idempotent_sticky_mac_allow_merge + ansible.builtin.debug: + msg: '{{ idempotent_sticky_mac_allow_merge }}' + +- name: Assert idempotent_sticky_mac_allow_merge + ansible.builtin.assert: + that: + - idempotent_sticky_mac_allow_merge.changed == False + - idempotent_sticky_mac_allow_merge.data is defined + +- name: Delete Sticky MAC From Allow List + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "Sticky MAC allow list" + sticky_mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: deleted + sticky_mac_allow_list_limit: 2 + delegate_to: localhost + register: delete_sticky_mac + +- name: Debug delete_sticky_mac + ansible.builtin.debug: + msg: '{{ delete_sticky_mac }}' + +- name: Assert delete_sticky_mac + ansible.builtin.assert: + that: + - delete_sticky_mac.data.sticky_mac_allow_list_limit == 2 + - delete_sticky_mac.data.sticky_mac_allow_list == ["aa:aa:bb:bb:cc:cc"] + +- name: Delete Sticky MAC Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "Sticky MAC allow list" + sticky_mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: deleted + sticky_mac_allow_list_limit: 2 + delegate_to: localhost + register: idempotent_delete_sticky_mac + +- name: Debug idempotent_delete_sticky_mac + ansible.builtin.debug: + msg: '{{ idempotent_delete_sticky_mac }}' + +- name: Assert idempotent_delete_sticky_mac + ansible.builtin.assert: + that: + - idempotent_delete_sticky_mac.changed == False + - idempotent_delete_sticky_mac.data is defined + +- name: Enable MAC Allow Using Replace + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "aa:aa:bb:bb:cc:cc" + state: replaced + delegate_to: localhost + register: mac_allow_replace + +- name: Debug mac_allow_replace + ansible.builtin.debug: + msg: '{{ mac_allow_replace }}' + +- name: Assert mac_allow_replace + ansible.builtin.assert: + that: + - mac_allow_replace.data.mac_allow_list == ["aa:aa:bb:bb:cc:cc"] + +- name: Enable MAC Allow Using Replace Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "aa:aa:bb:bb:cc:cc" + state: replaced + delegate_to: localhost + register: idempotent_mac_allow_replace + +- name: Debug idempotent_mac_allow_replace + ansible.builtin.debug: + msg: '{{ idempotent_mac_allow_replace }}' + +- name: Assert idempotent_mac_allow_replace + ansible.builtin.assert: + that: + - idempotent_mac_allow_replace.changed == False + - idempotent_mac_allow_replace.data is defined + +- name: Enable MAC Allow Using Merge + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: merged + delegate_to: localhost + register: mac_allow_merge + +- name: Debug mac_allow_merge + ansible.builtin.debug: + msg: '{{ mac_allow_merge }}' + +- name: Assert mac_allow_merge + ansible.builtin.assert: + that: + - mac_allow_merge.data.mac_allow_list == ["aa:aa:bb:bb:cc:cc", "11:aa:bb:bb:cc:cc"] + +- name: Enable MAC Allow Using Merge Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: merged + delegate_to: localhost + register: idempotent_mac_allow_merge + +- name: Debug idempotent_mac_allow_merge + ansible.builtin.debug: + msg: '{{ idempotent_mac_allow_merge }}' + +- name: Assert idempotent_mac_allow_merge + ansible.builtin.assert: + that: + - idempotent_mac_allow_merge.changed == False + - idempotent_mac_allow_merge.data is defined + +- name: Delete MAC From Allow List + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: deleted + delegate_to: localhost + register: delete_mac + +- name: Debug delete_mac + ansible.builtin.debug: + msg: '{{ delete_mac }}' + +- name: Assert delete_mac + ansible.builtin.assert: + that: + - delete_mac.data.mac_allow_list == ["aa:aa:bb:bb:cc:cc"] + +- name: Delete MAC Idempotent + cisco.meraki.meraki_ms_switchport: + auth_key: '{{ auth_key }}' + state: present + serial: '{{ serial_switch }}' + number: 7 + enabled: true + type: access + access_policy_type: "MAC allow list" + mac_allow_list: + macs: + - "11:aa:bb:bb:cc:cc" + state: deleted + delegate_to: localhost + register: idempotent_delete_mac + +- name: Debug idempotent_delete_mac + ansible.builtin.debug: + msg: '{{ idempotent_delete_mac }}' + +- name: Assert idempotent_delete_mac + ansible.builtin.assert: + that: + - idempotent_delete_mac.changed == False + - idempotent_delete_mac.data is defined diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/tasks/main.yml new file mode 100644 index 000000000..b139ede74 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_content_filtering/tasks/main.yml @@ -0,0 +1,309 @@ +# Test code for the Meraki Content Filteringmodule +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + type: appliance + timezone: America/Chicago + delegate_to: localhost + register: create_net_appliance + + - name: Test net_name and id exclusivity + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + net_id: 12345 + state: present + allowed_urls: + - "http://www.ansible.com/*" + register: net_exclusive + failed_when: false + changed_when: false + + - name: Assert net_exclusive + ansible.builtin.assert: + that: + - 'net_exclusive.msg == "net_name and net_id are mutually exclusive"' + + - name: Set blocked URL categories for idempotency test + cisco.meraki.meraki_mx_content_filtering: + state: present + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + category_list_size: full list + blocked_categories: + - "Adult" + - "Advertisements" + - "Alcohol" + delegate_to: localhost + + # - name: Set blocked URL categories with idempotency + # cisco.meraki.meraki_mx_content_filtering: + # state: present + # auth_key: "{{ auth_key }}" + # org_name: "{{ test_org_name }}" + # net_name: "{{ test_net_name }}" + # category_list_size: full list + # blocked_categories: + # - "Adult" + # - "Advertisements" + # - "Alcohol" + # delegate_to: localhost + # register: category_idempotent + + # - name: Assert category_idempotent + # ansible.builtin.assert: + # that: + # - category_idempotent is not changed + # - category_idempotent.data is defined + + - name: Set single allowed URL pattern with check mode + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + allowed_urls: + - "http://www.ansible.com/*" + register: single_allowed_check + check_mode: true + + - name: Assert single_allowed_check + ansible.builtin.assert: + that: + - single_allowed_check.data.allowed_url_patterns | length == 1 + - single_allowed_check is changed + + - name: Set single allowed URL pattern + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + allowed_urls: + - "http://www.ansible.com/*" + register: single_allowed + + - name: Assert single_allowed + ansible.builtin.assert: + that: + - single_allowed.data.allowed_url_patterns | length == 1 + + - name: Set single allowed URL pattern for idempotency with check mode + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + allowed_urls: + - "http://www.ansible.com/*" + register: single_allowed_idempotent_check + check_mode: true + + - name: Debug single_allowed_idempotent_check + ansible.builtin.debug: + var: single_allowed_idempotent_check + + - name: Assert single_allowed and single_allowed_idempotent_check + ansible.builtin.assert: + that: + - single_allowed_idempotent_check is not changed + - single_allowed.data.allowed_url_patterns | length == 1 + + - name: Set single allowed URL pattern for idempotency + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + allowed_urls: + - "http://www.ansible.com/*" + register: single_allowed_idempotent + + - name: Debug single_allowed_idempotent + ansible.builtin.debug: + var: single_allowed_idempotent + + - name: Assert single_allowed_idempotent + ansible.builtin.assert: + that: + - single_allowed_idempotent.changed == False + - single_allowed_idempotent.data is defined + + - name: Set single blocked URL pattern + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + blocked_urls: + - "http://www.ansible.com/*" + register: single_blocked + + - name: Debug single_blocked + ansible.builtin.debug: + var: single_blocked + + - name: Assert single_blocked + ansible.builtin.assert: + that: + - single_blocked.data.blocked_url_patterns | length == 1 + + - name: Set two allowed URL pattern + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + allowed_urls: + - "http://www.ansible.com/*" + - "http://www.redhat.com" + register: two_allowed + + - name: Debug two_allowed + ansible.builtin.debug: + var: two_allowed + + - name: Debug two_allowed + ansible.builtin.assert: + that: + - two_allowed.changed == True + - two_allowed.data.allowed_url_patterns | length == 2 + + - name: Set blocked URL category + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + category_list_size: full list + blocked_categories: + - "Adult" + register: blocked_category + + - name: Debug blocked_category + ansible.builtin.debug: + var: blocked_category + + - name: Assert blocked_category + ansible.builtin.assert: + that: + - blocked_category.changed == True + - blocked_category.data.blocked_url_categories | length == 1 + # - blocked_category.data.url_category_list_size == "fullList" + + # - name: Set blocked URL category with top sites + # cisco.meraki.meraki_mx_content_filtering: + # auth_key: '{{ auth_key }}' + # org_name: '{{ test_org_name }}' + # net_name: '{{ test_net_name }}' + # state: present + # category_list_size: top sites + # blocked_categories: + # - "Adult" + # register: blocked_category + + # - name: Debug blocked_category + # ansible.builtin.debug: + # var: blocked_category + + # - name: Assert blocked_category + # ansible.builtin.assert: + # that: + # - blocked_category.changed == True + # - blocked_category.data.blocked_url_categories | length == 1 + # # - blocked_category.data.url_category_list_size == "topSites" + + - name: Query all content filtering information + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: query + delegate_to: localhost + register: query_all + + - name: Debug query_all + ansible.builtin.debug: + var: query_all + + - name: Query all content filtering assertion + ansible.builtin.assert: + that: + - query_all.data.categories is defined + - query_all.data.policy is defined + + - name: Query categories + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: query + subset: categories + delegate_to: localhost + register: query_categories + + - name: Debug query_categories + ansible.builtin.debug: + var: query_categories + + - name: Query categories assertion + ansible.builtin.assert: + that: + - query_categories.data is defined + + - name: Query content filtering policies + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + subset: policy + state: query + delegate_to: localhost + register: query_policy + + - name: Debug query_policy + ansible.builtin.debug: + var: query_policy + + - name: Query contnet filtering policy assertion + ansible.builtin.assert: + that: + - query_policy.data is defined + + always: + - name: Reset policies + cisco.meraki.meraki_mx_content_filtering: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + category_list_size: full list + allowed_urls: + - + blocked_urls: + - + blocked_categories: + - + + - name: Delete network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: absent diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/main.yml new file mode 100644 index 000000000..c04238da9 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Webhooks module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + ansible.builtin.include_tasks: tests.yml diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/tests.yml new file mode 100644 index 000000000..704738ccd --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_intrusion_prevention/tasks/tests.yml @@ -0,0 +1,330 @@ +# Test code for the Meraki IPS module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tests + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + type: appliance + register: net + + - name: Debug net + ansible.builtin.debug: + var: net + + - name: Set allowed rules for organization in check mode + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + allowed_rules: + - rule_id: "meraki:intrusion/snort/GID/01/SID/5805" + rule_message: Test rule + check_mode: true + register: create_org_check + + - name: Assert create_org_check + ansible.builtin.assert: + that: + - create_org_check is changed + - create_org_check.data is defined + + - name: Set allowed rules for organization + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_id: "{{ test_org_id }}" + allowed_rules: + - rule_id: "meraki:intrusion/snort/GID/01/SID/5805" + rule_message: Test rule + register: create_org + + - name: Assert create_org + ansible.builtin.assert: + that: + - create_org is changed + - create_org.data is defined + - create_org.data.allowed_rules | length == 1 + + - name: Set allowed rules for organization with idempotency + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_id: "{{ test_org_id }}" + allowed_rules: + - rule_id: "meraki:intrusion/snort/GID/01/SID/5805" + rule_message: Test rule + register: create_org_idempotent + + - name: Assert create_org_idempotent + ansible.builtin.assert: + that: + - create_org_idempotent is not changed + - create_org_idempotent.data is defined + + - name: Query IPS info for organization + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + register: query_org + + - name: Assert query_org + ansible.builtin.assert: + that: + - query_org.data.allowed_rules is defined + + - name: Set mode to prevention with check mode + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + check_mode: true + register: mode_check + + - name: Assert mode_check + ansible.builtin.assert: + that: + - mode_check is changed + - mode_check.data is defined + + - name: Set mode to prevention + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + register: mode + + - name: Debug mode + ansible.builtin.debug: + var: mode + + - name: Assert mode + ansible.builtin.assert: + that: + - mode is changed + - mode.data.mode is defined + + - name: Set mode to prevention with idempotency + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + register: mode_idempotent + + - name: Debug mode_idempotent + ansible.builtin.debug: + var: mode_idempotent + + - name: Assert mode_idempotent + ansible.builtin.assert: + that: + - mode_idempotent is not changed + - mode_idempotent.data.mode is defined + + - name: Set full ruleset with check mode + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + ids_rulesets: security + protected_networks: + use_default: true + included_cidr: + - 192.0.1.0/24 + excluded_cidr: + - 10.0.1.0/24 + check_mode: true + register: full_check + + - name: Debug full_check + ansible.builtin.debug: + var: full_check + + - name: Assert full_check + ansible.builtin.assert: + that: + - full_check is changed + - full_check.data.mode is defined + + # Meraki says protectedNetworks isn't supported on layer 3 firewalls + # Passthrough mode cannot be set via API + # - name: Set full ruleset + # cisco.meraki.meraki_mx_intrusion_prevention: + # auth_key: '{{ auth_key }}' + # state: present + # org_name: '{{ test_org_name }}' + # net_name: '{{ test_net_name }} - IPS' + # mode: detection + # ids_rulesets: security + # protected_networks: + # use_default: true + # included_cidr: + # - 192.0.1.0/24 + # excluded_cidr: + # - 10.0.1.0/24 + # delegate_to: localhost + # register: full + + # - ansible.builtin.debug: + # var: full + + # - ansible.builtin.assert: + # that: + # - full is changed + # - full.data.mode is defined + + # Meraki says protectedNetworks isn't supported on layer 3 firewalls + # Passthrough mode cannot be set via API + # - name: Set full ruleset with idempotency + # cisco.meraki.meraki_mx_intrusion_prevention: + # auth_key: '{{ auth_key }}' + # state: present + # org_name: '{{ test_org_name }}' + # net_name: '{{ test_net_name }} - IPS' + # mode: prevention + # ids_rulesets: security + # protected_networks: + # use_default: true + # included_cidr: + # - 192.0.1.0/24 + # excluded_cidr: + # - 10.0.1.0/24 + # delegate_to: localhost + # register: full_idempotent + + # - ansible.builtin.debug: + # var: full_idempotent + + # - ansible.builtin.assert: + # that: + # - full_idempotent is not changed + # - full_idempotent.data.mode is defined + + - name: Query IPS info for network + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: query + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + register: query_net + + - name: Assert query_net + ansible.builtin.assert: + that: + - query_net is defined + + - name: Test use_default error with included_cidr + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + ids_rulesets: security + protected_networks: + use_default: false + excluded_cidr: + - 10.0.1.0/24 + check_mode: true + register: included_missing + ignore_errors: true + + - name: Assert included_missing + ansible.builtin.assert: + that: + - 'included_missing.msg == "included_cidr is required when use_default is False."' + + - name: Test use_default error with included_cidr + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + mode: prevention + ids_rulesets: security + protected_networks: + use_default: false + included_cidr: + - 10.0.1.0/24 + check_mode: true + register: excluded_missing + ignore_errors: true + + - name: Assert excluded_missing + ansible.builtin.assert: + that: + - 'excluded_missing.msg == "excluded_cidr is required when use_default is False."' + + # ############################################################################# + # # Tear down starts here + # ############################################################################# + always: + - name: Delete network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" + register: delete_net + + - name: Clear rules from organization with check mode + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + allowed_rules: [] + check_mode: true + register: cleared + + - name: Assert cleared + ansible.builtin.assert: + that: + - cleared is changed + - cleared.data is defined + + - name: Clear rules from organization + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + allowed_rules: [] + - name: Clear rules from organization with idempotency + cisco.meraki.meraki_mx_intrusion_prevention: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + allowed_rules: [] + register: del_idempotent + + - name: Assert del_idempotent + ansible.builtin.assert: + that: + - del_idempotent is not changed + - del_idempotent.data is defined + + - name: Delete test network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }} - IPS" diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l2_interface/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l2_interface/tasks/main.yml new file mode 100644 index 000000000..36b7a2fb2 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l2_interface/tasks/main.yml @@ -0,0 +1,161 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create network with type appliance + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + type: appliance + timezone: America/Chicago + delegate_to: localhost + register: create_net + + - name: Claim a device into a network + cisco.meraki.meraki_device: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + serial: "{{ serial_appliance }}" + state: present + delegate_to: localhost + + - name: Enable VLAN support on appliance network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + enable_vlans: true + delegate_to: localhost + + - name: Create a VLAN + cisco.meraki.meraki_mx_vlan: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: present + vlan_id: 10 + name: TestVLAN + subnet: 192.0.10.0/24 + appliance_ip: 192.0.10.1 + delegate_to: localhost + + - name: Query layer 2 interface settings + cisco.meraki.meraki_mx_l2_interface: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: query + delegate_to: localhost + register: query_all + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data is defined + + - name: Query a single layer 2 interface settings + cisco.meraki.meraki_mx_l2_interface: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: query + number: 2 + delegate_to: localhost + register: query_one + + - name: Assert query_one + ansible.builtin.assert: + that: + - query_one.data is defined + + - name: Update interface configuration with check mode + cisco.meraki.meraki_mx_l2_interface: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: present + number: 2 + port_type: access + vlan: 10 + delegate_to: localhost + register: update_check + check_mode: true + + - name: Debug update_check + ansible.builtin.debug: + var: update_check + + - name: Assert update_check + ansible.builtin.assert: + that: + - update_check.data is defined + - update_check.data.vlan == 10 + - update_check is changed + + - name: Update interface configuration + cisco.meraki.meraki_mx_l2_interface: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: present + number: 2 + port_type: access + vlan: 10 + delegate_to: localhost + register: update + + - name: Assert update + ansible.builtin.assert: + that: + - update.diff is defined + - update.data is defined + - update.data.vlan == 10 + - update is changed + + - name: Update interface configuration with idempotency + cisco.meraki.meraki_mx_l2_interface: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + state: present + number: 2 + port_type: access + vlan: 10 + delegate_to: localhost + register: update_idempotent + + - name: Assert update_idempotent + ansible.builtin.assert: + that: + - update_idempotent.data is defined + - update_idempotent.data.vlan == 10 + - update_idempotent is not changed + + ############################################################################# + # Tear down starts here + ############################################################################# + + always: + - name: Remove device from network + cisco.meraki.meraki_device: + auth_key: "{{ auth_key }}" + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + serial: "{{ serial_appliance }}" + state: absent + delegate_to: localhost + + - name: Delete network + cisco.meraki.meraki_network: + auth_key: "{{ auth_key }}" + state: absent + org_name: "{{ test_org_name }}" + net_name: "{{ test_appliance_net_name }}" + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/tasks/main.yml new file mode 100644 index 000000000..c8dbd1718 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l3_firewall/tasks/main.yml @@ -0,0 +1,369 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create network + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + type: appliance + delegate_to: localhost + + - name: Query firewall rules + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: query + delegate_to: localhost + register: query + + - assert: + that: + - query.data|length == 1 + + - name: Check rule values are lowercase + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: query + delegate_to: localhost + register: query + + - assert: + that: + - query.data.rules.0.policy == 'allow' + - query.data.rules.0.protocol == 'any' + - query.data.rules.0.src_port == 'any' + - query.data.rules.0.src_cidr == 'any' + - query.data.rules.0.dest_port == 'any' + - query.data.rules.0.dest_cidr == 'any' + + - name: Set one firewall rule with check mode + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + check_mode: yes + register: create_one_check + + - debug: + var: create_one_check + + - assert: + that: + - create_one_check.data|length == 2 + - create_one_check.data.0.dest_cidr == '192.0.1.1/32' + - create_one_check.data.0.protocol == 'tcp' + - create_one_check.data.0.policy == 'deny' + - create_one_check is changed + - create_one_check.data is defined + + - name: Set one firewall rule + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_id: '{{test_org_id}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: create_one + + - debug: + var: create_one + + - assert: + that: + - create_one.data.rules|length == 2 + - create_one.data.rules.0.dest_cidr == '192.0.1.1/32' + - create_one.data.rules.0.protocol == 'tcp' + - create_one.data.rules.0.policy == 'deny' + - create_one.changed == True + - create_one.data is defined + + - name: Check for idempotency + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: create_one_idempotent + + - debug: + msg: '{{create_one_idempotent}}' + + - assert: + that: + - create_one_idempotent.changed == False + - create_one_idempotent.data is defined + + - name: Update one existing rule + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny all documentation addresses + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32,192.0.1.2/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: update_one + + - debug: + msg: '{{update_one}}' + + - assert: + that: + - update_one.changed == True + - update_one.data is defined + + - name: Create syslog in network + meraki_syslog: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + servers: + - host: 192.0.2.10 + port: 514 + roles: + - Appliance event log + - Flows + delegate_to: localhost + + - name: Enable syslog for default rule with check mode + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: yes + delegate_to: localhost + check_mode: yes + register: default_syslog_check + + - debug: + msg: '{{default_syslog_check}}' + + - assert: + that: + - default_syslog_check.data is defined + - default_syslog_check.data.1.syslog_enabled == True + + + - name: Enable syslog for default rule + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: yes + delegate_to: localhost + register: default_syslog + + - debug: + msg: '{{default_syslog}}' + + - assert: + that: + - default_syslog.data is defined + + - name: Set protocol to any for idempotency check + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: any + src_cidr: any + dest_port: any + dest_cidr: 192.0.1.1/32 + protocol: any + policy: deny + delegate_to: localhost + + - name: Check for protocol any idempotency + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: any + src_cidr: any + dest_port: any + dest_cidr: 192.0.1.1/32 + protocol: any + policy: deny + delegate_to: localhost + register: any_idempotency + + - assert: + that: + - any_idempotency is not changed + + - name: Query firewall rules + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: query + delegate_to: localhost + register: query + + - assert: + that: + - query.data.rules.1.syslog_enabled == True + - default_syslog.changed == True + + - name: Disable syslog for default rule + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: no + delegate_to: localhost + register: disable_syslog + + - debug: + msg: '{{disable_syslog}}' + + - assert: + that: + - disable_syslog.data is defined + + - name: Query firewall rules + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: query + delegate_to: localhost + register: query + + - debug: + msg: '{{query}}' + + - name: Enable syslog for default rule with no rules and with check mode + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + syslog_default_rule: yes + delegate_to: localhost + check_mode: yes + register: enable_syslog_only_check + + - debug: + msg: '{{enable_syslog_only_check}}' + + - assert: + that: + - enable_syslog_only_check.data.rules.1.syslog_enabled == True + - enable_syslog_only_check is changed + + - name: Query firewall rules + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: query + delegate_to: localhost + register: query + + - debug: + msg: '{{query.data.rules.1}}' + + - assert: + that: + - query.data.rules.1.syslog_enabled == False + - disable_syslog.changed == True + + always: + - name: Delete all firewall rules + meraki_mx_l3_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: [] + delegate_to: localhost + register: delete_all + + - name: Delete network + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: absent + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/aliases new file mode 100644 index 000000000..06fe32bc6 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/aliases @@ -0,0 +1,2 @@ +unsupported + diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/main.yml new file mode 100644 index 000000000..bb4c6fc59 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local
\ No newline at end of file diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/tests.yml new file mode 100644 index 000000000..875f24520 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_l7_firewall/tasks/tests.yml @@ -0,0 +1,524 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + # - name: Test an API key is provided + # fail: + # msg: Please define an API key + # when: auth_key is not defined + + # - name: Create network + # meraki_network: + # auth_key: '{{ auth_key }}' + # org_name: '{{test_org_name}}' + # net_name: TestNetAppliance + # state: present + # type: appliance + + # - name: Query firewall rules + # meraki_mx_l7_firewall: + # auth_key: '{{ auth_key }}' + # org_name: '{{test_org_name}}' + # net_name: TestNetAppliance + # state: query + # register: query + + # - assert: + # that: + # - query.data is defined + + # - name: Query firewall application categories + # meraki_mx_l7_firewall: + # auth_key: '{{ auth_key }}' + # org_name: '{{test_org_name}}' + # net_name: TestNetAppliance + # state: query + # categories: yes + # register: query_categories + + # - assert: + # that: + # - query_categories.data is defined + + # - name: Set firewall rules to empty array + # meraki_mx_l7_firewall: + # auth_key: '{{ auth_key }}' + # org_name: '{{test_org_name}}' + # net_name: TestNetAppliance + # state: present + # rules: [] + # register: empty_list + + # - debug: + # var: empty_list + + # - assert: + # that: + # - empty_list.data.rules | length == 0 + + - name: Set firewall rules to empty array with idempotency + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: [] + register: empty_list_idempotent + + - debug: + var: empty_list_idempotent + + - assert: + that: + - empty_list_idempotent.data.rules | length == 0 + - empty_list_idempotent is not changed + + - name: Create firewall rule for IP range in check mode + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_check + check_mode: yes + + - debug: + var: create_ip_range_check + + - assert: + that: + - create_ip_range_check is changed + + - name: Create firewall rule for IP range + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range + + - debug: + var: create_ip_range + + - assert: + that: + - create_ip_range is changed + - create_ip_range.data.rules | length == 1 + + - name: Create firewall rule for IP range with idempotency with check mode + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent_check + check_mode: yes + + - assert: + that: + - create_ip_range_idempotent_check is not changed + + - name: Create firewall rule for IP range with idempotency + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent + + - assert: + that: + - create_ip_range_idempotent is not changed + + - name: Create firewall rule for IP and port + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.1:23 + register: create_ip_range_port + + - debug: + var: create_ip_range_port + + - assert: + that: + - create_ip_range_port is changed + + - name: Create firewall rule for IP range + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range + + - debug: + var: create_ip_range + + - assert: + that: + - create_ip_range is changed + - create_ip_range.data.rules | length == 1 + + - name: Create firewall rule for IP range with idempotency with check mode + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent_check + check_mode: yes + + - assert: + that: + - create_ip_range_idempotent_check is not changed + + - name: Create firewall rule for IP range with idempotency + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: ip_range + ip_range: 10.11.12.0/24 + register: create_ip_range_idempotent + + - assert: + that: + - create_ip_range_idempotent is not changed + + - name: Create firewall rule for application + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application + application: + name: facebook + register: application_rule + + - assert: + that: + - application_rule is changed + - application_rule.data.rules is defined + + - name: Create firewall rule for application via ID + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application + application: + id: meraki:layer7/application/205 + register: application_rule_id + + - assert: + that: + - application_rule_id is changed + + - name: Create firewall rule for invalid application + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application + application: + name: ansible + register: application_rule_invalid + ignore_errors: yes + + - name: Create firewall rule for application category + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application_category + application: + name: Advertising + register: application_category_rule + + - debug: + var: application_category_rule + + - assert: + that: + - application_category_rule is changed + + - name: Create firewall rule for application category with ID and conflict + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application_category + application: + id: meraki:layer7/category/27 + register: application_category_rule_id_conflict + + - assert: + that: + - application_category_rule_id_conflict is not changed + + - name: Create firewall rule for application category with ID + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application_category + application: + id: meraki:layer7/category/24 + register: application_category_rule_id + + - assert: + that: + - application_category_rule_id is changed + + - name: Create firewall rule for host + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: host + host: asdf.com + register: host_rule + + - assert: + that: + - host_rule is changed + + - name: Create firewall rule for port + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: port + port: 1234 + register: port_rule + + - assert: + that: + - port_rule is changed + + - name: Create firewall rule for denied countries + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: blocked_countries + countries: + - CA + - AX + register: blocked_countries + + - assert: + that: + - blocked_countries is changed + + - name: Create firewall rule for allowed countries + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: blocked_countries + countries: + - US + - FR + register: allowed_countries + + - assert: + that: + - allowed_countries is changed + + - name: Create firewall rule for allowed countries with idempotency + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: blocked_countries + countries: + - US + - FR + register: allowed_countries_idempotent + + - assert: + that: + - allowed_countries_idempotent is not changed + + - name: Create multiple firewall rules + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application_category + application: + id: meraki:layer7/category/27 + - type: blocked_countries + countries: + - CN + - policy: deny + type: port + port: 8080 + register: multiple_rules + + - debug: + var: multiple_rules + + - assert: + that: + - multiple_rules.data.rules | length == 3 + - multiple_rules is changed + + ######################################### + ## Tests for argument completeness ## + ######################################### + + - name: Test blocked_countries incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: blocked_countries + register: error_allowed + ignore_errors: yes + + - assert: + that: + - 'error_allowed.msg == "countries argument is required when type is blocked_countries."' + + - name: Test blocked_countries incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: blocked_countries + register: error_denied + ignore_errors: yes + + - assert: + that: + - 'error_denied.msg == "countries argument is required when type is blocked_countries."' + + - name: Test application_category incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application_category + register: error_app_cat + ignore_errors: yes + + - assert: + that: + - 'error_app_cat.msg == "application argument is required when type is application_category."' + + - name: Test application incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: application + register: error_app_cat + ignore_errors: yes + + - assert: + that: + - 'error_app_cat.msg == "application argument is required when type is application."' + + - name: Test host incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: host + register: error_app_cat + ignore_errors: yes + + - assert: + that: + - 'error_app_cat.msg == "host argument is required when type is host."' + + - name: Test port incomplete arguments + meraki_mx_l7_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + rules: + - type: port + register: error_app_cat + ignore_errors: yes + + - assert: + that: + - 'error_app_cat.msg == "port argument is required when type is port."' + + ################# + ## Cleanup ## + ################# + + # always: + # - name: Delete network + # meraki_network: + # auth_key: '{{ auth_key }}' + # org_name: '{{test_org_name}}' + # net_name: TestNetAppliance + # state: absent + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/tasks/main.yml new file mode 100644 index 000000000..bab98cd0c --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_malware/tasks/main.yml @@ -0,0 +1,253 @@ +# Test code for the Meraki VLAN module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + meraki_network: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + type: appliance + delegate_to: localhost + register: net + + - set_fact: + net_id: '{{net.data.id}}' + + - name: Enable malware protection with check mode + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + delegate_to: localhost + check_mode: yes + register: get_malware_check + + - assert: + that: + - get_malware_check is changed + - get_malware_check.data is defined + + - name: Enable malware protection + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + delegate_to: localhost + register: get_malware + + - debug: + var: get_malware + + - assert: + that: + - get_malware is changed + - get_malware.data.mode is defined + + - name: Enable malware protection with idempotency + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + delegate_to: localhost + register: get_malware_idempotent + + - debug: + var: get_malware_idempotent + + - assert: + that: + - get_malware_idempotent is not changed + - get_malware_idempotent.data is defined + + - name: Test error when mode is not set + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + allowed_files: + - sha256: e82c5f7d75004727e1f3b94426b9a11c8bc4c312a9170ac9a73abace40aef503 + comment: random zip + delegate_to: localhost + register: test_mode_err + ignore_errors: yes + + - assert: + that: + - test_mode_err.msg == "mode must be set when allowed_files or allowed_urls is set." + + - name: Set whitelisted file with check mode + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + allowed_files: + - sha256: e82c5f7d75004727e1f3b94426b9a11c8bc4c312a9170ac9a73abace40aef503 + comment: random zip + delegate_to: localhost + check_mode: yes + register: set_file_check + + - debug: + var: + set_file_check + + - assert: + that: + - set_file_check is changed + - set_file_check.data is defined + + - name: Set whitelisted file + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + mode: enabled + allowed_files: + - sha256: e82c5f7d75004727e1f3b94426b9a11c8bc4c312a9170ac9a73abace40aef503 + comment: random zip + delegate_to: localhost + register: set_file + + - debug: + var: set_file + + - assert: + that: + - set_file is changed + - set_file.data.mode is defined + + - name: Set whitelisted file with idempotency + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + allowed_files: + - sha256: e82c5f7d75004727e1f3b94426b9a11c8bc4c312a9170ac9a73abace40aef503 + comment: random zip + delegate_to: localhost + register: set_file_idempotent + + - debug: + var: set_file_idempotent + + - assert: + that: + - set_file_idempotent is not changed + - set_file_idempotent.data is defined + + - name: Set whitelisted url with check mode + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + allowed_urls: + - url: www.ansible.com + comment: Ansible + - url: www.google.com + comment: Google + delegate_to: localhost + check_mode: yes + register: set_url_check + + - debug: + var: + set_url_check + + - assert: + that: + - set_url_check is changed + - set_url_check.data is defined + + - name: Set whitelisted url + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + allowed_urls: + - url: www.ansible.com + comment: Ansible + - url: www.google.com + comment: Google + delegate_to: localhost + register: set_url + + - debug: + var: set_url + + - assert: + that: + - set_url is changed + - set_url.data.mode is defined + + - name: Set whitelisted url with idempotency + meraki_malware: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + mode: enabled + allowed_urls: + - url: www.ansible.com + comment: Ansible + - url: www.google.com + comment: Google + delegate_to: localhost + register: set_url_idempotent + + - debug: + var: set_url_idempotent + + - assert: + that: + - set_url_idempotent is not changed + - set_url_idempotent.data is defined + + - name: Get malware settings + meraki_malware: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + delegate_to: localhost + register: get_malware + + - assert: + that: + - get_malware.data is defined + + ############################################################################# + # Tear down starts here + ############################################################################# + always: + - name: Delete test network + meraki_network: + auth_key: '{{auth_key}}' + state: absent + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Malware' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/main.yml new file mode 100644 index 000000000..721a93007 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/tests.yml new file mode 100644 index 000000000..11193d135 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_nat/tasks/tests.yml @@ -0,0 +1,363 @@ +# Test code for the Meraki NAT module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create test network + meraki_network: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + type: appliance + + - name: Create 1:1 rule with check mode + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_one: + - name: Service behind NAT + public_ip: 1.2.1.2 + lan_ip: 192.168.128.1 + uplink: internet1 + allowed_inbound: + - protocol: tcp + destination_ports: + - 80 + allowed_ips: + - 10.10.10.10 + register: create_one_one_check + check_mode: yes + + - debug: + var: create_one_one_check + + - assert: + that: + - create_one_one_check is changed + + - name: Create 1:1 rule + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_one: + - name: Service behind NAT + public_ip: 1.2.1.2 + lan_ip: 192.168.128.1 + uplink: internet1 + allowed_inbound: + - protocol: tcp + destination_ports: + - 80 + allowed_ips: + - 10.10.10.10 + register: create_one_one + + - debug: + var: create_one_one + + - assert: + that: + - create_one_one is changed + + - name: Create 1:1 rule with idempotency + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_one: + - name: Service behind NAT + public_ip: 1.2.1.2 + lan_ip: 192.168.128.1 + uplink: internet1 + allowed_inbound: + - protocol: tcp + destination_ports: + - 80 + allowed_ips: + - 10.10.10.10 + register: create_one_one_idempotent + + - debug: + var: create_one_one_idempotent + + - assert: + that: + - create_one_one_idempotent is not changed + + - name: Create 1:many rule with check mode + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_many: + - public_ip: 1.1.1.1 + uplink: internet1 + port_rules: + - name: Test rule + protocol: tcp + public_port: 10 + local_ip: 192.168.128.1 + local_port: 11 + allowed_ips: + - any + register: create_one_many_check + check_mode: yes + + - debug: + var: create_one_many_check + + - assert: + that: + - create_one_many_check is changed + + - name: Create 1:many rule + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_many: + - public_ip: 1.1.1.1 + uplink: internet1 + port_rules: + - name: Test rule + protocol: tcp + public_port: 10 + local_ip: 192.168.128.1 + local_port: 11 + allowed_ips: + - any + register: create_one_many + + - debug: + var: create_one_many + + - assert: + that: + - create_one_many is changed + + - name: Create 1:many rule with idempotency + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + one_to_many: + - public_ip: 1.1.1.1 + uplink: internet1 + port_rules: + - name: Test rule + protocol: tcp + public_port: 10 + local_ip: 192.168.128.1 + local_port: 11 + allowed_ips: + - any + register: create_one_many_idempotent + + - debug: + var: create_one_many_idempotent + + - assert: + that: + - create_one_many_idempotent is not changed + + - name: Create port forwarding rule with check mode + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + port_forwarding: + - name: Test map + lan_ip: 192.168.128.1 + uplink: both + protocol: tcp + allowed_ips: + - 1.1.1.1 + public_port: 10 + local_port: 11 + register: create_pf_check + check_mode: yes + + - debug: + var: create_pf_check + + - assert: + that: + - create_pf_check is changed + + - name: Create port forwarding rule + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + port_forwarding: + - name: Test map + lan_ip: 192.168.128.1 + uplink: both + protocol: tcp + allowed_ips: + - 1.1.1.1 + public_port: 10 + local_port: 11 + register: create_pf + + - debug: + var: create_pf + + - assert: + that: + - create_pf is changed + + - name: Create port forwarding rule with idempotency + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + port_forwarding: + - name: Test map + lan_ip: 192.168.128.1 + uplink: both + protocol: tcp + allowed_ips: + - 1.1.1.1 + public_port: 10 + local_port: 11 + register: create_pf_idempotent + + - debug: + var: create_pf_idempotent + + - assert: + that: + - create_pf_idempotent is not changed + - create_pf_idempotent.data.port_forwarding is defined + + - name: Create multiple rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + port_forwarding: + - name: Test map + lan_ip: 192.168.128.1 + uplink: both + protocol: tcp + allowed_ips: + - 1.1.1.2 + public_port: 10 + local_port: 11 + one_to_many: + - public_ip: 1.1.1.3 + uplink: internet1 + port_rules: + - name: Test rule + protocol: tcp + public_port: 10 + local_ip: 192.168.128.1 + local_port: 11 + allowed_ips: + - any + register: create_multiple + + - debug: + var: create_multiple + + - assert: + that: + - create_multiple is changed + - create_multiple.data.one_to_many is defined + - create_multiple.data.port_forwarding is defined + + - assert: + that: + - create_multiple is changed + - create_multiple.data.one_to_many is defined + - create_multiple.data.port_forwarding is defined + - create_multiple.diff.before.one_to_many is defined + - create_multiple.diff.before.port_forwarding is defined + - create_multiple.diff.after.one_to_many is defined + - create_multiple.diff.after.port_forwarding is defined + + - name: Query all NAT rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + subset: all + register: query_all + + - debug: + var: query_all + + - name: Query 1:1 NAT rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + subset: '1:1' + register: query_1to1 + + - debug: + var: query_1to1 + + - name: Query 1:many NAT rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + subset: '1:many' + register: query_1tomany + + - debug: + var: query_1tomany + + - name: Query port forwarding rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + subset: port_forwarding + register: query_pf + + - debug: + var: query_pf + + - name: Query multiple rules + meraki_nat: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + subset: + - '1:1' + - '1:many' + register: query_multiple + + - debug: + var: query_multiple + + always: + - name: Delete test network + meraki_network: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: absent +
\ No newline at end of file diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/aliases new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/aliases diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/tasks/main.yml new file mode 100644 index 000000000..4fd4b863a --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_network_vlan_settings/tasks/main.yml @@ -0,0 +1,95 @@ +# Test code for the Meraki modules +# Copyright: (c) 2020, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create network with type appliance + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + type: appliance + timezone: America/Chicago + delegate_to: localhost + + - name: Get VLAN settings + meraki_mx_network_vlan_settings: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + delegate_to: localhost + register: query_all + + - debug: + var: query_all + + - name: Enable VLANs on network with check mode + meraki_mx_network_vlan_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + vlans_enabled: yes + delegate_to: localhost + register: enable_vlans_check + check_mode: yes + + - debug: + var: enable_vlans_check + + - assert: + that: + - enable_vlans_check is changed + - enable_vlans_check.data.vlans_enabled == true + + - name: Enable VLANs on network + meraki_mx_network_vlan_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + vlans_enabled: yes + delegate_to: localhost + register: enable_vlans + + - debug: + var: enable_vlans + + - assert: + that: + - enable_vlans is changed + - enable_vlans.data.vlans_enabled == true + + - name: Enable VLANs on network idempotent + meraki_mx_network_vlan_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + vlans_enabled: yes + delegate_to: localhost + register: enable_vlans_idempotent + + - debug: + var: enable_vlans_idempotent + + - assert: + that: + - enable_vlans_idempotent is not changed + - enable_vlans_idempotent.data.vlans_enabled == true + +############################################################################# +# Tear down starts here +############################################################################# + + always: + - name: Delete network + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/tasks/main.yml new file mode 100644 index 000000000..df0b91644 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_firewall/tasks/main.yml @@ -0,0 +1,306 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create network + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + type: appliance + delegate_to: localhost + + - name: Query firewall rules + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: query + delegate_to: localhost + register: query + + - debug: + var: query + + # - assert: + # that: + # - query.data|length == 1 + + - name: Set one firewall rule with check mode + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + check_mode: yes + register: create_one_check + + - debug: + var: create_one_check + + - assert: + that: + - create_one_check.data.rules|length == 2 + - create_one_check.data.rules.0.dest_cidr == '192.0.1.1/32' + - create_one_check.data.rules.0.protocol == 'tcp' + - create_one_check.data.rules.0.policy == 'deny' + - create_one_check is changed + - create_one_check.data is defined + + - name: Set one firewall rule + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: create_one + + - debug: + var: create_one + + - assert: + that: + - create_one.data.rules|length == 2 + - create_one.data.rules.0.dest_cidr == '192.0.1.1/32' + - create_one.data.rules.0.protocol == 'tcp' + - create_one.data.rules.0.policy == 'deny' + - create_one.changed == True + - create_one.data is defined + + - name: Check for idempotency + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: create_one_idempotent + + - debug: + msg: '{{create_one_idempotent}}' + + - assert: + that: + - create_one_idempotent.changed == False + - create_one_idempotent.data is defined + + - name: Update one existing rule + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny all documentation addresses + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32,192.0.1.2/32 + protocol: tcp + policy: deny + delegate_to: localhost + register: update_one + + - debug: + msg: '{{update_one}}' + + - assert: + that: + - update_one.changed == True + - update_one.data is defined + + - name: Create syslog in network + meraki_syslog: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: present + servers: + - host: 192.0.2.10 + port: 514 + roles: + - Appliance event log + - Flows + delegate_to: localhost + + - name: Enable syslog for default rule with check mode + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: yes + delegate_to: localhost + check_mode: yes + register: default_syslog_check + + - debug: + msg: '{{default_syslog_check}}' + + - assert: + that: + - default_syslog_check.data is defined + - default_syslog_check.data.rules.1.syslog_enabled == True + + - name: Enable syslog for default rule + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: yes + delegate_to: localhost + register: default_syslog + + - debug: + msg: '{{default_syslog}}' + + - assert: + that: + - default_syslog.data is defined + + - name: Query firewall rules + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: query + delegate_to: localhost + register: query + + - debug: + msg: '{{query.data.rules.1}}' + + - assert: + that: + - query.data.rules.1.syslog_enabled == True + - default_syslog.changed == True + + - name: Disable syslog for default rule + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: + - comment: Deny to documentation address + src_port: Any + src_cidr: Any + dest_port: 80,443 + dest_cidr: 192.0.1.1/32 + protocol: tcp + policy: deny + syslog_default_rule: no + delegate_to: localhost + register: disable_syslog + + - debug: + msg: '{{disable_syslog}}' + + - assert: + that: + - disable_syslog.data is defined + + - name: Query firewall rules + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: query + delegate_to: localhost + register: query + + - debug: + msg: '{{query}}' + + - name: Enable syslog for default rule with no rules and with check mode + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + syslog_default_rule: yes + delegate_to: localhost + check_mode: yes + register: enable_syslog_only_check + + - debug: + msg: '{{enable_syslog_only_check}}' + + - assert: + that: + - enable_syslog_only_check.data.rules.1.syslog_enabled == True + - enable_syslog_only_check is changed + + - name: Query firewall rules + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: query + delegate_to: localhost + register: query + + - debug: + msg: '{{query.data.rules.1}}' + + - assert: + that: + - query.data.rules.1.syslog_enabled == False + - disable_syslog.changed == True + + always: + - name: Delete all firewall rules + meraki_mx_site_to_site_firewall: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + state: present + rules: [] + delegate_to: localhost + register: delete_all + + - name: Delete network + meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{test_org_name}}' + net_name: TestNetAppliance + state: absent + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/tasks/main.yml new file mode 100644 index 000000000..514100c0c --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_site_to_site_vpn/tasks/main.yml @@ -0,0 +1,188 @@ +# Test code for the Meraki Admin module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + + - name: Create hub network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + type: appliance + delegate_to: localhost + register: net_hub + + - name: Create spoke network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_spoke' + type: appliance + delegate_to: localhost + register: net_spoke + + - set_fact: + net_spoke_id: '{{net_spoke.data.id}}' + net_hub_id: '{{net_hub.data.id}}' + + + - name: Set hub mode in check mode + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + mode: hub + subnets: + - local_subnet: '192.168.129.0/24' + use_vpn: no + delegate_to: localhost + register: set_hub_check + check_mode: true + + - assert: + that: + - set_hub_check is changed + - set_hub_check.data is defined + + - name: Set hub mode in check mode + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + delegate_to: localhost + register: query_result + + - debug: + var: query_result + + - name: Assert check mode made no changes + ansible.builtin.assert: + that: + - query_result.data.subnets[0].local_subnet == "192.168.128.0/24" + + - name: Create static_route + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + name: Test Route + subnet: 192.0.1.0/24 + gateway_ip: 192.168.128.1 + delegate_to: localhost + + - name: Set hub mode + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + mode: hub + subnets: + - local_subnet: '192.0.1.0/24' + use_vpn: no + delegate_to: localhost + register: set_hub + + - assert: + that: + - set_hub is changed + - set_hub.data is defined + + - name: Set hub mode with idempotency + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + mode: hub + delegate_to: localhost + register: set_hub_idempotent + + - assert: + that: + - set_hub_idempotent is not changed + - set_hub_idempotent.data is defined + + - name: Enable subnet on hub network + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + mode: hub + subnets: + - local_subnet: '192.168.128.0/24' + use_vpn: yes + delegate_to: localhost + register: enable_hub_subnet + + - assert: + that: + - enable_hub_subnet is changed + - enable_hub_subnet.data is defined + + - name: Set spoke mode + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_spoke' + mode: spoke + hubs: + - hub_id: '{{net_hub_id}}' + use_default_route: false + delegate_to: localhost + register: set_spoke + + - debug: + var: set_spoke + + - name: Set spoke configuration + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_spoke' + mode: spoke + hubs: + - hub_id: '{{net_hub_id}}' + use_default_route: false + subnets: + - local_subnet: '192.168.169.0/24' + use_vpn: true + delegate_to: localhost + register: set_spoke + + - debug: + var: set_spoke + + - name: Query rules for hub + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_hub' + delegate_to: localhost + register: query_all_hub + + - debug: + var: query_all_hub + + - name: Query rules for spoke + meraki_site_to_site_vpn: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}_spoke' + delegate_to: localhost + register: query_all_spoke + + - debug: + var: query_all_spoke diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/tasks/main.yml new file mode 100644 index 000000000..ed902a3d1 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_static_route/meraki_static_route/tasks/main.yml @@ -0,0 +1,210 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create appliance network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + timezone: America/Chicago + type: appliance + delegate_to: localhost + register: net + + - name: Enable VLANs on network + meraki_mx_network_vlan_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + vlans_enabled: yes + delegate_to: localhost + + - set_fact: + net_id: '{{net.data.id}}' + + - name: Initialize static route id list + set_fact: + route_ids: [] + + - name: Create VLAN + meraki_mx_vlan: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + name: "Test VLAN" + vlan_id: 2 + subnet: "192.168.129.0/24" + appliance_ip: "192.168.129.2" + delegate_to: localhost + + - name: Create static_route + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + name: Test Route + subnet: 192.0.1.0/24 + gateway_ip: 192.168.128.1 + delegate_to: localhost + register: create_route + + - set_fact: + route_ids: "{{ route_ids + [create_route.data.id] }}" + + - name: Create static_route with idempotency + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + name: Test Route + subnet: 192.0.1.0/24 + gateway_ip: 192.168.128.1 + delegate_to: localhost + register: create_route_idempotent + + - assert: + that: + - create_route_idempotent is not changed + + - name: Create second static_route + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + name: Test Route 2 + subnet: 192.0.2.0/24 + gateway_ip: 192.168.128.1 + delegate_to: localhost + register: second_create + + - set_fact: + route_ids: "{{ route_ids + [second_create.data.id] }}" + + - assert: + that: + - create_route.changed == True + - create_route.data.id is defined + + - name: Update static route + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + route_id: '{{create_route.data.id}}' + subnet: 192.0.3.0/24 + enabled: yes + gateway_vlan_id: 1 + delegate_to: localhost + register: update + + - assert: + that: + - update is changed + - update.data.subnet == "192.0.3.0/24" + - update.data.gateway_vlan_id == 1 + + - name: Query static routes + meraki_static_route: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + delegate_to: localhost + register: query_all + + - debug: + var: query_all + + - assert: + that: + - query_all.data | length >= 2 + + - name: Update static route with idempotency + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + route_id: '{{create_route.data.id}}' + name: Test Route + gateway_ip: 192.168.128.1 + subnet: 192.0.3.0/24 + enabled: yes + delegate_to: localhost + register: update_idempotent + + - assert: + that: + - update_idempotent.changed == False + - update_idempotent.data is defined + + - name: Update static route with fixed IP assignment and reservation + meraki_static_route: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + route_id: '{{create_route.data.id}}' + fixed_ip_assignments: + - mac: aa:bb:cc:dd:ee:ff + ip: 192.0.3.11 + name: WebServer + reserved_ip_ranges: + - start: 192.168.3.2 + end: 192.168.3.10 + comment: Printers + delegate_to: localhost + register: fixed_ip + + - debug: + var: fixed_ip + + - assert: + that: + - fixed_ip.data.fixed_ip_assignments | length == 1 + - fixed_ip.data.reserved_ip_ranges | length == 1 + + + - name: Query single static route + meraki_static_route: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + route_id: '{{create_route.data.id}}' + delegate_to: localhost + register: query_one + + - assert: + that: + - query_one.data.name == "Test Route" + + - name: Delete static routes + meraki_static_route: + auth_key: '{{auth_key}}' + state: absent + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + route_id: '{{item}}' + delegate_to: localhost + loop: '{{route_ids}}' + register: delete_all + + always: + - name: Delete appliance network + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/tasks/main.yml new file mode 100644 index 000000000..9a08b473d --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_third_party_vpn_peers/tasks/main.yml @@ -0,0 +1,319 @@ +# Test code for the Meraki Third Party VPN Peer module +# Copyright: (c) 2022, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Query all VPN peers with no org_id or org_name + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: query + register: query_all + ignore_errors: yes + + - assert: + that: query_all.msg == "Organization must be specified via org_name or org_id" + + - name: Query all VPN peers + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + register: query_all + + - assert: + that: query_all.data.peers is defined + + - name: Add a VPN peer without name + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + register: create_one_no_name + ignore_errors: yes + + - assert: + that: create_one_no_name.msg == "Peer name must be specified" + + - name: Add a VPN peer with check mode + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + ipsec_policies_preset: default + register: create_one_check + check_mode: yes + + - debug: + var: create_one_check + + - assert: + that: + - create_one_check is changed + - create_one_check.data is defined + - create_one_check.data.peers.0.name == "Test peer" + - create_one_check.data.peers.0.public_ip == "198.51.100.1" + - create_one_check.data.peers.0.private_subnets.0 == "192.0.2.0/24" + - create_one_check.data.peers.0.ike_version == "2" + - create_one_check.data.peers.0.ipsec_policies_preset == "default" + + - name: Add a VPN peer + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + ipsec_policies_preset: default + register: create_one + + - assert: + that: + - create_one is changed + - create_one.data is defined + - create_one.data.peers.0.name == "Test peer" + - create_one.data.peers.0.public_ip == "198.51.100.1" + - create_one.data.peers.0.private_subnets.0 == "192.0.2.0/24" + - create_one.data.peers.0.ike_version == "2" + - create_one.data.peers.0.ipsec_policies_preset == "default" + + - name: Add a VPN peer with idempotency + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + ipsec_policies_preset: default + register: create_one_idempotent + + - assert: + that: + - create_one_idempotent is not changed + - create_one_idempotent.data is defined + - create_one_idempotent.data.peers.0.name == "Test peer" + - create_one_idempotent.data.peers.0.public_ip == "198.51.100.1" + - create_one_idempotent.data.peers.0.private_subnets.0 == "192.0.2.0/24" + - create_one_idempotent.data.peers.0.ike_version == "2" + - create_one_idempotent.data.peers.0.ipsec_policies_preset == "default" + + - name: Change peer to use network tags + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + network_tags: + - none + ipsec_policies_preset: default + register: add_network_tags + + - assert: + that: + - add_network_tags is changed + - add_network_tags.data.peers.0.network_tags.0 == "none" + + - name: Change peer to use network tags with idempotency + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + network_tags: + - none + ipsec_policies_preset: default + register: add_network_tags_idempotent + + - assert: + that: + - add_network_tags_idempotent is not changed + - add_network_tags_idempotent.data.peers.0.network_tags.0 == "none" + + + - name: Set IPsec policies + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + network_tags: + - none + remote_id: "192.0.2.0" + ipsec_policies: + child_lifetime: 600 + ike_lifetime: 600 + child_auth_algo: + - "md5" + child_cipher_algo: + - "tripledes" + - "aes192" + child_pfs_group: + - "disabled" + ike_auth_algo: + - "sha256" + ike_cipher_algo: + - "tripledes" + ike_diffie_hellman_group: + - "group2" + ike_prf_algo: + - "prfmd5" + register: set_ipsec_policies + + - assert: + that: + - set_ipsec_policies is changed + - set_ipsec_policies.data.peers.0.ipsec_policies.child_lifetime == 600 + - set_ipsec_policies.data.peers.0.ipsec_policies.ike_lifetime == 600 + - set_ipsec_policies.data.peers.0.ipsec_policies.child_auth_algo.0 == "md5" + - set_ipsec_policies.data.peers.0.ipsec_policies.child_cipher_algo.0 == "tripledes" + - set_ipsec_policies.data.peers.0.ipsec_policies.child_pfs_group.0 == "disabled" + - set_ipsec_policies.data.peers.0.ipsec_policies.ike_auth_algo.0 == "sha256" + - set_ipsec_policies.data.peers.0.ipsec_policies.ike_cipher_algo.0 == "tripledes" + - set_ipsec_policies.data.peers.0.ipsec_policies.ike_diffie_hellman_group.0 == "group2" + - set_ipsec_policies.data.peers.0.ipsec_policies.ike_prf_algo.0 == "prfmd5" + + - name: Set IPsec policies with idempotency + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + network_tags: + - none + remote_id: "192.0.2.0" + ipsec_policies: + child_lifetime: 600 + ike_lifetime: 600 + child_auth_algo: + - "md5" + child_cipher_algo: + - "tripledes" + - "aes192" + child_pfs_group: + - "disabled" + ike_auth_algo: + - "sha256" + ike_cipher_algo: + - "tripledes" + ike_diffie_hellman_group: + - "group2" + ike_prf_algo: + - "prfmd5" + register: set_ipsec_policies_idempotent + + - assert: + that: + - set_ipsec_policies_idempotent is not changed + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.child_lifetime == 600 + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.ike_lifetime == 600 + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.child_auth_algo.0 == "md5" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.child_cipher_algo.0 == "tripledes" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.child_pfs_group.0 == "disabled" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.ike_auth_algo.0 == "sha256" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.ike_cipher_algo.0 == "tripledes" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.ike_diffie_hellman_group.0 == "group2" + - set_ipsec_policies_idempotent.data.peers.0.ipsec_policies.ike_prf_algo.0 == "prfmd5" + + + - name: Add a second VPN peer + meraki_mx_third_party_vpn_peers: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + peers: + - name: "Test peer" + public_ip: "198.51.100.1" + secret: "s3cret" + private_subnets: + - "192.0.2.0/24" + ike_version: "2" + ipsec_policies_preset: default + - name: "Test peer 2" + public_ip: "198.51.100.2" + secret: "s3cret" + private_subnets: + - "192.0.3.0/24" + ike_version: "2" + ipsec_policies_preset: default + register: create_second + + - assert: + that: + - create_second is changed + - create_second.data.peers | length == 2 + - create_second.data is defined + - create_second.data.peers.0.name == "Test peer" + - create_second.data.peers.0.public_ip == "198.51.100.1" + - create_second.data.peers.0.private_subnets.0 == "192.0.2.0/24" + - create_second.data.peers.0.ike_version == "2" + - create_second.data.peers.0.ipsec_policies_preset == "default" + - create_second.data is defined + - create_second.data.peers.1.name == "Test peer 2" + - create_second.data.peers.1.public_ip == "198.51.100.2" + - create_second.data.peers.1.private_subnets.0 == "192.0.3.0/24" + - create_second.data.peers.1.ike_version == "2" + - create_second.data.peers.1.ipsec_policies_preset == "default" + + ############################################################################# + # Tear down starts here + ############################################################################# + # always: + # - name: Delete test network + # meraki_network: + # auth_key: '{{auth_key}}' + # state: absent + # org_name: '{{test_org_name}}' + # net_name: '{{test_net_name}}' + # delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/tasks/main.yml new file mode 100644 index 000000000..1e055256b --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_uplink_bandwidth/tasks/main.yml @@ -0,0 +1,125 @@ +# Test code for the Meraki MX Uplink module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + meraki_network: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + type: appliance + delegate_to: localhost + + - name: Set MX uplink settings with check mode + meraki_mx_uplink: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + wan1: + bandwidth_limits: + limit_down: 1000000 + limit_up: 100 + cellular: + bandwidth_limits: + limit_down: 0 + limit_up: 0 + delegate_to: localhost + register: set_bw_check + check_mode: yes + + - debug: + var: set_bw_check + + - assert: + that: + - set_bw_check is changed + - set_bw_check.data is defined + - set_bw_check.diff is defined + + - name: Set MX uplink settings + meraki_mx_uplink_bandwidth: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + wan1: + bandwidth_limits: + limit_down: 1000000 + limit_up: 1000 + cellular: + bandwidth_limits: + limit_down: 0 + limit_up: 0 + delegate_to: localhost + register: set_bw + + - debug: + var: set_bw + + - assert: + that: + - set_bw is changed + - set_bw.data is defined + + - name: Set MX uplink settings with idempotency + meraki_mx_uplink_bandwidth: + auth_key: '{{auth_key}}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + wan1: + bandwidth_limits: + limit_down: 1000000 + limit_up: 1000 + cellular: + bandwidth_limits: + limit_down: 0 + limit_up: 0 + delegate_to: localhost + register: set_bw_idempotent + + - debug: + var: set_bw_idempotent + + - assert: + that: + - set_bw_idempotent is not changed + - set_bw_idempotent.data is defined + + - name: Query MX uplink settings + meraki_mx_uplink: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + delegate_to: localhost + register: query_all + + - debug: + var: query_all + + - assert: + that: + - query_all.data is defined + + always: + ############################################################################# + # Tear down starts here + ############################################################################# + + - name: Delete test network + meraki_network: + auth_key: '{{auth_key}}' + state: absent + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}} - Uplink' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/tasks/main.yml new file mode 100644 index 000000000..13c36564e --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_mx_vlan/tasks/main.yml @@ -0,0 +1,475 @@ +# Test code for the Meraki VLAN module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + meraki_network: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_name: '{{test_net_name}}' + type: appliance + delegate_to: localhost + register: new_net + + - set_fact: + test_net_id: '{{ new_net.data.id }}' + + - name: Enable VLANs on network + meraki_network: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + enable_vlans: yes + delegate_to: localhost + + - name: Create VLAN in check mode + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.1 + delegate_to: localhost + register: create_vlan_check + check_mode: yes + + - debug: + var: create_vlan_check + + - assert: + that: + - create_vlan_check is changed + + - name: Create VLAN + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.1 + delegate_to: localhost + register: create_vlan + environment: + ANSIBLE_MERAKI_FORMAT: camelcase + + - debug: + msg: '{{create_vlan}}' + + - assert: + that: + - create_vlan.data.id == 2 + - create_vlan.changed == True + - create_vlan.data.networkId is defined + + - name: Update VLAN with check mode + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_check + check_mode: yes + + - debug: + var: update_vlan_check + + - assert: + that: + - update_vlan_check is changed + + - name: Update VLAN + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan + + - debug: + msg: '{{update_vlan}}' + + - assert: + that: + - update_vlan.data.appliance_ip == '192.168.250.2' + - update_vlan.changed == True + + - name: Update VLAN with idempotency and check mode + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_idempotent_check + check_mode: yes + + - debug: + var: update_vlan_idempotent_check + + - assert: + that: + - update_vlan_idempotent_check is not changed + + - name: Update VLAN with idempotency + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_idempotent + + - debug: + msg: '{{update_vlan_idempotent}}' + + - assert: + that: + - update_vlan_idempotent.changed == False + - update_vlan_idempotent.data is defined + + - name: Add IP assignments and reserved IP ranges + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + - mac: "12:34:56:78:90:12" + ip: 192.168.250.11 + name: another_fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + - start: 192.168.250.100 + end: 192.168.250.120 + comment: reserved_range_high + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_add_ip + + - debug: + msg: '{{update_vlan_add_ip}}' + + - assert: + that: + - update_vlan_add_ip.changed == True + - update_vlan_add_ip.data.fixed_ip_assignments | length == 2 + - update_vlan_add_ip.data.reserved_ip_ranges | length == 2 + + - name: Remove IP assignments and reserved IP ranges + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_remove_ip + + - debug: + msg: '{{update_vlan_remove_ip}}' + + - assert: + that: + - update_vlan_remove_ip.changed == True + - update_vlan_remove_ip.data.fixed_ip_assignments | length == 1 + - update_vlan_remove_ip.data.reserved_ip_ranges | length == 1 + + - name: Update VLAN with idempotency + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: opendns + delegate_to: localhost + register: update_vlan_idempotent + + - debug: + msg: '{{update_vlan_idempotent}}' + + - assert: + that: + - update_vlan_idempotent.changed == False + - update_vlan_idempotent.data is defined + + - name: Update VLAN with list of DNS entries + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + fixed_ip_assignments: + - mac: "13:37:de:ad:be:ef" + ip: 192.168.250.10 + name: fixed_ip + reserved_ip_range: + - start: 192.168.250.10 + end: 192.168.250.20 + comment: reserved_range + dns_nameservers: 1.1.1.1;8.8.8.8 + delegate_to: localhost + register: update_vlan_dns_list + + - debug: + msg: '{{update_vlan_dns_list}}' + + - assert: + that: + - '"1.1.1.1" in update_vlan_dns_list.data.dns_nameservers' + - update_vlan_dns_list.changed == True + + - name: Enable DHCP Relay on VLAN + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + dhcp_handling: relay + dhcp_relay_server_ips: + - 192.168.100.1 + delegate_to: localhost + register: enable_relay + + - debug: + var: enable_relay + + - assert: + that: + - enable_relay is changed + - enable_relay.data.dhcp_handling == 'Relay DHCP to another server' + - enable_relay.data.dhcp_relay_server_ips[0] == '192.168.100.1' + + - name: Enable DHCP on VLAN + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + dhcp_handling: server + delegate_to: localhost + register: enable_dhcp + + - debug: + var: enable_dhcp + + - assert: + that: + - enable_dhcp is changed + - enable_dhcp.data.dhcp_handling == 'Run a DHCP server' + + - name: Enable DHCP on VLAN with options + meraki_vlan: + auth_key: '{{auth_key}}' + state: present + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + name: TestVLAN + subnet: 192.168.250.0/24 + appliance_ip: 192.168.250.2 + dhcp_handling: server + dhcp_lease_time: 1 hour + dhcp_boot_options_enabled: false + dhcp_options: + - code: 5 + type: ip + value: 192.0.1.1 + delegate_to: localhost + register: enable_dhcp_options + + - assert: + that: + - enable_dhcp_options is changed + - enable_dhcp_options.data.dhcp_handling == 'Run a DHCP server' + - enable_dhcp_options.data.dhcp_options.0.code == '5' + + - name: Query all VLANs in network + meraki_vlan: + auth_key: '{{ auth_key }}' + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + state: query + delegate_to: localhost + register: query_vlans + + - debug: + msg: '{{query_vlans}}' + + - assert: + that: + - query_vlans.data | length >= 2 + - query_vlans.data.1.id == 2 + - query_vlans.changed == False + + - name: Query single VLAN + meraki_vlan: + auth_key: '{{ auth_key }}' + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + state: query + output_level: debug + delegate_to: localhost + register: query_vlan + + - debug: + msg: '{{query_vlan}}' + + - assert: + that: + - query_vlan.data.id == 2 + - query_vlan.changed == False + + always: + ############################################################################# + # Tear down starts here + ############################################################################# + - name: Delete VLAN with check mode + meraki_vlan: + auth_key: '{{auth_key}}' + state: absent + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + delegate_to: localhost + register: delete_vlan_check + check_mode: yes + + - assert: + that: + delete_vlan_check is changed + + - name: Delete VLAN + meraki_vlan: + auth_key: '{{auth_key}}' + state: absent + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + vlan_id: 2 + delegate_to: localhost + register: delete_vlan + + - debug: + msg: '{{delete_vlan}}' + + - name: Delete test network + meraki_network: + auth_key: '{{auth_key}}' + state: absent + org_id: '{{test_org_id}}' + net_id: '{{test_net_id}}' + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/tasks/main.yml new file mode 100644 index 000000000..cc078952f --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network/tasks/main.yml @@ -0,0 +1,550 @@ +# Test code for the Meraki modules +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create network without type + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetwork + timezone: America/Chicago + delegate_to: localhost + register: create_net_no_type + ignore_errors: yes + + - assert: + that: + - create_net_no_type.msg == 'type parameter is required when creating a network.' + + - name: Create network without organization + meraki_network: + auth_key: '{{ auth_key }}' + state: present + net_name: IntTestNetwork + timezone: America/Chicago + delegate_to: localhost + register: create_net_no_org + ignore_errors: yes + + - name: Create network with type switch with check mode + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + type: switch + timezone: America/Chicago + delegate_to: localhost + check_mode: yes + register: create_net_switch_check + + - assert: + that: + - create_net_switch_check is changed + - create_net_switch_check.data is defined + - create_net_switch_check.data.organization_id == "{{test_org_id |string}}" + + - name: Create network with type switch + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - set_fact: + switch_net_id: '{{ create_net_switch.data.id }}' + + - name: Copy network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitchCopied + type: switch + copy_from_network_id: '{{ switch_net_id }}' + delegate_to: localhost + register: copy_from_net_id + + - assert: + that: + - copy_from_net_id is defined + - copy_from_net_id is changed + - copy_from_net_id.data.id != create_net_switch.data.id + + - name: Create network with type switch by org ID + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_id: '{{test_org_id}}' + net_name: IntTestNetworkSwitchOrgID + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch_org_id + + - name: Create network with type appliance and no timezone + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkAppliance + type: appliance + delegate_to: localhost + register: create_net_appliance_no_tz + + - name: Enable VLAN support on appliance network with check mode + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + enable_vlans: yes + delegate_to: localhost + check_mode: yes + register: enable_vlan_check + + - assert: + that: + - enable_vlan_check.data.vlans_enabled == True + - enable_vlan_check is changed + + - name: Enable VLAN support on appliance network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + enable_vlans: yes + delegate_to: localhost + register: enable_vlan + + - assert: + that: + - enable_vlan.data.vlans_enabled == True + + - name: Enable VLAN support on appliance network with idempotency + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + enable_vlans: yes + delegate_to: localhost + register: enable_vlan_idempotent + + - assert: + that: + - enable_vlan_idempotent is not changed + - enable_vlan_idempotent.data is defined + + - name: Disable VLAN support on appliance network + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + enable_vlans: no + delegate_to: localhost + register: disable_vlan + + - assert: + that: + - disable_vlan.data.vlans_enabled == False + + - name: Disable VLAN support on appliance network with idempotency + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + enable_vlans: no + delegate_to: localhost + register: disable_vlan_idempotent + + - assert: + that: + - disable_vlan_idempotent is not changed + - disable_vlan_idempotent.data is defined + + - name: Change local page settings with check mode + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + local_status_page_enabled: False + delegate_to: localhost + check_mode: True + register: disable_local_page_check + + - assert: + that: + - disable_local_page_check is changed + + - name: Change local page settings + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + local_status_page_enabled: False + delegate_to: localhost + register: disable_local_page + + - assert: + that: + - disable_local_page is changed + - disable_local_page.data is defined + + - name: Change local page settings with idempotency + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkAppliance + local_status_page_enabled: False + delegate_to: localhost + register: disable_local_page_idempotent + + - assert: + that: + - disable_local_page_idempotent is not changed + - disable_local_page_idempotent.data is defined + + - name: Create network with type wireless + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + register: create_net_wireless + + - assert: + that: + - '"IntTestNetworkWireless" in create_net_wireless.data.name' + + - name: Create network with type wireless and check for idempotency + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkWireless + type: wireless + timezone: America/Chicago + delegate_to: localhost + register: create_net_wireless_idempotent + + - assert: + that: + - create_net_wireless_idempotent.changed == False + - create_net_wireless_idempotent.data is defined + + - name: Create network with type combined + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: IntTestNetworkCombined + type: + - appliance + - switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_combined + + - assert: + that: + - create_net_combined.data.product_types | length > 1 + + - name: Test status pages - local disabled remote disabled + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkCombined + local_status_page_enabled: no + remote_status_page_enabled: no + delegate_to: localhost + register: status_pages_1 + + - assert: + that: + - status_pages_1.changed == True + - status_pages_1['data']['local_status_page_enabled'] == False + - status_pages_1['data']['remote_status_page_enabled'] == False + + - name: Test status pages - local enabled remote disabled + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkCombined + local_status_page_enabled: yes + remote_status_page_enabled: no + delegate_to: localhost + register: status_pages_2 + + - assert: + that: + - status_pages_2.changed == True + - status_pages_2['data']['local_status_page_enabled'] == True + - status_pages_2['data']['remote_status_page_enabled'] == False + + - name: Test status pages - local enabled remote enabled + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkCombined + local_status_page_enabled: yes + remote_status_page_enabled: yes + delegate_to: localhost + register: status_pages_3 + + - assert: + that: + - status_pages_3.changed == True + - status_pages_3['data']['local_status_page_enabled'] == True + - status_pages_3['data']['remote_status_page_enabled'] == True + + + - name: Test status pages - local disabled remote enabled - expected to fail + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkCombined + local_status_page_enabled: no + remote_status_page_enabled: yes + delegate_to: localhost + register: status_pages_4 + ignore_errors: yes + + - assert: + that: + - status_pages_4.changed == False + - '"must be true when setting" in status_pages_4.msg' + + - name: Create network with one tag + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkTag + type: switch + timezone: America/Chicago + tags: first_tag + delegate_to: localhost + register: create_net_tag + + - name: Create network with two tags + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkTags + type: switch + timezone: America/Chicago + tags: + - first_tag + - second_tag + delegate_to: localhost + register: create_net_tags + + - set_fact: + tag_net_id: '{{create_net_tags.data.id}}' + + - name: Modify network by net_id + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_id: '{{tag_net_id}}' + type: switch + timezone: America/Chicago + tags: + - first_tag + - second_tag + - third_tag + delegate_to: localhost + register: create_net_modified + + - name: Modify network with idempotency + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: IntTestNetworkTags + type: switch + timezone: America/Chicago + tags: + - first_tag + - second_tag + - third_tag + delegate_to: localhost + register: create_net_modified_idempotent + + - assert: + that: + - create_net_modified_idempotent.data is defined + + - name: Present assertions + assert: + that: + - '"org_name or org_id parameters are required" in create_net_no_org.msg' + - '"IntTestNetworkAppliance" in create_net_appliance_no_tz.data.name' + - create_net_appliance_no_tz.changed == True + - '"IntTestNetworkSwitch" in create_net_switch.data.name' + - '"IntTestNetworkSwitchOrgID" in create_net_switch_org_id.data.name' + - '"first_tag" in create_net_tag.data.tags' + - '"second_tag" in create_net_tags.data.tags' + - '"third_tag" in create_net_modified.data.tags' + - create_net_modified.changed == True + - create_net_modified_idempotent.changed == False + - create_net_modified_idempotent.data is defined + + - name: Query templated network settings + meraki_network: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_template_name}}' + local_status_page_enabled: yes + delegate_to: localhost + register: query_settings + + - assert: + that: + - query_settings.data is defined + + - name: Query all networks + meraki_network: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + delegate_to: localhost + register: net_query_all + + - name: Query a configuration template + meraki_network: + auth_key: '{{auth_key}}' + state: query + org_name: '{{test_org_name}}' + net_name: '{{test_template_name}}' + delegate_to: localhost + register: query_config_template + + - name: Query one network + meraki_network: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + net_name: IntTestNetworkSwitch + delegate_to: localhost + register: net_query_one + + - name: Query one network - assert + assert: + that: + - 'net_query_one.data.name == "IntTestNetworkSwitch"' + - 'query_config_template.data.name == "{{ test_template_name }}"' + + - name: Set net_id + ansible.builtin.set_fact: + net_id: "{{ net_query_one.data.id }}" + + - name: Query one network by ID + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + net_id: "{{ net_id}}" + delegate_to: localhost + register: net_query_one_id + + - name: Query one network by ID - debug + ansible.builtin.debug: + var: net_query_one_id + + - name: Query one network by ID - assert + ansible.builtin.assert: + that: + - 'net_query_one_id.data.name == "IntTestNetworkSwitch"' + - 'query_config_template.data.name == "{{ test_template_name }}"' + +############################################################################# +# Tear down starts here +############################################################################# + always: + - name: Delete network without org + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + net_name: IntTestNetworkSwitch + delegate_to: localhost + register: delete_all_no_org + ignore_errors: yes + + - name: Delete network by org ID and check mode + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_id: '{{test_org_id}}' + net_name: IntTestNetworkSwitchOrgID + delegate_to: localhost + check_mode: yes + register: delete_net_org_id_check + + - assert: + that: + - delete_net_org_id_check is changed + - delete_net_org_id_check.data is defined + + - name: Delete network by org ID + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_id: '{{test_org_id}}' + net_name: IntTestNetworkSwitchOrgID + delegate_to: localhost + register: delete_net_org_id + + - name: Query after delete with org ID + meraki_network: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + delegate_to: localhost + register: query_deleted_org_id + + - name: Delete all networks + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_name: '{{ item }}' + delegate_to: localhost + register: delete_all + ignore_errors: yes + loop: + - IntTestNetworkSwitch + - IntTestNetworkSwitchCopied + - IntTestNetworkWireless + - IntTestNetworkAppliance + - IntTestNetworkCombined + - IntTestNetworkTag + - IntTestNetworkTags + + - assert: + that: + - 'delete_all_no_org.msg == "org_name or org_id parameters are required"' diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/tasks/main.yml new file mode 100644 index 000000000..9d3783cc6 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_network_settings/tasks/main.yml @@ -0,0 +1,294 @@ +# Test code for the Meraki modules +# Copyright: (c) 2023, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Create network with type switch + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + type: switch + timezone: America/Chicago + delegate_to: localhost + register: create_net_switch + + - name: Get network settings + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + delegate_to: localhost + register: query_net + + - name: Update network settings with check mode + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: false + delegate_to: localhost + register: set_local_check + check_mode: true + + - name: Assert settings local status page enabled + ansible.builtin.assert: + that: + - set_local_check is changed + - set_local_check.data is defined + - set_local_check.data.local_status_page_enabled == false + - set_local_check.data.password is not defined + + - name: Update network settings + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: false + delegate_to: localhost + register: set_local + + - name: Assert settings local status page enabled + ansible.builtin.assert: + that: + - set_local is changed + - set_local.data is defined + - set_local.data.local_status_page_enabled == false + + - name: Update network settings with idempotency + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: false + delegate_to: localhost + register: set_local_idempotent + + - name: Assert settings local status page enabled with idempotency + ansible.builtin.assert: + that: + - set_local_idempotent is not changed + - set_local_idempotent.data is defined + - set_local_idempotent.data.local_status_page_enabled == false + + - name: Enable password on local page with check mode + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: true + local_status_page: + authentication: + enabled: true + password: abc123 + delegate_to: localhost + register: set_auth_check + check_mode: true + + - name: Assert auth settings with check mode + ansible.builtin.assert: + that: + - set_auth_check is changed + - set_auth_check.data is defined + - set_auth_check.data.local_status_page_enabled == true + - set_auth_check.data.local_status_page.authentication.enabled == true + + - name: Enable password on local page + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: true + local_status_page: + authentication: + enabled: true + password: abc123 + delegate_to: localhost + register: set_auth + + - debug: + var: set_auth + + - name: Assert auth settings + ansible.builtin.assert: + that: + - set_auth is changed + - set_auth.data is defined + - set_auth.data.local_status_page_enabled == true + - set_auth.data.local_status_page.authentication.enabled == true + + - name: Enable password on local page with idempotency + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: true + local_status_page: + authentication: + enabled: true + password: abc123 + delegate_to: localhost + register: set_auth_idempotent + + - name: Assert auth settings with idempotency + ansible.builtin.assert: + that: + - set_auth_idempotent is not changed + - set_auth_idempotent.data is defined + - set_auth_idempotent.data.local_status_page_enabled == true + - set_auth_idempotent.data.local_status_page.authentication.enabled == true + + - name: Enable secure port with check mode + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + secure_port: + enabled: true + delegate_to: localhost + register: set_port_check + check_mode: true + + - name: Assert secure port settings with check mode + ansible.builtin.assert: + that: + - set_port_check is changed + - set_port_check.data is defined + - set_port_check.data.secure_port.enabled == true + + - name: Enable secure port + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + secure_port: + enabled: true + delegate_to: localhost + register: sec_port + + - debug: + var: sec_port + + - name: Assert secure port settings + ansible.builtin.assert: + that: + - sec_port is changed + - sec_port.data is defined + - sec_port.data.secure_port.enabled == true + + - name: Enable secure port with idempotency + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + secure_port: + enabled: true + delegate_to: localhost + register: sec_port_idempotent + + - debug: + var: sec_port_idempotent + + - name: Assert secure port settings with idempotency + ansible.builtin.assert: + that: + - sec_port_idempotent is not changed + - sec_port_idempotent.data is defined + - sec_port_idempotent.data.secure_port.enabled == true + + - name: Test status pages - local disabled remote disabled + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: no + remote_status_page_enabled: no + delegate_to: localhost + register: status_pages_1 + + - name: Assert status pages - local disabled remote disabled + ansible.builtin.assert: + that: + - status_pages_1.changed == True + - status_pages_1['data']['local_status_page_enabled'] == False + - status_pages_1['data']['remote_status_page_enabled'] == False + + - name: Test status pages - local enabled remote disabled + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: yes + remote_status_page_enabled: no + delegate_to: localhost + register: status_pages_2 + + - name: Assert status pages - local enabled remote disabled + ansible.builtin.assert: + that: + - status_pages_2.changed == True + - status_pages_2['data']['local_status_page_enabled'] == True + - status_pages_2['data']['remote_status_page_enabled'] == False + + - name: Test status pages - local enabled remote enabled + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: yes + remote_status_page_enabled: yes + delegate_to: localhost + register: status_pages_3 + + - name: Assert status pages - local enabled remote enabled + ansible.builtin.assert: + that: + - status_pages_3.changed == True + - status_pages_3['data']['local_status_page_enabled'] == True + - status_pages_3['data']['remote_status_page_enabled'] == True + + + - name: Test status pages - local disabled remote enabled - expected to fail + cisco.meraki.meraki_network_settings: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + local_status_page_enabled: no + remote_status_page_enabled: yes + delegate_to: localhost + register: status_pages_4 + ignore_errors: yes + + - name: Assert status pages - local disabled remote enabled + ansible.builtin.assert: + that: + - status_pages_4.changed == False + - '"must be true when setting" in status_pages_4.msg' + +############################################################################# +# Tear down starts here +############################################################################# + always: + - name: Delete network + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_name: NetworkSettingsTestNet + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/main.yml new file mode 100644 index 000000000..e7ad65b81 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/main.yml @@ -0,0 +1,8 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local +
\ No newline at end of file diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/tests.yml new file mode 100644 index 000000000..28ebce01e --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_organization/tasks/tests.yml @@ -0,0 +1,149 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create a new organization named IntTestOrg + meraki_organization: + auth_key: '{{ auth_key }}' + org_name: IntTestOrg + state: present + output_level: debug + register: new_org + + - debug: + msg: '{{new_org}}' + + - name: Clone IntTestOrg + meraki_organization: + auth_key: '{{ auth_key }}' + clone: IntTestOrg + org_name: IntTestOrgCloned + state: present + register: cloned_org + + - debug: + msg: '{{cloned_org}}' + + - set_fact: + cloned_net_id: '{{cloned_org.data.id}}' + + - name: Rename IntTestOrg + meraki_organization: + auth_key: '{{ auth_key }}' + org_name: IntTestOrgRenamed + org_id: '{{ new_org.data.id }}' + state: present + register: modify_org + + - debug: + msg: '{{ modify_org }}' + + - set_fact: + renamed_org_id: '{{modify_org.data.id}}' + + - name: Rename IntTestOrg idempotent + meraki_organization: + auth_key: '{{ auth_key }}' + org_name: IntTestOrgRenamed + org_id: '{{ new_org.data.id }}' + state: present + register: modify_org_idempotent + + - name: Present assertions + assert: + that: + - '"https" in new_org.url' + - new_org.changed == True + - new_org.data.id is defined + - cloned_org.changed == True + - cloned_org.data.id is defined + - modify_org.changed == True + - 'modify_org.data.name == "IntTestOrgRenamed"' + - modify_org_idempotent.changed == False + - modify_org_idempotent.data is defined + + - name: List all organizations + meraki_organization: + auth_key: '{{ auth_key }}' + state: query + register: query_all + + - name: Query information about a single organization named IntTestOrg + meraki_organization: + auth_key: '{{ auth_key }}' + org_name: IntTestOrgRenamed + state: query + register: query_org + + - name: Query information about IntTestOrg by organization ID + meraki_organization: + auth_key: '{{ auth_key }}' + org_id: '{{ query_org.data.id }}' + state: query + register: query_org_id + + - name: Query assertions + assert: + that: + - query_org.data.id is defined + - query_all.changed == False + - query_all.data | length >= 1 + - 'query_org.data.name == "IntTestOrgRenamed"' + - 'query_org_id.data.id == query_org.data.id' + + - name: Delete without confirmation code + meraki_organization: + auth_key: '{{ auth_key }}' + state: absent + org_name: IntTestOrgCloned + register: delete_no_confirm + ignore_errors: yes + + - assert: + that: + 'delete_no_confirm.msg == "delete_confirm must match the network ID of the network to be deleted."' + + always: + # - name: Pause playbook for more reliable deletion + # pause: + # minutes: 1 + + - name: Delete cloned organizations with check mode + meraki_organization: + auth_key: '{{ auth_key }}' + state: absent + org_name: IntTestOrgCloned + delete_confirm: '{{cloned_net_id}}' + register: deleted_org_check + check_mode: yes + + - assert: + that: + - deleted_org_check is changed + + - name: Delete cloned organizations + meraki_organization: + auth_key: '{{ auth_key }}' + state: absent + org_name: IntTestOrgCloned + delete_confirm: '{{cloned_net_id}}' + register: deleted_org + + - name: Delete renamed organization by id + meraki_organization: + auth_key: '{{ auth_key }}' + state: absent + org_id: '{{renamed_org_id}}' + delete_confirm: '{{renamed_org_id}}' + register: deleted_org_id + + - assert: + that: + - deleted_org_id is changed diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/tasks/main.yml new file mode 100644 index 000000000..ed0868a40 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_snmp/tasks/main.yml @@ -0,0 +1,290 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create SNMP network + meraki_network: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + type: appliance + delegate_to: localhost + register: new_net + + - set_fact: + net_id: new_net.data.id + + - name: Query all SNMP settings + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: query + delegate_to: localhost + register: snmp_query + + - debug: + msg: '{{snmp_query}}' + + - name: Enable SNMPv2c + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v2c_enabled: true + delegate_to: localhost + register: snmp_v2_enable + + - debug: + msg: '{{snmp_v2_enable}}' + + - assert: + that: + - snmp_v2_enable.data.v2_community_string is defined + - snmp_v2_enable.data.v2c_enabled == true + + - name: Disable SNMPv2c + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v2c_enabled: False + delegate_to: localhost + register: snmp_v2_disable + + - assert: + that: + - snmp_v2_disable.data.v2_community_string is not defined + - snmp_v2_disable.data.v2c_enabled == False + + - name: Enable SNMPv2c with org_id + meraki_snmp: + auth_key: '{{auth_key}}' + org_id: '{{test_org_id}}' + state: present + v2c_enabled: true + delegate_to: localhost + register: snmp_v2_enable_id + + - debug: + msg: '{{snmp_v2_enable_id}}' + + - assert: + that: + - snmp_v2_enable_id.data.v2_community_string is defined + - snmp_v2_enable_id.data.v2c_enabled == true + + - name: Disable SNMPv2c with org_id + meraki_snmp: + auth_key: '{{auth_key}}' + org_id: '{{test_org_id}}' + state: present + v2c_enabled: False + delegate_to: localhost + register: snmp_v2_disable_id + + - assert: + that: + - snmp_v2_disable_id.data.v2_community_string is not defined + - snmp_v2_disable_id.data.v2c_enabled == False + + - name: Enable SNMPv3 with check mode + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: true + v3_auth_mode: SHA + v3_auth_pass: ansiblepass + v3_priv_mode: AES128 + v3_priv_pass: ansiblepass + delegate_to: localhost + check_mode: yes + register: snmp_v3_enable_check + + - assert: + that: + - snmp_v3_enable_check.data.v3_enabled == True + - snmp_v3_enable_check.changed == True + + - name: Enable SNMPv3 + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: true + v3_auth_mode: SHA + v3_auth_pass: ansiblepass + v3_priv_mode: AES128 + v3_priv_pass: ansiblepass + delegate_to: localhost + register: snmp_v3_enable + + - assert: + that: + - snmp_v3_enable.data.v3_enabled == True + - snmp_v3_enable.changed == True + + - name: Check for idempotency + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: true + v3_auth_mode: SHA + v3_auth_pass: ansiblepass + v3_priv_mode: AES128 + v3_priv_pass: ansiblepass + delegate_to: localhost + register: snmp_idempotent + + - debug: + msg: '{{snmp_idempotent}}' + + - assert: + that: + - snmp_idempotent.changed == False + - snmp_idempotent.data is defined + + - name: Add peer IPs + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: true + v3_auth_mode: SHA + v3_auth_pass: ansiblepass + v3_priv_mode: AES128 + v3_priv_pass: ansiblepass + peer_ips: + - 1.1.1.1 + - 2.2.2.2 + delegate_to: localhost + register: peers + + - debug: + msg: '{{peers}}' + + - assert: + that: + - peers.data.peer_ips is defined + + - name: Set short password + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: true + v3_auth_mode: SHA + v3_auth_pass: ansible + v3_priv_mode: AES128 + v3_priv_pass: ansible + delegate_to: localhost + register: short_password + ignore_errors: yes + + - assert: + that: + - '"at least 8" in short_password.msg' + + - name: Set network access type to community string + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + access: community + community_string: abc123 + delegate_to: localhost + register: set_net_community + + - debug: + var: set_net_community + + - assert: + that: + - set_net_community is changed + - set_net_community.data is defined + + - name: Set network access type to username + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + access: users + users: + - username: ansibleuser + passphrase: ansiblepass + delegate_to: localhost + register: set_net_user + + - debug: + var: set_net_user + + - assert: + that: + - set_net_user is changed + - set_net_user.data is defined + + - name: Set network access type to none + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + access: none + delegate_to: localhost + register: set_net_none + + - debug: + var: set_net_none + + - assert: + that: + - set_net_none is changed + - set_net_none.data is defined + + - name: Query network SNMP settings + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + delegate_to: localhost + register: get_net + + - debug: + var: get_net + + - assert: + that: + - get_net.data is defined + + always: + - name: Disable SNMPv3 + meraki_snmp: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + state: present + v3_enabled: no + v3_auth_mode: SHA + v3_auth_pass: ansiblepass + v3_priv_mode: AES128 + v3_priv_pass: ansiblepass + delegate_to: localhost + + - name: Delete SNMP network + meraki_network: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: absent + delegate_to: localhost diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/tasks/main.yml new file mode 100644 index 000000000..1f934f6fd --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_ssid/tasks/main.yml @@ -0,0 +1,747 @@ +# Test code for the Meraki SSID module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of the test + block: + - name: Set fact wpa_enable to false + ansible.builtin.set_fact: + wpa_enabled: false + + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + type: wireless + register: test_net + + - name: Debug test_net + ansible.builtin.debug: + msg: '{{ test_net }}' + + - name: Add access points to network + cisco.meraki.meraki_device: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + serial: '{{ serial_wireless }}' + delegate_to: localhost + + - name: Query all SSIDs + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + delegate_to: localhost + register: query_all + + - name: Enable and name SSID with check mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + enabled: true + delegate_to: localhost + register: enable_name_ssid_check + check_mode: true + + - name: Assert enable_name_ssid_check + ansible.builtin.assert: + that: + - enable_name_ssid_check is changed + - enable_name_ssid_check.data is defined + + - name: Enable and name SSID + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + enabled: true + delegate_to: localhost + register: enable_name_ssid + + - name: Debug enable_name_ssid + ansible.builtin.debug: + msg: '{{ enable_name_ssid }}' + + - name: Assert query_all + ansible.builtin.assert: + that: + - query_all.data | length == 15 + - query_all.data.0.name == 'TestNetSSID WiFi' + - enable_name_ssid.data.name == 'AnsibleSSID' + + - name: Check for idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + enabled: true + delegate_to: localhost + register: enable_name_ssid_idempotent + + - name: Debug enable_name_ssid_idempotent + ansible.builtin.debug: + msg: '{{ enable_name_ssid_idempotent }}' + + - name: Assert enable_name_ssid_idempotent + ansible.builtin.assert: + that: + - enable_name_ssid_idempotent.changed == False + - enable_name_ssid_idempotent.data is defined + + - name: Set splash portal with sponsor domain + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + splash_page: Sponsored guest + splash_guest_sponsor_domains: + - "gmail.com" + delegate_to: localhost + register: splash_guest_sponsor_domain + + - name: Debug splash_guest_sponsor_domain + ansible.builtin.debug: + msg: '{{ splash_guest_sponsor_domain }}' + + - name: Assert splash_guest_sponsor_domain + ansible.builtin.assert: + that: + - splash_guest_sponsor_domain.changed == true + - splash_guest_sponsor_domain.data is defined + + - name: Query one SSIDs + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + delegate_to: localhost + register: query_one + + - name: Debug query_one + ansible.builtin.debug: + msg: '{{ query_one }}' + + - name: Assert query_one + ansible.builtin.assert: + that: + - query_one.data.name == 'AnsibleSSID' + + - name: Query one SSID with number + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + delegate_to: localhost + register: query_one_number + + - name: Debug query_one_number + ansible.builtin.debug: + msg: '{{ query_one_number }}' + + - name: Assert query_one_number + ansible.builtin.assert: + that: + - query_one_number.data.name == 'AnsibleSSID' + + - name: Disable SSID without specifying number + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + enabled: false + delegate_to: localhost + register: disable_ssid + + - name: Debug disable_ssid + ansible.builtin.debug: + msg: '{{ disable_ssid.data.enabled }}' + + - name: Assert disable_ssid + ansible.builtin.assert: + that: + - disable_ssid.data.enabled == False + + - name: Enable SSID with number + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + enabled: true + delegate_to: localhost + register: enable_ssid_number + + - name: Debug enable_ssid_number + ansible.builtin.debug: + msg: '{{ enable_ssid_number.data.enabled }}' + + - name: Assert enable_ssid_number + ansible.builtin.assert: + that: + - enable_ssid_number.data.enabled == true + + - name: Configure sponsor portal + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + splash_page: Sponsored guest + + - name: Set VLAN arg spec + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + use_vlan_tagging: true + visible: true + ip_assignment_mode: Bridge mode + default_vlan_id: 1 + ap_tags_vlan_ids: + - tags: wifi + vlan_id: 2 + delegate_to: localhost + register: set_vlan_arg + + - name: Debug set_vlan_org + ansible.builtin.debug: + var: set_vlan_arg + + - name: Assert set_vlan_arg + ansible.builtin.assert: + that: set_vlan_arg is changed + + - name: Set VLAN arg spec + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + use_vlan_tagging: true + visible: true + ip_assignment_mode: Bridge mode + default_vlan_id: 1 + ap_tags_vlan_ids: + - tags: wifi + vlan_id: 2 + delegate_to: localhost + register: set_vlan_arg_idempotent + + - name: Debug set_vlan_arg_idempotent + ansible.builtin.debug: + var: set_vlan_arg_idempotent + + - name: Assert set_vlan_org_idempotent + ansible.builtin.assert: + that: set_vlan_arg_idempotent is not changed + + - name: Set PSK + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + psk: abc1234567890 + encryption_mode: wpa + delegate_to: localhost + register: psk + + - name: Debug psk + ansible.builtin.debug: + msg: '{{ psk }}' + + - name: Assert psk + ansible.builtin.assert: + that: + - psk.data.auth_mode == 'psk' + - psk.data.encryption_mode == 'wpa' + - psk.data.wpa_encryption_mode == 'WPA2 only' + + - name: Set PSK with idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + psk: abc1234567890 + encryption_mode: wpa + delegate_to: localhost + register: psk_idempotent + + - name: Debug psk_idempotent + ansible.builtin.debug: + msg: '{{ psk_idempotent }}' + + - name: Assert psk_idempotent + ansible.builtin.assert: + that: + - psk_idempotent is not changed + + # + # Check WPA3 Transition Mode + # + - name: Set WPA3 Transition Mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + psk: abc1234567890 + encryption_mode: wpa + wpa_encryption_mode: WPA3 Transition Mode + delegate_to: localhost + register: psk_wpa3_transition_mode + when: wpa_enabled + + - name: Debug psk_wpa3_transition_mode + ansible.builtin.debug: + msg: '{{ psk_wpa3_transition_mode }}' + when: wpa_enabled + + - name: Assert psk_wpa3_transition_mode + ansible.builtin.assert: + that: + - psk_wpa3_transition_mode.data.auth_mode == 'psk' + - psk_wpa3_transition_mode.data.encryption_mode == 'wpa' + - psk_wpa3_transition_mode.data.wpa_encryption_mode == 'WPA3 Transition Mode' + when: wpa_enabled + + - name: Set WPA3 Transition Mode with Idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + psk: abc1234567890 + encryption_mode: wpa + wpa_encryption_mode: WPA3 Transition Mode + delegate_to: localhost + register: psk_wpa3_transition_mode_idempotent + when: wpa_enabled + + - name: Debug wpa_enabled + ansible.builtin.debug: + msg: '{{ psk_wpa3_transition_mode_idempotent }}' + when: wpa_enabled + + - name: Assert psk_wpa3_transition_mode_idempotent + ansible.builtin.assert: + that: + - psk_wpa3_transition_mode_idempotent is not changed + when: wpa_enabled + + - name: Enable click-through splash page + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + splash_page: Click-through splash page + delegate_to: localhost + register: splash_click + + - name: Debug splash_click + ansible.builtin.debug: + msg: '{{ splash_click }}' + + - name: Assert splash_click + ansible.builtin.assert: + that: + - splash_click.data.splash_page == 'Click-through splash page' + + - name: Set walled garden + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + walled_garden_enabled: true + walled_garden_ranges: + - 192.168.0.0/24 + - '*.ansible.com' + delegate_to: localhost + register: walled_garden + + - name: Debug walled_garden + ansible.builtin.debug: + msg: '{{ walled_garden }}' + + - name: Assert walled_garden + ansible.builtin.assert: + that: + - 'walled_garden.data.walled_garden_enabled == true' + - walled_garden is changed + + - name: Set walled garden with idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + walled_garden_enabled: true + walled_garden_ranges: + - 192.168.0.0/24 + - '*.ansible.com' + delegate_to: localhost + register: walled_garden_idempotent + + - name: Debug walled_garden_idempotent + ansible.builtin.debug: + msg: '{{ walled_garden_idempotent }}' + + - name: Assert walled_garden_idempotent + ansible.builtin.assert: + that: + - walled_garden_idempotent.data is defined + - walled_garden_idempotent is not changed + + - name: Configure RADIUS servers + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: open-with-radius + radius_servers: + - host: 192.0.1.200 + port: 1234 + secret: abc98765 + delegate_to: localhost + register: set_radius_server + + - name: Debug set_radius_server + ansible.builtin.debug: + msg: '{{ set_radius_server }}' + + - name: Assert set_radius_server + ansible.builtin.assert: + that: + - set_radius_server.data.radius_servers.0.host == '192.0.1.200' + + - name: Configure RADIUS servers with idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: open-with-radius + radius_servers: + - host: 192.0.1.200 + port: 1234 + secret: abc98765 + delegate_to: localhost + register: set_radius_server_idempotent + + - name: Debug set_radius_server_idempotent + ansible.builtin.debug: + var: set_radius_server_idempotent + + - name: Assert set_radius_server_idempotent + ansible.builtin.assert: + that: + - set_radius_server_idempotent is not changed + + ################# + # Error testing # + ################# + - name: Set available on all aps to false without also setting availability tags + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + available_on_all_aps: false + delegate_to: localhost + register: no_availability_tags + failed_when: false + changed_when: false + + - name: Debug no_availability_tags + ansible.builtin.debug: + msg: '{{ no_availability_tags }}' + + - name: Assert no_availability_tags + ansible.builtin.assert: + that: + - no_availability_tags.msg == 'available_on_all_aps is only allowed to be false when ap_availability_tags is defined' + + - name: Set ap availability tags without setting available on all aps to false + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + available_on_all_aps: true + ap_availability_tags: + - "test" + delegate_to: localhost + register: available_on_all_aps_true_with_tags + failed_when: false + changed_when: false + + - name: Debug available_on_all_aps_true_with_tags + ansible.builtin.debug: + msg: '{{ available_on_all_aps_true_with_tags }}' + + - name: Assert available_on_all_aps_true_with_tags + ansible.builtin.assert: + that: + - available_on_all_aps_true_with_tags.msg == 'ap_availability_tags is only allowed when available_on_all_aps is false' + + - name: Set LAN isolation without Bridge mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + ip_assignment_mode: "NAT mode" + lan_isolation_enabled: true + delegate_to: localhost + register: lan_isolation_invalid + failed_when: false + changed_when: false + + - name: Debug lan_isolation_invalid + ansible.builtin.debug: + msg: '{{ lan_isolation_invalid }}' + + - name: Assert lan_isolation_invalid + ansible.builtin.assert: + that: + - lan_isolation_invalid.msg == 'lan_isolation_enabled is only allowed when ip_assignment_mode is Bridge mode' + + - name: Set PSK with wrong mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: open + psk: abc1234 + delegate_to: localhost + register: psk_invalid + failed_when: false + changed_when: false + + - name: Debug psk_invalid + ansible.builtin.debug: + msg: '{{ psk_invalid }}' + + - name: Assert psk_invalid + ansible.builtin.assert: + that: + - psk_invalid.msg == 'PSK is only allowed when auth_mode is set to psk' + + - name: Set PSK with invalid encryption mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + psk: abc1234 + encryption_mode: eap + delegate_to: localhost + register: psk_invalid_mode + failed_when: false + changed_when: false + + - name: Debug psk_invalid_mode + ansible.builtin.debug: + msg: '{{ psk_invalid_mode }}' + + - name: Assert psk_invalid_mode + ansible.builtin.assert: + that: + - psk_invalid_mode.msg == 'PSK requires encryption_mode be set to wpa' + + - name: Error for PSK and RADIUS servers + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + auth_mode: psk + radius_servers: + - host: 192.0.1.200 + port: 1234 + secret: abc98765 + delegate_to: localhost + register: err_radius_server_psk + failed_when: false + changed_when: false + + - name: Debug err_radius_server_psk + ansible.builtin.debug: + var: err_radius_server_psk + + - name: Assert err_radius_server_psk.msg + ansible.builtin.assert: + that: + - 'err_radius_server_psk.msg == "radius_servers requires auth_mode to be open-with-radius or 8021x-radius"' + + - name: Set VLAN arg without default VLAN error + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + number: 1 + use_vlan_tagging: true + visible: true + ip_assignment_mode: Bridge mode + ap_tags_vlan_ids: + - tags: wifi + vlan_id: 2 + delegate_to: localhost + register: set_vlan_arg_err + failed_when: false + changed_when: false + + - name: Debug set_vlan_arg_err + ansible.builtin.debug: + var: set_vlan_arg_err + + - name: Assert set_vlan_arg_err.msg + ansible.builtin.assert: + that: + - 'set_vlan_arg_err.msg == "default_vlan_id is required when use_vlan_tagging is True"' + + - name: Create SSID to Test SSID Delete Idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleIdempotentDeleteSSID + enabled: true + delegate_to: localhost + + - name: Remove SSID to Test SSID Delete Idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleIdempotentDeleteSSID + delegate_to: localhost + register: deleted_ssid + + - name: Assert deleted_ssid + ansible.builtin.assert: + that: + - deleted_ssid is changed + + - name: Remove SSID to Test SSID Delete Idempotency + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleIdempotentDeleteSSID + delegate_to: localhost + register: deleted_ssid + + - name: Assert deleted_ssid + ansible.builtin.assert: + that: + - deleted_ssid is not changed + + always: + - name: Delete SSID with check mode + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + delegate_to: localhost + register: delete_ssid_check + check_mode: true + + - name: Assert delete_ssid_check + ansible.builtin.assert: + that: + - delete_ssid_check is changed + - delete_ssid_check.data is defined + + - name: Delete SSID + cisco.meraki.meraki_mr_ssid: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + name: AnsibleSSID + delegate_to: localhost + register: delete_ssid + + - name: Debug delete_ssid + ansible.builtin.debug: + msg: '{{ delete_ssid }}' + + - name: Assert delete_ssid + ansible.builtin.assert: + that: + - delete_ssid.data.name == 'Unconfigured SSID 2' + + - name: Delete test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: TestNetSSID + register: delete_net + + - name: Debug delete_net + ansible.builtin.debug: + msg: '{{ delete_net }}' diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/tasks/main.yml new file mode 100644 index 000000000..8bf518472 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_syslog/tasks/main.yml @@ -0,0 +1,228 @@ +# Test code for the Meraki Organization module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- block: + - name: Test an API key is provided + fail: + msg: Please define an API key + when: auth_key is not defined + + - set_fact: + syslog_test_net_name: 'syslog_{{test_net_name}}' + + - name: Create network with type appliance and switch + meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + type: + - appliance + - wireless + delegate_to: localhost + register: new_net + + - set_fact: + net_id: '{{new_net.data.id}}' + + - name: Query syslog settings + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: query + delegate_to: localhost + register: query_all + + - name: Set syslog server + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.2 + port: 514 + roles: + - Appliance event log + - Flows + delegate_to: localhost + register: create_server + + - assert: + that: + - create_server['data']['servers'][0]['host'] == "192.0.1.2" + - create_server is changed + + - name: Set syslog server with idempotency + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.2 + port: 514 + roles: + - Appliance event log + - Flows + delegate_to: localhost + register: create_server_idempotency + + - assert: + that: + - create_server_idempotency.changed == False + - create_server_idempotency.data is defined + + - name: Set syslog server with wireless Event log + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.2 + port: 514 + roles: + - Appliance event log + - Flows + - wireless Event log + delegate_to: localhost + register: create_server + + - assert: + that: + - create_server['data']['servers'][0]['host'] == "192.0.1.2" + - create_server is changed + + - name: Set syslog server with wireless Event log with idempotency + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.2 + port: 514 + roles: + - Appliance event log + - Flows + - wireless event log + delegate_to: localhost + register: create_server_idempotency + + - assert: + that: + - create_server_idempotency.changed == False + - create_server_idempotency.data is defined + + - name: Set syslog servers to address bug 288 + meraki_syslog: + auth_key: "{{ auth_key }}" + state: present + org_name: "{{ test_org_name }}" + net_name: "{{ test_net_name }}" + servers: + - host: "10.3.15.11" + port: 604 + roles: + - Appliance event log + - Security events + - host: "10.5.15.11" + port: 604 + roles: + - Appliance event log + - Security events + - host: "10.9.15.11" + port: 604 + roles: + - Appliance event log + - Security events + - host: "10.5.250.12" + port: 514 + roles: + - Appliance event log + - Security events + + - name: Set multiple syslog servers + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_id: '{{net_id}}' + state: present + servers: + - host: 192.0.1.3 + port: 514 + roles: + - Appliance event log + - host: 192.0.1.4 + port: 514 + roles: + - Appliance event log + - Flows + - host: 192.0.1.5 + port: 514 + roles: + - Flows + delegate_to: localhost + register: create_multiple_servers + + - assert: + that: + - create_multiple_servers['data']['servers'][0]['host'] == "192.0.1.3" + - create_multiple_servers['data']['servers'][1]['host'] == "192.0.1.4" + - create_multiple_servers['data']['servers'][2]['host'] == "192.0.1.5" + - create_multiple_servers['data']['servers'] | length == 3 + + - name: Create syslog server with bad name + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.6 + port: 514 + roles: + - Invalid role + delegate_to: localhost + register: invalid_role + ignore_errors: yes + + - assert: + that: + - '"Invalid role found in" in invalid_role.msg' + + - name: Add role to existing syslog server # Adding doesn't work, just creation + meraki_syslog: + auth_key: '{{auth_key}}' + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + state: present + servers: + - host: 192.0.1.2 + port: 514 + roles: + - Flows + delegate_to: localhost + register: add_role + + - debug: + msg: '{{add_role.data}}' + + - assert: + that: + - add_role.data.servers.0.roles.0 == 'Flows' + + always: + - name: Delete syslog test network + meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{test_org_name}}' + net_name: '{{test_net_name}}' + delegate_to: localhost + register: delete_all + ignore_errors: yes diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/aliases new file mode 100644 index 000000000..ad7ccf7ad --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/aliases @@ -0,0 +1 @@ +unsupported diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/main.yml new file mode 100644 index 000000000..f671fc928 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki Webhooks module +# Copyright: (c) 2018, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/tests.yml new file mode 100644 index 000000000..5455336e8 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook/tasks/tests.yml @@ -0,0 +1,426 @@ +# Test code for the Meraki Webhook module +# Copyright: (c) 2019, Kevin Breit (@kbreit) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Test Cases for meraki_webhook module + block: + - name: Test an API key is provided + ansible.builtin.fail: + msg: Please define an API key + when: auth_key is not defined + + - name: Create test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + type: appliance + + - name: Query for any webhooks expecting None + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + register: query_none + + - name: Query for any webhooks expecting None - debug + ansible.builtin.debug: + var: query_none + + - name: Query for any webhooks expecting None - assert + ansible.builtin.assert: + that: + - query_none is not changed + - query_none.data[0] is not defined + + - name: Create webhook with check mode + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyone + check_mode: true + register: create_one_check + + - name: Create webhook with check mode - debug + ansible.builtin.debug: + var: create_one_check + + - name: Create webhook with check mode - assert + ansible.builtin.assert: + that: + - create_one_check is changed + - create_one_check.data is defined + + - name: Create webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyone + register: create_one + + - name: Create webhook - debug + ansible.builtin.debug: + var: create_one + + - name: Create webhook - assert + ansible.builtin.assert: + that: + - create_one is changed + - create_one.data is defined + + - name: Set webhook_id for future use + ansible.builtin.set_fact: + webhook_id: '{{ create_one.data.id }}' + + - name: Query all webhooks expecting 1 + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + register: query_one + + - name: Query all webhooks expecting 1 - debug + ansible.builtin.debug: + var: query_one + + - name: Query all webhooks expecting 1 - assert + ansible.builtin.assert: + that: + - query_one.data is defined + - query_one.data[0] is defined + - query_one.data[1] is not defined + + - name: Query one webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + register: query_one + + - name: Query one webhook - debug + ansible.builtin.debug: + var: query_one + + - name: Query one webhook - assert + ansible.builtin.assert: + that: + - query_one.data is defined + + - name: Query one webhook with id + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + webhook_id: '{{ webhook_id }}' + register: query_one_id + + - name: Query one webhook with id - debug + ansible.builtin.debug: + var: query_one_id + + - name: Query one webhook with id - assert + ansible.builtin.assert: + that: + - query_one_id.data is defined + + - name: Update webhook with check mode + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyonehere + check_mode: true + register: update_check + + - name: Update webhook with check mode - assert + ansible.builtin.assert: + that: + - update_check is changed + - update_check.data is defined + + - name: Update webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyonehere + register: update + + - name: Update webhook - debug + ansible.builtin.debug: + var: update + + - name: Update webhook - assert + ansible.builtin.assert: + that: + - update is changed + - update.data is defined + - update.data.shared_secret is not defined + + - name: Update webhook with idempotency with shared secret + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyonehere + register: update_idempotent + + - name: Update webhook with idempotency with shared secret - debug + ansible.builtin.debug: + var: update_idempotent + + # response will always be "changed" since shared secret is not sent back in the response. + - name: Update webhook with idempotency with shared secret - assert + ansible.builtin.assert: + that: + - update_idempotent is changed + - update_idempotent.data is defined + - update_idempotent.data.shared_secret is not defined + + - name: Update webhook with idempotency without shared secret + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + register: update_idempotent2 + + - name: Update webhook with idempotency without shared secret - debug + ansible.builtin.debug: + var: update_idempotent2 + + - name: Update webhook with idempotency without shared secret - assert + ansible.builtin.assert: + that: + - update_idempotent2 is not changed + - update_idempotent2.data is defined + - update_idempotent2.data.shared_secret is not defined + + - name: Update webhook with id + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + webhook_id: '{{ webhook_id }}' + name: Test_Hook + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + shared_secret: shhhdonttellanyonehereid + register: update_id + + - name: Update webhook with id - debug + ansible.builtin.debug: + var: update_id + + # response will always be "changed" since shared secret is not sent back in the response. + - name: Update webhook with id - assert + ansible.builtin.assert: + that: + - update_id is changed + - update_id.data is defined + + - name: Create webhook payload template for a webhook + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: present + name: TestPayloadTemplate + body: "a fake body" + register: payload_template + + - name: Debug payload_template + ansible.builtin.debug: + var: payload_template + + - name: Create webhook with a payload template + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + payload_template_name: TestPayloadTemplate + name: Test_Hook_with_template + url: https://webhook.site/8eb5b76f-b167 + shared_secret: shhhdonttellanyone + register: webhook_with_template + + - name: Create webhook with a payload template - debug + ansible.builtin.debug: + var: webhook_with_template + + - name: Create webhook with a payload template - assert + ansible.builtin.assert: + that: + - webhook_with_template is changed + - webhook_with_template.data is defined + - webhook_with_template.data.payload_template.name == "TestPayloadTemplate" + + - name: Delete webhook with payload template + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook_with_template + register: delete_hook_with_template + + - name: Delete webhook with payload template - debug + ansible.builtin.debug: + var: delete_hook_with_template + + - name: Delete webhook with payload template - assert + ansible.builtin.assert: + that: + - delete_hook_with_template is changed + + - name: Create test webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: present + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + test: test + url: https://webhook.site/8eb5b76f-b167-4cb8-9fc4-42621b724244 + register: webhook_test + + - name: Set test_id for future use + ansible.builtin.set_fact: + test_id: '{{ webhook_test.data.id }}' + + - name: Create test webhook - debug + ansible.builtin.debug: + var: test_id + + - name: Get webhook status + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + test_id: '{{ test_id }}' + register: webhook_test_status + + - name: Get webhook status - debug + ansible.builtin.debug: + var: webhook_test_status + + - name: Get webhook status - assert + ansible.builtin.assert: + that: + - webhook_test_status.data is defined + + - name: Query all webhooks + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: query + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + register: query_all + + - name: Query all webhooks - debug + ansible.builtin.debug: + var: query_all + + - name: Delete webhook invalid webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook_Invalid + check_mode: true + register: delete_invalid + ignore_errors: true + + - name: Delete webhook invalid webhook - debug + ansible.builtin.debug: + var: delete_invalid + + - name: Delete webhook invalid webhook - assert + ansible.builtin.assert: + that: + - 'delete_invalid.msg == "There is no webhook with the name Test_Hook_Invalid"' + + - name: Delete webhook in check mode + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + check_mode: true + register: delete_check + + - name: Delete webhook in check mode - debug + ansible.builtin.debug: + var: delete_check + + - name: Delete webhook in check mode - assert + ansible.builtin.assert: + that: + - delete_check is changed + + - name: Delete webhook + cisco.meraki.meraki_webhook: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + name: Test_Hook + register: delete + + - name: Delete webhook - debug + ansible.builtin.debug: + var: delete + + - name: Delete webhook - assert + ansible.builtin.assert: + that: + - delete is changed + + ############################################################################# + # Tear down starts here + ############################################################################# + always: + - name: Delete webhook payload template for a webhook + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' + state: absent + name: TestPayloadTemplate + + - name: Delete test network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_name: '{{ test_net_name }}' diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/aliases b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/aliases new file mode 100644 index 000000000..06fe32bc6 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/aliases @@ -0,0 +1,2 @@ +unsupported + diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/main.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/main.yml new file mode 100644 index 000000000..878b2a45b --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/main.yml @@ -0,0 +1,7 @@ +# Test code for the Meraki modules + +# Copyright: (c) 2022, Joshua Coronado (@joshuajcoronado) <joshua@coronado.io> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Run test cases + include: tests.yml ansible_connection=local diff --git a/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/tests.yml b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/tests.yml new file mode 100644 index 000000000..8353fb27d --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/integration/targets/meraki_webhook_payload_template/tasks/tests.yml @@ -0,0 +1,270 @@ +# Test code for the Meraki modules +# Copyright: (c) 2022, Joshua Coronado (@joshuajcoronado) <joshua@coronado.io> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +- name: Block of tasks + block: + - name: Create network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_name: TestNet + state: present + type: wireless + register: new_net + + - name: Set fact new_net + ansible.builtin.set_fact: + net: '{{ new_net.data.id }}' + + - name: Query all webhook payload templates + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: query + register: query + + - name: Assert query.data is defined + ansible.builtin.assert: + that: + - query.data is defined + - query.data | length > 1 + + - name: Create payload template with check mode + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: TestTemplate + body: "a fake body" + check_mode: yes + register: create_one_check + + - ansible.builtin.debug: + var: create_one_check + + - ansible.builtin.assert: + that: + - create_one_check is changed + - create_one_check.data is defined + + - name: Create webhook payload template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: TestTemplate + body: "a fake body" + register: basic_template + + - name: Debug basic_template + ansible.builtin.debug: + var: basic_template + + - name: Assert things were changed + ansible.builtin.assert: + that: + - basic_template.changed + + - name: Query basic template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: query + name: TestTemplate + register: query + + - name: Debug query + ansible.builtin.debug: + var: query + + - name: Assert basic template was created + ansible.builtin.assert: + that: + - query.data is defined + - not query.changed + - query.data.body == "a fake body" + + - name: Update webhook payload template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: TestTemplate + body: "a fake body" + headers: + - name: header1 + template: "fake header1" + register: update_basic_template + + - name: Debug update_basic_template + ansible.builtin.debug: + var: update_basic_template + + - name: Assert update happened + ansible.builtin.assert: + that: + - update_basic_template.data is defined + - update_basic_template.changed + - update_basic_template.data.headers | length == 1 + + - name: Test idempotency by updating webhook payload template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: TestTemplate + body: "a fake body" + headers: + - name: header1 + template: "fake header1" + register: idempotent_update_basic_template + + - name: Debug update_basic_template + ansible.builtin.debug: + var: idempotent_update_basic_template + + - name: Assert nothing changed + ansible.builtin.assert: + that: + - not idempotent_update_basic_template.changed + + - name: Delete webhook payload template in check mode + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: absent + name: TestTemplate + check_mode: yes + register: delete_check + + - ansible.builtin.debug: + var: delete_check + + - ansible.builtin.assert: + that: + - delete_check is changed + + - name: Delete basic template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: absent + name: TestTemplate + register: delete_template + + - name: Debug delete_template + ansible.builtin.debug: + var: delete_template + + - name: Assert the thing was deleted and changed + ansible.builtin.assert: + that: + - delete_template.changed + + - name: Delete basic template idempotent + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: absent + name: TestTemplate + register: idempotent_delete_template + + - name: Debug delete_template + ansible.builtin.debug: + var: idempotent_delete_template + + - name: Assert nothing was changed + ansible.builtin.assert: + that: + - not idempotent_delete_template.changed + + - name: Query deleted basic template + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: query + name: TestTemplate + register: deleted_template + ignore_errors: true + + - name: Debug deleted_template + ansible.builtin.debug: + var: deleted_template + + - name: Assert we hit an error + ansible.builtin.assert: + that: + - 'deleted_template.msg == "Unable to get webhook payload template named: TestTemplate"' + + ######################################### + ## Tests for argument completeness ## + ######################################### + - name: Test body check + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: TestTemplate + register: error_no_body + ignore_errors: true + + - name: Assert body is required when creating/updating a template + ansible.builtin.assert: + that: + - 'error_no_body.msg == "body is a required parameter when state is present"' + + - name: Test name check + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + register: error_no_name + ignore_errors: true + + - name: Assert name is required when creating/updating/deleting a template + ansible.builtin.assert: + that: + - 'error_no_name.msg == "name is a required parameter"' + + - name: Test headers args + cisco.meraki.meraki_webhook_payload_template: + auth_key: '{{ auth_key }}' + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' + state: present + name: Test + body: "fake body" + headers: + - name: test + register: header_args + ignore_errors: true + + - name: Assert headers args are there + ansible.builtin.assert: + that: + - 'header_args.msg == "template in header must be a string"' + + ############################################################################ + # Tear down starts here + ############################################################################ + always: + + - name: Delete wireless network + cisco.meraki.meraki_network: + auth_key: '{{ auth_key }}' + state: absent + org_name: '{{ test_org_name }}' + net_id: '{{ net }}' diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.10.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.10.txt new file mode 100644 index 000000000..d6f190be0 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.10.txt @@ -0,0 +1 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.11.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.11.txt new file mode 100644 index 000000000..0e9a3ead8 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.11.txt @@ -0,0 +1,2 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name +plugins/modules/meraki_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.12.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.12.txt new file mode 100644 index 000000000..d6f190be0 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.12.txt @@ -0,0 +1 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.13.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.13.txt new file mode 100644 index 000000000..d6f190be0 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.13.txt @@ -0,0 +1 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.14.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.14.txt new file mode 100644 index 000000000..d6f190be0 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.14.txt @@ -0,0 +1 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.15.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.15.txt new file mode 100644 index 000000000..d6f190be0 --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.15.txt @@ -0,0 +1 @@ +plugins/modules/meraki_mx_intrusion_prevention.py validate-modules:invalid-argument-name diff --git a/ansible_collections/cisco/meraki/tests/sanity/ignore-2.9.txt b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.9.txt new file mode 100644 index 000000000..00914499a --- /dev/null +++ b/ansible_collections/cisco/meraki/tests/sanity/ignore-2.9.txt @@ -0,0 +1,2 @@ +plugins/modules/meraki_intrusion_prevention.py invalid-argument-name # ignore missing argument +plugins/modules/meraki_intrusion_prevention.py nonexistent-parameter-documented # ignore missing argument |