From 38b7c80217c4e72b1d8988eb1e60bb6e77334114 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 18 Apr 2024 07:52:22 +0200 Subject: Adding upstream version 9.4.0+dfsg. Signed-off-by: Daniel Baumann --- ansible_collections/cisco/asa/.github/CODEOWNERS | 0 .../cisco/asa/.github/dependabot.yml | 9 + .../cisco/asa/.github/release-drafter.yml | 3 + .../cisco/asa/.github/workflows/ack.yml | 15 + .../cisco/asa/.github/workflows/codecoverage.yml | 15 + .../cisco/asa/.github/workflows/lint.yml | 12 + .../cisco/asa/.github/workflows/push.yml | 27 ++ .../cisco/asa/.github/workflows/release.yml | 14 + .../cisco/asa/.github/workflows/test.yml | 45 --- .../cisco/asa/.github/workflows/tests.yml | 46 +++ ansible_collections/cisco/asa/.gitignore | 7 + .../cisco/asa/.pre-commit-config.yaml | 14 +- ansible_collections/cisco/asa/CHANGELOG.rst | 54 ++-- ansible_collections/cisco/asa/FILES.json | 150 +++++++--- ansible_collections/cisco/asa/MANIFEST.json | 4 +- ansible_collections/cisco/asa/bindep.txt | 4 +- .../cisco/asa/changelogs/changelog.yaml | 44 +-- ansible_collections/cisco/asa/codecov.yml | 15 + .../cisco/asa/docs/cisco.asa.asa_acls_module.rst | 312 ++++++++++---------- .../asa/docs/cisco.asa.asa_command_module.rst | 10 +- .../cisco/asa/docs/cisco.asa.asa_config_module.rst | 40 +-- .../cisco/asa/docs/cisco.asa.asa_facts_module.rst | 4 +- .../cisco/asa/docs/cisco.asa.asa_ogs_module.rst | 204 +++++++------- .../module_utils/network/asa/rm_templates/ogs.py | 4 +- .../module_utils/network/asa/utils/utils.py | 2 +- .../cisco/asa/plugins/modules/asa_acls.py | 313 ++++++++++----------- .../cisco/asa/plugins/modules/asa_command.py | 10 +- .../cisco/asa/plugins/modules/asa_config.py | 40 +-- .../cisco/asa/plugins/modules/asa_facts.py | 4 +- .../cisco/asa/plugins/modules/asa_ogs.py | 205 +++++++------- .../targets/asa_acls/tests/cli/_parsed.cfg | 2 +- .../asa_acls/tests/cli/_populate_config.yaml | 2 +- .../asa_acls/tests/cli/_populate_network_og.yaml | 2 +- .../targets/asa_acls/tests/cli/merged.yaml | 2 +- .../targets/asa_acls/tests/cli/rendered.yaml | 2 +- .../targets/asa_acls/tests/cli/replaced.yaml | 2 +- .../targets/asa_acls/tests/cli/rtt.yaml | 2 +- .../integration/targets/asa_acls/vars/main.yaml | 18 +- .../asa_ogs/tests/cli/_populate_config.yaml | 6 +- .../targets/asa_ogs/tests/cli/gathered.yaml | 2 +- .../targets/asa_ogs/tests/cli/merged.yaml | 4 +- .../targets/asa_ogs/tests/cli/overridden.yaml | 4 +- .../targets/asa_ogs/tests/cli/rendered.yaml | 4 +- .../targets/asa_ogs/tests/cli/replaced.yaml | 4 +- .../integration/targets/asa_ogs/tests/cli/rtt.yaml | 10 +- .../integration/targets/asa_ogs/vars/main.yaml | 28 +- .../targets/asa_smoke/tests/caching.yaml | 8 +- .../cisco/asa/tests/sanity/ignore-2.17.txt | 1 + .../cisco/asa/tests/unit/mock/loader.py | 2 +- .../network/asa/fixtures/asa_acls_config.cfg | 2 +- .../unit/modules/network/asa/test_asa_acls.py | 16 +- .../tests/unit/modules/network/asa/test_asa_ogs.py | 22 +- 52 files changed, 984 insertions(+), 787 deletions(-) create mode 100644 ansible_collections/cisco/asa/.github/CODEOWNERS create mode 100644 ansible_collections/cisco/asa/.github/dependabot.yml create mode 100644 ansible_collections/cisco/asa/.github/release-drafter.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/ack.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/codecoverage.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/lint.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/push.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/release.yml delete mode 100644 ansible_collections/cisco/asa/.github/workflows/test.yml create mode 100644 ansible_collections/cisco/asa/.github/workflows/tests.yml create mode 100644 ansible_collections/cisco/asa/codecov.yml create mode 100644 ansible_collections/cisco/asa/tests/sanity/ignore-2.17.txt (limited to 'ansible_collections/cisco/asa') diff --git a/ansible_collections/cisco/asa/.github/CODEOWNERS b/ansible_collections/cisco/asa/.github/CODEOWNERS new file mode 100644 index 000000000..e69de29bb diff --git a/ansible_collections/cisco/asa/.github/dependabot.yml b/ansible_collections/cisco/asa/.github/dependabot.yml new file mode 100644 index 000000000..5b32d4c10 --- /dev/null +++ b/ansible_collections/cisco/asa/.github/dependabot.yml @@ -0,0 +1,9 @@ +--- +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: daily + labels: + - "skip-changelog" diff --git a/ansible_collections/cisco/asa/.github/release-drafter.yml b/ansible_collections/cisco/asa/.github/release-drafter.yml new file mode 100644 index 000000000..e3e5966e4 --- /dev/null +++ b/ansible_collections/cisco/asa/.github/release-drafter.yml @@ -0,0 +1,3 @@ +--- +# see https://github.com/ansible-community/devtools +_extends: ansible-community/devtools diff --git a/ansible_collections/cisco/asa/.github/workflows/ack.yml b/ansible_collections/cisco/asa/.github/workflows/ack.yml new file mode 100644 index 000000000..fda595dc5 --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/ack.yml @@ -0,0 +1,15 @@ +--- +# See https://github.com/ansible-community/devtools/blob/main/.github/workflows/ack.yml +name: ack + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: # yamllint disable-line rule:truthy + pull_request_target: + types: [opened, labeled, unlabeled, synchronize] + +jobs: + ack: + uses: ansible/devtools/.github/workflows/ack.yml@main diff --git a/ansible_collections/cisco/asa/.github/workflows/codecoverage.yml b/ansible_collections/cisco/asa/.github/workflows/codecoverage.yml new file mode 100644 index 000000000..c2a7ad60d --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/codecoverage.yml @@ -0,0 +1,15 @@ +--- +name: code_coverage + +on: # yamllint disable-line rule:truthy + push: + pull_request: + branches: [ main ] + +jobs: + codecoverage: + uses: ansible-network/github_actions/.github/workflows/coverage_network_devices.yml@main + with: + collection_pre_install: >- + git+https://github.com/ansible-collections/ansible.utils.git + git+https://github.com/ansible-collections/ansible.netcommon.git diff --git a/ansible_collections/cisco/asa/.github/workflows/lint.yml b/ansible_collections/cisco/asa/.github/workflows/lint.yml new file mode 100644 index 000000000..853e4b69c --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/lint.yml @@ -0,0 +1,12 @@ +--- +name: ansible-lint +on: # yamllint disable-line rule:truthy + pull_request: + branches: ["main"] +jobs: + build: + name: Ansible Lint + runs-on: ubuntu-latest + steps: + - name: Run ansible-lint + uses: ansible/ansible-lint@main diff --git a/ansible_collections/cisco/asa/.github/workflows/push.yml b/ansible_collections/cisco/asa/.github/workflows/push.yml new file mode 100644 index 000000000..e82df35cd --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/push.yml @@ -0,0 +1,27 @@ +--- +# push workflow is shared and expected to perform actions after a merge happens +# on a maintenance branch (default or release). For example updating the +# draft release-notes. +# based on great work from +# https://github.com/T-Systems-MMS/ansible-collection-icinga-director +name: push + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: # yamllint disable-line rule:truthy + workflow_dispatch: + +env: + NAMESPACE: cisco + COLLECTION_NAME: asa + ANSIBLE_COLLECTIONS_PATHS: ./ + +jobs: + update_release_draft: + uses: ansible/devtools/.github/workflows/push_network.yml@main + with: + repo: ansible-collections/cisco.asa + secrets: + BOT_PAT: ${{ secrets.BOT_PAT }} diff --git a/ansible_collections/cisco/asa/.github/workflows/release.yml b/ansible_collections/cisco/asa/.github/workflows/release.yml new file mode 100644 index 000000000..eb04259d1 --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/release.yml @@ -0,0 +1,14 @@ +--- +name: release +on: # yamllint disable-line rule:truthy + release: + types: [published] + +jobs: + release: + uses: ansible/devtools/.github/workflows/release_collection.yml@main + with: + environment: release + secrets: + ah_token: ${{ secrets.AH_TOKEN }} + ansible_galaxy_api_key: ${{ secrets.ANSIBLE_GALAXY_API_KEY }} diff --git a/ansible_collections/cisco/asa/.github/workflows/test.yml b/ansible_collections/cisco/asa/.github/workflows/test.yml deleted file mode 100644 index 8d6d4ed62..000000000 --- a/ansible_collections/cisco/asa/.github/workflows/test.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -name: Test collection - -concurrency: - group: ${{ github.head_ref }} - cancel-in-progress: true - -on: # yamllint disable-line rule:truthy - pull_request: - branches: [main] - workflow_dispatch: - -jobs: - ansible-lint: - uses: ansible-network/github_actions/.github/workflows/ansible-lint.yml@main - changelog: - uses: ansible-network/github_actions/.github/workflows/changelog.yml@main - sanity: - uses: ansible-network/github_actions/.github/workflows/sanity.yml@main - unit-galaxy: - uses: ansible-network/github_actions/.github/workflows/unit_galaxy.yml@main - unit-source: - uses: ansible-network/github_actions/.github/workflows/unit_source.yml@main - with: - collection_pre_install: >- - git+https://github.com/ansible-collections/ansible.utils.git - git+https://github.com/ansible-collections/ansible.netcommon.git - all_green: - if: ${{ always() }} - needs: - - ansible-lint - - changelog - - sanity - - unit-galaxy - - unit-source - runs-on: ubuntu-latest - steps: - - run: >- - python -c "assert set([ - '${{ needs.ansible-lint.result }}', - '${{ needs.changelog.result }}', - '${{ needs.sanity.result }}', - '${{ needs.unit-galaxy.result }}', - '${{ needs.unit-source.result }}' - ]) == {'success'}" diff --git a/ansible_collections/cisco/asa/.github/workflows/tests.yml b/ansible_collections/cisco/asa/.github/workflows/tests.yml new file mode 100644 index 000000000..0fb4cc0cf --- /dev/null +++ b/ansible_collections/cisco/asa/.github/workflows/tests.yml @@ -0,0 +1,46 @@ +--- +name: test_collection + +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +on: # yamllint disable-line rule:truthy + pull_request: + branches: [main] + workflow_dispatch: + schedule: + - cron: '0 0 * * *' + + +jobs: + changelog: + uses: ansible-network/github_actions/.github/workflows/changelog.yml@main + if: github.event_name != 'schedule' + sanity: + uses: ansible-network/github_actions/.github/workflows/sanity.yml@main + unit-galaxy: + uses: ansible-network/github_actions/.github/workflows/unit_galaxy.yml@main + unit-source: + uses: ansible-network/github_actions/.github/workflows/unit_source.yml@main + with: + collection_pre_install: >- + git+https://github.com/ansible-collections/ansible.utils.git + git+https://github.com/ansible-collections/ansible.netcommon.git + all_green: + if: ${{ always() && (github.event_name != 'schedule') }} + needs: + - changelog + - sanity + - unit-galaxy + - unit-source + runs-on: ubuntu-latest + steps: + - run: >- + python -c "assert 'failure' not in + set([ + '${{ needs.changelog.result }}', + '${{ needs.sanity.result }}', + '${{ needs.unit-galaxy.result }}', + '${{ needs.unit-source.result }}' + ])" diff --git a/ansible_collections/cisco/asa/.gitignore b/ansible_collections/cisco/asa/.gitignore index 894a44cc0..45d94ba47 100644 --- a/ansible_collections/cisco/asa/.gitignore +++ b/ansible_collections/cisco/asa/.gitignore @@ -102,3 +102,10 @@ venv.bak/ # mypy .mypy_cache/ + +# ide +*.code-workspace +.vscode/ +.DS_Store + +changelogs/.plugin-cache.yaml diff --git a/ansible_collections/cisco/asa/.pre-commit-config.yaml b/ansible_collections/cisco/asa/.pre-commit-config.yaml index bf907dc47..77ff23f3d 100644 --- a/ansible_collections/cisco/asa/.pre-commit-config.yaml +++ b/ansible_collections/cisco/asa/.pre-commit-config.yaml @@ -3,11 +3,11 @@ repos: - repo: https://github.com/ansible-network/collection_prep rev: 1.1.1 hooks: - - id: autoversion + # - id: autoversion # removed as being handled by GHA push and release drafter - id: update-docs - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 + rev: v4.5.0 hooks: - id: check-merge-conflict - id: check-symlinks @@ -18,14 +18,17 @@ repos: - id: trailing-whitespace - repo: https://github.com/asottile/add-trailing-comma - rev: v2.5.1 + rev: v3.1.0 hooks: - id: add-trailing-comma - repo: https://github.com/pre-commit/mirrors-prettier - rev: "v3.0.0-alpha.9-for-vscode" + rev: "v3.0.3" hooks: - id: prettier + entry: env CI=1 bash -c "prettier --list-different . || ec=$? && prettier --loglevel=error --write . && exit $ec" + pass_filenames: false + args: [] additional_dependencies: - prettier - prettier-plugin-toml @@ -35,8 +38,9 @@ repos: hooks: - id: isort name: Sort import statements using isort + args: ["--filter-files"] - repo: https://github.com/psf/black - rev: 23.3.0 + rev: 23.10.1 hooks: - id: black diff --git a/ansible_collections/cisco/asa/CHANGELOG.rst b/ansible_collections/cisco/asa/CHANGELOG.rst index c7c81dd0b..39bdff83c 100644 --- a/ansible_collections/cisco/asa/CHANGELOG.rst +++ b/ansible_collections/cisco/asa/CHANGELOG.rst @@ -5,31 +5,41 @@ Cisco Asa Collection Release Notes .. contents:: Topics -v4.0.1 +v4.0.3 ====== Release Summary --------------- -- Release with bugfix fixing the import path coming from `utils` and `netcommon` lib. +Release with updated workflow and lint fixes. -v4.0.0 +v4.0.2 +====== + +Documentation Changes +--------------------- + +- Replace all references to non-example address ranges in module documentation and tests. + +v4.0.1 ====== Release Summary --------------- -- Releasing 4.0.0 with deprecated older modules removed and GH actions enabled for sanity and unit test over the repo. -- This release drops support for `connection: local` and provider dictionary. +Release with bugfix fixing the import path coming from utils and netcommon lib. + +v4.0.0 +====== Major Changes ------------- - Please use either of the following connection types - network_cli, httpapi or netconf. +- This includes the following modules: - This release drops support for `connection: local` and provider dictionary. -- Use of connection: local and the provider option are no longer valid on any modules in this collection. - This release removes all deprecated plugins that have reached their end-of-life. -- This includes the following modules: +- Use of connection: local and the provider option are no longer valid on any modules in this collection. - asa_acl - asa_og @@ -39,7 +49,7 @@ v3.1.0 Release Summary --------------- -- Releasing 3.1.0 with bugfix. +Releasing 3.1.0 with bugfix. Bugfixes -------- @@ -60,7 +70,7 @@ Major Changes Bugfixes -------- -- Fixes asa_ogs services object and port object issue +- Fixes asa_ogs services object and port object issue ((https://github.com/ansible-collections/cisco.asa/issues/152). v2.1.0 ====== @@ -68,7 +78,7 @@ v2.1.0 Release Summary --------------- -- Releasing 2.1.0 with updated readme with changelog link, minor change, and bugfix. +Releasing 2.1.0 with updated readme with changelog link, minor change, and bugfix. Minor Changes ------------- @@ -100,8 +110,8 @@ v2.0.2 Bugfixes -------- -- To fix asa_acls where ipv6 with host wasn't getting rendered as expected and facts was skipping (https://github.com/ansible-collections/cisco.asa/issues/105). -- To fix Cisco ASA network_object object config which wasn't working as expected. (https://github.com/ansible-collections/cisco.asa/issues/99). +- To fix Cisco ASA network_object object config which wasn't working as expected. +- To fix asa_acls where ipv6 with host wasn't getting rendered as expected and facts was skipping. v2.0.1 ====== @@ -109,8 +119,8 @@ v2.0.1 Minor Changes ------------- -- Remove tests/sanity/requirements.txt (https://github.com/ansible-collections/cisco.asa/pull/94). - Add ignore-2.12.txt (https://github.com/ansible-collections/cisco.asa/pull/102). +- Remove tests/sanity/requirements.txt (https://github.com/ansible-collections/cisco.asa/pull/94). Bugfixes -------- @@ -124,8 +134,8 @@ v2.0.0 Major Changes ------------- -- Requires ansible.netcommon v2.0.0+ to support `ansible_network_single_user_mode` and `ansible_network_import_modules`. - Please refer to ansible.netcommon `changelog ` for more details. +- Requires ansible.netcommon v2.0.0+ to support `ansible_network_single_user_mode` and `ansible_network_import_modules`. Minor Changes ------------- @@ -140,26 +150,16 @@ Bugfixes v1.0.4 ====== -Release Summary ---------------- - -- Releasing 1.0.4 with updated readme with changelog link, galaxy description, and bugfix. - Bugfixes -------- -- Update asa acls RM to use newer RM design approach and addeed support for any4/any6 feature (https://github.com/ansible-collections/cisco.asa/pull/64). - Add version key to galaxy.yaml to work around ansible-galaxy bug - To fix ASA OGs module where delete by name was not resulting to an expected behaviour (https://github.com/ansible-collections/cisco.asa/pull/77). +- Update asa acls RM to use newer RM design approach and addeed support for any4/any6 feature (https://github.com/ansible-collections/cisco.asa/pull/64). v1.0.3 ====== -Release Summary ---------------- - -- Releasing 1.0.3 with updated readme with changelog link, galaxy description, and bugfix. - Bugfixes -------- @@ -171,7 +171,7 @@ v1.0.2 Release Summary --------------- -- Re-releasing 1.0.1 with updated changelog. +Re-releasing 1.0.1 with updated changelog. v1.0.1 ====== @@ -201,10 +201,8 @@ Cliconf New Modules ----------- -- asa_acl - (deprecated, removed after 2022-06-01) Manage access-lists on a Cisco ASA - asa_acls - Access-Lists resource module - asa_command - Run arbitrary commands on Cisco ASA devices - asa_config - Manage configuration sections on Cisco ASA devices - asa_facts - Collect facts from remote devices running Cisco ASA -- asa_og - (deprecated, removed after 2022-06-01) Manage object groups on a Cisco ASA - asa_ogs - Object Group resource module diff --git a/ansible_collections/cisco/asa/FILES.json b/ansible_collections/cisco/asa/FILES.json index 72079679a..5d2cc3c89 100644 --- a/ansible_collections/cisco/asa/FILES.json +++ b/ansible_collections/cisco/asa/FILES.json @@ -22,10 +22,66 @@ "format": 1 }, { - "name": ".github/workflows/test.yml", + "name": ".github/workflows/ack.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "51b6302c7555534ded7cc895eee6001382baba933abb2fdf2fe4151b4a8175b6", + "chksum_sha256": "24c6fbafaa69e3e3ee696f2cefa5120794b62cef7e870553dddce8b8af0a127c", + "format": 1 + }, + { + "name": ".github/workflows/codecoverage.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "8bbcae622f5e51798b577df290135e846244399c2a6ccbfedac523b38a8330a3", + "format": 1 + }, + { + "name": ".github/workflows/lint.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "b5f88713a9a457040f5019604498e2e783aefb40ea70d667b969c213f5758116", + "format": 1 + }, + { + "name": ".github/workflows/push.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "ab12fa802baf5f9545109b311f6bac5b76ae1a404a60d20a32481d41b06d901c", + "format": 1 + }, + { + "name": ".github/workflows/release.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "c9b7dba505905600bbb9f0d8e9956b7cc20f80edfa742dfdae9395542f417aa1", + "format": 1 + }, + { + "name": ".github/workflows/tests.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4f91a01c164850068d354337e1e18eb370fa87ed19023526987de3e79a5f6ede", + "format": 1 + }, + { + "name": ".github/CODEOWNERS", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "format": 1 + }, + { + "name": ".github/dependabot.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "11ceee3c57116e9fd08bc423414b1095ff002aa012d6fb325b1a7e24d7e28461", + "format": 1 + }, + { + "name": ".github/release-drafter.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "7cbc785c8661033cd9dd7a60897484fce731cbe3dc124a689fc3e934b1d974fb", "format": 1 }, { @@ -53,7 +109,7 @@ "name": "changelogs/changelog.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "83e4eb662cd69a10743ef06e5b3c57683963a13b98f534f08f10a26b0d874ab5", + "chksum_sha256": "29d60ece077d15d48396df191a66424227181af47ee96ee8857f0000223ab6a3", "format": 1 }, { @@ -74,7 +130,7 @@ "name": "docs/cisco.asa.asa_acls_module.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "750fa846072ce574928001b2fae8e47901b336a7ace5337a649b48645e1ce2e4", + "chksum_sha256": "4bf9ceee633d44f4509326f63e3c9f5aa7e21dfe85e1460ee899c4d155e54215", "format": 1 }, { @@ -88,28 +144,28 @@ "name": "docs/cisco.asa.asa_command_module.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "6481ab02d593c0e4a9af45d9acc59e122cc8b3a00d3b944e2ffd148b25966343", + "chksum_sha256": "de89e062700396aecebc8688205cf4bb67f6c823f59ade25c8d0941e7f95e80e", "format": 1 }, { "name": "docs/cisco.asa.asa_config_module.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5f4fcb63e1c344f5c03536ab0d41736e53592a91753aadccde883da56f9e3358", + "chksum_sha256": "cc3c3963268c8bc964ffefdc2d18bd767f74fdbddbddda33af421d8e9e6e41a0", "format": 1 }, { "name": "docs/cisco.asa.asa_facts_module.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "f14b6c580678a35006f1eed6a816da5a9996c5e32ce9a1bfe4eb4fcd4f5483b4", + "chksum_sha256": "54782ce3a5835e74bc09a4ec6fd3bd833230f10485bac2d7d1c374676192b925", "format": 1 }, { "name": "docs/cisco.asa.asa_ogs_module.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "7fdb9c9e481da52409b1827b1fd417d56f83320222d3ffcfa0f50ad6d8fe85a8", + "chksum_sha256": "2187a61050ddfc69156df4780558b2f2fca740ebb5e1a17bf197ba220362e2f8", "format": 1 }, { @@ -480,7 +536,7 @@ "name": "plugins/module_utils/network/asa/rm_templates/ogs.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "804cdc2fdb4235bf2c1a2f07d39eafaca5590c851c8aba57cdd5f185ad396a8e", + "chksum_sha256": "ff869d21e976eeeef522b52b44df1c276e97dbb90cee0aa13a9eedc42570ae0b", "format": 1 }, { @@ -501,7 +557,7 @@ "name": "plugins/module_utils/network/asa/utils/utils.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "1cbced20b20d70c95e331316a838836c02d2316495b6cc9ac6117215f8a751ab", + "chksum_sha256": "869e911f1d710075554251977a255d09e8054cecce9ba0910f1b52027fc81c2f", "format": 1 }, { @@ -543,35 +599,35 @@ "name": "plugins/modules/asa_acls.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "440327270f5bc8910c1abd73b497dff002c03d0366f2d2b88b9c5cfae3470ca8", + "chksum_sha256": "b56a38b92596b7d22ebc6bed87c1587a7732f4a3d7680e274d0afa3553067490", "format": 1 }, { "name": "plugins/modules/asa_command.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "8366b0e731fa82013c26f765a3fb63b1494c5a838de3b4c2ac7767567eaeebdf", + "chksum_sha256": "9fbb4c90a18d3945dfd710c5dbd17f8b81780528e2a9bb8fe3c6136acc76a907", "format": 1 }, { "name": "plugins/modules/asa_config.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "d249004089c899918141e7166a1ef779e0672968b653443d913f23ba980490ae", + "chksum_sha256": "5210224a3e633f4611401d71d0bb9699827647d3900547ed4f9bb0a27e099640", "format": 1 }, { "name": "plugins/modules/asa_facts.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "b672ac9d02ef6fb5f7b4b5ed896ef48d1f78b18a4f4095e55f903c0962410a5c", + "chksum_sha256": "17fc0b752d583d54f38f878f8122a7fe8db0319b7fbee1519577b588d4034b6c", "format": 1 }, { "name": "plugins/modules/asa_ogs.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "8db21fc2fe1ca951a64b10f4591f616708153f0cf5537cae530d55b89f054eb0", + "chksum_sha256": "278c499570e2f0cf5a2c6a48929e9c40530e00ab0ecc4945689858e689808119", "format": 1 }, { @@ -690,21 +746,21 @@ "name": "tests/integration/targets/asa_acls/tests/cli/_parsed.cfg", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5960e62a21b063f4e244a1341d1febdd7dff3d36caba6367bacf8cca3cb6eb2c", + "chksum_sha256": "a3f566b6a9c72ca243265852b24e9d5a01f4b30b68058134001ecc88b75c00f3", "format": 1 }, { "name": "tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "b57b940b37127b0ffd87629fca86e1307283d57da12633d4313e233f3f42777b", + "chksum_sha256": "84d196a881a4bc595bc580973d383ec06e46907bdb2188a786d1e080a9729199", "format": 1 }, { "name": "tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "99184795a348c3718179a12f6469025f5b40874888e2f73dee7eb7c241677b9d", + "chksum_sha256": "82201b0b674b40da9d8f1df8d332a5b0a92453962aa5d995398b61d271d60819", "format": 1 }, { @@ -746,7 +802,7 @@ "name": "tests/integration/targets/asa_acls/tests/cli/merged.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "18b114e1c9c5cc39cf7d26d997a963911ea6be7a38797e121f05f3fade61205d", + "chksum_sha256": "9601c55b51df1f3e8883106d1253fba4a9126420350a45a75d3486802533ec94", "format": 1 }, { @@ -767,21 +823,21 @@ "name": "tests/integration/targets/asa_acls/tests/cli/rendered.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "ac8614e55e09c07e2d52e392d7f4123da8ca4ed4216edb5a51231a966f6513b9", + "chksum_sha256": "ee80f2ddb0cd38198407d0499e9af0f4f6a4240e5e1dcdf0bc4cf73f907d040f", "format": 1 }, { "name": "tests/integration/targets/asa_acls/tests/cli/replaced.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5115b22bb8b99fc8677ae2815f79acd579b04e09c73bfc92c83920e2ac5f4116", + "chksum_sha256": "70fac1dc646c612f07d014d12796fe67e2799f711dca91d18761dd0a2aceef9f", "format": 1 }, { "name": "tests/integration/targets/asa_acls/tests/cli/rtt.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "6b69924a6e9fb2c91f3f24defc1a8cf54cf4bac358ed6a549e2af3fd3e921ffb", + "chksum_sha256": "f7c3c0039b62a050d223a0324c538214989cdfb4ea11a95807519a980f157b0a", "format": 1 }, { @@ -795,7 +851,7 @@ "name": "tests/integration/targets/asa_acls/vars/main.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "c252e1db1e7fbfdc103586e97a7d53278d9b109eadc2cdc876a79702fb2ca8f4", + "chksum_sha256": "1d217a7fa8decd498e4dd9c715bfaf8d560a734eded627b20dbc09cc7c7b0151", "format": 1 }, { @@ -1264,7 +1320,7 @@ "name": "tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "33c780254ef202bbdc66060c50d78b8636e9438e8b1aee25e89934b24887a9db", + "chksum_sha256": "2ef178de83b73bbcbb57eec0a53bf1916400afe2a306df42e7421fb7bd1b49a4", "format": 1 }, { @@ -1292,21 +1348,21 @@ "name": "tests/integration/targets/asa_ogs/tests/cli/gathered.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "a1bffd4f3dd7cf118b7ec34f874d1f7214f764e332ad7ffa6af4cec4c65ef87c", + "chksum_sha256": "e775a90f35bf1d02c36f75947efd359595085f0b8d7cda9e70b295a064cb0840", "format": 1 }, { "name": "tests/integration/targets/asa_ogs/tests/cli/merged.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "229c49a2b255f1d193242832af26566913855ca5379c31e5094d6dd7bdea889b", + "chksum_sha256": "f149bbc1ec48feedc896079f15994dd6a5175514dc026e7d12fa417b88d48728", "format": 1 }, { "name": "tests/integration/targets/asa_ogs/tests/cli/overridden.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "f57dbcd5e7a5a2806877e2594c04ffad285b1c2cd8a71dcd25f3892667ef0473", + "chksum_sha256": "afe118ea3be25d57e9ab26348bdd52bc4b840490a85f11b9f79563a92eb51834", "format": 1 }, { @@ -1320,21 +1376,21 @@ "name": "tests/integration/targets/asa_ogs/tests/cli/rendered.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "f19aea9944f06638de540da4184008f7da3f4dd882a9643b9b37bf21ecaa2b16", + "chksum_sha256": "0ab9e8d1c4ab5c6c8cff5dbcbd6de19807bc8a736ec05cac65a7358f3d919b1e", "format": 1 }, { "name": "tests/integration/targets/asa_ogs/tests/cli/replaced.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5738a00f1eefc734059284b388262b76826c7290331b341eddd1c618fcc8934a", + "chksum_sha256": "6bdc390ed516bdb772e8b3e4e9498bb9f8e48c7a023d08e919809e66e62dd979", "format": 1 }, { "name": "tests/integration/targets/asa_ogs/tests/cli/rtt.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5fa0aaf89c9e17d3aad9271db3825507a0906ce3f675928302a13744e4c32cf9", + "chksum_sha256": "a7f127a390e99667637b87bd4e9297e6d5cafd88d873587ae03cf88f88ec5288", "format": 1 }, { @@ -1348,7 +1404,7 @@ "name": "tests/integration/targets/asa_ogs/vars/main.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "5bf52bc5f174d2a837caca177c6402e339b1d24fad08c2915c3cffd0f8d07d3c", + "chksum_sha256": "1418941753a214f960e5772742927306c42e64decf1f0cc4b7445167801ac377", "format": 1 }, { @@ -1404,7 +1460,7 @@ "name": "tests/integration/targets/asa_smoke/tests/caching.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "78e0c502c54eb1e6a715b9227364fe3c05f6001cc4d5f749b529377ddca7b76c", + "chksum_sha256": "4a956e5bd4218f18bd151bb253589e06d96f0ca012afeeb815a77f6213148945", "format": 1 }, { @@ -1477,6 +1533,13 @@ "chksum_sha256": "9a01d39f278abada36c8f698d56c3a0c17efdf85178ceba34c1dc3c523679b9d", "format": 1 }, + { + "name": "tests/sanity/ignore-2.17.txt", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "9a01d39f278abada36c8f698d56c3a0c17efdf85178ceba34c1dc3c523679b9d", + "format": 1 + }, { "name": "tests/sanity/ignore-2.9.txt", "ftype": "file", @@ -1537,7 +1600,7 @@ "name": "tests/unit/mock/loader.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "e76486305bda9c494bf264b8318112487efa2adcd167e7911f62c0f0dd0ba6ee", + "chksum_sha256": "bdaecf94a3bba53aa135687aecc6fc2c45f7ec5e85f5d2556f5a269aa3fe0c8a", "format": 1 }, { @@ -1607,7 +1670,7 @@ "name": "tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "b9e5f8e87d3bc88e90454bbbfb6d9f717cdd67b372b947f1c19c156dc2a623fd", + "chksum_sha256": "877c2b14dbd661c2235be0269f9e7ee0eeedc86ca3abc9b2883df838a2af2b99", "format": 1 }, { @@ -1663,7 +1726,7 @@ "name": "tests/unit/modules/network/asa/test_asa_acls.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "040c235bb40b5b3746324bb2226829c941f79dae3cdcbe7728ade86257d71db1", + "chksum_sha256": "2725a0d5d4a680c056a3d644f824257f18af756aa028980c864ff495afb1692a", "format": 1 }, { @@ -1677,7 +1740,7 @@ "name": "tests/unit/modules/network/asa/test_asa_ogs.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "59df8530e51b90f84fb6a51a1a4c00757cdf0a1e82ccd9f99431581d0d8f8f21", + "chksum_sha256": "68ad856224f437cdd22a45a3a8412f71fb9158f70558b9206d96da84280d9e03", "format": 1 }, { @@ -1733,7 +1796,7 @@ "name": ".gitignore", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "a2ebfecdb6c1b58267fbe97e6e2ac02c2b963df7673fc1047270f0f0cff16732", + "chksum_sha256": "e620f88c2366ee31df48a1a4efc69c2b06cfe8bef75979f9d6e32f0a872b2644", "format": 1 }, { @@ -1747,7 +1810,7 @@ "name": ".pre-commit-config.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "9e08c7b79f6ac11789ddb926541fe306f072a8e04e9ec39c593cdaa10918c566", + "chksum_sha256": "9e58624a7144289a17cc3adc6b49c11ab58d9c9e80a05c4240a36b4b3968f368", "format": 1 }, { @@ -1768,7 +1831,7 @@ "name": "CHANGELOG.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "bac52ab86e66938d9c8d9605149bba1ddd567335d785c162a3511d5fd16fe979", + "chksum_sha256": "ebc72b854489f94f781844c4c506df9f923573b633e2a45a0b8170d696cb292c", "format": 1 }, { @@ -1789,7 +1852,14 @@ "name": "bindep.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "3655133a5b76878ad197cf1dc415c0c269c0caf334106119d9daca791b66c011", + "chksum_sha256": "104adbad1acc69a10523807ae1b14344dddd76b712907ddc2b3ddf656d2c69c0", + "format": 1 + }, + { + "name": "codecov.yml", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "4aa7e485dd4db6f8a55b046088c745def2b3145d9499ccda4e9a3336467dcea2", "format": 1 }, { diff --git a/ansible_collections/cisco/asa/MANIFEST.json b/ansible_collections/cisco/asa/MANIFEST.json index 07bfd79b9..d8f452300 100644 --- a/ansible_collections/cisco/asa/MANIFEST.json +++ b/ansible_collections/cisco/asa/MANIFEST.json @@ -2,7 +2,7 @@ "collection_info": { "namespace": "cisco", "name": "asa", - "version": "4.0.1", + "version": "4.0.3", "authors": [ "Ansible Security Community (ansible-security)" ], @@ -28,7 +28,7 @@ "name": "FILES.json", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "caa5812e81ed8d612f314bb6bd16aa8e870f35e941b0e41729cecfe5e54e619b", + "chksum_sha256": "12ce03a7723c4c84e304c5ca4c2e1e909423ee63faecd32e9418d7e5ad7d0123", "format": 1 }, "format": 1 diff --git a/ansible_collections/cisco/asa/bindep.txt b/ansible_collections/cisco/asa/bindep.txt index d2aad3752..eec29ecd4 100644 --- a/ansible_collections/cisco/asa/bindep.txt +++ b/ansible_collections/cisco/asa/bindep.txt @@ -2,11 +2,9 @@ # see https://docs.openstack.org/infra/bindep/ for additional information. gcc-c++ [doc test platform:rpm] -python3-devel [test platform:rpm] -python3 [test platform:rpm] # ansible-pylibssh gcc [compile test platform:rpm] libssh-devel [compile test platform:rpm] python3-Cython [test platform:fedora-35] -python38-Cython [compile platform:centos-8 platform:rhel-8] +python3-Cython [compile platform:centos-8 platform:rhel-8] diff --git a/ansible_collections/cisco/asa/changelogs/changelog.yaml b/ansible_collections/cisco/asa/changelogs/changelog.yaml index f77c9eb07..d0f0d4e3a 100644 --- a/ansible_collections/cisco/asa/changelogs/changelog.yaml +++ b/ansible_collections/cisco/asa/changelogs/changelog.yaml @@ -2,11 +2,6 @@ ancestor: null releases: 1.0.0: modules: - - description: - (deprecated, removed after 2022-06-01) Manage access-lists on a - Cisco ASA - name: asa_acl - namespace: "" - description: Access-Lists resource module name: asa_acls namespace: "" @@ -19,11 +14,6 @@ releases: - description: Collect facts from remote devices running Cisco ASA name: asa_facts namespace: "" - - description: - (deprecated, removed after 2022-06-01) Manage object groups on - a Cisco ASA - name: asa_og - namespace: "" - description: Object Group resource module name: asa_ogs namespace: "" @@ -42,8 +32,8 @@ releases: - Removes Cisco ASA sanity ignores and sync for argspec and docstring (https://github.com/ansible-collections/cisco.asa/pull/59). - Updated docs. fragments: - - 48-add-change-log-1.0.0.yaml - 1.1.0_update_docs.yaml + - 48-add-change-log-1.0.0.yaml - fix_config_module_src_backup.yaml - remove_asa_ignore.yaml release_date: "2020-08-03" @@ -71,8 +61,8 @@ releases: any4/any6 feature (https://github.com/ansible-collections/cisco.asa/pull/64). fragments: - 56_acl_any4_ay6_feature_update_use_rm_approach.yaml - - galaxy-version.yaml - 76_asa_og_state_delete_not_working_as_expected.yaml + - galaxy-version.yaml release_date: "2020-11-26" 2.0.0: changes: @@ -135,13 +125,15 @@ releases: release_date: "2021-08-31" 2.1.0: changes: - release_summary: Releasing 2.1.0 with updated readme with changelog link, minor change, and bugfix. bugfixes: - Fixes asa_acls to add the support for service object group under destination option ((https://github.com/ansible-collections/cisco.asa/issues/100). minor_changes: - Fixes asa_ogs service object where complete params were not supported and added with the PR ((https://github.com/ansible-collections/cisco.asa/issues/100). + release_summary: + Releasing 2.1.0 with updated readme with changelog link, minor + change, and bugfix. fragments: - 0-copy_ignore_txt.yml - 100_fix_asa_ogs_services_object_param.yaml @@ -159,12 +151,12 @@ releases: release_date: "2022-05-05" 3.1.0: changes: - release_summary: Releasing 3.1.0 with bugfix. bugfixes: - Fix service-object port range rendering - Fixes asa_ogs port object range issue and duplicate service cmd (https://github.com/ansible-collections/cisco.asa/issues/165, https://github.com/ansible-collections/cisco.asa/issues/166). - Unit TC for svc src/dst port range + release_summary: Releasing 3.1.0 with bugfix. fragments: - fix_asa_ogs_bug_165_166.yaml release_date: "2022-06-28" @@ -173,11 +165,11 @@ releases: major_changes: - Please use either of the following connection types - network_cli, httpapi or netconf. + - "This includes the following modules:" - "This release drops support for `connection: local` and provider dictionary." + - This release removes all deprecated plugins that have reached their end-of-life. - "Use of connection: local and the provider option are no longer valid on any modules in this collection." - - This release removes all deprecated plugins that have reached their end-of-life. - - "This includes the following modules:" - asa_acl - asa_og fragments: @@ -187,10 +179,28 @@ releases: release_date: "2022-10-13" 4.0.1: changes: - release_summary: Release with bugfix fixing the import path coming from utils and netcommon lib. + release_summary: + Release with bugfix fixing the import path coming from utils + and netcommon lib. fragments: - cleanup.yaml - pre-commit.yaml - rm_base.yaml - rm_base_plus.yaml release_date: "2023-06-13" + 4.0.2: + changes: + doc_changes: + - Replace all references to non-example address ranges in module documentation + and tests. + fragments: + - bindep_fix.yaml + - test-net-2.yaml + release_date: "2023-09-27" + 4.0.3: + changes: + release_summary: Release with updated workflow and lint fixes. + fragments: + - codecov_pr.yml + - lint_fixtures.yaml + release_date: "2023-10-31" diff --git a/ansible_collections/cisco/asa/codecov.yml b/ansible_collections/cisco/asa/codecov.yml new file mode 100644 index 000000000..c77c91a90 --- /dev/null +++ b/ansible_collections/cisco/asa/codecov.yml @@ -0,0 +1,15 @@ +--- +codecov: + require_ci_to_pass: true +comment: + layout: " diff, flags, files" + behavior: default + require_changes: false + require_base: false + require_head: true +coverage: + status: + patch: false + project: + default: + threshold: 0.3% diff --git a/ansible_collections/cisco/asa/docs/cisco.asa.asa_acls_module.rst b/ansible_collections/cisco/asa/docs/cisco.asa.asa_acls_module.rst index 4ab131ec4..8fb386c7c 100644 --- a/ansible_collections/cisco/asa/docs/cisco.asa.asa_acls_module.rst +++ b/ansible_collections/cisco/asa/docs/cisco.asa.asa_acls_module.rst @@ -2416,85 +2416,85 @@ Examples - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp - - grant: deny - line: 3 - protocol_options: - tcp: true - source: - interface: management - destination: - interface: management - port_protocol: - eq: www - log: warnings - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - object_group: test_og_network - destination: - object_group: test_network_og - port_protocol: - eq: www - log: default + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp + - grant: deny + line: 3 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default - name: global_access acl_type: extended aces: - - line: 3 - remark: test global access - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - any: true - destination: - any: true - port_protocol: - eq: www - log: errors + - line: 3 + remark: test global access + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors - name: R1_traffic aces: - - line: 1 - remark: test_v6_acls - - grant: deny - line: 2 - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - line: 1 + remark: test_v6_acls + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: merged # Commands fired: @@ -2503,7 +2503,7 @@ Examples # access-list global_access line 4 extended deny tcp any any eq www log errors interval 300 # access-list R1_traffic line 1 remark test_v6_acls # access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive - # access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + # access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive # access-list temp_access line 2 extended deny tcp interface management interface management @@ -2527,7 +2527,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2537,9 +2537,9 @@ Examples # interval 300 (hitcnt=0) 0x78aa233d # access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og # eq www log default (hitcnt=0) 0x477aec1e - # access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.1 eq www + # access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.1 eq www # log default (hitcnt=0) 0xdc7edff8 - # access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.2 eq www + # access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.2 eq www # log default (hitcnt=0) 0x7b0e9fde # access-list test_access line 2 extended deny tcp 198.51.100.0 255.255.255.0 2001:db8:3::/64 eq www # log default (hitcnt=0) 0x97c75adc @@ -2604,7 +2604,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2617,20 +2617,20 @@ Examples - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: replaced # Commands fired: @@ -2656,7 +2656,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2681,7 +2681,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2695,20 +2695,20 @@ Examples - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: overridden # Commands fired: @@ -2716,7 +2716,7 @@ Examples # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 time-range temp # no access-list temp_access line 1 - # extended grant deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + # extended grant deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list R1_traffic line 2 # extended grant deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive # no access-list R1_traffic line 1 @@ -2752,7 +2752,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2770,7 +2770,7 @@ Examples # --------------- # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive - # no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default # no access-list global_access line 3 extended deny tcp any any eq www log errors interval 300 # no access-list global_access line 2 extended deny tcp any any eq telnet @@ -2789,7 +2789,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # Using Deleted without any config passed - #"(NOTE: This will delete all of configured resource module attributes)" + # "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -2808,7 +2808,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2826,7 +2826,7 @@ Examples # no access-list R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq telnet 2001:fc8:0:4::/64 eq www # log errors interval 300 # no access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive - # no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + # no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive @@ -2853,7 +2853,7 @@ Examples # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -2958,7 +2958,7 @@ Examples # "aces": [ # { # "destination": { - # "address": "192.0.3.0", + # "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" @@ -3011,44 +3011,44 @@ Examples - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp - name: R1_traffic aces: - - grant: deny - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - grant: deny + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: rendered # Module Execution Result: @@ -3056,7 +3056,7 @@ Examples # # "rendered": [ # "access-list temp_access line 1 - # extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 + # extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 # eq www log default" # "access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -3070,7 +3070,7 @@ Examples # parsed.cfg # # access-list test_access; 2 elements; name hash: 0xaf1b712e - # access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + # access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors # access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 # access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive @@ -3090,7 +3090,7 @@ Examples # "aces": [ # { # "destination": { - # "address": "192.0.3.0", + # "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" diff --git a/ansible_collections/cisco/asa/docs/cisco.asa.asa_command_module.rst b/ansible_collections/cisco/asa/docs/cisco.asa.asa_command_module.rst index 41642641c..b8a920918 100644 --- a/ansible_collections/cisco/asa/docs/cisco.asa.asa_command_module.rst +++ b/ansible_collections/cisco/asa/docs/cisco.asa.asa_command_module.rst @@ -173,20 +173,20 @@ Examples - name: Show the ASA version cisco.asa.asa_command: commands: - - show version + - show version - name: Show ASA drops and memory cisco.asa.asa_command: commands: - - show asp drop - - show memory + - show asp drop + - show memory - name: Send repeat pings and wait for the result to pass 100% cisco.asa.asa_command: commands: - - ping 8.8.8.8 repeat 20 size 350 + - ping 8.8.8.8 repeat 20 size 350 wait_for: - - result[0] contains 100 + - result[0] contains 100 retries: 2 diff --git a/ansible_collections/cisco/asa/docs/cisco.asa.asa_config_module.rst b/ansible_collections/cisco/asa/docs/cisco.asa.asa_config_module.rst index 3933190de..c3a2ed106 100644 --- a/ansible_collections/cisco/asa/docs/cisco.asa.asa_config_module.rst +++ b/ansible_collections/cisco/asa/docs/cisco.asa.asa_config_module.rst @@ -348,16 +348,16 @@ Examples - cisco.asa.asa_config: lines: - - network-object host 10.80.30.18 - - network-object host 10.80.30.19 - - network-object host 10.80.30.20 + - network-object host 10.80.30.18 + - network-object host 10.80.30.19 + - network-object host 10.80.30.20 parents: [object-group network OG-MONITORED-SERVERS] - cisco.asa.asa_config: host: '{{ inventory_hostname }}' lines: - - message-length maximum client auto - - message-length maximum 512 + - message-length maximum client auto + - message-length maximum 512 match: line parents: [policy-map type inspect dns PM-DNS, parameters] authorize: yes @@ -368,42 +368,42 @@ Examples - cisco.asa.asa_config: lines: - - ikev1 pre-shared-key MyS3cretVPNK3y + - ikev1 pre-shared-key MyS3cretVPNK3y parents: tunnel-group 1.1.1.1 ipsec-attributes passwords: yes - name: attach ASA acl on interface vlan13/nameif cloud13 cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 - name: configure ASA (>=9.2) default BGP cisco.asa.asa_config: lines: - - bgp log-neighbor-changes - - bgp bestpath compare-routerid + - bgp log-neighbor-changes + - bgp bestpath compare-routerid parents: - - router bgp 65002 + - router bgp 65002 register: bgp when: bgp_default_config is defined - name: configure ASA (>=9.2) BGP neighbor in default/single context mode cisco.asa.asa_config: lines: - - bgp router-id {{ bgp_router_id }} - - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} - - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} + - bgp router-id {{ bgp_router_id }} + - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} + - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} parents: - - router bgp 65002 - - address-family ipv4 unicast + - router bgp 65002 + - address-family ipv4 unicast register: bgp when: bgp_neighbor_as is defined - name: configure ASA interface with standby cisco.asa.asa_config: lines: - - description my cloud interface - - nameif cloud13 - - security-level 50 - - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 + - description my cloud interface + - nameif cloud13 + - security-level 50 + - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 parents: [interface Vlan13] register: interface - name: Show changes to interface from task above @@ -413,7 +413,7 @@ Examples - name: configurable backup path cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 backup: yes backup_options: filename: backup.cfg diff --git a/ansible_collections/cisco/asa/docs/cisco.asa.asa_facts_module.rst b/ansible_collections/cisco/asa/docs/cisco.asa.asa_facts_module.rst index 345c2e221..e67507677 100644 --- a/ansible_collections/cisco/asa/docs/cisco.asa.asa_facts_module.rst +++ b/ansible_collections/cisco/asa/docs/cisco.asa.asa_facts_module.rst @@ -129,12 +129,12 @@ Examples - name: Gather only the config and default facts cisco.asa.asa_facts: gather_subset: - - config + - config - name: Do not gather hardware facts cisco.asa.asa_facts: gather_subset: - - '!hardware' + - '!hardware' - name: Gather legacy and resource facts cisco.asa.asa_facts: diff --git a/ansible_collections/cisco/asa/docs/cisco.asa.asa_ogs_module.rst b/ansible_collections/cisco/asa/docs/cisco.asa.asa_ogs_module.rst index 1a5d3083f..1d07f3eca 100644 --- a/ansible_collections/cisco/asa/docs/cisco.asa.asa_ogs_module.rst +++ b/ansible_collections/cisco/asa/docs/cisco.asa.asa_ogs_module.rst @@ -1158,75 +1158,75 @@ Examples # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_network_og - # network-object host 192.0.3.1 + # network-object host 198.51.100.1 - name: "Merge module attributes of given object-group" cisco.asa.asa_ogs: config: - - object_type: network - object_groups: - - name: group_network_obj - group_object: - - test_og_network - - name: test_og_network - description: test_og_network - network_object: - host: - - 192.0.2.1 - - 192.0.2.2 - address: - - 192.0.2.0 255.255.255.0 - - 198.51.100.0 255.255.255.0 - - name: test_network_og - description: test_network_og - network_object: - host: - - 192.0.3.1 - - 192.0.3.2 - ipv6_address: - - 2001:db8:3::/64 - - object_type: security - object_groups: - - name: test_og_security - description: test_security - security_group: - sec_name: - - test_1 - - test_2 - tag: - - 10 - - 20 - - object_type: service - object_groups: - - name: O-Worker - services_object: - - protocol: tcp - destination_port: - range: + - object_type: network + object_groups: + - name: group_network_obj + group_object: + - test_og_network + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 198.51.100.1 + - 198.51.100.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: service + object_groups: + - name: O-Worker + services_object: + - protocol: tcp + destination_port: + range: + start: 100 + end: 200 + - protocol: tcp-udp + source_port: + eq: 1234 + destination_port: + gt: nfs + - name: O-UNIX-TCP + protocol: tcp + port_object: + - eq: https + - range: start: 100 - end: 200 - - protocol: tcp-udp - source_port: - eq: 1234 - destination_port: - gt: nfs - - name: O-UNIX-TCP - protocol: tcp - port_object: - - eq: https - - range: - start: 100 - end: 400 - - object_type: user - object_groups: - - name: test_og_user - description: test_user - user_object: - user: - - name: new_user_1 - domain: LOCAL - - name: new_user_2 - domain: LOCAL + end: 400 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL state: merged # Commands fired: @@ -1247,8 +1247,8 @@ Examples # network-object host 192.0.2.1 # network-object host 192.0.2.2 # object-group network test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:3::/64 # object-group service O-Worker # service-object tcp destination range 100 200 @@ -1273,11 +1273,11 @@ Examples # network-object host 192.0.2.2 # network-object 192.0.2.0 255.255.255.0 # network-object 198.51.100.0 255.255.255.0 - # network-object host 192.0.3.1 + # network-object host 198.51.100.1 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1310,8 +1310,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1338,9 +1338,9 @@ Examples description: test_og_network_replace network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol @@ -1362,10 +1362,10 @@ Examples # description test_og_network_replace # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 - # network-object 192.0.3.0 255.255.255.0 + # network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 - # network-object host 192.0.3.1 + # network-object host 198.51.100.1 # After state: # ------------- @@ -1373,12 +1373,12 @@ Examples # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_replace - # network-object host 192.0.3.1 - # network-object 192.0.3.0 255.255.255.0 + # network-object host 198.51.100.1 + # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1413,8 +1413,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1441,9 +1441,9 @@ Examples description: test_og_network_override network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - name: ANSIBLE_TEST network_object: object: @@ -1474,10 +1474,10 @@ Examples # description test_og_network_override # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 - # network-object 192.0.3.0 255.255.255.0 + # network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 - # network-object host 192.0.3.1 + # network-object host 198.51.100.1 # no object-group network test_network_og # object-group network ANSIBLE_TEST # network-object object TEST1 @@ -1489,8 +1489,8 @@ Examples # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_override - # network-object host 192.0.3.1 - # network-object 192.0.3.0 255.255.255.0 + # network-object host 198.51.100.1 + # network-object 198.51.100.0 255.255.255.0 # object-group network ANSIBLE_TEST # network-object object TEST1 # network-object object TEST2 @@ -1512,8 +1512,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1566,7 +1566,7 @@ Examples # service-object tcp source eq 1234 destination gt nfs # Using DELETED without any config passed - #"(NOTE: This will delete all of configured resource module attributes)" + # "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -1580,8 +1580,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1625,8 +1625,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1673,8 +1673,8 @@ Examples # "name": "test_network_og", # "network_object": { # "host": [ - # "192.0.3.1", - # "192.0.3.2" + # "198.51.100.1", + # "198.51.100.2" # ], # "ipv6_address": [ # "2001:db8:3::/64" @@ -1733,8 +1733,8 @@ Examples # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og - # network-object host 192.0.3.1 - # network-object host 192.0.3.2 + # network-object host 198.51.100.1 + # network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -1766,8 +1766,8 @@ Examples description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security @@ -1811,8 +1811,8 @@ Examples # "network-object host 192.0.2.2", # "object-group network test_network_og", # "description test_network_og", - # "network-object host 192.0.3.1", - # "network-object host 192.0.3.2", + # "network-object host 198.51.100.1", + # "network-object host 198.51.100.2", # "network-object 2001:db8:3::/64", # "object-group user test_og_user", # "description test_user", diff --git a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py index 26a032478..d79d3dd19 100644 --- a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py +++ b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py @@ -93,7 +93,7 @@ def _tmplt_services_object(config_data): if config_data["services_object"].get("source_port"): if config_data["services_object"]["source_port"].get("range"): cmd += " source range {start} {end}".format( - **config_data["services_object"]["source_port"]["range"] + **config_data["services_object"]["source_port"]["range"], ) else: key = list(config_data["services_object"]["source_port"])[0] @@ -104,7 +104,7 @@ def _tmplt_services_object(config_data): if config_data["services_object"].get("destination_port"): if config_data["services_object"]["destination_port"].get("range"): cmd += " destination range {start} {end}".format( - **config_data["services_object"]["destination_port"]["range"] + **config_data["services_object"]["destination_port"]["range"], ) else: key = list(config_data["services_object"]["destination_port"])[0] diff --git a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py index c5399db00..89fcd4efe 100644 --- a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py +++ b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py @@ -70,7 +70,7 @@ def new_dict_to_set(input_dict, temp_list, test_set, count=0): temp_list.append(k) for each in v: if isinstance(each, dict): - if [True for i in each.values() if type(i) == list]: + if [True for i in each.values() if isinstance(i, list)]: new_dict_to_set(each, temp_list, test_set, count) else: new_dict_to_set(each, temp_list, test_set, 0) diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_acls.py b/ansible_collections/cisco/asa/plugins/modules/asa_acls.py index e5330faeb..38fc89d10 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_acls.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_acls.py @@ -460,85 +460,85 @@ EXAMPLES = """ - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp - - grant: deny - line: 3 - protocol_options: - tcp: true - source: - interface: management - destination: - interface: management - port_protocol: - eq: www - log: warnings - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - object_group: test_og_network - destination: - object_group: test_network_og - port_protocol: - eq: www - log: default + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp + - grant: deny + line: 3 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default - name: global_access acl_type: extended aces: - - line: 3 - remark: test global access - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - any: true - destination: - any: true - port_protocol: - eq: www - log: errors + - line: 3 + remark: test global access + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors - name: R1_traffic aces: - - line: 1 - remark: test_v6_acls - - grant: deny - line: 2 - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - line: 1 + remark: test_v6_acls + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: merged # Commands fired: @@ -547,7 +547,7 @@ EXAMPLES = """ # access-list global_access line 4 extended deny tcp any any eq www log errors interval 300 # access-list R1_traffic line 1 remark test_v6_acls # access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive -# access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive # access-list temp_access line 2 extended deny tcp interface management interface management @@ -571,7 +571,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -581,9 +581,9 @@ EXAMPLES = """ # interval 300 (hitcnt=0) 0x78aa233d # access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og # eq www log default (hitcnt=0) 0x477aec1e -# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.1 eq www +# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.1 eq www # log default (hitcnt=0) 0xdc7edff8 -# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.2 eq www +# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.2 eq www # log default (hitcnt=0) 0x7b0e9fde # access-list test_access line 2 extended deny tcp 198.51.100.0 255.255.255.0 2001:db8:3::/64 eq www # log default (hitcnt=0) 0x97c75adc @@ -648,7 +648,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -661,20 +661,20 @@ EXAMPLES = """ - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: replaced # Commands fired: @@ -700,7 +700,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -725,7 +725,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -739,20 +739,20 @@ EXAMPLES = """ - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: overridden # Commands fired: @@ -760,7 +760,7 @@ EXAMPLES = """ # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 time-range temp # no access-list temp_access line 1 -# extended grant deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# extended grant deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list R1_traffic line 2 # extended grant deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive # no access-list R1_traffic line 1 @@ -796,7 +796,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -814,7 +814,7 @@ EXAMPLES = """ # --------------- # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive -# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default # no access-list global_access line 3 extended deny tcp any any eq www log errors interval 300 # no access-list global_access line 2 extended deny tcp any any eq telnet @@ -833,7 +833,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # Using Deleted without any config passed -#"(NOTE: This will delete all of configured resource module attributes)" +# "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -852,7 +852,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -870,7 +870,7 @@ EXAMPLES = """ # no access-list R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq telnet 2001:fc8:0:4::/64 eq www # log errors interval 300 # no access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive -# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive @@ -897,7 +897,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -1002,7 +1002,7 @@ EXAMPLES = """ # "aces": [ # { # "destination": { -# "address": "192.0.3.0", +# "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" @@ -1055,44 +1055,44 @@ EXAMPLES = """ - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp - name: R1_traffic aces: - - grant: deny - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - grant: deny + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: rendered # Module Execution Result: @@ -1100,7 +1100,7 @@ EXAMPLES = """ # # "rendered": [ # "access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 # eq www log default" # "access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -1114,7 +1114,7 @@ EXAMPLES = """ # parsed.cfg # # access-list test_access; 2 elements; name hash: 0xaf1b712e -# access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors # access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 # access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive @@ -1134,7 +1134,7 @@ EXAMPLES = """ # "aces": [ # { # "destination": { -# "address": "192.0.3.0", +# "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" @@ -1203,7 +1203,6 @@ EXAMPLES = """ # ] # } # ] - """ RETURN = """ diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_command.py b/ansible_collections/cisco/asa/plugins/modules/asa_command.py index 51a6c74b3..4191a9d32 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_command.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_command.py @@ -78,20 +78,20 @@ EXAMPLES = """ - name: Show the ASA version cisco.asa.asa_command: commands: - - show version + - show version - name: Show ASA drops and memory cisco.asa.asa_command: commands: - - show asp drop - - show memory + - show asp drop + - show memory - name: Send repeat pings and wait for the result to pass 100% cisco.asa.asa_command: commands: - - ping 8.8.8.8 repeat 20 size 350 + - ping 8.8.8.8 repeat 20 size 350 wait_for: - - result[0] contains 100 + - result[0] contains 100 retries: 2 """ diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_config.py b/ansible_collections/cisco/asa/plugins/modules/asa_config.py index 76a8ca263..793844f83 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_config.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_config.py @@ -170,16 +170,16 @@ options: EXAMPLES = """ - cisco.asa.asa_config: lines: - - network-object host 10.80.30.18 - - network-object host 10.80.30.19 - - network-object host 10.80.30.20 + - network-object host 10.80.30.18 + - network-object host 10.80.30.19 + - network-object host 10.80.30.20 parents: [object-group network OG-MONITORED-SERVERS] - cisco.asa.asa_config: host: '{{ inventory_hostname }}' lines: - - message-length maximum client auto - - message-length maximum 512 + - message-length maximum client auto + - message-length maximum 512 match: line parents: [policy-map type inspect dns PM-DNS, parameters] authorize: yes @@ -190,42 +190,42 @@ EXAMPLES = """ - cisco.asa.asa_config: lines: - - ikev1 pre-shared-key MyS3cretVPNK3y + - ikev1 pre-shared-key MyS3cretVPNK3y parents: tunnel-group 1.1.1.1 ipsec-attributes passwords: yes - name: attach ASA acl on interface vlan13/nameif cloud13 cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 - name: configure ASA (>=9.2) default BGP cisco.asa.asa_config: lines: - - bgp log-neighbor-changes - - bgp bestpath compare-routerid + - bgp log-neighbor-changes + - bgp bestpath compare-routerid parents: - - router bgp 65002 + - router bgp 65002 register: bgp when: bgp_default_config is defined - name: configure ASA (>=9.2) BGP neighbor in default/single context mode cisco.asa.asa_config: lines: - - bgp router-id {{ bgp_router_id }} - - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} - - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} + - bgp router-id {{ bgp_router_id }} + - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} + - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} parents: - - router bgp 65002 - - address-family ipv4 unicast + - router bgp 65002 + - address-family ipv4 unicast register: bgp when: bgp_neighbor_as is defined - name: configure ASA interface with standby cisco.asa.asa_config: lines: - - description my cloud interface - - nameif cloud13 - - security-level 50 - - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 + - description my cloud interface + - nameif cloud13 + - security-level 50 + - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 parents: [interface Vlan13] register: interface - name: Show changes to interface from task above @@ -235,7 +235,7 @@ EXAMPLES = """ - name: configurable backup path cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 backup: yes backup_options: filename: backup.cfg diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_facts.py b/ansible_collections/cisco/asa/plugins/modules/asa_facts.py index cec957e94..a05852602 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_facts.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_facts.py @@ -70,12 +70,12 @@ EXAMPLES = """ - name: Gather only the config and default facts cisco.asa.asa_facts: gather_subset: - - config + - config - name: Do not gather hardware facts cisco.asa.asa_facts: gather_subset: - - '!hardware' + - '!hardware' - name: Gather legacy and resource facts cisco.asa.asa_facts: diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py b/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py index c51cae341..80ee453ca 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py @@ -303,75 +303,75 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_network_og -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 - name: "Merge module attributes of given object-group" cisco.asa.asa_ogs: config: - - object_type: network - object_groups: - - name: group_network_obj - group_object: - - test_og_network - - name: test_og_network - description: test_og_network - network_object: - host: - - 192.0.2.1 - - 192.0.2.2 - address: - - 192.0.2.0 255.255.255.0 - - 198.51.100.0 255.255.255.0 - - name: test_network_og - description: test_network_og - network_object: - host: - - 192.0.3.1 - - 192.0.3.2 - ipv6_address: - - 2001:db8:3::/64 - - object_type: security - object_groups: - - name: test_og_security - description: test_security - security_group: - sec_name: - - test_1 - - test_2 - tag: - - 10 - - 20 - - object_type: service - object_groups: - - name: O-Worker - services_object: - - protocol: tcp - destination_port: - range: + - object_type: network + object_groups: + - name: group_network_obj + group_object: + - test_og_network + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 198.51.100.1 + - 198.51.100.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: service + object_groups: + - name: O-Worker + services_object: + - protocol: tcp + destination_port: + range: + start: 100 + end: 200 + - protocol: tcp-udp + source_port: + eq: 1234 + destination_port: + gt: nfs + - name: O-UNIX-TCP + protocol: tcp + port_object: + - eq: https + - range: start: 100 - end: 200 - - protocol: tcp-udp - source_port: - eq: 1234 - destination_port: - gt: nfs - - name: O-UNIX-TCP - protocol: tcp - port_object: - - eq: https - - range: - start: 100 - end: 400 - - object_type: user - object_groups: - - name: test_og_user - description: test_user - user_object: - user: - - name: new_user_1 - domain: LOCAL - - name: new_user_2 - domain: LOCAL + end: 400 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL state: merged # Commands fired: @@ -392,8 +392,8 @@ EXAMPLES = """ # network-object host 192.0.2.1 # network-object host 192.0.2.2 # object-group network test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:3::/64 # object-group service O-Worker # service-object tcp destination range 100 200 @@ -418,11 +418,11 @@ EXAMPLES = """ # network-object host 192.0.2.2 # network-object 192.0.2.0 255.255.255.0 # network-object 198.51.100.0 255.255.255.0 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -455,8 +455,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -483,9 +483,9 @@ EXAMPLES = """ description: test_og_network_replace network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol @@ -507,10 +507,10 @@ EXAMPLES = """ # description test_og_network_replace # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 -# network-object 192.0.3.0 255.255.255.0 +# network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # After state: # ------------- @@ -518,12 +518,12 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_replace -# network-object host 192.0.3.1 -# network-object 192.0.3.0 255.255.255.0 +# network-object host 198.51.100.1 +# network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -558,8 +558,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -586,9 +586,9 @@ EXAMPLES = """ description: test_og_network_override network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - name: ANSIBLE_TEST network_object: object: @@ -619,10 +619,10 @@ EXAMPLES = """ # description test_og_network_override # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 -# network-object 192.0.3.0 255.255.255.0 +# network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # no object-group network test_network_og # object-group network ANSIBLE_TEST # network-object object TEST1 @@ -634,8 +634,8 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_override -# network-object host 192.0.3.1 -# network-object 192.0.3.0 255.255.255.0 +# network-object host 198.51.100.1 +# network-object 198.51.100.0 255.255.255.0 # object-group network ANSIBLE_TEST # network-object object TEST1 # network-object object TEST2 @@ -657,8 +657,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -711,7 +711,7 @@ EXAMPLES = """ # service-object tcp source eq 1234 destination gt nfs # Using DELETED without any config passed -#"(NOTE: This will delete all of configured resource module attributes)" +# "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -725,8 +725,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -770,8 +770,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -818,8 +818,8 @@ EXAMPLES = """ # "name": "test_network_og", # "network_object": { # "host": [ -# "192.0.3.1", -# "192.0.3.2" +# "198.51.100.1", +# "198.51.100.2" # ], # "ipv6_address": [ # "2001:db8:3::/64" @@ -878,8 +878,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -911,8 +911,8 @@ EXAMPLES = """ description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security @@ -956,8 +956,8 @@ EXAMPLES = """ # "network-object host 192.0.2.2", # "object-group network test_network_og", # "description test_network_og", -# "network-object host 192.0.3.1", -# "network-object host 192.0.3.2", +# "network-object host 198.51.100.1", +# "network-object host 198.51.100.2", # "network-object 2001:db8:3::/64", # "object-group user test_og_user", # "description test_user", @@ -1019,7 +1019,6 @@ EXAMPLES = """ # "object_type": "service" # } # ] - """ RETURN = """ diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg index 82c5e778d..7d909c71c 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_parsed.cfg @@ -1,5 +1,5 @@ access-list test_access; 2 elements; name hash: 0xaf1b712e -access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml index dafe55dbc..594b17219 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_config.yaml @@ -14,7 +14,7 @@ address: 192.0.2.0 netmask: 255.255.255.0 destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml index 74e21f61e..1710c9e77 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/_populate_network_og.yaml @@ -15,7 +15,7 @@ - name: test_network_og network_object: host: - - 192.0.3.1 + - 198.51.100.1 ipv6_address: - 2001:db8:3::/64 state: merged diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml index cf443df08..db3a4913a 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/merged.yaml @@ -24,7 +24,7 @@ address: 192.0.2.0 netmask: 255.255.255.0 destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml index 62e1c2555..5f3b05cb3 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rendered.yaml @@ -21,7 +21,7 @@ address: 192.0.2.0 netmask: 255.255.255.0 destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml index 85e7d2dcc..b437d2d20 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/replaced.yaml @@ -23,7 +23,7 @@ protocol_options: tcp: true source: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 destination: address: 192.0.4.0 diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml index 1c77c2811..bee557e03 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/tests/cli/rtt.yaml @@ -25,7 +25,7 @@ address: 192.0.2.0 netmask: 255.255.255.0 destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml index 281cb8d6c..774328187 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_acls/vars/main.yaml @@ -3,16 +3,16 @@ deleted: commands: - no access-list test_global_access line 1 extended deny tcp any any eq www log errors - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors - - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default delete_all: commands: - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive - no access-list test_global_access line 1 extended deny tcp any any eq www log errors - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors - - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default merged: commands: - - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default - access-list test_access line 2 extended deny icmp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 alternate-address log errors - access-list test_access line 3 extended deny tcp host 198.51.110.0 any eq www log default - access-list test_access line 4 extended deny tcp object-group test_og_network object-group test_network_og eq www log default @@ -23,8 +23,8 @@ replaced: commands: - no access-list test_global_access line 1 extended deny tcp any any eq www log errors - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors - - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default - - access-list test_access line 1 extended deny tcp 192.0.3.0 255.255.255.0 192.0.4.0 255.255.255.0 eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 198.51.100.0 255.255.255.0 192.0.4.0 255.255.255.0 eq www log default - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default - access-list test_global_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www overridden: @@ -32,7 +32,7 @@ overridden: - no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive - no access-list test_global_access line 1 extended deny tcp any any eq www log errors - no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors - - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default - access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www - access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default gathered: @@ -40,7 +40,7 @@ gathered: acls: - aces: - destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www @@ -104,7 +104,7 @@ parsed: acls: - aces: - destination: - address: 192.0.3.0 + address: 198.51.100.0 netmask: 255.255.255.0 port_protocol: eq: www @@ -152,7 +152,7 @@ rtt: commands: - no access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og eq www log default - no access-list test_access line 1 extended deny tcp 192.0.4.0 255.255.255.0 eq telnet 192.0.5.0 255.255.255.0 eq www - - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default + - access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default - access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors - access-list test_global_access line 1 extended deny tcp any any eq www log errors - access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml index ec02e549d..89e3e5693 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/_populate_config.yaml @@ -12,13 +12,13 @@ - 192.0.2.2 address: - 192.0.2.0 255.255.255.0 - - 198.51.100.0 255.255.255.0 + - 203.0.113.0 255.255.255.0 - name: test_network_og description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml index d37fcbae2..c2ad2aa94 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/gathered.yaml @@ -23,7 +23,7 @@ description: test_network_og network_object: host: - - 192.0.3.1 + - 198.51.100.1 ipv6_address: - 2001:db8:3::/64 - object_type: security diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml index c2ba8d63a..beb1ff196 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/merged.yaml @@ -25,8 +25,8 @@ description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml index 9b10c1ed4..018e577a6 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/overridden.yaml @@ -18,9 +18,9 @@ description: test_og_network_override network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml index ec74691d0..a0a2c5ada 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rendered.yaml @@ -24,8 +24,8 @@ description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml index 91e25a552..adc223e38 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/replaced.yaml @@ -18,9 +18,9 @@ description: test_og_network_replace network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml index f3b99ea5d..7fbfa6b94 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/tests/cli/rtt.yaml @@ -20,13 +20,13 @@ - 192.0.2.2 address: - 192.0.2.0 255.255.255.0 - - 198.51.100.0 255.255.255.0 + - 203.0.113.0 255.255.255.0 - name: test_network_og description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security @@ -70,9 +70,9 @@ description: test_og_network_override network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml index b5a8e30ff..dad48fef3 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_ogs/vars/main.yaml @@ -25,8 +25,8 @@ merged: - network-object host 192.0.2.2 - object-group network test_network_og - description test_network_og - - network-object host 192.0.3.1 - - network-object host 192.0.3.2 + - network-object host 198.51.100.1 + - network-object host 198.51.100.2 - network-object 2001:db8:3::/64 - object-group user test_og_user - description test_user @@ -41,11 +41,11 @@ replaced: - object-group network test_og_network - description test_og_network_replace - no network-object 192.0.2.0 255.255.255.0 - - no network-object 198.51.100.0 255.255.255.0 - - network-object 192.0.3.0 255.255.255.0 + - no network-object 203.0.113.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 - no network-object host 192.0.2.1 - no network-object host 192.0.2.2 - - network-object host 192.0.3.1 + - network-object host 198.51.100.1 overridden: commands: - no object-group security test_og_security @@ -57,11 +57,11 @@ overridden: - object-group network test_og_network - description test_og_network_override - no network-object 192.0.2.0 255.255.255.0 - - no network-object 198.51.100.0 255.255.255.0 - - network-object 192.0.3.0 255.255.255.0 + - no network-object 203.0.113.0 255.255.255.0 + - network-object 198.51.100.0 255.255.255.0 - no network-object host 192.0.2.1 - no network-object host 192.0.2.2 - - network-object host 192.0.3.1 + - network-object host 198.51.100.1 - no object-group network test_network_og gathered: config: @@ -70,7 +70,7 @@ gathered: name: test_network_og network_object: host: - - 192.0.3.1 + - 198.51.100.1 ipv6_address: - 2001:db8:3::/64 - description: test_og_network @@ -131,16 +131,16 @@ rtt: - security-group tag 20 - object-group network test_og_network - description test_og_network - - no network-object 192.0.3.0 255.255.255.0 + - no network-object 198.51.100.0 255.255.255.0 - network-object 192.0.2.0 255.255.255.0 - - network-object 198.51.100.0 255.255.255.0 - - no network-object host 192.0.3.1 + - network-object 203.0.113.0 255.255.255.0 + - no network-object host 198.51.100.1 - network-object host 192.0.2.1 - network-object host 192.0.2.2 - object-group network test_network_og - description test_network_og - - network-object host 192.0.3.1 - - network-object host 192.0.3.2 + - network-object host 198.51.100.1 + - network-object host 198.51.100.2 - network-object 2001:db8:3::/64 - object-group user test_og_user - description test_user diff --git a/ansible_collections/cisco/asa/tests/integration/targets/asa_smoke/tests/caching.yaml b/ansible_collections/cisco/asa/tests/integration/targets/asa_smoke/tests/caching.yaml index a2f918079..97f949436 100644 --- a/ansible_collections/cisco/asa/tests/integration/targets/asa_smoke/tests/caching.yaml +++ b/ansible_collections/cisco/asa/tests/integration/targets/asa_smoke/tests/caching.yaml @@ -19,8 +19,8 @@ - network-object host 192.0.2.2 - object-group network test_network_og - description test_network_og - - network-object host 192.0.3.1 - - network-object host 192.0.3.2 + - network-object host 198.51.100.1 + - network-object host 198.51.100.2 - network-object 2001:db8:3::/64 - object-group user test_og_user - description test_user @@ -50,8 +50,8 @@ description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security diff --git a/ansible_collections/cisco/asa/tests/sanity/ignore-2.17.txt b/ansible_collections/cisco/asa/tests/sanity/ignore-2.17.txt new file mode 100644 index 000000000..3d2a4f58d --- /dev/null +++ b/ansible_collections/cisco/asa/tests/sanity/ignore-2.17.txt @@ -0,0 +1 @@ +plugins/action/asa.py action-plugin-docs # base class for deprecated network platform modules using `connection: local` diff --git a/ansible_collections/cisco/asa/tests/unit/mock/loader.py b/ansible_collections/cisco/asa/tests/unit/mock/loader.py index e707365f3..195746ade 100644 --- a/ansible_collections/cisco/asa/tests/unit/mock/loader.py +++ b/ansible_collections/cisco/asa/tests/unit/mock/loader.py @@ -31,7 +31,7 @@ from ansible.parsing.dataloader import DataLoader class DictDataLoader(DataLoader): def __init__(self, file_mapping=None): file_mapping = {} if file_mapping is None else file_mapping - assert type(file_mapping) == dict + assert isinstance(file_mapping, dict) super(DictDataLoader, self).__init__() diff --git a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg index 7a0fb66c7..43812860a 100644 --- a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg +++ b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/fixtures/asa_acls_config.cfg @@ -4,7 +4,7 @@ access-list test_global_access; 1 elements; name hash: 0xaa83124c access-list test_global_access line 1 extended deny tcp any any eq www log errors interval 300 (hitcnt=0) 0x849e9e8f access-list test_global_access line 2 remark test global remark access-list test_access; 2 elements; name hash: 0x96b5d78b -access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default (hitcnt=0) 0xdc46eb6e +access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default (hitcnt=0) 0xdc46eb6e access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors interval 300 (hitcnt=0) 0x831d8948 access-list test_access line 3 extended permit ip host 192.0.2.2 any interval 300 (hitcnt=0) 0x831d897d access-list test_R1_traffic; 1 elements; name hash: 0x2c20a0c diff --git a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py index 301952255..31aea5d67 100644 --- a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py +++ b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_acls.py @@ -179,7 +179,7 @@ class TestAsaAclsModule(TestAsaModule): aces=[ dict( destination=dict( - address="192.0.3.0", + address="198.51.100.0", netmask="255.255.255.0", port_protocol=dict(eq="www"), ), @@ -370,7 +370,7 @@ class TestAsaAclsModule(TestAsaModule): "no access-list ansible_test line 1 remark HostA", "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", - "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default", "access-list test_access line 1 extended deny igrp 198.51.101.0 255.255.255.0 198.51.102.0 255.255.255.0 log default time-range temp", "access-list ansible_test line 1 remark HostA0", ] @@ -419,7 +419,7 @@ class TestAsaAclsModule(TestAsaModule): aces=[ dict( destination=dict( - address="192.0.3.0", + address="198.51.100.0", netmask="255.255.255.0", port_protocol=dict(eq="www"), ), @@ -598,7 +598,7 @@ class TestAsaAclsModule(TestAsaModule): "no access-list ansible_test line 1 remark HostA", "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", - "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default", "no access-list management_in line 3 extended permit ip any4 host 192.0.2.1", "no access-list management_in line 2 extended permit tcp 198.51.101.0 255.255.255.0 object-group ALLSERV.12 eq 9389", "no access-list management_in line 1 extended permit tcp host 198.51.100.5 range 49152 65535 198.51.100.0 255.255.255.0 eq 100", @@ -652,7 +652,7 @@ class TestAsaAclsModule(TestAsaModule): aces=[ dict( destination=dict( - address="192.0.3.0", + address="198.51.100.0", netmask="255.255.255.0", port_protocol=dict(eq="www"), ), @@ -820,7 +820,7 @@ class TestAsaAclsModule(TestAsaModule): "no access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive", "no access-list test_access line 3 extended permit ip host 192.0.2.2 any", "no access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors", - "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default", + "no access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default", "no access-list management_in line 3 extended permit ip any4 host 192.0.2.1", "no access-list management_in line 2 extended permit tcp 198.51.101.0 255.255.255.0 object-group ALLSERV.12 eq 9389", "no access-list management_in line 1 extended permit tcp host 198.51.100.5 range 49152 65535 198.51.100.0 255.255.255.0 eq 100", @@ -843,7 +843,7 @@ class TestAsaAclsModule(TestAsaModule): aces=[ dict( destination=dict( - address="192.0.3.0", + address="198.51.100.0", netmask="255.255.255.0", ), grant="deny", @@ -864,7 +864,7 @@ class TestAsaAclsModule(TestAsaModule): ), ) commands = [ - "access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 log default", + "access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 log default", ] result = self.execute_module(changed=False) self.assertEqual(result["rendered"], commands) diff --git a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py index 15c03fc10..83d2a9c0e 100644 --- a/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py +++ b/ansible_collections/cisco/asa/tests/unit/modules/network/asa/test_asa_ogs.py @@ -96,7 +96,7 @@ class TestAsaOGsModule(TestAsaModule): name="test_network_og", description="test network og", network_object=dict( - host=["192.0.3.1", "192.0.3.2"], + host=["198.51.100.1", "198.51.100.2"], ipv6_address=["2001:db8:0:3::/64"], ), ), @@ -181,8 +181,8 @@ class TestAsaOGsModule(TestAsaModule): "group-object test_network_og", "object-group network test_network_og", "description test network og", - "network-object host 192.0.3.1", - "network-object host 192.0.3.2", + "network-object host 198.51.100.1", + "network-object host 198.51.100.2", "network-object 2001:db8:0:3::/64", "object-group network ANSIBLE_TEST", "network-object object NEW_TEST", @@ -319,8 +319,8 @@ class TestAsaOGsModule(TestAsaModule): name="test_og_network", description="test_og_network_replace", network_object=dict( - host=["192.0.3.1"], - address=["192.0.3.0 255.255.255.0"], + host=["198.51.100.1"], + address=["198.51.100.0 255.255.255.0"], ), ), ], @@ -335,10 +335,10 @@ class TestAsaOGsModule(TestAsaModule): "object-group network test_og_network", "description test_og_network_replace", "no network-object 192.0.2.0 255.255.255.0", - "network-object 192.0.3.0 255.255.255.0", + "network-object 198.51.100.0 255.255.255.0", "no network-object host 192.0.2.1", "no network-object host 2001:db8::1", - "network-object host 192.0.3.1", + "network-object host 198.51.100.1", ] self.assertEqual(sorted(result["commands"]), sorted(commands)) @@ -459,8 +459,8 @@ class TestAsaOGsModule(TestAsaModule): name="test_og_network", description="test_og_network_override", network_object=dict( - host=["192.0.3.1"], - address=["192.0.3.0 255.255.255.0"], + host=["198.51.100.1"], + address=["198.51.100.0 255.255.255.0"], ), ), ], @@ -481,10 +481,10 @@ class TestAsaOGsModule(TestAsaModule): "object-group network test_og_network", "description test_og_network_override", "no network-object 192.0.2.0 255.255.255.0", - "network-object 192.0.3.0 255.255.255.0", + "network-object 198.51.100.0 255.255.255.0", "no network-object host 192.0.2.1", "no network-object host 2001:db8::1", - "network-object host 192.0.3.1", + "network-object host 198.51.100.1", "no object-group network ANSIBLE_TEST", "no object-group network bug_test_obj", "no object-group user group_user_obj", -- cgit v1.2.3