diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml index 34b5ea9f..667f2b34 100644 --- a/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml @@ -1,44 +1,59 @@ --- - debug: msg: START vyos_firewall_global merged integration tests on connection={{ ansible_connection }} +- include_tasks: _get_version.yaml + - include_tasks: _remove_config.yaml - block: - name: Merge the provided configuration with the existing running configuration register: result vyos.vyos.vyos_firewall_global: &id001 config: "{{ merged['config'] }}" state: merged - name: Assert that before dicts were correctly generated assert: that: "{{ merged['before'] == result['before'] }}" - name: Assert that correct set of commands were generated assert: that: - "{{ merged['commands'] | symmetric_difference(result['commands']) |length == 0 }}" - name: Assert that after dicts was correctly generated assert: that: - "{{ merged['after'] == result['after'] }}" - name: Merge the provided configuration with the existing running configuration (IDEMPOTENT) register: result vyos.vyos.vyos_firewall_global: *id001 diff: true - name: Assert that the previous task was idempotent assert: that: - result['changed'] == false - result['diff'] is not defined - name: Assert that before dicts were correctly generated assert: that: - "{{ merged['after'] == result['before'] }}" + + - name: Prepare device configurationsfor diff mode test + register: result + vyos.vyos.vyos_firewall_global: + config: "{{ merged['diff_config'] }}" + state: merged + diff: true + + - name: Assert that correct diff of commands were generated + assert: + that: + - '''+ network "1.1.1.1/32"'' in result.diff.prepared' + always: - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml index e1cca313..58596623 100644 --- a/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml @@ -1,59 +1,59 @@ --- - debug: msg: START vyos_firewall_global replaced integration tests on connection={{ ansible_connection }} - include_tasks: _populate.yaml - block: - name: Replace device configurations of listed firewall with provided configurations register: result vyos.vyos.vyos_firewall_global: &id001 config: "{{ replaced['config'] }}" state: replaced - name: Assert that correct set of commands were generated assert: that: - "{{ replaced['commands'] | symmetric_difference(result['commands']) |length == 0 }}" - name: Assert that before dicts are correctly generated assert: that: - "{{ populate == result['before'] }}" - name: Assert that after dict is correctly generated assert: that: - "{{ replaced['after'] == result['after'] }}" - name: Replace device configurations of listed firewall with provided configurarions (IDEMPOTENT) register: result vyos.vyos.vyos_firewall_global: *id001 diff: true - name: Assert that task was idempotent assert: that: - result['changed'] == false - result['diff'] is not defined - name: Assert that before dict is correctly generated assert: that: - "{{ replaced['after'] == result['before'] }}" - name: Replace device configurations and test diff mode register: result vyos.vyos.vyos_firewall_global: - config: "{{ diffed }}" + config: "{{ replaced['diff_config'] }}" state: replaced diff: true - - name: Assert that correct set of commands were generated + - name: Assert that correct diff of commands were generated assert: that: - '''+ network "1.1.1.1/32"'' in result.diff.prepared' - '''- network "192.0.1.0/24"'' in result.diff.prepared' always: - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/vars/main.yaml b/tests/integration/targets/vyos_firewall_global/vars/main.yaml index 2da92dd9..0f041b60 100644 --- a/tests/integration/targets/vyos_firewall_global/vars/main.yaml +++ b/tests/integration/targets/vyos_firewall_global/vars/main.yaml @@ -1,352 +1,384 @@ --- merged: before: [] commands: "{{ merged_commands }}" after: group: address_group: - members: - address: 192.0.1.1 - address: 192.0.1.3 - address: 192.0.1.5 description: This group has the Management hosts address list name: MGMT-HOSTS afi: ipv4 network_group: - members: - address: 192.0.1.0/24 description: This group has the Management network addresses name: MGMT afi: ipv4 log_martians: true ping: all: true broadcast: true route_redirects: - afi: ipv4 icmp_redirects: receive: false send: true ip_src_route: true syn_cookies: true state_policy: - action: accept connection_type: established log: true - action: reject connection_type: invalid twa_hazards_protection: true validation: strict config: validation: strict log_martians: true syn_cookies: true twa_hazards_protection: true ping: all: true broadcast: true state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: MGMT-HOSTS description: This group has the Management hosts address list members: - address: 192.0.1.1 - address: 192.0.1.3 - address: 192.0.1.5 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 + diff_config: + validation: strict + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + - address: 192.0.1.1 + - address: 192.0.1.3 + - address: 192.0.1.5 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 1.1.1.1/32 populate: validation: strict log_martians: true syn_cookies: true twa_hazards_protection: true ping: all: true broadcast: true state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: MGMT-HOSTS description: This group has the Management hosts address list members: - address: 192.0.1.1 - address: 192.0.1.3 - address: 192.0.1.5 afi: ipv4 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 afi: ipv4 -diffed: - validation: strict - log_martians: true - syn_cookies: true - twa_hazards_protection: true - ping: - all: true - broadcast: true - state_policy: - - connection_type: established - action: accept - log: true - - connection_type: invalid - action: reject - route_redirects: - - afi: ipv4 - ip_src_route: true - icmp_redirects: - send: true - receive: false - group: - address_group: - - name: SALES-HOSTS - description: Sales office hosts address list - members: - - address: 192.0.2.1 - - address: 192.0.2.2 - - address: 192.0.2.3 - - name: ENG-HOSTS - description: Sales office hosts address list - members: - - address: 192.0.3.1 - - address: 192.0.3.2 - network_group: - - name: MGMT - description: This group has the Management network addresses - members: - - address: 1.1.1.1/32 - replaced: commands: "{{ replaced_commands }}" after: group: address_group: - members: - address: 192.0.3.1 - address: 192.0.3.2 description: Sales office hosts address list name: ENG-HOSTS afi: ipv4 - members: - address: 192.0.2.1 - address: 192.0.2.2 - address: 192.0.2.3 description: Sales office hosts address list name: SALES-HOSTS afi: ipv4 network_group: - members: - address: 192.0.1.0/24 description: This group has the Management network addresses name: MGMT afi: ipv4 log_martians: true ping: all: true broadcast: true route_redirects: - afi: ipv4 icmp_redirects: receive: false send: true ip_src_route: true state_policy: - action: accept connection_type: established log: true - action: reject connection_type: invalid syn_cookies: true twa_hazards_protection: true validation: strict config: validation: strict log_martians: true syn_cookies: true twa_hazards_protection: true ping: all: true broadcast: true state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: SALES-HOSTS description: Sales office hosts address list members: - address: 192.0.2.1 - address: 192.0.2.2 - address: 192.0.2.3 - name: ENG-HOSTS description: Sales office hosts address list members: - address: 192.0.3.1 - address: 192.0.3.2 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 + diff_config: + validation: strict + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: SALES-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.2.1 + - address: 192.0.2.2 + - address: 192.0.2.3 + - name: ENG-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.3.1 + - address: 192.0.3.2 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 1.1.1.1/32 rendered: commands: "{{ rendered_commands }}" config: validation: strict log_martians: true syn_cookies: true twa_hazards_protection: true ping: all: true broadcast: true state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: SALES-HOSTS description: Sales office hosts address list members: - address: 192.0.2.1 - address: 192.0.2.2 - address: 192.0.2.3 - name: ENG-HOSTS description: Sales office hosts address list members: - address: 192.0.3.1 - address: 192.0.3.2 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 deleted: commands: "{{ deleted_commands }}" after: [] round_trip: after: validation: strict log_martians: false syn_cookies: false twa_hazards_protection: false ping: all: false broadcast: false state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: MGMT-HOSTS description: This group has the Management hosts address list members: - address: 192.0.1.1 - address: 192.0.1.3 - address: 192.0.1.5 afi: ipv4 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 afi: ipv4 forward_config: validation: strict log_martians: true syn_cookies: true twa_hazards_protection: true ping: all: true broadcast: true state_policy: - connection_type: established action: accept log: true - connection_type: invalid action: reject route_redirects: - afi: ipv4 ip_src_route: true icmp_redirects: send: true receive: false group: address_group: - name: MGMT-HOSTS description: This group has the Management hosts address list members: - address: 192.0.1.1 - address: 192.0.1.3 - address: 192.0.1.5 network_group: - name: MGMT description: This group has the Management network addresses members: - address: 192.0.1.0/24 revert_config: validation: strict log_martians: false syn_cookies: false twa_hazards_protection: false ping: all: false broadcast: false