diff options
Diffstat (limited to 'test/integration/targets/eos_acls')
18 files changed, 956 insertions, 0 deletions
diff --git a/test/integration/targets/eos_acls/defaults/main.yaml b/test/integration/targets/eos_acls/defaults/main.yaml new file mode 100644 index 0000000000..164afead28 --- /dev/null +++ b/test/integration/targets/eos_acls/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: "[^_].*" +test_items: [] diff --git a/test/integration/targets/eos_acls/meta/main.yaml b/test/integration/targets/eos_acls/meta/main.yaml new file mode 100644 index 0000000000..e5c8cd02f0 --- /dev/null +++ b/test/integration/targets/eos_acls/meta/main.yaml @@ -0,0 +1,2 @@ +dependencies: + - prepare_eos_tests diff --git a/test/integration/targets/eos_acls/tasks/cli.yaml b/test/integration/targets/eos_acls/tasks/cli.yaml new file mode 100644 index 0000000000..66941b1f49 --- /dev/null +++ b/test/integration/targets/eos_acls/tasks/cli.yaml @@ -0,0 +1,18 @@ +--- +- name: collect all cli test cases + find: + paths: "{{ role_path }}/tests/common" + patterns: "{{ testcase }}.yaml" + use_regex: true + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: run test cases (connection=network_cli) + include: "{{ test_case_to_run }} ansible_connection=network_cli" + with_items: "{{ test_items }}" + loop_control: + loop_var: test_case_to_run + tags: connection_network_cli diff --git a/test/integration/targets/eos_acls/tasks/eapi.yaml b/test/integration/targets/eos_acls/tasks/eapi.yaml new file mode 100644 index 0000000000..cb5f04d80c --- /dev/null +++ b/test/integration/targets/eos_acls/tasks/eapi.yaml @@ -0,0 +1,16 @@ +--- +- name: collect all eapi test cases + find: + paths: "{{ role_path }}/tests/common" + patterns: "{{ testcase }}.yaml" + delegate_to: localhost + register: test_cases + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: run test cases (connection=httpapi) + include: "{{ test_case_to_run }} ansible_connection=httpapi" + with_items: "{{ test_items }}" + loop_control: + loop_var: test_case_to_run diff --git a/test/integration/targets/eos_acls/tasks/main.yaml b/test/integration/targets/eos_acls/tasks/main.yaml new file mode 100644 index 0000000000..970e74171e --- /dev/null +++ b/test/integration/targets/eos_acls/tasks/main.yaml @@ -0,0 +1,3 @@ +--- +- { include: cli.yaml, tags: ['cli'] } +- { include: eapi.yaml, tags: ['eapi'] } diff --git a/test/integration/targets/eos_acls/tests/common/_parsed.cfg b/test/integration/targets/eos_acls/tests/common/_parsed.cfg new file mode 100644 index 0000000000..11758ce538 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/_parsed.cfg @@ -0,0 +1,4 @@ +ip access-list test1 +35 deny tcp 20.0.0.0/8 any log +45 remark Run by ansible +55 permit tcp any any diff --git a/test/integration/targets/eos_acls/tests/common/_parsed_cfg.yaml b/test/integration/targets/eos_acls/tests/common/_parsed_cfg.yaml new file mode 100644 index 0000000000..5a655ce534 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/_parsed_cfg.yaml @@ -0,0 +1,11 @@ +--- +- name: Setup + cli_config: + config: "{{ lines }}" + become: yes + vars: + lines: | + ip access-list test1 + 35 deny tcp 20.0.0.0/8 any log + 45 remark Run by ansible + 55 permit tcp any any diff --git a/test/integration/targets/eos_acls/tests/common/_populate.yaml b/test/integration/targets/eos_acls/tests/common/_populate.yaml new file mode 100644 index 0000000000..07ed5b9673 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/_populate.yaml @@ -0,0 +1,49 @@ +--- +- name: Setup + eos_acls: &merged + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + - grant: "permit" + protocol: "6" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + source: + any: true + port_protocol: + eq: "25" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + log: "true" + source: + any: true + state: merged + become: yes + register: result diff --git a/test/integration/targets/eos_acls/tests/common/_remove_config.yaml b/test/integration/targets/eos_acls/tests/common/_remove_config.yaml new file mode 100644 index 0000000000..a8a351d80b --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/_remove_config.yaml @@ -0,0 +1,8 @@ +--- +- name: Setup + eos_acls: + config: + - afi: "ipv4" + - afi: "ipv6" + state: deleted + become: yes diff --git a/test/integration/targets/eos_acls/tests/common/deleted.yaml b/test/integration/targets/eos_acls/tests/common/deleted.yaml new file mode 100644 index 0000000000..750e214d49 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/deleted.yaml @@ -0,0 +1,168 @@ +--- +- debug: + msg: "Start eos_acls deleted integration tests ansible_connection={{ ansible_connection }}" + +- include_tasks: _populate.yaml + +- set_fact: + config1: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 55 + grant: "permit" + protocol: "tcp" + source: + any: true + destination: + any: true + - remark: "Run by ansible" + sequence: 45 + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + sequence: 10 + log: "true" + source: + any: true + +- set_fact: + config2: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + sequence: 45 + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" +- set_fact: + config3: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + sequence: 45 + +- block: + - name: Delete attributes of given acls. + eos_acls: + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + state: deleted + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 2" + - "result.changed == true" + - "ansible_facts.network_resources.acls|symmetric_difference(result.after) == [] " + become: yes + + - name: Delete afi of given acls. + eos_acls: + config: + - afi: "ipv6" + state: deleted + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 1" + - "result.changed == true" + - "ansible_facts.network_resources.acls|symmetric_difference(result.after) == [] " + become: yes + + - name: Delete attributes of given named acl. + eos_acls: + config: + - afi: "ipv4" + acls: + - name: test4 + state: deleted + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 1" + - "result.changed == true" + - "ansible_facts.network_resources.acls|symmetric_difference(result.after) == [] " + become: yes + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/gathered.yaml b/test/integration/targets/eos_acls/tests/common/gathered.yaml new file mode 100644 index 0000000000..0baedb13af --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/gathered.yaml @@ -0,0 +1,37 @@ +--- +- debug: + msg: "START eos_acls gathered integration tests on connection={{ ansible_connection }}" + + +- include_tasks: _populate.yaml + +- block: + - name: Gathered the provided configuration with the exisiting running configuration + eos_acls: &gathered + config: + state: gathered + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - name: Assert + assert: + that: + - "ansible_facts.network_resources.acls | symmetric_difference(result.gathered) == []" + + + - name: Gather the existing running configuration (IDEMPOTENT) + eos_acls: *gathered + become: yes + register: result + + - name: Assert that the previous task was idempotent + assert: + that: + - "result['changed'] == false" + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/merged.yaml b/test/integration/targets/eos_acls/tests/common/merged.yaml new file mode 100644 index 0000000000..9bfd233805 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/merged.yaml @@ -0,0 +1,152 @@ +--- +- debug: + msg: "Start eos_acls merged integration tests ansible_connection={{ ansible_connection }}" + + +- set_fact: + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + sequence: 45 + - grant: "permit" + sequence: 55 + protocol: "tcp" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + sequence: 10 + log: "true" + source: + any: true + +- block: + - name: merge attributes of given acls. + eos_acls: &merged + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + - grant: "permit" + protocol: "6" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + source: + any: true + port_protocol: + eq: "25" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + log: "true" + source: + any: true + state: merged + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 8" + - "result.changed == true" + become: yes + + - name: Idempotency check + eos_acls: *merged + become: yes + register: result + + - assert: + that: + - "result.changed == false" + - "result.commands|length == 0" + - "ansible_facts.network_resources.acls|symmetric_difference(result.before) == []" + + - name: merge attributes with an existing ace + eos_acls: + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + log: true + ttl: + eq: 33 + source: + any: true + state: merged + become: yes + register: result + + - assert: + that: + - "result.changed == true" + - "result.commands|length == 3" + - "'no 35' in result.commands" + - "'35 deny tcp any any ttl eq 33 log' in result.commands" + + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/overridden.yaml b/test/integration/targets/eos_acls/tests/common/overridden.yaml new file mode 100644 index 0000000000..4c8e51998e --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/overridden.yaml @@ -0,0 +1,71 @@ +--- +- debug: + msg: "Start eos_acls merged integration tests ansible_connection={{ ansible_connection }}" + +- include_tasks: _populate.yaml + +- set_fact: + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 10 + grant: "permit" + protocol: "ospf" + source: + any: true + destination: + any: true + log: true + +- block: + - name: overriden attributes with given acls. + eos_acls: &overridden + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - grant: "permit" + sequence: 10 + protocol: "ospf" + source: + any: true + destination: + any: true + log: true + state: overridden + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 8" + - "result.changed == true" + - "'ip access-list test1' in result.commands" + - "'10 permit ospf any any log' in result.commands" + - "ansible_facts.network_resources.acls|symmetric_difference(result.after) == []" + become: yes + + - name: Idempotency check + eos_acls: *overridden + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.changed == false" + - "result.commands|length == 0" + - "ansible_facts.network_resources.acls|symmetric_difference(result.before) == []" + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/parsed.yaml b/test/integration/targets/eos_acls/tests/common/parsed.yaml new file mode 100644 index 0000000000..ffadce84ed --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/parsed.yaml @@ -0,0 +1,29 @@ +--- +- debug: + msg: "START eos_acls parsed integration tests on connection={{ ansible_connection }}" + +- include_tasks: _parsed_cfg.yaml + +- name: Gather acls facts + eos_facts: + gather_subset: + - default + gather_network_resources: + - acls + become: yes + register: acls_facts + +- name: Provide the running configuration for parsing (config to be parsed) + eos_acls: &parsed + running_config: + "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + become: yes + register: result + +- assert: + that: + - "result.changed == false" + - "ansible_facts.network_resources.acls|symmetric_difference(result.parsed) == []" + +- include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/rendered.yaml b/test/integration/targets/eos_acls/tests/common/rendered.yaml new file mode 100644 index 0000000000..f447c52ac0 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/rendered.yaml @@ -0,0 +1,80 @@ +--- +- debug: + msg: "START eos_acls rendered integration tests on connection={{ ansible_connection }}" + + +- block: + - name: Structure provided configuration into device specific commands + eos_acls: &rendered + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + - grant: "permit" + protocol: "6" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + source: + any: true + port_protocol: + eq: "25" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + log: "true" + source: + any: true + state: rendered + become: yes + register: result + + + - name: Assert that correct set of commands were generated + vars: + lines: + - ip access-list test1 + - 35 deny tcp 20.0.0.0/8 any log + - remark Run by ansible + - permit tcp any any + - ip access-list test4 + - permit tcp any eq smtp any eq www ttl eq 55 + - ipv6 access-list standard test2 + - permit any log + + assert: + that: + - "{{ lines | symmetric_difference(result['rendered']) |length == 0 }}" + + - name: Structure provided configuration into device specific commands (IDEMPOTENT) + eos_acls: *rendered + register: result + + - name: Assert that the previous task was idempotent + assert: + that: + - "result['changed'] == false" diff --git a/test/integration/targets/eos_acls/tests/common/replaced.yaml b/test/integration/targets/eos_acls/tests/common/replaced.yaml new file mode 100644 index 0000000000..068e177ef5 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/replaced.yaml @@ -0,0 +1,94 @@ +--- +- debug: + msg: "Start eos_acls replaced integration tests ansible_connection={{ ansible_connection }}" + +- include_tasks: _populate.yaml + +- set_fact: + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 10 + grant: "permit" + protocol: "ospf" + source: + any: true + destination: + any: true + log: true + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + sequence: 10 + log: "true" + source: + any: true + +- block: + - name: replace attributes with given acls. + eos_acls: &replaced + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - grant: "permit" + sequence: 10 + protocol: "ospf" + source: + any: true + destination: + any: true + log: true + state: replaced + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.commands|length == 5" + - "result.changed == true" + - "ansible_facts.network_resources.acls|symmetric_difference(result.after) == []" + become: yes + + - name: Idempotency check + eos_acls: *replaced + become: yes + register: result + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "result.changed == false" + - "result.commands|length == 0" + - "ansible_facts.network_resources.acls|symmetric_difference(result.before) == []" + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/tests/common/rtt.yaml b/test/integration/targets/eos_acls/tests/common/rtt.yaml new file mode 100644 index 0000000000..4b78a8e782 --- /dev/null +++ b/test/integration/targets/eos_acls/tests/common/rtt.yaml @@ -0,0 +1,101 @@ +--- +- debug: + msg: "Start eos_acls round trip integration tests ansible_connection={{ ansible_connection }}" + + +- block: + - name: merge attributes of given acls(apply base config). + eos_acls: &merged + config: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + - grant: "permit" + protocol: "6" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + source: + any: true + port_protocol: + eq: "25" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + log: "true" + source: + any: true + state: merged + become: yes + register: base_config + + - eos_facts: + gather_network_resources: acls + become: yes + + - assert: + that: + - "base_config.commands|length == 8" + - "base_config.changed == true" + - "ansible_facts.network_resources.acls|symmetric_difference(base_config.after) == []" + + - name: Apply the provided configuration (config to be reverted) + eos_acls: + config: + - afi: "ipv4" + acls: + - name: test3 + aces: + - sequence: 100 + grant: "permit" + protocol: "icmp" + source: + any: true + destination: + any: true + log: true + become: yes + register: result + + - name: Assert that changes were applied + assert: + that: + - "{{ round_trip['commands'] | symmetric_difference(result['commands']) |length == 0 }}" + + - name: Revert back to base config using facts round trip + eos_acls: + config: "{{ ansible_facts['network_resources']['acls'] }}" + state: overridden + become: yes + register: revert + + - name: Assert that config was reverted + assert: + that: "{{ base_config['after'] | symmetric_difference(revert['after']) |length == 0 }}" + + always: + - include_tasks: _remove_config.yaml diff --git a/test/integration/targets/eos_acls/vars/main.yaml b/test/integration/targets/eos_acls/vars/main.yaml new file mode 100644 index 0000000000..3efbfb76fa --- /dev/null +++ b/test/integration/targets/eos_acls/vars/main.yaml @@ -0,0 +1,110 @@ +round_trip: + after: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + sequence: 45 + - grant: "permit" + sequence: 55 + protocol: "tcp" + source: + any: true + destination: + any: true + - name: test3 + aces: + - sequence: 100 + grant: "permit" + protocol: "icmp" + source: + any: true + destination: + any: true + log: true + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + sequence: 10 + log: true + source: + any: true + + commands: + - "ip access-list test3" + - "100 permit icmp any any log" + +base_config: + after: + - afi: "ipv4" + acls: + - name: test1 + aces: + - sequence: 35 + grant: "deny" + protocol: "tcp" + source: + subnet_address: 20.0.0.0/8 + destination: + any: true + log: true + - remark: "Run by ansible" + sequence: 45 + - grant: "permit" + sequence: 55 + protocol: "tcp" + source: + any: true + destination: + any: true + - name: test4 + aces: + - grant: "permit" + sequence: 10 + source: + any: true + port_protocol: + eq: "smtp" + destination: + any: true + port_protocol: + eq: "www" + protocol: "tcp" + ttl: + eq: "55" + - afi: "ipv6" + acls: + - name: test2 + standard: true + aces: + - grant: "permit" + log: "true" + source: + any: true |