summaryrefslogtreecommitdiff
path: root/test/integration/targets/vyos_firewall_rules/tests
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration/targets/vyos_firewall_rules/tests')
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/_parsed_config.cfg25
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/_populate.yaml31
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/_remove_config.yaml8
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/deleted.yaml50
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/deleted_afi.yaml46
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/deleted_all.yaml44
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/deleted_rule.yaml49
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/empty_config.yaml58
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/gathered.yaml31
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/merged.yaml87
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/overridden.yaml60
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/parsed.yaml39
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/rendered.yaml63
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/replaced.yaml65
-rw-r--r--test/integration/targets/vyos_firewall_rules/tests/cli/rtt.yaml87
15 files changed, 0 insertions, 743 deletions
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/_parsed_config.cfg b/test/integration/targets/vyos_firewall_rules/tests/cli/_parsed_config.cfg
deleted file mode 100644
index b54c10948c..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/_parsed_config.cfg
+++ /dev/null
@@ -1,25 +0,0 @@
-set firewall group address-group 'inbound'
-set firewall ipv6-name UPLINK default-action 'accept'
-set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'
-set firewall ipv6-name UPLINK rule 1 action 'accept'
-set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible'
-set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec'
-set firewall ipv6-name UPLINK rule 2 action 'accept'
-set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible'
-set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec'
-set firewall name INBOUND default-action 'accept'
-set firewall name INBOUND description 'IPv4 INBOUND rule set'
-set firewall name INBOUND rule 101 action 'accept'
-set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'
-set firewall name INBOUND rule 101 ipsec 'match-ipsec'
-set firewall name INBOUND rule 102 action 'reject'
-set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'
-set firewall name INBOUND rule 102 ipsec 'match-ipsec'
-set firewall name INBOUND rule 103 action 'accept'
-set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'
-set firewall name INBOUND rule 103 destination group address-group 'inbound'
-set firewall name INBOUND rule 103 source address '192.0.2.0'
-set firewall name INBOUND rule 103 state established 'enable'
-set firewall name INBOUND rule 103 state invalid 'disable'
-set firewall name INBOUND rule 103 state new 'disable'
-set firewall name INBOUND rule 103 state related 'enable'
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/_populate.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/_populate.yaml
deleted file mode 100644
index ae6e17a188..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/_populate.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-- name: Setup
- cli_config:
- config: "{{ lines }}"
- vars:
- lines: |
- set firewall group address-group 'inbound'
- set firewall ipv6-name UPLINK default-action 'accept'
- set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'
- set firewall ipv6-name UPLINK rule 1 action 'accept'
- set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible'
- set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec'
- set firewall ipv6-name UPLINK rule 2 action 'accept'
- set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible'
- set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec'
- set firewall name INBOUND default-action 'accept'
- set firewall name INBOUND description 'IPv4 INBOUND rule set'
- set firewall name INBOUND rule 101 action 'accept'
- set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'
- set firewall name INBOUND rule 101 ipsec 'match-ipsec'
- set firewall name INBOUND rule 102 action 'reject'
- set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'
- set firewall name INBOUND rule 102 ipsec 'match-ipsec'
- set firewall name INBOUND rule 103 action 'accept'
- set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'
- set firewall name INBOUND rule 103 destination group address-group 'inbound'
- set firewall name INBOUND rule 103 source address '192.0.2.0'
- set firewall name INBOUND rule 103 state established 'enable'
- set firewall name INBOUND rule 103 state invalid 'disable'
- set firewall name INBOUND rule 103 state new 'disable'
- set firewall name INBOUND rule 103 state related 'enable'
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/_remove_config.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/_remove_config.yaml
deleted file mode 100644
index 9a9aff9103..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/_remove_config.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Remove Config
- cli_config:
- config: "{{ lines }}"
- vars:
- lines: |
- delete firewall ipv6-name
- delete firewall name
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/deleted.yaml
deleted file mode 100644
index 881c19349b..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
----
-- debug:
- msg: "Start vyos_firewall_rules deleted integration tests ansible_connection={{ ansible_connection }}"
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Delete firewall rule set.
- vyos_firewall_rules: &deleted_rs
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- state: deleted
- register: result
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that the correct set of commands were generated
- assert:
- that:
- - "{{ deleted_rs['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that the after dicts were correctly generated
- assert:
- that:
- - "{{ deleted_rs['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Delete attributes of given interfaces (IDEMPOTENT)
- vyos_firewall_rules: *deleted_rs
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result.changed == false"
- - "result.commands|length == 0"
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ deleted_rs['after'] | symmetric_difference(result['before']) |length == 0 }}"
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_afi.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_afi.yaml
deleted file mode 100644
index 1502e86bf4..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_afi.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
----
-- debug:
- msg: "Start vyos_firewall_rules deleted integration tests ansible_connection={{ ansible_connection }}"
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Delete firewall rule.
- vyos_firewall_rules: &deleted_afi
- config:
- - afi: 'ipv6'
- - afi: 'ipv4'
- state: deleted
- register: result
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that the correct set of commands were generated
- assert:
- that:
- - "{{ deleted_afi_all['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that the after dicts were correctly generated
- assert:
- that:
- - "{{ deleted_afi_all['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Delete attributes of given interfaces (IDEMPOTENT)
- vyos_firewall_rules: *deleted_afi
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result.changed == false"
- - "result.commands|length == 0"
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ deleted_afi_all['after'] | symmetric_difference(result['before']) |length == 0 }}"
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_all.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_all.yaml
deleted file mode 100644
index 60c7a67284..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_all.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
----
-- debug:
- msg: "Start vyos_firewall_rules deleted integration tests ansible_connection={{ ansible_connection }}"
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Delete all the firewall rules.
- vyos_firewall_rules: &deleted_all
- config:
- state: deleted
- register: result
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that the correct set of commands were generated
- assert:
- that:
- - "{{ deleted_afi_all['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that the after dicts were correctly generated
- assert:
- that:
- - "{{ deleted_afi_all['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Delete attributes of given interfaces (IDEMPOTENT)
- vyos_firewall_rules: *deleted_all
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result.changed == false"
- - "result.commands|length == 0"
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ deleted_afi_all['after'] | symmetric_difference(result['before']) |length == 0 }}"
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_rule.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_rule.yaml
deleted file mode 100644
index 7ecdcb380c..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/deleted_rule.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-- debug:
- msg: "Start vyos_firewall_rules deleted integration tests ansible_connection={{ ansible_connection }}"
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Delete firewall rule.
- vyos_firewall_rules: &deleted_r
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- rules:
- - number: 1
- state: deleted
- register: result
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that the correct set of commands were generated
- assert:
- that:
- - "{{ deleted_r['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that the after dicts were correctly generated
- assert:
- that:
- - "{{ deleted_r['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Delete attributes of given interfaces (IDEMPOTENT)
- vyos_firewall_rules: *deleted_r
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result.changed == false"
- - "result.commands|length == 0"
-
- - name: Assert that the before dicts were correctly generated
- assert:
- that:
- - "{{ deleted_r['after'] | symmetric_difference(result['before']) |length == 0 }}"
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/empty_config.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/empty_config.yaml
deleted file mode 100644
index 262b3059e5..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/empty_config.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules empty_config integration tests on connection={{ ansible_connection }}"
-
-- name: Merged with empty config should give appropriate error message
- vyos_firewall_rules:
- config:
- state: merged
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.msg == 'value of config parameter must not be empty for state merged'
-
-- name: Replaced with empty config should give appropriate error message
- vyos_firewall_rules:
- config:
- state: replaced
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.msg == 'value of config parameter must not be empty for state replaced'
-
-- name: Overridden with empty config should give appropriate error message
- vyos_firewall_rules:
- config:
- state: overridden
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.msg == 'value of config parameter must not be empty for state overridden'
-
-- name: Parsed with empty running_config should give appropriate error message
- vyos_firewall_rules:
- running_config:
- state: parsed
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.msg == 'value of running_config parameter must not be empty for state parsed'
-
-- name: Rendered with empty config should give appropriate error message
- vyos_firewall_rules:
- config:
- state: rendered
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.msg == 'value of config parameter must not be empty for state rendered'
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/gathered.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/gathered.yaml
deleted file mode 100644
index 5a0bac753b..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/gathered.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules gathered integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Merge the provided configuration with the exisiting running configuration
- vyos_firewall_rules: &gathered
- config:
- state: gathered
- register: result
-
- - name: Assert that gathered dicts was correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['gathered']) |length == 0 }}"
-
- - name: Gather the existing running configuration (IDEMPOTENT)
- vyos_firewall_rules: *gathered
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/merged.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/merged.yaml
deleted file mode 100644
index 596f4a143d..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/merged.yaml
+++ /dev/null
@@ -1,87 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules merged integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _populate.yaml
-
-- include_tasks: _remove_config.yaml
-
-- block:
- - name: Merge the provided configuration with the exisiting running configuration
- vyos_firewall_rules: &merged
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- description: 'This is ipv6 specific rule-set'
- default_action: 'accept'
- rules:
- - number: 1
- action: 'accept'
- description: 'Fwipv6-Rule 1 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 2
- action: 'accept'
- description: 'Fwipv6-Rule 2 is configured by Ansible'
- ipsec: 'match-ipsec'
-
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 101
- action: 'accept'
- description: 'Rule 101 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 102
- action: 'reject'
- description: 'Rule 102 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 103
- action: 'accept'
- description: 'Rule 103 is configured by Ansible'
- destination:
- group:
- address_group: 'inbound'
- source:
- address: '192.0.2.0'
- state:
- established: true
- new: false
- invalid: false
- related: true
- state: merged
- register: result
-
- - name: Assert that before dicts were correctly generated
- assert:
- that: "{{ merged['before'] | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that correct set of commands were generated
- assert:
- that:
- - "{{ merged['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that after dicts was correctly generated
- assert:
- that:
- - "{{ merged['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Merge the provided configuration with the existing running configuration (IDEMPOTENT)
- vyos_firewall_rules: *merged
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- - name: Assert that before dicts were correctly generated
- assert:
- that:
- - "{{ merged['after'] | symmetric_difference(result['before']) |length == 0 }}"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/overridden.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/overridden.yaml
deleted file mode 100644
index d902f4791e..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/overridden.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules overridden integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Overrides all device configuration with provided configuration
- vyos_firewall_rules: &overridden
- config:
- - afi: 'ipv4'
- rule_sets:
- - name: 'Downlink'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 501
- action: 'accept'
- description: 'Rule 501 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 502
- action: 'reject'
- description: 'Rule 502 is configured by Ansible'
- ipsec: 'match-ipsec'
- state: overridden
- register: result
-
- - name: Assert that before dicts were correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that correct commands were generated
- assert:
- that:
- - "{{ overridden['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that after dicts were correctly generated
- assert:
- that:
- - "{{ overridden['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Overrides all device configuration with provided configurations (IDEMPOTENT)
- vyos_firewall_rules: *overridden
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- - name: Assert that before dicts were correctly generated
- assert:
- that:
- - "{{ overridden['after'] | symmetric_difference(result['before']) |length == 0 }}"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/parsed.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/parsed.yaml
deleted file mode 100644
index 7fb066da00..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/parsed.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules parsed integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Gather firewall_rules facts
- vyos_facts:
- gather_subset:
- - default
- gather_network_resources:
- - firewall_rules
- register: firewall_rules_facts
-
- - name: Provide the running configuration for parsing (config to be parsed)
- vyos_firewall_rules: &parsed
- running_config:
- "{{ lookup('file', '_parsed_config.cfg') }}"
- state: parsed
- register: result
-
- - name: Assert that correct parsing done
- assert:
- that: "{{ ansible_facts['network_resources']['firewall_rules'] | symmetric_difference(result['parsed']) |length == 0 }}"
-
- - name: Gather the existing running configuration (IDEMPOTENT)
- vyos_firewall_rules: *parsed
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/rendered.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/rendered.yaml
deleted file mode 100644
index 958550e211..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/rendered.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules rendered integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Structure provided configuration into device specific commands
- vyos_firewall_rules: &rendered
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- description: 'This is ipv6 specific rule-set'
- default_action: 'accept'
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 101
- action: 'accept'
- description: 'Rule 101 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 102
- action: 'reject'
- description: 'Rule 102 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 103
- action: 'accept'
- description: 'Rule 103 is configured by Ansible'
- destination:
- group:
- address_group: 'inbound'
- source:
- address: '192.0.2.0'
- state:
- established: true
- new: false
- invalid: false
- related: true
- state: rendered
- register: result
-
- - name: Assert that correct set of commands were generated
- assert:
- that:
- - "{{ rendered['commands'] | symmetric_difference(result['rendered']) |length == 0 }}"
-
- - name: Structure provided configuration into device specific commands (IDEMPOTENT)
- vyos_firewall_rules: *rendered
- register: result
-
- - name: Assert that the previous task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/replaced.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/replaced.yaml
deleted file mode 100644
index 164ff18707..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/replaced.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules replaced integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- include_tasks: _populate.yaml
-
-- block:
- - name: Replace device configurations of listed firewall rules with provided configurations
- vyos_firewall_rules: &replaced
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- description: 'This is ipv6 specific rule-set'
- default_action: 'accept'
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 101
- action: 'accept'
- description: 'Rule 101 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 104
- action: 'reject'
- description: 'Rule 104 is configured by Ansible'
- ipsec: 'match-none'
- state: replaced
- register: result
-
- - name: Assert that correct set of commands were generated
- assert:
- that:
- - "{{ replaced['commands'] | symmetric_difference(result['commands']) |length == 0 }}"
-
- - name: Assert that before dicts are correctly generated
- assert:
- that:
- - "{{ populate | symmetric_difference(result['before']) |length == 0 }}"
-
- - name: Assert that after dict is correctly generated
- assert:
- that:
- - "{{ replaced['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Replace device configurations of listed firewall rules with provided configurarions (IDEMPOTENT)
- vyos_firewall_rules: *replaced
- register: result
-
- - name: Assert that task was idempotent
- assert:
- that:
- - "result['changed'] == false"
-
- - name: Assert that before dict is correctly generated
- assert:
- that:
- - "{{ replaced['after'] | symmetric_difference(result['before']) |length == 0 }}"
-
- always:
- - include_tasks: _remove_config.yaml
diff --git a/test/integration/targets/vyos_firewall_rules/tests/cli/rtt.yaml b/test/integration/targets/vyos_firewall_rules/tests/cli/rtt.yaml
deleted file mode 100644
index 921defb9d6..0000000000
--- a/test/integration/targets/vyos_firewall_rules/tests/cli/rtt.yaml
+++ /dev/null
@@ -1,87 +0,0 @@
----
-- debug:
- msg: "START vyos_firewall_rules round trip integration tests on connection={{ ansible_connection }}"
-
-- include_tasks: _remove_config.yaml
-
-- block:
- - name: Apply the provided configuration (base config)
- vyos_firewall_rules:
- config:
- - afi: 'ipv6'
- rule_sets:
- - name: 'UPLINK'
- description: 'This is ipv6 specific rule-set'
- default_action: 'accept'
- rules:
- - number: 1
- action: 'accept'
- description: 'Fwipv6-Rule 1 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 2
- action: 'accept'
- description: 'Fwipv6-Rule 2 is configured by Ansible'
- ipsec: 'match-ipsec'
-
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 101
- action: 'accept'
- description: 'Rule 101 is configured by Ansible'
- ipsec: 'match-ipsec'
- - number: 102
- action: 'reject'
- description: 'Rule 102 is configured by Ansible'
- ipsec: 'match-ipsec'
- state: merged
- register: base_config
-
- - name: Gather firewall_rules facts
- vyos_facts:
- gather_subset:
- - default
- gather_network_resources:
- - firewall_rules
-
- - name: Apply the provided configuration (config to be reverted)
- vyos_firewall_rules:
- config:
- - afi: 'ipv4'
- rule_sets:
- - name: 'INBOUND'
- description: 'IPv4 INBOUND rule set'
- default_action: 'accept'
- rules:
- - number: 103
- action: 'accept'
- description: 'Rule 103 is configured by Ansible'
- source:
- address: '192.0.2.0'
- state:
- established: true
- new: false
- invalid: false
- related: true
- state: merged
- register: result
-
- - name: Assert that changes were applied
- assert:
- that: "{{ round_trip['after'] | symmetric_difference(result['after']) |length == 0 }}"
-
- - name: Revert back to base config using facts round trip
- vyos_firewall_rules:
- config: "{{ ansible_facts['network_resources']['firewall_rules'] }}"
- state: overridden
- register: revert
-
- - name: Assert that config was reverted
- assert:
- that: "{{ base_config['after'] | symmetric_difference(revert['after']) |length == 0 }}"
-
- always:
- - include_tasks: _remove_config.yaml
View Lorry Controller Status