summaryrefslogtreecommitdiff
path: root/test/integration/targets/cs_securitygroup_rule/tasks/absent.yml
blob: 8ee080a8aef7b4516181be1580ee5cd5d624f113 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

- name: test remove http range rule
  cs_securitygroup_rule:
    security_group: default
    start_port: 8000
    end_port: 8888
    cidr: 1.2.3.4/32
    state: absent
  register: sg_rule
- name: verify create http range rule
  assert:
    that:
    - sg_rule|success
    - sg_rule|changed
    - sg_rule.type == 'ingress'
    - sg_rule.security_group == 'default'
    - sg_rule.protocol == 'tcp'
    - sg_rule.start_port == 8000
    - sg_rule.end_port == 8888
    - sg_rule.cidr == '1.2.3.4/32'

- name: test remove http range rule idempotence
  cs_securitygroup_rule:
    security_group: default
    start_port: 8000
    end_port: 8888
    cidr: 1.2.3.4/32
    state: absent
  register: sg_rule
- name: verify create http range rule idempotence
  assert:
    that:
    - sg_rule|success
    - not sg_rule|changed

- name: test remove single port udp rule
  cs_securitygroup_rule:
    security_group: default
    port: 5353
    protocol: udp
    type: egress
    user_security_group: '{{ cs_resource_prefix }}_sg'
    state: absent
  register: sg_rule
- name: verify remove single port udp rule
  assert:
    that:
    - sg_rule|success
    - sg_rule|changed
    - sg_rule.type == 'egress'
    - sg_rule.security_group == 'default'
    - sg_rule.protocol == 'udp'
    - sg_rule.start_port == 5353
    - sg_rule.end_port == 5353
    - sg_rule.user_security_group == '{{ cs_resource_prefix }}_sg'

- name: test remove single port udp rule idempotence
  cs_securitygroup_rule:
    security_group: default
    port: 5353
    protocol: udp
    type: egress
    user_security_group: '{{ cs_resource_prefix }}_sg'
    state: absent
  register: sg_rule
- name: verify remove single port udp rule idempotence
  assert:
    that:
    - sg_rule|success
    - not sg_rule|changed

- name: test remove icmp rule
  cs_securitygroup_rule:
    security_group: default
    protocol: icmp
    type: ingress
    icmp_type: -1
    icmp_code: -1
    state: absent
  register: sg_rule
- name: verify icmp rule
  assert:
    that:
    - sg_rule|success
    - sg_rule|changed
    - sg_rule.type == 'ingress'
    - sg_rule.security_group == 'default'
    - sg_rule.cidr == '0.0.0.0/0'
    - sg_rule.protocol == 'icmp'
    - sg_rule.icmp_code == -1
    - sg_rule.icmp_type == -1

- name: test remove icmp rule idempotence
  cs_securitygroup_rule:
    security_group: default
    protocol: icmp
    type: ingress
    icmp_type: -1
    icmp_code: -1
    state: absent
  register: sg_rule
- name: verify icmp rule idempotence
  assert:
    that:
    - sg_rule|success
    - not sg_rule|changed
View Lorry Controller Status