New module - meraki_firewalled_services (#57289)

* Initial commit for module - Module can query or modify network services on Meraki gear - Check mode supported - Integration tests included * Small change to examples * Move mutual exclusive to build in approach * Sanity err * Split integration tests into two files to avoid delegate_to * Add the integration tests, woops
author: Kevin Breit <kevin.breit@kevinbreit.net> 2019-07-26 17:39:20 +0200
committer: Paul Belanger <pabelanger@redhat.com> 2019-07-26 17:39:20 +0200
commit: db783eb2b9f38b54df30db3a24adcd46d5a55a4a (patch)
tree: 19087a4a73cd3bdb4989859241432f219c19a47a /test/integration/targets/meraki_firewalled_services
parent: unit tests: remove unused imports (#59636) (diff)
download: ansible-db783eb2b9f38b54df30db3a24adcd46d5a55a4a.tar.xz
ansible-db783eb2b9f38b54df30db3a24adcd46d5a55a4a.zip
3 files changed, 204 insertions, 0 deletions
diff --git a/test/integration/targets/meraki_firewalled_services/aliases b/test/integration/targets/meraki_firewalled_services/aliases
new file mode 100644
index 0000000000..ad7ccf7ada
--- /dev/null
+++ b/test/integration/targets/meraki_firewalled_services/aliases
@@ -0,0 +1 @@
+unsupported
diff --git a/test/integration/targets/meraki_firewalled_services/tasks/main.yml b/test/integration/targets/meraki_firewalled_services/tasks/main.yml
new file mode 100644
index 0000000000..60aa04a963
--- /dev/null
+++ b/test/integration/targets/meraki_firewalled_services/tasks/main.yml
@@ -0,0 +1,7 @@
+# Test code for the Meraki Firewalled Services module
+# Copyright: (c) 2018, Kevin Breit (@kbreit)
+
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+- name: Run test cases
+  include: tests.yml ansible_connection=local
diff --git a/test/integration/targets/meraki_firewalled_services/tasks/tests.yml b/test/integration/targets/meraki_firewalled_services/tasks/tests.yml
new file mode 100644
index 0000000000..ec23edf221
--- /dev/null
+++ b/test/integration/targets/meraki_firewalled_services/tasks/tests.yml
@@ -0,0 +1,196 @@
+# Test code for the Meraki modules
+# Copyright: (c) 2019, Kevin Breit (@kbreit)
+
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+- block:
+  - name: Create network
+    meraki_network:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      type: appliance
+    register: create
+
+  - set_fact:
+      net_id: create.data.id
+
+  - name: Set icmp service to blocked with check mode
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: ICMP
+      access: blocked
+    register: icmp_blocked_check
+    check_mode: yes
+
+  - debug:
+      var: icmp_blocked_check
+
+  - assert:
+      that:
+        - icmp_blocked_check.data is defined
+        - icmp_blocked_check is changed
+
+  - name: Set icmp service to blocked
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: ICMP
+      access: blocked
+    register: icmp_blocked
+
+  - debug:
+      var: icmp_blocked
+
+  - assert:
+      that:
+        - icmp_blocked.data is defined
+        - icmp_blocked is changed
+
+  - name: Set icmp service to blocked with idempotency
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: ICMP
+      access: blocked
+    register: icmp_blocked_idempotent
+
+  - debug:
+      var: icmp_blocked_idempotent
+
+  - assert:
+      that:
+        - icmp_blocked_idempotent.data is defined
+        - icmp_blocked_idempotent is not changed
+
+  - name: Set icmp service to restricted with check mode
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: web
+      access: restricted
+      allowed_ips:
+        - 192.0.1.1
+        - 192.0.1.2
+    check_mode: yes
+    register: web_restricted_check
+
+  - debug:
+      var: web_restricted_check
+
+  - assert:
+      that:
+        - web_restricted_check.data is defined
+        - web_restricted_check is changed
+
+  - name: Set icmp service to restricted
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: web
+      access: restricted
+      allowed_ips:
+        - 192.0.1.1
+        - 192.0.1.2
+    register: web_restricted
+
+  - debug:
+      var: web_restricted
+
+  - assert:
+      that:
+        - web_restricted.data is defined
+        - web_restricted is changed
+
+  - name: Set icmp service to restricted with idempotency
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: web
+      access: restricted
+      allowed_ips:
+        - 192.0.1.1
+        - 192.0.1.2
+    register: web_restricted_idempotent
+
+  - debug:
+      var: web_restricted_idempotent
+
+  - assert:
+      that:
+        - web_restricted_idempotent.data is defined
+        - web_restricted_idempotent is not changed
+
+  - name: Test error for access restricted and allowed_ips
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: present
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: web
+      access: unrestricted
+      allowed_ips:
+        - 192.0.1.1
+        - 192.0.1.2
+    register: access_error
+    ignore_errors: yes
+
+  - assert:
+      that:
+        - 'access_error.msg == "allowed_ips is only allowed when access is restricted."'
+
+  - name: Query appliance services
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: query
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+    register: query_appliance
+
+  - debug:
+      var: query_appliance
+
+  - assert:
+      that:
+        - query_appliance.data is defined
+
+  - name: Query services
+    meraki_firewalled_services:
+      auth_key: '{{ auth_key }}'
+      state: query
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
+      service: ICMP
+    register: query_service
+
+  - debug:
+      var: query_service
+
+  - assert:
+      that:
+        - query_service.data is defined
+
+#############################################################################
+# Tear down starts here
+#############################################################################
+  always:
+  - name: Delete all networks
+    meraki_network:
+      auth_key: '{{ auth_key }}'
+      state: absent
+      org_name: '{{test_org_name}}'
+      net_name: IntTestNetworkAppliance
author	Kevin Breit <kevin.breit@kevinbreit.net>	2019-07-26 17:39:20 +0200
committer	Paul Belanger <pabelanger@redhat.com>	2019-07-26 17:39:20 +0200
commit	db783eb2b9f38b54df30db3a24adcd46d5a55a4a (patch)
tree	19087a4a73cd3bdb4989859241432f219c19a47a /test/integration/targets/meraki_firewalled_services
parent	unit tests: remove unused imports (#59636) (diff)
download	ansible-db783eb2b9f38b54df30db3a24adcd46d5a55a4a.tar.xz ansible-db783eb2b9f38b54df30db3a24adcd46d5a55a4a.zip