diff options
Diffstat (limited to 'test/integration')
| -rw-r--r-- | test/integration/targets/asa_og/defaults/main.yaml | 2 | ||||
| -rw-r--r-- | test/integration/targets/asa_og/tasks/cli.yaml | 22 | ||||
| -rw-r--r-- | test/integration/targets/asa_og/tasks/main.yaml | 2 | ||||
| -rw-r--r-- | test/integration/targets/asa_og/tests/cli/asa_og.yaml | 541 |
4 files changed, 567 insertions, 0 deletions
diff --git a/test/integration/targets/asa_og/defaults/main.yaml b/test/integration/targets/asa_og/defaults/main.yaml new file mode 100644 index 0000000000..5f709c5aac --- /dev/null +++ b/test/integration/targets/asa_og/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +testcase: "*" diff --git a/test/integration/targets/asa_og/tasks/cli.yaml b/test/integration/targets/asa_og/tasks/cli.yaml new file mode 100644 index 0000000000..303af40762 --- /dev/null +++ b/test/integration/targets/asa_og/tasks/cli.yaml @@ -0,0 +1,22 @@ +--- +- name: collect all cli test cases + find: + paths: "{{ role_path }}/tests/cli" + patterns: "{{ testcase }}.yaml" + register: test_cases + delegate_to: localhost + +- name: set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: run test cases (connection=network_cli) + include: "{{ test_case_to_run }}" + with_items: "{{ test_items }}" + loop_control: + loop_var: test_case_to_run + +- name: run test case (connection=local) + include: "{{ test_case_to_run }} ansible_connection=local" + with_first_found: "{{ test_items }}" + loop_control: + loop_var: test_case_to_run diff --git a/test/integration/targets/asa_og/tasks/main.yaml b/test/integration/targets/asa_og/tasks/main.yaml new file mode 100644 index 0000000000..415c99d8b1 --- /dev/null +++ b/test/integration/targets/asa_og/tasks/main.yaml @@ -0,0 +1,2 @@ +--- +- { include: cli.yaml, tags: ['cli'] } diff --git a/test/integration/targets/asa_og/tests/cli/asa_og.yaml b/test/integration/targets/asa_og/tests/cli/asa_og.yaml new file mode 100644 index 0000000000..f34edcbd50 --- /dev/null +++ b/test/integration/targets/asa_og/tests/cli/asa_og.yaml @@ -0,0 +1,541 @@ +--- +- name: remove test config if any + asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 + ignore_errors: true + +- block: + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + group_object: + - aws_commonservices_eu_ie_pci_prv + - aws_commonservices_eu_ie_pci_elb_prv + + - name: STAGE 0 + asa_og: &config + name: "{{ name }}" + group_type: network-object + state: present + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + description: "{{ description }}" + group_object: "{{ group_object }}" + register: result + + - assert: &true + that: + - "result.changed == true" + + - name: idempotence check + asa_og: *config + register: result + + - assert: &false + that: + - "result.changed == false" + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + group_object: + - test_network_object_1 + + - name: STAGE 1 + asa_og: &config1 + name: "{{ name }}" + group_type: network-object + state: present + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config1 + register: result + + - assert: *false + + - name: STAGE 1/B + asa_og: + name: "{{ name }}" + group_type: network-object + state: present + register: result + + - assert: *false + + - set_fact: + name: ansible_test_1 + host_ip: + - 8.8.9.9 + address: + - 8.8.8.0 255.255.255.0 + group_object: + - test_network_object_1 + + - name: STAGE 2 + asa_og: &config2 + name: "{{ name }}" + group_type: network-object + state: present + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config2 + register: result + + - assert: *false + + - name: STAGE 2b + asa_og: &config2b + name: "{{ name }}" + group_type: network-object + state: present + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config2b + register: result + + - assert: *false + + - set_fact: + name: ansible_test_0 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + group_object: + - aws_commonservices_eu_ie_pci_prv + - aws_commonservices_eu_ie_pci_elb_prv + + - name: STAGE 3 + asa_og: &config3 + name: "{{ name }}" + group_type: network-object + state: absent + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + description: "{{ description }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config3 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + - 8.8.4.4 + address: + - 10.0.0.0 255.0.0.0 + - 192.168.0.0 255.255.0.0 + - 172.16.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + group_object: + - aws_commonservices_eu_ie_pci_prv + - aws_commonservices_eu_ie_pci_elb_prv + + - name: STAGE 4 + asa_og: &config4 + name: "{{ name }}" + group_type: network-object + state: replace + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + description: "{{ description }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config4 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_2 + host_ip: + - 8.8.8.8 + address: + - 10.0.0.0 255.0.0.0 + - 1.0.0.0 255.255.0.0 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + group_object: + - aws_commonservices_eu_ie_pci_prv + + - name: STAGE 5 + asa_og: &config5 + name: "{{ name }}" + group_type: network-object + state: replace + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + description: "{{ description }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config5 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_2 + host_ip: + - 9.9.9.9 + - 8.8.8.8 + description: th1s_IS-a_D3scrIPt10n_3xaMple- + group_object: + - test_network_object_1 + + - name: STAGE 6 + asa_og: &config6 + name: "{{ name }}" + group_type: network-object + state: replace + host_ip: "{{ host_ip }}" + ip_mask: "{{ address }}" + description: "{{ description }}" + group_object: "{{ group_object }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config6 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_3 + port_eq: + - www + - '1024' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - '1024 10024' + + - name: STAGE 7 + asa_og: &config7 + name: "{{ name }}" + protocol: tcp-udp + port_eq: "{{ port_eq }}" + port_range: "{{ port_range }}" + group_type: port-object + state: present + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config7 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - '1 100' + + - name: STAGE 8 + asa_og: &config8 + name: "{{ name }}" + protocol: tcp-udp + port_eq: "{{ port_eq }}" + port_range: "{{ port_range }}" + group_type: port-object + state: present + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config8 + register: result + + - assert: *false + + + - name: STAGE 9 + asa_og: &config9 + name: "{{ name }}" + protocol: tcp-udp + port_eq: "{{ port_eq }}" + port_range: "{{ port_range }}" + group_type: port-object + state: absent + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config9 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - '65535' + description: th1s_IS-a_D3scrIPt10n_3xaMple- + port_range: + - '1 100' + + - name: STAGE 10 + asa_og: &config10 + name: "{{ name }}" + protocol: tcp-udp + port_eq: "{{ port_eq }}" + port_range: "{{ port_range }}" + group_type: port-object + state: replace + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config10 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_3 + port_eq: + - talk + - www + - kerberos + description: th1s_ISWhatitIS + port_range: + - '1024 1234' + + - name: STAGE 11 + asa_og: &config11 + name: "{{ name }}" + protocol: tcp-udp + port_eq: "{{ port_eq }}" + port_range: "{{ port_range }}" + group_type: port-object + state: replace + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config11 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination eq 8080 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 12 + asa_og: &config12 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: present + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config12 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 13 + asa_og: &config13 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: present + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config13 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_4 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 14 + asa_og: &config14 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: absent + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config14 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + description: th1s_ISWhatitIS + + - name: STAGE 15 + asa_og: &config15 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: replace + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config15 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination range 1234 5678 + - tcp destination range 5678 6789 + - tcp destination eq www + description: th1s_ISWhatitIS + + - name: STAGE 16 + asa_og: &config16 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: replace + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config16 + register: result + + - assert: *false + + - set_fact: + name: ansible_test_5 + service_cfg: + - tcp destination eq 8080 + description: th1s_ISWhatitIS + + - name: STAGE 17 + asa_og: &config17 + name: "{{ name }}" + service_cfg: "{{ service_cfg }}" + group_type: service-object + state: replace + description: "{{ description }}" + register: result + + - assert: *true + + - name: idempotence check + asa_og: *config17 + register: result + + - assert: *false + + always: + - name: remove test config if any + asa_config: + lines: + - no object-group network ansible_test_0 + - no object-group network ansible_test_1 + - no object-group network ansible_test_2 + - no object-group service ansible_test_3 tcp-udp + - no object-group service ansible_test_4 + - no object-group service ansible_test_5 + ignore_errors: true |