mirror of https://github.com/ansible/ansible.git
nxos_acl fixes (#23915)
* Update nxos_acl * unit tests for nxos_acl * Remove nxos_acl from pep8-legacypull/24038/head
parent
bffccb5396
commit
f0914ee3c2
@ -0,0 +1,227 @@
|
||||
{
|
||||
"TABLE_ip_ipv6_mac": {
|
||||
"ROW_ip_ipv6_mac": [
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-bgp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "gt",
|
||||
"src_port1_num": "1024",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_str": "bgp",
|
||||
"dest_port1_num": "179"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_str": "bgp",
|
||||
"src_port1_num": "179",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "gt",
|
||||
"dest_port1_num": "1024"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-cts",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_num": "64999"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_num": "64999",
|
||||
"dest_any": "any"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-dhcp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_str": "bootpc",
|
||||
"src_port1_num": "68",
|
||||
"dest_any": "any"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "neq",
|
||||
"src_port1_str": "bootps",
|
||||
"src_port1_num": "67",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_str": "bootps",
|
||||
"dest_port1_num": "67"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-dhcp-relay-response",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_str": "bootps",
|
||||
"src_port1_num": "67",
|
||||
"dest_any": "any"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_str": "bootpc",
|
||||
"dest_port1_num": "68"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-eigrp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": {
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "eigrp",
|
||||
"src_any": "any",
|
||||
"dest_any": "any"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-ftp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_str": "ftp-data",
|
||||
"dest_port1_num": "20"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"dest_any": "any",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_str": "ftp",
|
||||
"dest_port1_num": "21"
|
||||
},
|
||||
{
|
||||
"seqno": 30,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_str": "ftp-data",
|
||||
"src_port1_num": "20",
|
||||
"dest_any": "any"
|
||||
},
|
||||
{
|
||||
"seqno": 40,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "tcp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_str": "ftp",
|
||||
"src_port1_num": "21",
|
||||
"dest_any": "any"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-glbp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": {
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"src_port_op": "eq",
|
||||
"src_port1_num": "3222",
|
||||
"dest_ip_prefix": "224.0.0.0/24",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_num": "3222"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"op_ip_ipv6_mac": "ip",
|
||||
"acl_name": "copp-system-p-acl-hsrp",
|
||||
"TABLE_seqno": {
|
||||
"ROW_seqno": [
|
||||
{
|
||||
"seqno": 10,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"dest_ip_prefix": "224.0.0.2/32",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_num": "1985"
|
||||
},
|
||||
{
|
||||
"seqno": 20,
|
||||
"permitdeny": "permit",
|
||||
"proto_str": "udp",
|
||||
"src_any": "any",
|
||||
"dest_ip_prefix": "224.0.0.102/32",
|
||||
"dest_port_op": "eq",
|
||||
"dest_port1_num": "1985"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -0,0 +1,77 @@
|
||||
# (c) 2016 Red Hat Inc.
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
# Make coding more python3-ish
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
import json
|
||||
|
||||
from ansible.compat.tests.mock import patch
|
||||
from ansible.modules.network.nxos import nxos_acl
|
||||
from .nxos_module import TestNxosModule, load_fixture, set_module_args
|
||||
|
||||
|
||||
class TestNxosAclModule(TestNxosModule):
|
||||
|
||||
module = nxos_acl
|
||||
|
||||
def setUp(self):
|
||||
self.mock_run_commands = patch('ansible.modules.network.nxos.nxos_acl.run_commands')
|
||||
self.run_commands = self.mock_run_commands.start()
|
||||
|
||||
self.mock_load_config = patch('ansible.modules.network.nxos.nxos_acl.load_config')
|
||||
self.load_config = self.mock_load_config.start()
|
||||
|
||||
def tearDown(self):
|
||||
self.mock_run_commands.stop()
|
||||
self.mock_load_config.stop()
|
||||
|
||||
def load_fixtures(self, commands=None):
|
||||
def load_from_file(*args, **kwargs):
|
||||
module, commands = args
|
||||
output = list()
|
||||
|
||||
for item in commands:
|
||||
try:
|
||||
obj = json.loads(item)
|
||||
command = obj['command']
|
||||
except ValueError:
|
||||
command = item
|
||||
filename = str(command).split(' | ')[0].replace(' ', '_')
|
||||
filename = 'nxos_acl/%s.txt' % filename
|
||||
output.append(load_fixture(filename))
|
||||
return output
|
||||
|
||||
self.run_commands.side_effect = load_from_file
|
||||
self.load_config.return_value = None
|
||||
|
||||
def test_nxos_acl(self):
|
||||
set_module_args(dict(name='ANSIBLE', seq=10, action='permit',
|
||||
proto='tcp', src='1.1.1.1/24', dest='any'))
|
||||
result = self.execute_module(changed=True)
|
||||
self.assertEqual(result['commands'], ['ip access-list ANSIBLE', '10 permit tcp 1.1.1.1/24 any'])
|
||||
|
||||
def test_nxos_acl_remove(self):
|
||||
set_module_args(dict(name='copp-system-p-acl-bgp', seq=10, state='absent'))
|
||||
result = self.execute_module(changed=True)
|
||||
self.assertEqual(result['commands'], ['ip access-list copp-system-p-acl-bgp', 'no 10'])
|
||||
|
||||
def test_nxos_acl_delete_acl(self):
|
||||
set_module_args(dict(name='copp-system-p-acl-bgp', state='delete_acl'))
|
||||
result = self.execute_module(changed=True)
|
||||
self.assertEqual(result['commands'], ['no ip access-list copp-system-p-acl-bgp'])
|
Loading…
Reference in New Issue