diff options
| author | Shawn Wilsher <656602+sdwilsh@users.noreply.github.com> | 2021-09-20 16:25:42 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-09-20 23:25:42 +0000 |
| commit | 9e829e1b75996b6b8268ab29b105d5dfa97da441 (patch) | |
| tree | b5aed43186cf0481928ac6afcf78c73a77b69bcc /tests/unit | |
| parent | 2c13b39aee89cf39eaad64b0775fd387a5599399 (diff) | |
| download | vyos-ansible-collection-9e829e1b75996b6b8268ab29b105d5dfa97da441.tar.gz vyos-ansible-collection-9e829e1b75996b6b8268ab29b105d5dfa97da441.zip | |
Fix `vyos.vyos.vyos_firewall_rules` `state: replaced` to match documentation (#203)
Fix `vyos.vyos.vyos_firewall_rules` `state: replaced` to match documentation
SUMMARY
vyos.vyos.vyos_firewall_rules should only try to change listed firewall rules, as documented, when the state is set to replaced. As currently implemented (prior to this PR), it better matches what overridden is meant to do.
Fixes #201
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
vyos.vyos.vyos_firewall_rules
ADDITIONAL INFORMATION
Cleanup and document existing code for clarity
Add a failing idempotent test
Add a failing change test
Fix failing tests
Add change fragment
Reviewed-by: GomathiselviS <None>
Reviewed-by: Shawn Wilsher <None>
Reviewed-by: None <None>
Diffstat (limited to 'tests/unit')
| -rw-r--r-- | tests/unit/modules/network/vyos/test_vyos_firewall_rules.py | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py b/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py index 520446e..dd3dbce 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py @@ -788,7 +788,6 @@ class TestVyosFirewallRulesModule(TestVyosModule): ) commands = [ "delete firewall name V4-INGRESS rule 101 disabled", - "delete firewall name V4-EGRESS default-action", "set firewall name V4-INGRESS description 'This is IPv4 INGRESS rule set'", "set firewall name V4-INGRESS rule 101 protocol 'tcp'", "set firewall name V4-INGRESS rule 101 description 'Rule 101 is configured by Ansible RM'", @@ -854,7 +853,6 @@ class TestVyosFirewallRulesModule(TestVyosModule): ) commands = [ "delete firewall name V4-INGRESS enable-default-log", - "delete firewall name V4-EGRESS default-action", ] self.execute_module(changed=True, commands=commands) @@ -913,6 +911,38 @@ class TestVyosFirewallRulesModule(TestVyosModule): ) self.execute_module(changed=False, commands=[]) + def test_vyos_firewall_v4v6_rule_sets_rule_rep_idem_02(self): + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + rule_sets=[ + dict( + name="V4-INGRESS", + description="This is IPv4 V4-INGRESS rule set", + default_action="accept", + enable_default_log=True, + rules=[ + dict( + number="101", + action="accept", + description="Rule 101 is configured by Ansible", + ipsec="match-ipsec", + protocol="icmp", + fragment="match-frag", + disabled=True, + ), + ], + ), + ], + ), + ], + state="replaced", + ) + ) + self.execute_module(changed=False, commands=[]) + def test_vyos_firewall_v4v6_rule_sets_rule_mer_idem_01(self): set_module_args( dict( |