diff options
| author | ansible-zuul[bot] <48994755+ansible-zuul[bot]@users.noreply.github.com> | 2020-02-25 05:09:26 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-25 05:09:26 +0000 |
| commit | 4313b070205766e68d30cea4f49a6bad83007bb0 (patch) | |
| tree | be3cd3beea41c943836fcf8f6c87c6ea837eb8d5 /tests/unit | |
| parent | cfd3472a4d2b8906a944451341f37af1fde2dd54 (diff) | |
| parent | 1e35316ae5a079cc5466d97e873f48ae1ec574e2 (diff) | |
| download | vyos.vyos-4313b070205766e68d30cea4f49a6bad83007bb0.tar.gz vyos.vyos-4313b070205766e68d30cea4f49a6bad83007bb0.zip | |
Merge pull request #4 from CaptTrews/master
Updated from network content collector
Reviewed-by: https://github.com/apps/ansible-zuul
Diffstat (limited to 'tests/unit')
| -rw-r--r-- | tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg | 6 | ||||
| -rw-r--r-- | tests/unit/modules/network/vyos/test_vyos_firewall_global.py | 254 |
2 files changed, 260 insertions, 0 deletions
diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg new file mode 100644 index 00000000..2a2a8e8b --- /dev/null +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg @@ -0,0 +1,6 @@ +set firewall group address-group RND-HOSTS address 192.0.2.1 +set firewall group address-group RND-HOSTS address 192.0.2.3 +set firewall group address-group RND-HOSTS address 192.0.2.5 +set firewall group address-group RND-HOSTS description 'This group has the Management hosts address lists' +set firewall group network-group RND network 192.0.2.0/24 +set firewall group network-group RND description 'This group has the Management network addresses' diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_global.py b/tests/unit/modules/network/vyos/test_vyos_firewall_global.py new file mode 100644 index 00000000..0697f6e1 --- /dev/null +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_global.py @@ -0,0 +1,254 @@ +# (c) 2016 Red Hat Inc. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from ansible_collections.vyos.vyos.tests.unit.compat.mock import patch +from ansible_collections.vyos.vyos.plugins.modules import vyos_firewall_global +from ansible_collections.vyos.vyos.tests.unit.modules.utils import ( + set_module_args, +) +from .vyos_module import TestVyosModule, load_fixture + + +class TestVyosFirewallRulesModule(TestVyosModule): + + module = vyos_firewall_global + + def setUp(self): + super(TestVyosFirewallRulesModule, self).setUp() + self.mock_get_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.get_config" + ) + self.get_config = self.mock_get_config.start() + + self.mock_load_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.network.Config.load_config" + ) + self.load_config = self.mock_load_config.start() + + self.mock_get_resource_connection_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.cfg.base.get_resource_connection" + ) + self.get_resource_connection_config = ( + self.mock_get_resource_connection_config.start() + ) + + self.mock_get_resource_connection_facts = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.facts.facts.get_resource_connection" + ) + self.get_resource_connection_facts = ( + self.mock_get_resource_connection_facts.start() + ) + + self.mock_execute_show_command = patch( + "ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_global.firewall_global.Firewall_globalFacts.get_device_data" + ) + + self.execute_show_command = self.mock_execute_show_command.start() + + def tearDown(self): + super(TestVyosFirewallRulesModule, self).tearDown() + self.mock_get_resource_connection_config.stop() + self.mock_get_resource_connection_facts.stop() + self.mock_get_config.stop() + self.mock_load_config.stop() + self.mock_execute_show_command.stop() + + def load_fixtures(self, commands=None): + def load_from_file(*args, **kwargs): + return load_fixture("vyos_firewall_global_config.cfg") + + self.execute_show_command.side_effect = load_from_file + + def test_vyos_firewall_global_set_01_merged(self): + set_module_args( + dict( + config=dict( + validation="strict", + config_trap=True, + log_martians=True, + syn_cookies=True, + twa_hazards_protection=True, + ping=dict(all=True, broadcast=True), + state_policy=[ + dict( + connection_type="established", + action="accept", + log=True, + ), + dict(connection_type="invalid", action="reject"), + ], + route_redirects=[ + dict( + afi="ipv4", + ip_src_route=True, + icmp_redirects=dict(send=True, receive=False), + ) + ], + group=dict( + address_group=[ + dict( + name="MGMT-HOSTS", + description="This group has the Management hosts address lists", + members=[ + dict(address="192.0.1.1"), + dict(address="192.0.1.3"), + dict(address="192.0.1.5"), + ], + ) + ], + network_group=[ + dict( + name="MGMT", + description="This group has the Management network addresses", + members=[dict(address="192.0.1.0/24")], + ) + ], + ), + ), + state="merged", + ) + ) + commands = [ + "set firewall group address-group MGMT-HOSTS address 192.0.1.1", + "set firewall group address-group MGMT-HOSTS address 192.0.1.3", + "set firewall group address-group MGMT-HOSTS address 192.0.1.5", + "set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address lists'", + "set firewall group address-group MGMT-HOSTS", + "set firewall group network-group MGMT network 192.0.1.0/24", + "set firewall group network-group MGMT description 'This group has the Management network addresses'", + "set firewall group network-group MGMT", + "set firewall ip-src-route 'enable'", + "set firewall receive-redirects 'disable'", + "set firewall send-redirects 'enable'", + "set firewall config-trap 'enable'", + "set firewall state-policy established action 'accept'", + "set firewall state-policy established log 'enable'", + "set firewall state-policy invalid action 'reject'", + "set firewall broadcast-ping 'enable'", + "set firewall all-ping 'enable'", + "set firewall log-martians 'enable'", + "set firewall twa-hazards-protection 'enable'", + "set firewall syn-cookies 'enable'", + "set firewall source-validation 'strict'", + ] + self.execute_module(changed=True, commands=commands) + + def test_vyos_firewall_global_set_01_merged_idem(self): + set_module_args( + dict( + config=dict( + group=dict( + address_group=[ + dict( + name="RND-HOSTS", + description="This group has the Management hosts address lists", + members=[ + dict(address="192.0.2.1"), + dict(address="192.0.2.3"), + dict(address="192.0.2.5"), + ], + ) + ], + network_group=[ + dict( + name="RND", + description="This group has the Management network addresses", + members=[dict(address="192.0.2.0/24")], + ) + ], + ) + ), + state="merged", + ) + ) + self.execute_module(changed=False, commands=[]) + + def test_vyos_firewall_global_set_01_replaced(self): + set_module_args( + dict( + config=dict( + group=dict( + address_group=[ + dict( + name="RND-HOSTS", + description="This group has the Management hosts address lists", + members=[ + dict(address="192.0.2.1"), + dict(address="192.0.2.7"), + dict(address="192.0.2.9"), + ], + ) + ], + network_group=[ + dict( + name="RND", + description="This group has the Management network addresses", + members=[dict(address="192.0.2.0/24")], + ) + ], + ) + ), + state="replaced", + ) + ) + commands = [ + "delete firewall group address-group RND-HOSTS address 192.0.2.3", + "delete firewall group address-group RND-HOSTS address 192.0.2.5", + "set firewall group address-group RND-HOSTS address 192.0.2.7", + "set firewall group address-group RND-HOSTS address 192.0.2.9", + ] + self.execute_module(changed=True, commands=commands) + + def test_vyos_firewall_global_set_01_replaced_idem(self): + set_module_args( + dict( + config=dict( + group=dict( + address_group=[ + dict( + name="RND-HOSTS", + description="This group has the Management hosts address lists", + members=[ + dict(address="192.0.2.1"), + dict(address="192.0.2.3"), + dict(address="192.0.2.5"), + ], + ) + ], + network_group=[ + dict( + name="RND", + description="This group has the Management network addresses", + members=[dict(address="192.0.2.0/24")], + ) + ], + ) + ), + state="replaced", + ) + ) + self.execute_module(changed=False, commands=[]) + + def test_vyos_firewall_global_set_01_deleted(self): + set_module_args(dict(config=dict(), state="deleted")) + commands = ["delete firewall "] + self.execute_module(changed=True, commands=commands) |