diff options
Diffstat (limited to 'tests/integration/targets')
34 files changed, 840 insertions, 6 deletions
diff --git a/tests/integration/targets/vyos_banner/aliases b/tests/integration/targets/vyos_banner/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_banner/aliases +++ b/tests/integration/targets/vyos_banner/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_command/aliases b/tests/integration/targets/vyos_command/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_command/aliases +++ b/tests/integration/targets/vyos_command/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_config/aliases b/tests/integration/targets/vyos_config/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_config/aliases +++ b/tests/integration/targets/vyos_config/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_facts/aliases b/tests/integration/targets/vyos_facts/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_facts/aliases +++ b/tests/integration/targets/vyos_facts/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_firewall_global/defaults/main.yaml b/tests/integration/targets/vyos_firewall_global/defaults/main.yaml new file mode 100644 index 00000000..852a6bee --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/tests/integration/targets/vyos_firewall_global/meta/main.yaml b/tests/integration/targets/vyos_firewall_global/meta/main.yaml new file mode 100644 index 00000000..7413320e --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/meta/main.yaml @@ -0,0 +1,3 @@ +--- +dependencies: + - prepare_vyos_tests diff --git a/tests/integration/targets/vyos_firewall_global/tasks/cli.yaml b/tests/integration/targets/vyos_firewall_global/tasks/cli.yaml new file mode 100644 index 00000000..93eb2fe4 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tasks/cli.yaml @@ -0,0 +1,19 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run diff --git a/tests/integration/targets/vyos_firewall_global/tasks/main.yaml b/tests/integration/targets/vyos_firewall_global/tasks/main.yaml new file mode 100644 index 00000000..a3db933e --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - cli diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/_parsed_config.cfg b/tests/integration/targets/vyos_firewall_global/tests/cli/_parsed_config.cfg new file mode 100644 index 00000000..45446bdb --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/_parsed_config.cfg @@ -0,0 +1,19 @@ +set firewall all-ping 'enable' +set firewall broadcast-ping 'enable' +set firewall config-trap 'enable' +set firewall group address-group MGMT-HOSTS address '192.0.1.1' +set firewall group address-group MGMT-HOSTS address '192.0.1.3' +set firewall group address-group MGMT-HOSTS address '192.0.1.5' +set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address list' +set firewall group network-group MGMT description 'This group has the Management network addresses' +set firewall group network-group MGMT network '192.0.1.0/24' +set firewall ip-src-route 'enable' +set firewall log-martians 'enable' +set firewall receive-redirects 'disable' +set firewall send-redirects 'enable' +set firewall source-validation 'strict' +set firewall state-policy established action 'accept' +set firewall state-policy established log 'enable' +set firewall state-policy invalid action 'reject' +set firewall syn-cookies 'enable' +set firewall twa-hazards-protection 'enable' diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/_populate.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/_populate.yaml new file mode 100644 index 00000000..f79bb9ac --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/_populate.yaml @@ -0,0 +1,18 @@ +--- +- name: Setup + vars: + lines: "set firewall all-ping 'enable'\nset firewall broadcast-ping 'enable'\n\ + set firewall config-trap 'enable'\nset firewall group address-group MGMT-HOSTS\ + \ address '192.0.1.1'\nset firewall group address-group MGMT-HOSTS address\ + \ '192.0.1.3'\nset firewall group address-group MGMT-HOSTS address '192.0.1.5'\n\ + set firewall group address-group MGMT-HOSTS description 'This group has the\ + \ Management hosts address list'\nset firewall group network-group MGMT description\ + \ 'This group has the Management network addresses'\nset firewall group network-group\ + \ MGMT network '192.0.1.0/24'\nset firewall ip-src-route 'enable'\nset firewall\ + \ log-martians 'enable'\nset firewall receive-redirects 'disable'\nset firewall\ + \ send-redirects 'enable'\nset firewall source-validation 'strict'\nset firewall\ + \ state-policy established action 'accept'\nset firewall state-policy established\ + \ log 'enable'\nset firewall state-policy invalid action 'reject'\nset firewall\ + \ syn-cookies 'enable'\nset firewall twa-hazards-protection 'enable'\n" + ansible.netcommon.cli_config: + config: '{{ lines }}' diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/_remove_config.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..5c869246 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/_remove_config.yaml @@ -0,0 +1,6 @@ +--- +- name: Remove Config + vars: + lines: "delete firewall\n" + ansible.netcommon.cli_config: + config: '{{ lines }}' diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/deleted.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/deleted.yaml new file mode 100644 index 00000000..44df47ce --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/deleted.yaml @@ -0,0 +1,48 @@ +--- +- debug: + msg: Start vyos_firewall_global deleted integration tests ansible_connection={{ + ansible_connection }} + +- include_tasks: _populate.yaml + +- block: + + - name: Delete attributes of firewall. + register: result + vyos.vyos.vyos_firewall_global: &id001 + config: + state: deleted + + - name: Assert that the before dicts were correctly generated + assert: + that: + - "{{ populate == result['before'] }}" + + - name: Assert that the correct set of commands were generated + assert: + that: + - "{{ deleted['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that the after dicts were correctly generated + assert: + that: + - "{{ deleted['after'] == result['after'] }}" + + - name: Delete attributes of given interfaces (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result.changed == false + - result.commands|length == 0 + + - name: Assert that the before dicts were correctly generated + assert: + that: + - "{{ deleted['after'] == result['before'] }}" + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/empty_config.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/empty_config.yaml new file mode 100644 index 00000000..3910952e --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/empty_config.yaml @@ -0,0 +1,49 @@ +--- +- debug: + msg: START vyos_firewall_global empty_config integration tests on connection={{ + ansible_connection }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_firewall_global: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_firewall_global: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Parsed with empty running_config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_firewall_global: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state + parsed' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_firewall_global: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/gathered.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/gathered.yaml new file mode 100644 index 00000000..eda24fda --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/gathered.yaml @@ -0,0 +1,33 @@ +--- +- debug: + msg: START vyos_firewall_global gathered integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate.yaml + +- block: + + - name: Merge the provided configuration with the exisiting running configuration + register: result + vyos.vyos.vyos_firewall_global: &id001 + config: + state: gathered + + - name: Assert that gathered dicts was correctly generated + assert: + that: + - "{{ populate == result['gathered'] }}" + + - name: Gather the existing running configuration (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml new file mode 100644 index 00000000..4f226603 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/merged.yaml @@ -0,0 +1,89 @@ +--- +- debug: + msg: START vyos_firewall_global merged integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Merge the provided configuration with the exisiting running configuration + register: result + vyos.vyos.vyos_firewall_global: &id001 + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + + - connection_type: established + action: accept + log: true + + - connection_type: invalid + action: reject + route_redirects: + + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + + - address: 192.0.1.1 + + - address: 192.0.1.3 + + - address: 192.0.1.5 + network_group: + + - name: MGMT + description: This group has the Management network addresses + members: + + - address: 192.0.1.0/24 + state: merged + + - name: Assert that before dicts were correctly generated + assert: + that: "{{ merged['before'] == result['before'] }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ merged['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that after dicts was correctly generated + assert: + that: + - "{{ merged['after'] == result['after'] }}" + + - name: Merge the provided configuration with the existing running configuration + (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + + - name: Assert that before dicts were correctly generated + assert: + that: + - "{{ merged['after'] == result['before'] }}" + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/parsed.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/parsed.yaml new file mode 100644 index 00000000..b94d95ec --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/parsed.yaml @@ -0,0 +1,41 @@ +--- +- debug: + msg: START vyos_firewall_global parsed integration tests on connection={{ ansible_connection + }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate.yaml + +- block: + + - name: Gather firewall_global facts + register: firewall_global_facts + vyos.vyos.vyos_facts: + gather_subset: + - default + gather_network_resources: + - firewall_global + + - name: Provide the running configuration for parsing (config to be parsed) + register: result + vyos.vyos.vyos_firewall_global: &id001 + running_config: "{{ lookup('file', '_parsed_config.cfg') }}" + state: parsed + + - name: Assert that correct parsing done + assert: + that: "{{ ansible_facts['network_resources']['firewall_global'] == result['parsed']\ + \ }}" + + - name: Gather the existing running configuration (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/rendered.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/rendered.yaml new file mode 100644 index 00000000..528563e2 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/rendered.yaml @@ -0,0 +1,84 @@ +--- +- debug: + msg: START vyos_firewall_global rendered integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate.yaml + +- block: + + - name: Structure provided configuration into device specific commands + register: result + vyos.vyos.vyos_firewall_global: &id001 + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + + - connection_type: established + action: accept + log: true + + - connection_type: invalid + action: reject + route_redirects: + + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + + - name: SALES-HOSTS + description: Sales office hosts address list + members: + + - address: 192.0.2.1 + + - address: 192.0.2.2 + + - address: 192.0.2.3 + + - name: ENG-HOSTS + description: Sales office hosts address list + members: + + - address: 192.0.3.1 + + - address: 192.0.3.2 + network_group: + + - name: MGMT + description: This group has the Management network addresses + members: + + - address: 192.0.1.0/24 + state: rendered + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ rendered['commands'] | symmetric_difference(result['rendered'])\ + \ |length == 0 }}" + + - name: Structure provided configuration into device specific commands (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml new file mode 100644 index 00000000..31a76448 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/replaced.yaml @@ -0,0 +1,100 @@ +--- +- debug: + msg: START vyos_firewall_global replaced integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate.yaml + +- block: + + - name: Replace device configurations of listed firewall with provided configurations + register: result + vyos.vyos.vyos_firewall_global: &id001 + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + + - connection_type: established + action: accept + log: true + + - connection_type: invalid + action: reject + route_redirects: + + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + + - name: SALES-HOSTS + description: Sales office hosts address list + members: + + - address: 192.0.2.1 + + - address: 192.0.2.2 + + - address: 192.0.2.3 + + - name: ENG-HOSTS + description: Sales office hosts address list + members: + + - address: 192.0.3.1 + + - address: 192.0.3.2 + network_group: + + - name: MGMT + description: This group has the Management network addresses + members: + + - address: 192.0.1.0/24 + state: replaced + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ replaced['commands'] | symmetric_difference(result['commands'])\ + \ |length == 0 }}" + + - name: Assert that before dicts are correctly generated + assert: + that: + - "{{ populate == result['before'] }}" + + - name: Assert that after dict is correctly generated + assert: + that: + - "{{ replaced['after'] == result['after'] }}" + + - name: Replace device configurations of listed firewall with provided configurarions + (IDEMPOTENT) + register: result + vyos.vyos.vyos_firewall_global: *id001 + + - name: Assert that task was idempotent + assert: + that: + - result['changed'] == false + + - name: Assert that before dict is correctly generated + assert: + that: + - "{{ replaced['after'] == result['before'] }}" + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/tests/cli/rtt.yaml b/tests/integration/targets/vyos_firewall_global/tests/cli/rtt.yaml new file mode 100644 index 00000000..00c56358 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/tests/cli/rtt.yaml @@ -0,0 +1,94 @@ +--- +- debug: + msg: START vyos_firewall_global round trip integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + + - name: Apply the provided configuration (base config) + register: base_config + vyos.vyos.vyos_firewall_global: + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + + - connection_type: established + action: accept + log: true + + - connection_type: invalid + action: reject + route_redirects: + + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + + - address: 192.0.1.1 + + - address: 192.0.1.3 + + - address: 192.0.1.5 + network_group: + + - name: MGMT + description: This group has the Management network addresses + members: + + - address: 192.0.1.0/24 + state: merged + + - name: Gather firewall_global facts + vyos.vyos.vyos_facts: + gather_subset: + - default + gather_network_resources: + - firewall_global + + - name: Apply the provided configuration (config to be reverted) + register: result + vyos.vyos.vyos_firewall_global: + config: + validation: strict + config_trap: false + log_martians: false + syn_cookies: false + twa_hazards_protection: false + ping: + all: false + broadcast: false + state: merged + + - name: Assert that changes were applied + assert: + that: "{{ round_trip['after'] == result['after'] }}" + + - name: Revert back to base config using facts round trip + register: revert + vyos.vyos.vyos_firewall_global: + config: "{{ ansible_facts['network_resources']['firewall_global'] }}" + state: replaced + + - name: Assert that config was reverted + assert: + that: "{{ base_config['after'] == revert['after']}}" + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_firewall_global/vars/main.yaml b/tests/integration/targets/vyos_firewall_global/vars/main.yaml new file mode 100644 index 00000000..4a1e7a8b --- /dev/null +++ b/tests/integration/targets/vyos_firewall_global/vars/main.yaml @@ -0,0 +1,217 @@ +--- +merged: + before: [] + commands: + - set firewall group address-group MGMT-HOSTS address 192.0.1.1 + - set firewall group address-group MGMT-HOSTS address 192.0.1.3 + - set firewall group address-group MGMT-HOSTS address 192.0.1.5 + - set firewall group address-group MGMT-HOSTS description 'This group has the + Management hosts address list' + - set firewall group address-group MGMT-HOSTS + - set firewall group network-group MGMT network 192.0.1.0/24 + - set firewall group network-group MGMT description 'This group has the Management + network addresses' + - set firewall group network-group MGMT + - set firewall ip-src-route 'enable' + - set firewall receive-redirects 'disable' + - set firewall send-redirects 'enable' + - set firewall config-trap 'enable' + - set firewall state-policy established action 'accept' + - set firewall state-policy established log 'enable' + - set firewall state-policy invalid action 'reject' + - set firewall broadcast-ping 'enable' + - set firewall all-ping 'enable' + - set firewall log-martians 'enable' + - set firewall twa-hazards-protection 'enable' + - set firewall syn-cookies 'enable' + - set firewall source-validation 'strict' + after: + config_trap: true + group: + address_group: + - members: + - address: 192.0.1.1 + - address: 192.0.1.3 + - address: 192.0.1.5 + description: This group has the Management hosts address list + name: MGMT-HOSTS + network_group: + - members: + - address: 192.0.1.0/24 + description: This group has the Management network addresses + name: MGMT + log_martians: true + ping: + all: true + broadcast: true + route_redirects: + - afi: ipv4 + icmp_redirects: + receive: false + send: true + ip_src_route: true + syn_cookies: true + state_policy: + - action: accept + connection_type: established + log: true + - action: reject + connection_type: invalid + twa_hazards_protection: true + validation: strict +populate: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + - address: 192.0.1.1 + - address: 192.0.1.3 + - address: 192.0.1.5 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 192.0.1.0/24 +replaced: + commands: + - delete firewall group address-group MGMT-HOSTS + - set firewall group address-group SALES-HOSTS address 192.0.2.1 + - set firewall group address-group SALES-HOSTS address 192.0.2.2 + - set firewall group address-group SALES-HOSTS address 192.0.2.3 + - set firewall group address-group SALES-HOSTS description 'Sales office hosts + address list' + - set firewall group address-group SALES-HOSTS + - set firewall group address-group ENG-HOSTS address 192.0.3.1 + - set firewall group address-group ENG-HOSTS address 192.0.3.2 + - set firewall group address-group ENG-HOSTS description 'Sales office hosts address + list' + - set firewall group address-group ENG-HOSTS + after: + config_trap: true + group: + address_group: + - members: + - address: 192.0.3.1 + - address: 192.0.3.2 + description: Sales office hosts address list + name: ENG-HOSTS + - members: + - address: 192.0.2.1 + - address: 192.0.2.2 + - address: 192.0.2.3 + description: Sales office hosts address list + name: SALES-HOSTS + network_group: + - members: + - address: 192.0.1.0/24 + description: This group has the Management network addresses + name: MGMT + log_martians: true + ping: + all: true + broadcast: true + route_redirects: + - afi: ipv4 + icmp_redirects: + receive: false + send: true + ip_src_route: true + state_policy: + - action: accept + connection_type: established + log: true + - action: reject + connection_type: invalid + syn_cookies: true + twa_hazards_protection: true + validation: strict +rendered: + commands: + - set firewall group address-group SALES-HOSTS address 192.0.2.1 + - set firewall group address-group SALES-HOSTS address 192.0.2.2 + - set firewall group address-group SALES-HOSTS address 192.0.2.3 + - set firewall group address-group SALES-HOSTS description 'Sales office hosts + address list' + - set firewall group address-group SALES-HOSTS + - set firewall group address-group ENG-HOSTS address 192.0.3.1 + - set firewall group address-group ENG-HOSTS address 192.0.3.2 + - set firewall group address-group ENG-HOSTS description 'Sales office hosts address + list' + - set firewall group address-group ENG-HOSTS + - set firewall group network-group MGMT network 192.0.1.0/24 + - set firewall group network-group MGMT description 'This group has the Management + network addresses' + - set firewall group network-group MGMT + - set firewall ip-src-route 'enable' + - set firewall receive-redirects 'disable' + - set firewall send-redirects 'enable' + - set firewall config-trap 'enable' + - set firewall state-policy established action 'accept' + - set firewall state-policy established log 'enable' + - set firewall state-policy invalid action 'reject' + - set firewall broadcast-ping 'enable' + - set firewall all-ping 'enable' + - set firewall log-martians 'enable' + - set firewall twa-hazards-protection 'enable' + - set firewall syn-cookies 'enable' + - set firewall source-validation 'strict' +deleted: + commands: + - 'delete firewall ' + after: [] +round_trip: + after: + validation: strict + config_trap: false + log_martians: false + syn_cookies: false + twa_hazards_protection: false + ping: + all: false + broadcast: false + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + - address: 192.0.1.1 + - address: 192.0.1.3 + - address: 192.0.1.5 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 192.0.1.0/24 diff --git a/tests/integration/targets/vyos_firewall_rules/aliases b/tests/integration/targets/vyos_firewall_rules/aliases new file mode 100644 index 00000000..8071e1f7 --- /dev/null +++ b/tests/integration/targets/vyos_firewall_rules/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_interface/aliases b/tests/integration/targets/vyos_interface/aliases deleted file mode 100644 index e69de29b..00000000 --- a/tests/integration/targets/vyos_interface/aliases +++ /dev/null diff --git a/tests/integration/targets/vyos_l3_interface/aliases b/tests/integration/targets/vyos_l3_interface/aliases deleted file mode 100644 index e69de29b..00000000 --- a/tests/integration/targets/vyos_l3_interface/aliases +++ /dev/null diff --git a/tests/integration/targets/vyos_linkagg/aliases b/tests/integration/targets/vyos_linkagg/aliases deleted file mode 100644 index e69de29b..00000000 --- a/tests/integration/targets/vyos_linkagg/aliases +++ /dev/null diff --git a/tests/integration/targets/vyos_lldp/aliases b/tests/integration/targets/vyos_lldp/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_lldp/aliases +++ b/tests/integration/targets/vyos_lldp/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_lldp_global/aliases b/tests/integration/targets/vyos_lldp_global/aliases new file mode 100644 index 00000000..8071e1f7 --- /dev/null +++ b/tests/integration/targets/vyos_lldp_global/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_lldp_interface/aliases b/tests/integration/targets/vyos_lldp_interface/aliases index e69de29b..8071e1f7 100644 --- a/tests/integration/targets/vyos_lldp_interface/aliases +++ b/tests/integration/targets/vyos_lldp_interface/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_lldp_interfaces/aliases b/tests/integration/targets/vyos_lldp_interfaces/aliases new file mode 100644 index 00000000..8071e1f7 --- /dev/null +++ b/tests/integration/targets/vyos_lldp_interfaces/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_logging/aliases b/tests/integration/targets/vyos_logging/aliases index e69de29b..8071e1f7 100644 --- a/tests/integration/targets/vyos_logging/aliases +++ b/tests/integration/targets/vyos_logging/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_static_route/aliases b/tests/integration/targets/vyos_static_route/aliases index 539d9574..8071e1f7 100644 --- a/tests/integration/targets/vyos_static_route/aliases +++ b/tests/integration/targets/vyos_static_route/aliases @@ -1 +1 @@ -shippable/network +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_static_routes/aliases b/tests/integration/targets/vyos_static_routes/aliases new file mode 100644 index 00000000..8071e1f7 --- /dev/null +++ b/tests/integration/targets/vyos_static_routes/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_system/aliases b/tests/integration/targets/vyos_system/aliases new file mode 100644 index 00000000..8071e1f7 --- /dev/null +++ b/tests/integration/targets/vyos_system/aliases @@ -0,0 +1 @@ +shippable/vyos/group1 diff --git a/tests/integration/targets/vyos_user/aliases b/tests/integration/targets/vyos_user/aliases deleted file mode 100644 index e69de29b..00000000 --- a/tests/integration/targets/vyos_user/aliases +++ /dev/null diff --git a/tests/integration/targets/vyos_vlan/aliases b/tests/integration/targets/vyos_vlan/aliases deleted file mode 100644 index e69de29b..00000000 --- a/tests/integration/targets/vyos_vlan/aliases +++ /dev/null |