From af07511dee4d74b4159482c6b7aed6efff0e5949 Mon Sep 17 00:00:00 2001 From: Priyam Sahoo <42550351+priyamsahoo@users.noreply.github.com> Date: Tue, 6 Jul 2021 00:53:20 +0530 Subject: VyOS Prefix Lists Resource Module Added (#178) VyOS Prefix Lists Resource Module Added SUMMARY PR for vyos_prefix_lists rm resolves: #99 ISSUE TYPE New Module Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Rohit Thakur Reviewed-by: Nilashish Chakraborty Reviewed-by: Priyam Sahoo --- .../targets/vyos_prefix_lists/defaults/main.yaml | 3 + .../targets/vyos_prefix_lists/tasks/cli.yaml | 19 + .../targets/vyos_prefix_lists/tasks/main.yaml | 4 + .../vyos_prefix_lists/tests/cli/_parsed.cfg | 18 + .../tests/cli/_populate_config.yaml | 22 + .../tests/cli/_remove_config.yaml | 11 + .../vyos_prefix_lists/tests/cli/deleted.yaml | 108 ++ .../vyos_prefix_lists/tests/cli/empty_config.yaml | 58 + .../vyos_prefix_lists/tests/cli/gathered.yaml | 24 + .../vyos_prefix_lists/tests/cli/merged.yaml | 77 ++ .../vyos_prefix_lists/tests/cli/overridden.yaml | 61 + .../vyos_prefix_lists/tests/cli/parsed.yaml | 16 + .../vyos_prefix_lists/tests/cli/rendered.yaml | 51 + .../vyos_prefix_lists/tests/cli/replaced.yaml | 57 + .../targets/vyos_prefix_lists/tests/cli/rtt.yaml | 87 ++ .../targets/vyos_prefix_lists/vars/main.yaml | 145 +++ tests/sanity/ignore-2.10.txt | 3 + tests/sanity/ignore-2.11.txt | 3 + tests/sanity/ignore-2.12.txt | 3 + tests/sanity/ignore-2.9.txt | 3 + .../modules/network/vyos/test_vyos_prefix_lists.py | 1242 ++++++++++++++++++++ 21 files changed, 2015 insertions(+) create mode 100644 tests/integration/targets/vyos_prefix_lists/defaults/main.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tasks/main.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml create mode 100644 tests/integration/targets/vyos_prefix_lists/vars/main.yaml create mode 100644 tests/unit/modules/network/vyos/test_vyos_prefix_lists.py (limited to 'tests') diff --git a/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml b/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml new file mode 100644 index 00000000..164afead --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: "[^_].*" +test_items: [] diff --git a/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml b/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml new file mode 100644 index 00000000..93eb2fe4 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tasks/cli.yaml @@ -0,0 +1,19 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run diff --git a/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml b/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml new file mode 100644 index 00000000..b957d2f4 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - network_cli diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg b/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg new file mode 100644 index 00000000..25744b3b --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_parsed.cfg @@ -0,0 +1,18 @@ +set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible' +set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit' +set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible' +set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32' +set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26' +set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny' +set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3' +set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26' +set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24' +set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks' +set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit' +set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule' +set policy prefix-list6 AllowIPv6Prefix rule 5 le '37' +set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35' +set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks' +set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny' +set policy prefix-list6 DenyIPv6Prefix rule 8 le '37' +set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35' \ No newline at end of file diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml new file mode 100644 index 00000000..9be477d9 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_populate_config.yaml @@ -0,0 +1,22 @@ +--- +- name: Populate config + vyos.vyos.vyos_config: + lines: + - "set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26'" + - "set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24'" + - "set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks'" + - "set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit'" + - "set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule'" + - "set policy prefix-list6 AllowIPv6Prefix rule 5 le '37'" + - "set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35'" + - "set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks'" + - "set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny'" + - "set policy prefix-list6 DenyIPv6Prefix rule 8 le '37'" + - "set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35'" diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml new file mode 100644 index 00000000..f0777b68 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/_remove_config.yaml @@ -0,0 +1,11 @@ +--- +- name: Remove pre-existing prefix-list configurations + vyos.vyos.vyos_config: + lines: + - delete policy prefix-list AnsibleIPv4PrefixList + - delete policy prefix-list OverriddenPrefixList + - delete policy prefix-list6 AllowIPv6Prefix + - delete policy prefix-list6 DenyIPv6Prefix + ignore_errors: true + vars: + ansible_connection: ansible.netcommon.network_cli diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml new file mode 100644 index 00000000..9209fadb --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/deleted.yaml @@ -0,0 +1,108 @@ +--- +- debug: + msg: START vyos_prefix_lists deleted integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + # Delete all prefix-lists + - name: Delete all prefix-lists + register: result + vyos.vyos.vyos_prefix_lists: &id006 + config: + state: deleted + + - name: Assert that before dicts are correctly generated + assert: + that: + - "{{ result['before'][0] == merged['after'][0] }}" + - "{{ result['before'][1] == merged['after'][1] }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ deleted['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that after dict is correctly generated + assert: + that: + - result["after"] == [] + + - name: Delete all prefix-lists (IDEMPOTENT) + register: result + vyos.vyos.vyos_prefix_lists: *id006 + + - name: Assert that task was idempotent + assert: + that: + - result['changed'] == false + - result.commands|length == 0 + + - include_tasks: _remove_config.yaml + + - include_tasks: _populate_config.yaml + + # Delete all prefix-lists for an AFI + - name: Delete all prefix-lists for IPv6 AFI + register: result + vyos.vyos.vyos_prefix_lists: + config: + - afi: "ipv6" + state: deleted + + - name: Assert that before dicts are correctly generated + assert: + that: + - "{{ result['before'][0] == merged['after'][0] }}" + - "{{ result['before'][1] == merged['after'][1] }}" + - "{{ result['before']|length == 2 }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - '"delete policy prefix-list6 AllowIPv6Prefix" in result.commands' + - '"delete policy prefix-list6 DenyIPv6Prefix" in result.commands' + - result.commands|length == 2 + + - name: Assert that after dict is correctly generated + assert: + that: + - result["after"][0] == merged["after"][0] + - result["after"]|length == 1 + + - include_tasks: _remove_config.yaml + + - include_tasks: _populate_config.yaml + + # Delete single prefix-list from different AFIs + - name: Delete a single prefix-list from different AFIs + register: result + vyos.vyos.vyos_prefix_lists: + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + - afi: "ipv6" + prefix_lists: + - name: "DenyIPv6Prefix" + state: deleted + + - name: Assert that before dicts are correctly generated + assert: + that: + - "{{ result['before'][0] == merged['after'][0] }}" + - "{{ result['before'][1] == merged['after'][1] }}" + - "{{ result['before']|length == 2 }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - '"delete policy prefix-list AnsibleIPv4PrefixList" in result.commands' + - '"delete policy prefix-list6 DenyIPv6Prefix" in result.commands' + - result.commands|length == 2 + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml new file mode 100644 index 00000000..70ac9371 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/empty_config.yaml @@ -0,0 +1,58 @@ +--- +- debug: + msg: START vyos_prefix_lists empty_config integration tests on connection={{ ansible_connection }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_prefix_lists: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_prefix_lists: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_prefix_lists: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_prefix_lists: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' + +- name: Parsed with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_prefix_lists: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state parsed' diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml new file mode 100644 index 00000000..ef23bccc --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/gathered.yaml @@ -0,0 +1,24 @@ +--- +- debug: + msg: START vyos_prefix_lists gathered integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + - name: Gather prefix-lists configurations + register: result + vyos.vyos.vyos_prefix_lists: + config: + state: gathered + + - name: Assert that facts are correctly generated + assert: + that: + - result["gathered"][0] == merged["after"][0] + - result["gathered"][1] == merged["after"][1] + - result['gathered']|length == 2 + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml new file mode 100644 index 00000000..ef94743f --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/merged.yaml @@ -0,0 +1,77 @@ +--- +- debug: + msg: START vyos_prefix_lists merged integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + - name: Merge the provided configuration with the existing running configuration + register: result + vyos.vyos.vyos_prefix_lists: &id001 + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: "PL configured by ansible" + entries: + - sequence: 2 + description: "Rule 2 given by ansible" + action: "permit" + prefix: "92.168.10.0/26" + le: 32 + + - sequence: 3 + description: "Rule 3" + action: "deny" + prefix: "72.168.2.0/24" + ge: 26 + + - afi: "ipv6" + prefix_lists: + - name: "AllowIPv6Prefix" + description: "Configured by ansible for allowing IPv6 networks" + entries: + - sequence: 5 + description: "Permit rule" + action: "permit" + prefix: "2001:db8:8000::/35" + le: 37 + + - name: DenyIPv6Prefix + description: "Configured by ansible for disallowing IPv6 networks" + entries: + - sequence: 8 + action: deny + prefix: "2001:db8:2000::/35" + le: 37 + state: merged + + - name: Assert that before dicts were correctly generated + assert: + that: "{{ result['before'] == [] }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ merged['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that after dicts were correctly generated + assert: + that: + - "{{ result['after'][0] == merged['after'][0] }}" + - "{{ result['after'][1] == merged['after'][1] }}" + - "{{ result['after']|length == 2 }}" + + - name: Merge the provided configuration with the existing running configuration (IDEMPOTENT) + vyos.vyos.vyos_prefix_lists: *id001 + register: result + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + - result.commands|length == 0 + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml new file mode 100644 index 00000000..7bcd26b4 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/overridden.yaml @@ -0,0 +1,61 @@ +--- +- debug: + msg: START vyos_prefix_lists overridden integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + - name: Override all prefix-lists configuration with provided configuration + register: result + vyos.vyos.vyos_prefix_lists: &id003 + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: Rule 3 overridden by ansible + entries: + - sequence: 2 + action: "deny" + ge: 26 + prefix: "82.168.2.0/24" + + - name: "OverriddenPrefixList" + description: Configuration overridden by ansible + entries: + - sequence: 10 + action: permit + prefix: "203.0.113.96/27" + le: 32 + state: overridden + + - name: Assert that before dicts were correctly generated + assert: + that: + - "{{ result['before'][0] == merged['after'][0] }}" + - "{{ result['before'][1] == merged['after'][1] }}" + - "{{ result['before']|length == 2 }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ overridden['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that after dicts were correctly generated + assert: + that: + - "{{ overridden['after'][0] == result['after'][0] }}" + + - name: Override all prefix-lists configuration with provided configuration (IDEMPOTENT) + register: result + vyos.vyos.vyos_prefix_lists: *id003 + + - name: Assert that task was idempotent + assert: + that: + - result['changed'] == false + - result.commands|length == 0 + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml new file mode 100644 index 00000000..86772ef9 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/parsed.yaml @@ -0,0 +1,16 @@ +--- +- debug: + msg: START vyos_prefix_lists parsed integration tests on connection={{ ansible_connection }} + +- name: Parse externally provided prefix-lists configuration + register: result + vyos.vyos.vyos_prefix_lists: + running_config: "{{ lookup('file', './_parsed.cfg') }}" + state: parsed + +- name: Assert that config was correctly parsed + assert: + that: + - "{{ result['parsed'][0] == merged['after'][0] }}" + - "{{ result['parsed'][1] == merged['after'][1] }}" + - "{{ result['parsed']|length == 2 }}" diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml new file mode 100644 index 00000000..12a0debc --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/rendered.yaml @@ -0,0 +1,51 @@ +--- +- debug: + msg: START vyos_prefix_lists rendered integration tests on connection={{ ansible_connection }} + +- name: Render commands externally for the described prefix-list configurations + register: result + vyos.vyos.vyos_prefix_lists: + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: "PL configured by ansible" + entries: + - sequence: 2 + description: "Rule 2 given by ansible" + action: "permit" + prefix: "92.168.10.0/26" + le: 32 + + - sequence: 3 + description: "Rule 3" + action: "deny" + prefix: "72.168.2.0/24" + ge: 26 + + - afi: "ipv6" + prefix_lists: + - name: "AllowIPv6Prefix" + description: "Configured by ansible for allowing IPv6 networks" + entries: + - sequence: 5 + description: "Permit rule" + action: "permit" + prefix: "2001:db8:8000::/35" + le: 37 + + - name: DenyIPv6Prefix + description: "Configured by ansible for disallowing IPv6 networks" + entries: + - sequence: 8 + action: deny + prefix: "2001:db8:2000::/35" + le: 37 + state: rendered + +- name: Assert that correct set of commands were rendered + assert: + that: + - "{{ merged['commands'] | symmetric_difference(result['rendered']) |length\ + \ == 0 }}" + - result.changed == False diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml new file mode 100644 index 00000000..fc9f5da2 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/replaced.yaml @@ -0,0 +1,57 @@ +--- +- debug: + msg: START vyos_prefix_lists replaced integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations + register: result + vyos.vyos.vyos_prefix_lists: &id002 + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: "Configuration replaced by ansible" + entries: + - sequence: 3 + description: "Rule 3 replaced by ansible" + action: "permit" + prefix: "82.168.2.0/24" + ge: 26 + state: replaced + + - name: Assert that before dicts were correctly generated + assert: + that: + - "{{ result['before'][0] == merged['after'][0] }}" + - "{{ result['before'][1] == merged['after'][1] }}" + - "{{ result['before']|length == 2 }}" + + - name: Assert that correct set of commands were generated + assert: + that: + - "{{ replaced['commands'] | symmetric_difference(result['commands']) |length\ + \ == 0 }}" + + - name: Assert that after dicts were correctly generated + assert: + that: + - "{{ replaced['after'][0] == result['after'][0] }}" + - "{{ replaced['after'][1] == result['after'][1] }}" + - "{{ result['after']|length == 2 }}" + + - name: Replace prefix-lists configurations of listed prefix-lists with provided configurations (IDEMPOTENT) + register: result + vyos.vyos.vyos_prefix_lists: *id002 + + - name: Assert that task was idempotent + assert: + that: + - result['changed'] == false + - result.commands|length == 0 + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml b/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml new file mode 100644 index 00000000..2be25155 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/tests/cli/rtt.yaml @@ -0,0 +1,87 @@ +--- +- debug: + msg: START vyos_prefix_lists round trip integration tests on connection={{ ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + - name: Apply the provided configuration (base config) + register: base_config + vyos.vyos.vyos_prefix_lists: + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: "PL configured by ansible" + entries: + - sequence: 2 + description: "Rule 2 given by ansible" + action: "permit" + prefix: "92.168.10.0/26" + le: 32 + + - sequence: 3 + description: "Rule 3" + action: "deny" + prefix: "72.168.2.0/24" + ge: 26 + + - afi: "ipv6" + prefix_lists: + - name: "AllowIPv6Prefix" + description: "Configured by ansible for allowing IPv6 networks" + entries: + - sequence: 5 + description: "Permit rule" + action: "permit" + prefix: "2001:db8:8000::/35" + le: 37 + + - name: DenyIPv6Prefix + description: "Configured by ansible for disallowing IPv6 networks" + entries: + - sequence: 8 + action: deny + prefix: "2001:db8:2000::/35" + le: 37 + state: merged + + - name: Gather prefix-lists facts + vyos.vyos.vyos_facts: + gather_subset: + - default + gather_network_resources: + - prefix_lists + + - name: Update the configuration with the provided one (config to be reverted back) + register: result + vyos.vyos.vyos_prefix_lists: + config: + - afi: "ipv4" + prefix_lists: + - name: "AnsibleIPv4PrefixList" + description: "Configuration replaced by ansible" + entries: + - sequence: 3 + description: "Rule 3 replaced by ansible" + action: "permit" + prefix: "82.168.2.0/24" + ge: 26 + state: replaced + + - name: Assert that changes were applied + assert: + that: "{{ result['after'] == replaced['after'] }}" + + - name: Revert back to base config using facts round trip + register: revert + vyos.vyos.vyos_prefix_lists: + config: "{{ ansible_facts['network_resources']['prefix_lists'] }}" + state: replaced + + - name: Assert that config was reverted + assert: + that: "{{ revert['after'] == base_config['after']}}" + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_prefix_lists/vars/main.yaml b/tests/integration/targets/vyos_prefix_lists/vars/main.yaml new file mode 100644 index 00000000..3a303427 --- /dev/null +++ b/tests/integration/targets/vyos_prefix_lists/vars/main.yaml @@ -0,0 +1,145 @@ +--- +merged: + before: [] + + commands: + - set policy prefix-list6 AllowIPv6Prefix + - set policy prefix-list6 AllowIPv6Prefix description 'Configured by ansible for allowing IPv6 networks' + - set policy prefix-list6 AllowIPv6Prefix rule 5 + - set policy prefix-list6 AllowIPv6Prefix rule 5 action 'permit' + - set policy prefix-list6 AllowIPv6Prefix rule 5 description 'Permit rule' + - set policy prefix-list6 AllowIPv6Prefix rule 5 le '37' + - set policy prefix-list6 AllowIPv6Prefix rule 5 prefix '2001:db8:8000::/35' + - set policy prefix-list6 DenyIPv6Prefix + - set policy prefix-list6 DenyIPv6Prefix description 'Configured by ansible for disallowing IPv6 networks' + - set policy prefix-list6 DenyIPv6Prefix rule 8 + - set policy prefix-list6 DenyIPv6Prefix rule 8 action 'deny' + - set policy prefix-list6 DenyIPv6Prefix rule 8 le '37' + - set policy prefix-list6 DenyIPv6Prefix rule 8 prefix '2001:db8:2000::/35' + - set policy prefix-list AnsibleIPv4PrefixList + - set policy prefix-list AnsibleIPv4PrefixList description 'PL configured by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 + - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'permit' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 le '32' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '92.168.10.0/26' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 + - set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'deny' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 ge '26' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '72.168.2.0/24' + + after: + - afi: ipv4 + prefix_lists: + - description: PL configured by ansible + name: AnsibleIPv4PrefixList + entries: + - action: permit + description: Rule 2 given by ansible + sequence: 2 + le: 32 + prefix: 92.168.10.0/26 + - action: deny + description: Rule 3 + ge: 26 + sequence: 3 + prefix: 72.168.2.0/24 + - afi: ipv6 + prefix_lists: + - description: Configured by ansible for allowing IPv6 networks + name: AllowIPv6Prefix + entries: + - action: permit + description: Permit rule + sequence: 5 + le: 37 + prefix: 2001:db8:8000::/35 + - description: Configured by ansible for disallowing IPv6 networks + name: DenyIPv6Prefix + entries: + - action: deny + sequence: 8 + le: 37 + prefix: 2001:db8:2000::/35 + +replaced: + commands: + - set policy prefix-list AnsibleIPv4PrefixList description 'Configuration replaced by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 action 'permit' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 description 'Rule 3 replaced by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 3 prefix '82.168.2.0/24' + - delete policy prefix-list AnsibleIPv4PrefixList rule 2 + + after: + - afi: ipv4 + prefix_lists: + - description: Configuration replaced by ansible + name: AnsibleIPv4PrefixList + entries: + - action: permit + description: Rule 3 replaced by ansible + ge: 26 + sequence: 3 + prefix: 82.168.2.0/24 + - afi: ipv6 + prefix_lists: + - description: Configured by ansible for allowing IPv6 networks + name: AllowIPv6Prefix + entries: + - action: permit + description: Permit rule + sequence: 5 + le: 37 + prefix: 2001:db8:8000::/35 + - description: Configured by ansible for disallowing IPv6 networks + name: DenyIPv6Prefix + entries: + - action: deny + sequence: 8 + le: 37 + prefix: 2001:db8:2000::/35 + +overridden: + commands: + - delete policy prefix-list6 AllowIPv6Prefix + - delete policy prefix-list6 DenyIPv6Prefix + - set policy prefix-list AnsibleIPv4PrefixList description 'Rule 3 overridden by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 action 'deny' + - delete policy prefix-list AnsibleIPv4PrefixList rule 2 description 'Rule 2 given + by ansible' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 ge '26' + - delete policy prefix-list AnsibleIPv4PrefixList rule 2 le '32' + - set policy prefix-list AnsibleIPv4PrefixList rule 2 prefix '82.168.2.0/24' + - delete policy prefix-list AnsibleIPv4PrefixList rule 3 + - set policy prefix-list OverriddenPrefixList + - set policy prefix-list OverriddenPrefixList description 'Configuration overridden + by ansible' + - set policy prefix-list OverriddenPrefixList rule 10 + - set policy prefix-list OverriddenPrefixList rule 10 action 'permit' + - set policy prefix-list OverriddenPrefixList rule 10 le '32' + - set policy prefix-list OverriddenPrefixList rule 10 prefix '203.0.113.96/27' + + after: + - afi: ipv4 + prefix_lists: + - description: Rule 3 overridden by ansible + name: AnsibleIPv4PrefixList + entries: + - action: deny + ge: 26 + sequence: 2 + prefix: 82.168.2.0/24 + - description: Configuration overridden by ansible + name: OverriddenPrefixList + entries: + - action: permit + sequence: 10 + le: 32 + prefix: 203.0.113.96/27 + +deleted: + commands: + - delete policy prefix-list AnsibleIPv4PrefixList + - delete policy prefix-list6 AllowIPv6Prefix + - delete policy prefix-list6 DenyIPv6Prefix diff --git a/tests/sanity/ignore-2.10.txt b/tests/sanity/ignore-2.10.txt index 69f4063f..967e3360 100644 --- a/tests/sanity/ignore-2.10.txt +++ b/tests/sanity/ignore-2.10.txt @@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip plugins/modules/vyos_route_maps.py import-2.6!skip +plugins/modules/vyos_prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip diff --git a/tests/sanity/ignore-2.11.txt b/tests/sanity/ignore-2.11.txt index 69f4063f..967e3360 100644 --- a/tests/sanity/ignore-2.11.txt +++ b/tests/sanity/ignore-2.11.txt @@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip plugins/modules/vyos_route_maps.py import-2.6!skip +plugins/modules/vyos_prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip diff --git a/tests/sanity/ignore-2.12.txt b/tests/sanity/ignore-2.12.txt index 69f4063f..967e3360 100644 --- a/tests/sanity/ignore-2.12.txt +++ b/tests/sanity/ignore-2.12.txt @@ -4,3 +4,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip plugins/modules/vyos_route_maps.py import-2.6!skip +plugins/modules/vyos_prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip diff --git a/tests/sanity/ignore-2.9.txt b/tests/sanity/ignore-2.9.txt index 7178a200..aa3ef3f6 100644 --- a/tests/sanity/ignore-2.9.txt +++ b/tests/sanity/ignore-2.9.txt @@ -16,3 +16,6 @@ plugins/module_utils/network/vyos/config/ospf_interfaces/ospf_interfaces.py impo plugins/module_utils/network/vyos/config/route_maps/route_maps.py compile-2.6!skip plugins/module_utils/network/vyos/config/route_maps/route_maps.py import-2.6!skip plugins/modules/vyos_route_maps.py import-2.6!skip +plugins/modules/vyos_prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py import-2.6!skip +plugins/module_utils/network/vyos/config/prefix_lists/prefix_lists.py compile-2.6!skip diff --git a/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py b/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py new file mode 100644 index 00000000..d1e1a8c8 --- /dev/null +++ b/tests/unit/modules/network/vyos/test_vyos_prefix_lists.py @@ -0,0 +1,1242 @@ +# (c) 2021 Red Hat Inc. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from textwrap import dedent +from ansible_collections.vyos.vyos.tests.unit.compat.mock import patch +from ansible_collections.vyos.vyos.plugins.modules import vyos_prefix_lists +from ansible_collections.vyos.vyos.tests.unit.modules.utils import ( + set_module_args, +) +from .vyos_module import TestVyosModule + + +class TestVyosPrefixListsModule(TestVyosModule): + + # Testing strategy + # ------------------ + # (a) The unit tests cover `merged` and `replaced` for every attribute. + # Since `overridden` is essentially `replaced` but at a larger + # scale, these indirectly cover `overridden` as well. + # (b) For linear attributes replaced is not valid and hence, those tests + # delete the attributes from the config subsection. + # (c) The argspec for VRFs is same as the top-level spec and the config logic + # is re-used. Hence, those attributes are not explictly covered. However, a + # combination of VRF + top-level spec + AF is tested. + + module = vyos_prefix_lists + + def setUp(self): + super(TestVyosPrefixListsModule, self).setUp() + + self.mock_get_resource_connection = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module_base.get_resource_connection" + ) + self.get_resource_connection = ( + self.mock_get_resource_connection.start() + ) + + self.mock_get_config = patch( + "ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.prefix_lists.prefix_lists.Prefix_listsFacts.get_config" + ) + self.get_config = self.mock_get_config.start() + + def tearDown(self): + super(TestVyosPrefixListsModule, self).tearDown() + self.get_resource_connection.stop() + self.get_config.stop() + + # test merged for linear attributes + def test_vyos_prefix_lists_linear_merged(self): + self.get_config.return_value = dedent( + """\ + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + description="Test plist1", + entries=[ + dict( + sequence=10, + action="permit", + description="Test rule 10", + prefix="92.168.10.0/26", + ), + dict( + sequence=20, + action="deny", + description="Test rule 20", + prefix="72.168.2.0/24", + ), + ], + ), + dict( + name="plist2", + entries=[ + dict( + sequence=20, + action="permit", + prefix="82.168.10.0/26", + le=32, + ), + dict( + sequence=30, + action="deny", + prefix="62.168.2.0/24", + ge=25, + ), + ], + ), + ], + ), + dict( + afi="ipv6", + prefix_lists=[ + dict( + name="plist3", + description="Test plist3", + entries=[ + dict( + sequence=10, + action="deny", + description="Test rule 10", + prefix="2001:db8:1000::/36", + le=36, + ), + dict( + sequence=20, + action="permit", + description="Test rule 20", + prefix="2001:db8:2000::/36", + ), + ], + ), + dict( + name="plist4", + entries=[ + dict( + sequence=20, + action="permit", + prefix="2001:db8:3000::/36", + ), + dict( + sequence=50, + action="deny", + prefix="2001:db8:4000::/36", + ), + ], + ), + ], + ), + ], + state="merged", + ) + ) + commands = [ + "set policy prefix-list plist1", + "set policy prefix-list plist1 description 'Test plist1'", + "set policy prefix-list plist1 rule 10", + "set policy prefix-list plist1 rule 10 action 'permit'", + "set policy prefix-list plist1 rule 10 description 'Test rule 10'", + "set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'", + "set policy prefix-list plist1 rule 20", + "set policy prefix-list plist1 rule 20 action 'deny'", + "set policy prefix-list plist1 rule 20 description 'Test rule 20'", + "set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'", + "set policy prefix-list plist2", + "set policy prefix-list plist2 rule 20", + "set policy prefix-list plist2 rule 20 action 'permit'", + "set policy prefix-list plist2 rule 20 le '32'", + "set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'", + "set policy prefix-list plist2 rule 30", + "set policy prefix-list plist2 rule 30 action 'deny'", + "set policy prefix-list plist2 rule 30 ge '25'", + "set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'", + "set policy prefix-list6 plist3", + "set policy prefix-list6 plist3 description 'Test plist3'", + "set policy prefix-list6 plist3 rule 10", + "set policy prefix-list6 plist3 rule 10 action 'deny'", + "set policy prefix-list6 plist3 rule 10 description 'Test rule 10'", + "set policy prefix-list6 plist3 rule 10 le '36'", + "set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'", + "set policy prefix-list6 plist3 rule 20", + "set policy prefix-list6 plist3 rule 20 action 'permit'", + "set policy prefix-list6 plist3 rule 20 description 'Test rule 20'", + "set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'", + "set policy prefix-list6 plist4", + "set policy prefix-list6 plist4 rule 20", + "set policy prefix-list6 plist4 rule 20 action 'permit'", + "set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'", + "set policy prefix-list6 plist4 rule 50", + "set policy prefix-list6 plist4 rule 50 action 'deny'", + "set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test merged for linear attributes (idempotent) + def test_vyos_prefix_lists_linear_merged_idempotent(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + description="Test plist1", + entries=[ + dict( + sequence=10, + action="permit", + description="Test rule 10", + prefix="92.168.10.0/26", + ), + dict( + sequence=20, + action="deny", + description="Test rule 20", + prefix="72.168.2.0/24", + ), + ], + ), + dict( + name="plist2", + entries=[ + dict( + sequence=20, + action="permit", + prefix="82.168.10.0/26", + le=32, + ), + dict( + sequence=30, + action="deny", + prefix="62.168.2.0/24", + ge=25, + ), + ], + ), + ], + ), + dict( + afi="ipv6", + prefix_lists=[ + dict( + name="plist3", + description="Test plist3", + entries=[ + dict( + sequence=10, + action="deny", + description="Test rule 10", + prefix="2001:db8:1000::/36", + le=36, + ), + dict( + sequence=20, + action="permit", + description="Test rule 20", + prefix="2001:db8:2000::/36", + ), + ], + ), + dict( + name="plist4", + entries=[ + dict( + sequence=20, + action="permit", + prefix="2001:db8:3000::/36", + ), + dict( + sequence=50, + action="deny", + prefix="2001:db8:4000::/36", + ), + ], + ), + ], + ), + ], + state="merged", + ) + ) + result = self.execute_module(changed=False) + self.assertEqual(result["commands"], []) + + # test existing rule with replaced + def test_vyos_prefix_lists_replaced_update(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + description="Test plist1", + entries=[ + dict( + sequence=10, + action="permit", + prefix="82.168.10.0/26", + ), + dict( + sequence=20, + action="deny", + description="Test rule 20", + prefix="72.168.2.0/24", + ), + ], + ) + ], + ) + ], + state="replaced", + ) + ) + commands = [ + "delete policy prefix-list plist1 rule 10 description 'Test rule 10'", + "set policy prefix-list plist1 rule 10 prefix '82.168.10.0/26'", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test replaced + def test_vyos_prefix_lists_replaced(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + entries=[ + dict( + sequence=10, + action="permit", + prefix="82.168.10.0/26", + ) + ], + ) + ], + ) + ], + state="replaced", + ) + ) + commands = [ + "delete policy prefix-list plist1 description 'Test plist1'", + "set policy prefix-list plist1 rule 10 prefix '82.168.10.0/26'", + "delete policy prefix-list plist1 rule 20", + "delete policy prefix-list plist1 rule 10 description 'Test rule 10'", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test update with overridden + def test_vyos_prefix_lists_overridden_update(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + entries=[ + dict( + sequence=10, + action="deny", + prefix="102.168.10.0/26", + ) + ], + ) + ], + ) + ], + state="overridden", + ) + ) + commands = [ + "delete policy prefix-list plist1 description 'Test plist1'", + "delete policy prefix-list6 plist4", + "delete policy prefix-list plist1 rule 10 description 'Test rule 10'", + "set policy prefix-list plist1 rule 10 prefix '102.168.10.0/26'", + "delete policy prefix-list6 plist3", + "delete policy prefix-list plist1 rule 20", + "set policy prefix-list plist1 rule 10 action 'deny'", + "delete policy prefix-list plist2", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test overridden + def test_vyos_prefix_lists_overridden(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist5", + entries=[ + dict( + sequence=50, + action="permit", + prefix="102.168.10.0/26", + ) + ], + ) + ], + ) + ], + state="overridden", + ) + ) + commands = [ + "set policy prefix-list plist5", + "set policy prefix-list plist5 rule 50", + "set policy prefix-list plist5 rule 50 action 'permit'", + "set policy prefix-list plist5 rule 50 prefix '102.168.10.0/26'", + "delete policy prefix-list plist1", + "delete policy prefix-list plist2", + "delete policy prefix-list6 plist3", + "delete policy prefix-list6 plist4", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test deleted (all) + def test_vyos_prefix_lists_deleted_all(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args(dict(state="deleted")) + commands = [ + "delete policy prefix-list plist1", + "delete policy prefix-list plist2", + "delete policy prefix-list6 plist3", + "delete policy prefix-list6 plist4", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test deleted (AFI) + def test_vyos_prefix_lists_deleted_afi(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args(dict(config=[dict(afi="ipv4")], state="deleted")) + commands = [ + "delete policy prefix-list plist1", + "delete policy prefix-list plist2", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test deleted (one prefix-list) + def test_vyos_prefix_lists_deleted_one(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[dict(afi="ipv6", prefix_lists=[dict(name="plist3")])], + state="deleted", + ) + ) + commands = ["delete policy prefix-list6 plist3"] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test deleted (one prefix-list from each AFI) + def test_vyos_prefix_lists_deleted_one_from_each_afi(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args( + dict( + config=[ + dict(afi="ipv4", prefix_lists=[dict(name="plist2")]), + dict(afi="ipv6", prefix_lists=[dict(name="plist3")]), + ], + state="deleted", + ) + ) + commands = [ + "delete policy prefix-list plist2", + "delete policy prefix-list6 plist3", + ] + result = self.execute_module(changed=True) + self.assertEqual(set(result["commands"]), set(commands)) + + # test parsed + def test_vyos_prefix_lists_parsed(self): + cfg = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args(dict(running_config=cfg, state="parsed")) + parsed = [ + { + "afi": "ipv4", + "prefix_lists": [ + { + "description": "Test plist1", + "name": "plist1", + "entries": [ + { + "action": "permit", + "description": "Test rule 10", + "sequence": 10, + "prefix": "92.168.10.0/26", + }, + { + "action": "deny", + "description": "Test rule 20", + "sequence": 20, + "prefix": "72.168.2.0/24", + }, + ], + }, + { + "name": "plist2", + "entries": [ + { + "action": "permit", + "sequence": 20, + "le": 32, + "prefix": "82.168.10.0/26", + }, + { + "action": "deny", + "ge": 25, + "sequence": 30, + "prefix": "62.168.2.0/24", + }, + ], + }, + ], + }, + { + "afi": "ipv6", + "prefix_lists": [ + { + "description": "Test plist3", + "name": "plist3", + "entries": [ + { + "action": "deny", + "description": "Test rule 10", + "sequence": 10, + "le": 36, + "prefix": "2001:db8:1000::/36", + }, + { + "action": "permit", + "description": "Test rule 20", + "sequence": 20, + "prefix": "2001:db8:2000::/36", + }, + ], + }, + { + "name": "plist4", + "entries": [ + { + "action": "permit", + "sequence": 20, + "prefix": "2001:db8:3000::/36", + }, + { + "action": "deny", + "sequence": 50, + "prefix": "2001:db8:4000::/36", + }, + ], + }, + ], + }, + ] + result = self.execute_module(changed=False) + self.assertEqual(result["parsed"], parsed) + + # test rendered + def test_vyos_prefix_lists_rendered(self): + set_module_args( + dict( + config=[ + dict( + afi="ipv4", + prefix_lists=[ + dict( + name="plist1", + description="Test plist1", + entries=[ + dict( + sequence=10, + action="permit", + description="Test rule 10", + prefix="92.168.10.0/26", + ), + dict( + sequence=20, + action="deny", + description="Test rule 20", + prefix="72.168.2.0/24", + ), + ], + ), + dict( + name="plist2", + entries=[ + dict( + sequence=20, + action="permit", + prefix="82.168.10.0/26", + le=32, + ), + dict( + sequence=30, + action="deny", + prefix="62.168.2.0/24", + ge=25, + ), + ], + ), + ], + ), + dict( + afi="ipv6", + prefix_lists=[ + dict( + name="plist3", + description="Test plist3", + entries=[ + dict( + sequence=10, + action="deny", + description="Test rule 10", + prefix="2001:db8:1000::/36", + le=36, + ), + dict( + sequence=20, + action="permit", + description="Test rule 20", + prefix="2001:db8:2000::/36", + ), + ], + ), + dict( + name="plist4", + entries=[ + dict( + sequence=20, + action="permit", + prefix="2001:db8:3000::/36", + ), + dict( + sequence=50, + action="deny", + prefix="2001:db8:4000::/36", + ), + ], + ), + ], + ), + ], + state="rendered", + ) + ) + rendered = [ + "set policy prefix-list plist1", + "set policy prefix-list plist1 description 'Test plist1'", + "set policy prefix-list plist1 rule 10", + "set policy prefix-list plist1 rule 10 action 'permit'", + "set policy prefix-list plist1 rule 10 description 'Test rule 10'", + "set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26'", + "set policy prefix-list plist1 rule 20", + "set policy prefix-list plist1 rule 20 action 'deny'", + "set policy prefix-list plist1 rule 20 description 'Test rule 20'", + "set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24'", + "set policy prefix-list plist2", + "set policy prefix-list plist2 rule 20", + "set policy prefix-list plist2 rule 20 action 'permit'", + "set policy prefix-list plist2 rule 20 le '32'", + "set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26'", + "set policy prefix-list plist2 rule 30", + "set policy prefix-list plist2 rule 30 action 'deny'", + "set policy prefix-list plist2 rule 30 ge '25'", + "set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24'", + "set policy prefix-list6 plist3", + "set policy prefix-list6 plist3 description 'Test plist3'", + "set policy prefix-list6 plist3 rule 10", + "set policy prefix-list6 plist3 rule 10 action 'deny'", + "set policy prefix-list6 plist3 rule 10 description 'Test rule 10'", + "set policy prefix-list6 plist3 rule 10 le '36'", + "set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36'", + "set policy prefix-list6 plist3 rule 20", + "set policy prefix-list6 plist3 rule 20 action 'permit'", + "set policy prefix-list6 plist3 rule 20 description 'Test rule 20'", + "set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36'", + "set policy prefix-list6 plist4", + "set policy prefix-list6 plist4 rule 20", + "set policy prefix-list6 plist4 rule 20 action 'permit'", + "set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36'", + "set policy prefix-list6 plist4 rule 50", + "set policy prefix-list6 plist4 rule 50 action 'deny'", + "set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36'", + ] + result = self.execute_module(changed=False) + self.assertEqual(set(result["rendered"]), set(rendered)) + + # test gathered + def test_vyos_prefix_lists_gathered(self): + self.get_config.return_value = dedent( + """\ + set policy prefix-list plist1 + set policy prefix-list plist1 description 'Test plist1' + set policy prefix-list plist1 rule 10 + set policy prefix-list plist1 rule 10 action 'permit' + set policy prefix-list plist1 rule 10 description 'Test rule 10' + set policy prefix-list plist1 rule 10 prefix '92.168.10.0/26' + set policy prefix-list plist1 rule 20 + set policy prefix-list plist1 rule 20 action 'deny' + set policy prefix-list plist1 rule 20 description 'Test rule 20' + set policy prefix-list plist1 rule 20 prefix '72.168.2.0/24' + set policy prefix-list plist2 + set policy prefix-list plist2 rule 20 + set policy prefix-list plist2 rule 20 action 'permit' + set policy prefix-list plist2 rule 20 le '32' + set policy prefix-list plist2 rule 20 prefix '82.168.10.0/26' + set policy prefix-list plist2 rule 30 + set policy prefix-list plist2 rule 30 action 'deny' + set policy prefix-list plist2 rule 30 ge '25' + set policy prefix-list plist2 rule 30 prefix '62.168.2.0/24' + set policy prefix-list6 plist3 + set policy prefix-list6 plist3 description 'Test plist3' + set policy prefix-list6 plist3 rule 10 + set policy prefix-list6 plist3 rule 10 action 'deny' + set policy prefix-list6 plist3 rule 10 description 'Test rule 10' + set policy prefix-list6 plist3 rule 10 le '36' + set policy prefix-list6 plist3 rule 10 prefix '2001:db8:1000::/36' + set policy prefix-list6 plist3 rule 20 + set policy prefix-list6 plist3 rule 20 action 'permit' + set policy prefix-list6 plist3 rule 20 description 'Test rule 20' + set policy prefix-list6 plist3 rule 20 prefix '2001:db8:2000::/36' + set policy prefix-list6 plist4 + set policy prefix-list6 plist4 rule 20 + set policy prefix-list6 plist4 rule 20 action 'permit' + set policy prefix-list6 plist4 rule 20 prefix '2001:db8:3000::/36' + set policy prefix-list6 plist4 rule 50 + set policy prefix-list6 plist4 rule 50 action 'deny' + set policy prefix-list6 plist4 rule 50 prefix '2001:db8:4000::/36' + """ + ) + set_module_args(dict(state="gathered")) + gathered = [ + { + "afi": "ipv4", + "prefix_lists": [ + { + "description": "Test plist1", + "name": "plist1", + "entries": [ + { + "action": "permit", + "description": "Test rule 10", + "sequence": 10, + "prefix": "92.168.10.0/26", + }, + { + "action": "deny", + "description": "Test rule 20", + "sequence": 20, + "prefix": "72.168.2.0/24", + }, + ], + }, + { + "name": "plist2", + "entries": [ + { + "action": "permit", + "sequence": 20, + "le": 32, + "prefix": "82.168.10.0/26", + }, + { + "action": "deny", + "ge": 25, + "sequence": 30, + "prefix": "62.168.2.0/24", + }, + ], + }, + ], + }, + { + "afi": "ipv6", + "prefix_lists": [ + { + "description": "Test plist3", + "name": "plist3", + "entries": [ + { + "action": "deny", + "description": "Test rule 10", + "sequence": 10, + "le": 36, + "prefix": "2001:db8:1000::/36", + }, + { + "action": "permit", + "description": "Test rule 20", + "sequence": 20, + "prefix": "2001:db8:2000::/36", + }, + ], + }, + { + "name": "plist4", + "entries": [ + { + "action": "permit", + "sequence": 20, + "prefix": "2001:db8:3000::/36", + }, + { + "action": "deny", + "sequence": 50, + "prefix": "2001:db8:4000::/36", + }, + ], + }, + ], + }, + ] + result = self.execute_module(changed=False) + self.assertEqual(result["gathered"], gathered) -- cgit v1.2.3