Mirrors/ansible-collection-hetzner-hcloud
2
0
Fork 0
mirror of https://github.com/ansible-collections/hetzner.hcloud synced 2025-01-08 10:18:47 +00:00
Code Issues Projects Releases Packages Wiki Activity
ansible-collection-hetzner-.../tests/integration/targets/hcloud_firewall/tasks/main.yml
Adrian Huber 8cd7b9f997
Add description field to firewall rules (#101)
2021-08-12 13:13:19 +02:00

210 lines
5.7 KiB
YAML
Raw Blame History

# Copyright: (c) 2020, Hetzner Cloud GmbH <info@hetzner-cloud.de>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
---
- name: setup firewall to be absent
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
state: absent
- name: test missing required parameters on create firewall
hcloud_firewall:
register: result
ignore_errors: yes
- name: verify fail test missing required parameters on create firewall
assert:
that:
- result is failed
- 'result.msg == "one of the following is required: id, name"'
- name: test create firewall with check mode
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
register: result
check_mode: yes
- name: test create firewall with check mode
assert:
that:
- result is changed
- name: test create firewall
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
rules:
- direction: in
protocol: icmp
source_ips:
- 0.0.0.0/0
- ::/0
description: "allow icmp in"
labels:
key: value
my-label: label
register: firewall
- name: verify create firewall
assert:
that:
- firewall is changed
- firewall.hcloud_firewall.name == "{{ hcloud_firewall_name }}"
- firewall.hcloud_firewall.rules | list | count == 1
- firewall.hcloud_firewall.rules | selectattr('direction','equalto','in') | list | count == 1
- firewall.hcloud_firewall.rules | selectattr('protocol','equalto','icmp') | list | count == 1
- firewall.hcloud_firewall.rules | selectattr('description', 'equalto', 'allow icmp in') | list | count == 1
- name: test create firewall idempotence
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
rules:
- direction: in
protocol: icmp
source_ips:
- 0.0.0.0/0
- ::/0
description: "allow icmp in"
labels:
key: value
my-label: label
register: result
- name: verify create firewall idempotence
assert:
that:
- result is not changed
- name: test update firewall rules
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
rules:
- direction: in
protocol: icmp
source_ips:
- 0.0.0.0/0
- ::/0
- direction: in
protocol: tcp
port: 80
source_ips:
- 0.0.0.0/0
- ::/0
- direction: out
protocol: tcp
port: 80
destination_ips:
- 0.0.0.0/0
- ::/0
description: allow tcp out
labels:
key: value
my-label: label
register: firewall
- name: verify update firewall rules
assert:
that:
- firewall is changed
- firewall.hcloud_firewall.name == "{{ hcloud_firewall_name }}"
- firewall.hcloud_firewall.rules | list | count == 3
- firewall.hcloud_firewall.rules | selectattr('direction','equalto','in') | list | count == 2
- firewall.hcloud_firewall.rules | selectattr('direction','equalto','out') | list | count == 1
- firewall.hcloud_firewall.rules | selectattr('protocol','equalto','icmp') | list | count == 1
- firewall.hcloud_firewall.rules | selectattr('protocol','equalto','tcp') | list | count == 2
- firewall.hcloud_firewall.rules | selectattr('port','equalto','80') | list | count == 2
- firewall.hcloud_firewall.rules | selectattr('description', 'equalto', 'allow tcp out') | list | count == 1
- name: test update firewall rules idempotence
hcloud_firewall:
name: "{{ hcloud_firewall_name }}"
rules:
- direction: in
protocol: icmp
source_ips:
- 0.0.0.0/0
- ::/0
- direction: in
protocol: tcp
port: 80
source_ips:
- 0.0.0.0/0
- ::/0
- direction: out
protocol: tcp
port: 80
destination_ips:
- 0.0.0.0/0
- ::/0
description: allow tcp out
labels:
key: value
my-label: label
register: result
- name: verify update firewall rules idempotence
assert:
that:
- result is not changed
- name: test update firewall with check mode
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
name: "changed-{{ hcloud_firewall_name }}"
register: result
check_mode: yes
- name: test create firewall with check mode
assert:
that:
- result is changed
- name: test update firewall
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
name: "changed-{{ hcloud_firewall_name }}"
labels:
key: value
register: result
- name: test update firewall
assert:
that:
- result is changed
- result.hcloud_firewall.name == "changed-{{ hcloud_firewall_name }}"
- name: test update firewall with same labels
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
name: "changed-{{ hcloud_firewall_name }}"
labels:
key: value
register: result
- name: test update firewall with same labels
assert:
that:
- result is not changed
- name: test update firewall with other labels
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
name: "changed-{{ hcloud_firewall_name }}"
labels:
key: value
test: "val123"
register: result
- name: test update firewall with other labels
assert:
that:
- result is changed
- name: test rename firewall
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
name: "{{ hcloud_firewall_name }}"
register: result
- name: test rename firewall
assert:
that:
- result is changed
- result.hcloud_firewall.name == "{{ hcloud_firewall_name }}"
- name: absent firewall
hcloud_firewall:
id: "{{ firewall.hcloud_firewall.id }}"
state: absent
register: result
- name: verify absent server
assert:
that:
- result is success
Reference in a new issue View git blame Copy permalink