"Fossies" - the Fresh Open Source Software Archive

Member "ansible-6.1.0/ansible_collections/community/general/tests/integration/targets/iptables_state/tasks/tests/00-basic.yml" (12 Jul 2022, 7892 Bytes) of package /linux/misc/ansible-6.1.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Ansible YAML source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 ---
    2 - name: "ensure our next backup is not there (file)"
    3   file:
    4     path: "{{ iptables_saved }}"
    5     state: absent
    6 
    7 - name: "ensure our next rule is not there (iptables)"
    8   iptables:
    9     chain: OUTPUT
   10     jump: ACCEPT
   11     state: absent
   12 
   13 
   14 #
   15 # Basic checks about invalid param/value handling.
   16 #
   17 - name: "trigger error about invalid param"
   18   iptables_state:
   19     name: foobar
   20   register: iptables_state
   21   ignore_errors: yes
   22 
   23 - name: "assert that results are as expected"
   24   assert:
   25     that:
   26       - iptables_state is failed
   27       - iptables_state.msg is match("Invalid options")
   28     quiet: yes
   29 
   30 
   31 
   32 - name: "trigger error about missing param 'state'"
   33   iptables_state:
   34     path: foobar
   35   register: iptables_state
   36   ignore_errors: yes
   37 
   38 - name: "assert that results are as expected"
   39   assert:
   40     that:
   41       - iptables_state is failed
   42       - iptables_state.msg is match("missing required arguments")
   43     quiet: yes
   44 
   45 
   46 
   47 - name: "trigger error about missing param 'path'"
   48   iptables_state:
   49     state: saved
   50   register: iptables_state
   51   ignore_errors: yes
   52 
   53 - name: "assert that results are as expected"
   54   assert:
   55     that:
   56       - iptables_state is failed
   57       - iptables_state.msg is match("missing required arguments")
   58     quiet: yes
   59 
   60 
   61 
   62 - name: "trigger error about invalid value for param 'state'"
   63   iptables_state:
   64     path: foobar
   65     state: present
   66   register: iptables_state
   67   ignore_errors: yes
   68 
   69 - name: "assert that results are as expected"
   70   assert:
   71     that:
   72       - iptables_state is failed
   73       - iptables_state.msg is match("value of state must be one of")
   74     quiet: yes
   75 
   76 
   77 #
   78 # Play with the current state first. We will create a file to store it in, but
   79 # no more. These tests are for:
   80 # - idempotency
   81 # - check_mode
   82 #
   83 - name: "save state (check_mode, must report a change)"
   84   iptables_state:
   85     path: "{{ iptables_saved }}"
   86     state: saved
   87   register: iptables_state
   88   check_mode: yes
   89 
   90 - name: "assert that results are as expected"
   91   assert:
   92     that:
   93       - iptables_state is changed
   94       - iptables_state.initial_state == iptables_state.saved
   95     quiet: yes
   96 
   97 
   98 
   99 - name: "save state (must report a change)"
  100   iptables_state:
  101     path: "{{ iptables_saved }}"
  102     state: saved
  103   register: iptables_state
  104 
  105 - name: "assert that results are as expected"
  106   assert:
  107     that:
  108       - iptables_state is changed
  109       - iptables_state.initial_state == iptables_state.saved
  110     quiet: yes
  111 
  112 
  113 
  114 - name: "save state (idempotency, must NOT report a change)"
  115   iptables_state:
  116     path: "{{ iptables_saved }}"
  117     state: saved
  118   register: iptables_state
  119 
  120 - name: "assert that results are as expected"
  121   assert:
  122     that:
  123       - iptables_state is not changed
  124       - iptables_state.initial_state == iptables_state.saved
  125     quiet: yes
  126 
  127 
  128 
  129 - name: "save state (check_mode, must NOT report a change)"
  130   iptables_state:
  131     path: "{{ iptables_saved }}"
  132     state: saved
  133   register: iptables_state
  134   check_mode: yes
  135 
  136 - name: "assert that results are as expected"
  137   assert:
  138     that:
  139       - iptables_state is not changed
  140       - iptables_state.initial_state == iptables_state.saved
  141     quiet: yes
  142 
  143 
  144 
  145 # We begin with 'state=restored' by restoring the current state on itself.
  146 # This at least ensures the file produced with state=saved is suitable for
  147 # state=restored.
  148 
  149 - name: "state=restored check_mode=true changed=false"
  150   block:
  151     - name: "restore state (check_mode, must NOT report a change, no warning)"
  152       iptables_state:
  153         path: "{{ iptables_saved }}"
  154         state: restored
  155       register: iptables_state
  156       check_mode: yes
  157 
  158     - name: "assert that results are as expected"
  159       assert:
  160         that:
  161           - iptables_state is not changed
  162           - iptables_state.initial_state == iptables_state.restored
  163         quiet: yes
  164 
  165   rescue:
  166     - name: "assert that results are not as expected for only one reason (xtables lock)"
  167       assert:
  168         that:
  169           - iptables_state is failed
  170           - iptables_state.stderr is search('xtables lock')
  171         quiet: yes
  172       register: xtables_lock
  173 
  174 
  175 
  176 - name: "state=restored changed=false"
  177   block:
  178     - name: "restore state (must NOT report a change, warning about rollback & async)"
  179       iptables_state:
  180         path: "{{ iptables_saved }}"
  181         state: restored
  182       register: iptables_state
  183 
  184     - name: "assert that results are as expected"
  185       assert:
  186         that:
  187           - iptables_state is not changed
  188           - iptables_state.initial_state == iptables_state.restored
  189         quiet: yes
  190 
  191   rescue:
  192     - name: "assert that results are not as expected for only one reason (xtables lock)"
  193       assert:
  194         that:
  195           - iptables_state is failed
  196           - iptables_state.stderr is search('xtables lock')
  197         quiet: yes
  198       register: xtables_lock
  199 
  200 
  201 
  202 - name: "change iptables state (iptables)"
  203   iptables:
  204     chain: OUTPUT
  205     jump: ACCEPT
  206 
  207 
  208 
  209 - name: "state=restored changed=true"
  210   block:
  211     - name: "restore state (check_mode, must report a change)"
  212       iptables_state:
  213         path: "{{ iptables_saved }}"
  214         state: restored
  215       register: iptables_state
  216       check_mode: yes
  217 
  218     - name: "assert that results are as expected"
  219       assert:
  220         that:
  221           - iptables_state is changed
  222           - iptables_state.initial_state != iptables_state.restored
  223         quiet: yes
  224 
  225   rescue:
  226     - name: "assert that results are not as expected for only one reason (xtables lock)"
  227       assert:
  228         that:
  229           - iptables_state is failed
  230           - iptables_state.stderr is search('xtables lock')
  231         quiet: yes
  232       register: xtables_lock
  233 
  234 
  235 
  236 - name: "state=restored changed=true"
  237   block:
  238     - name: "restore state (must report a change, async, no warning)"
  239       iptables_state:
  240         path: "{{ iptables_saved }}"
  241         state: restored
  242       register: iptables_state
  243       async: "{{ ansible_timeout }}"
  244       poll: 0
  245 
  246     - name: "assert that results are as expected"
  247       assert:
  248         that:
  249           - iptables_state is changed
  250           - iptables_state.initial_state != iptables_state.restored
  251           - iptables_state.applied
  252         quiet: yes
  253 
  254   rescue:
  255     - name: "assert that results are not as expected for only one reason (xtables lock)"
  256       assert:
  257         that:
  258           - iptables_state is failed
  259           - iptables_state.stderr is search('xtables lock')
  260         quiet: yes
  261       register: xtables_lock
  262 
  263 
  264 
  265 - name: "state=restored changed=false"
  266   block:
  267     - name: "restore state (must NOT report a change, async, no warning)"
  268       iptables_state:
  269         path: "{{ iptables_saved }}"
  270         state: restored
  271       register: iptables_state
  272       async: "{{ ansible_timeout }}"
  273       poll: 0
  274 
  275     - name: "assert that results are as expected"
  276       assert:
  277         that:
  278           - iptables_state is not changed
  279           - iptables_state.initial_state == iptables_state.restored
  280         quiet: yes
  281 
  282   rescue:
  283     - name: "assert that results are not as expected for only one reason (xtables lock)"
  284       assert:
  285         that:
  286           - iptables_state is failed
  287           - iptables_state.stderr is search('xtables lock')
  288         quiet: yes
  289       register: xtables_lock
  290 
  291 
  292 
  293 - name: "state=restored changed=false"
  294   block:
  295     - name: "restore state (check_mode=yes, must NOT report a change, no warning)"
  296       iptables_state:
  297         path: "{{ iptables_saved }}"
  298         state: restored
  299       register: iptables_state
  300       check_mode: yes
  301 
  302     - name: "assert that results are as expected"
  303       assert:
  304         that:
  305           - iptables_state is not changed
  306           - iptables_state.initial_state == iptables_state.restored
  307         quiet: yes
  308 
  309   rescue:
  310     - name: "assert that results are not as expected for only one reason (xtables lock)"
  311       assert:
  312         that:
  313           - iptables_state is failed
  314           - iptables_state.stderr is search('xtables lock')
  315         quiet: yes
  316       register: xtables_lock