mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-24 22:00:22 -07:00
New module: manage Citrix Netscaler content switching policy configuration (network/netscaler/netscaler_cs_policy) (#26189)
* Add netscaler_cs_policy * Correct version_added
This commit is contained in:
parent
7a51c5f4df
commit
36537186e3
17 changed files with 962 additions and 0 deletions
298
lib/ansible/modules/network/netscaler/netscaler_cs_policy.py
Normal file
298
lib/ansible/modules/network/netscaler/netscaler_cs_policy.py
Normal file
|
@ -0,0 +1,298 @@
|
||||||
|
#!/usr/bin/python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Copyright (c) 2017 Citrix Systems
|
||||||
|
#
|
||||||
|
# This file is part of Ansible
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
ANSIBLE_METADATA = {'status': ['preview'],
|
||||||
|
'supported_by': 'community',
|
||||||
|
'metadata_version': '1.0'}
|
||||||
|
|
||||||
|
|
||||||
|
DOCUMENTATION = '''
|
||||||
|
---
|
||||||
|
module: netscaler_cs_policy
|
||||||
|
short_description: Manage content switching policy
|
||||||
|
description:
|
||||||
|
- Manage content switching policy.
|
||||||
|
- "This module is intended to run either on the ansible control node or a bastion (jumpserver) with access to the actual netscaler instance."
|
||||||
|
|
||||||
|
version_added: "2.4"
|
||||||
|
|
||||||
|
author: George Nikolopoulos (@giorgos-nikolopoulos)
|
||||||
|
|
||||||
|
options:
|
||||||
|
|
||||||
|
policyname:
|
||||||
|
description:
|
||||||
|
- >-
|
||||||
|
Name for the content switching policy. Must begin with an ASCII alphanumeric or underscore C(_)
|
||||||
|
character, and must contain only ASCII alphanumeric, underscore, hash C(#), period C(.), space C( ), colon
|
||||||
|
C(:), at sign C(@), equal sign C(=), and hyphen C(-) characters. Cannot be changed after a policy is
|
||||||
|
created.
|
||||||
|
- "The following requirement applies only to the NetScaler CLI:"
|
||||||
|
- >-
|
||||||
|
If the name includes one or more spaces, enclose the name in double or single quotation marks (for
|
||||||
|
example, my policy or my policy).
|
||||||
|
- "Minimum length = 1"
|
||||||
|
|
||||||
|
url:
|
||||||
|
description:
|
||||||
|
- >-
|
||||||
|
URL string that is matched with the URL of a request. Can contain a wildcard character. Specify the
|
||||||
|
string value in the following format: C([[prefix] [*]] [.suffix]).
|
||||||
|
- "Minimum length = 1"
|
||||||
|
- "Maximum length = 208"
|
||||||
|
|
||||||
|
rule:
|
||||||
|
description:
|
||||||
|
- >-
|
||||||
|
Expression, or name of a named expression, against which traffic is evaluated. Written in the classic
|
||||||
|
or default syntax.
|
||||||
|
- "Note:"
|
||||||
|
- >-
|
||||||
|
Maximum length of a string literal in the expression is 255 characters. A longer string can be split
|
||||||
|
into smaller strings of up to 255 characters each, and the smaller strings concatenated with the +
|
||||||
|
operator. For example, you can create a 500-character string as follows: '"<string of 255
|
||||||
|
characters>" + "<string of 245 characters>"'
|
||||||
|
|
||||||
|
domain:
|
||||||
|
description:
|
||||||
|
- "The domain name. The string value can range to 63 characters."
|
||||||
|
- "Minimum length = 1"
|
||||||
|
|
||||||
|
action:
|
||||||
|
description:
|
||||||
|
- >-
|
||||||
|
Content switching action that names the target load balancing virtual server to which the traffic is
|
||||||
|
switched.
|
||||||
|
|
||||||
|
extends_documentation_fragment: netscaler
|
||||||
|
requirements:
|
||||||
|
- nitro python sdk
|
||||||
|
'''
|
||||||
|
|
||||||
|
EXAMPLES = '''
|
||||||
|
- name: Create url cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nsip: 172.18.0.2
|
||||||
|
nitro_user: nsroot
|
||||||
|
nitro_pass: nsroot
|
||||||
|
validate_certs: no
|
||||||
|
|
||||||
|
state: present
|
||||||
|
|
||||||
|
policyname: policy_1
|
||||||
|
url: /example/
|
||||||
|
'''
|
||||||
|
|
||||||
|
RETURN = '''
|
||||||
|
loglines:
|
||||||
|
description: list of logged messages by the module
|
||||||
|
returned: always
|
||||||
|
type: list
|
||||||
|
sample: ['message 1', 'message 2']
|
||||||
|
|
||||||
|
msg:
|
||||||
|
description: Message detailing the failure reason
|
||||||
|
returned: failure
|
||||||
|
type: str
|
||||||
|
sample: "Could not load nitro python sdk"
|
||||||
|
|
||||||
|
diff:
|
||||||
|
description: List of differences between the actual configured object and the configuration specified in the module
|
||||||
|
returned: failure
|
||||||
|
type: dict
|
||||||
|
sample: { 'url': 'difference. ours: (str) example1 other: (str) /example1' }
|
||||||
|
'''
|
||||||
|
|
||||||
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
|
from ansible.module_utils.netscaler import ConfigProxy, get_nitro_client, netscaler_common_arguments, log, loglines, ensure_feature_is_enabled
|
||||||
|
try:
|
||||||
|
from nssrc.com.citrix.netscaler.nitro.resource.config.cs.cspolicy import cspolicy
|
||||||
|
from nssrc.com.citrix.netscaler.nitro.exception.nitro_exception import nitro_exception
|
||||||
|
PYTHON_SDK_IMPORTED = True
|
||||||
|
except ImportError as e:
|
||||||
|
PYTHON_SDK_IMPORTED = False
|
||||||
|
|
||||||
|
|
||||||
|
def policy_exists(client, module):
|
||||||
|
log('Checking if policy exists')
|
||||||
|
if cspolicy.count_filtered(client, 'policyname:%s' % module.params['policyname']) > 0:
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def policy_identical(client, module, cspolicy_proxy):
|
||||||
|
log('Checking if defined policy is identical to configured')
|
||||||
|
if cspolicy.count_filtered(client, 'policyname:%s' % module.params['policyname']) == 0:
|
||||||
|
return False
|
||||||
|
policy_list = cspolicy.get_filtered(client, 'policyname:%s' % module.params['policyname'])
|
||||||
|
diff_dict = cspolicy_proxy.diff_object(policy_list[0])
|
||||||
|
if 'ip' in diff_dict:
|
||||||
|
del diff_dict['ip']
|
||||||
|
if len(diff_dict) == 0:
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def diff_list(client, module, cspolicy_proxy):
|
||||||
|
policy_list = cspolicy.get_filtered(client, 'policyname:%s' % module.params['policyname'])
|
||||||
|
return cspolicy_proxy.diff_object(policy_list[0])
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
|
||||||
|
module_specific_arguments = dict(
|
||||||
|
policyname=dict(type='str'),
|
||||||
|
url=dict(type='str'),
|
||||||
|
rule=dict(type='str'),
|
||||||
|
domain=dict(type='str'),
|
||||||
|
action=dict(type='str'),
|
||||||
|
)
|
||||||
|
|
||||||
|
hand_inserted_arguments = dict(
|
||||||
|
)
|
||||||
|
|
||||||
|
argument_spec = dict()
|
||||||
|
|
||||||
|
argument_spec.update(netscaler_common_arguments)
|
||||||
|
argument_spec.update(module_specific_arguments)
|
||||||
|
argument_spec.update(hand_inserted_arguments)
|
||||||
|
|
||||||
|
module = AnsibleModule(
|
||||||
|
argument_spec=argument_spec,
|
||||||
|
supports_check_mode=True,
|
||||||
|
)
|
||||||
|
module_result = dict(
|
||||||
|
changed=False,
|
||||||
|
failed=False,
|
||||||
|
loglines=loglines,
|
||||||
|
)
|
||||||
|
|
||||||
|
# Fail the module if imports failed
|
||||||
|
if not PYTHON_SDK_IMPORTED:
|
||||||
|
module.fail_json(msg='Could not load nitro python sdk')
|
||||||
|
|
||||||
|
# Fallthrough to rest of execution
|
||||||
|
client = get_nitro_client(module)
|
||||||
|
|
||||||
|
try:
|
||||||
|
client.login()
|
||||||
|
except nitro_exception as e:
|
||||||
|
msg = "nitro exception during login. errorcode=%s, message=%s" % (str(e.errorcode), e.message)
|
||||||
|
module.fail_json(msg=msg)
|
||||||
|
except Exception as e:
|
||||||
|
if str(type(e)) == "<class 'requests.exceptions.ConnectionError'>":
|
||||||
|
module.fail_json(msg='Connection error %s' % str(e))
|
||||||
|
elif str(type(e)) == "<class 'requests.exceptions.SSLError'>":
|
||||||
|
module.fail_json(msg='SSL Error %s' % str(e))
|
||||||
|
else:
|
||||||
|
module.fail_json(msg='Unexpected error during login %s' % str(e))
|
||||||
|
|
||||||
|
readwrite_attrs = [
|
||||||
|
'policyname',
|
||||||
|
'url',
|
||||||
|
'rule',
|
||||||
|
'domain',
|
||||||
|
'action',
|
||||||
|
]
|
||||||
|
readonly_attrs = [
|
||||||
|
'vstype',
|
||||||
|
'hits',
|
||||||
|
'bindhits',
|
||||||
|
'labelname',
|
||||||
|
'labeltype',
|
||||||
|
'priority',
|
||||||
|
'activepolicy',
|
||||||
|
'cspolicytype',
|
||||||
|
]
|
||||||
|
|
||||||
|
transforms = {
|
||||||
|
}
|
||||||
|
|
||||||
|
# Instantiate config proxy
|
||||||
|
cspolicy_proxy = ConfigProxy(
|
||||||
|
actual=cspolicy(),
|
||||||
|
client=client,
|
||||||
|
attribute_values_dict=module.params,
|
||||||
|
readwrite_attrs=readwrite_attrs,
|
||||||
|
readonly_attrs=readonly_attrs,
|
||||||
|
transforms=transforms,
|
||||||
|
)
|
||||||
|
|
||||||
|
try:
|
||||||
|
ensure_feature_is_enabled(client, 'CS')
|
||||||
|
|
||||||
|
# Apply appropriate state
|
||||||
|
if module.params['state'] == 'present':
|
||||||
|
log('Sanity checks for state present')
|
||||||
|
if not policy_exists(client, module):
|
||||||
|
if not module.check_mode:
|
||||||
|
cspolicy_proxy.add()
|
||||||
|
if module.params['save_config']:
|
||||||
|
client.save_config()
|
||||||
|
module_result['changed'] = True
|
||||||
|
elif not policy_identical(client, module, cspolicy_proxy):
|
||||||
|
if not module.check_mode:
|
||||||
|
cspolicy_proxy.update()
|
||||||
|
if module.params['save_config']:
|
||||||
|
client.save_config()
|
||||||
|
module_result['changed'] = True
|
||||||
|
else:
|
||||||
|
module_result['changed'] = False
|
||||||
|
|
||||||
|
# Sanity check for state
|
||||||
|
if not module.check_mode:
|
||||||
|
log('Sanity checks for state present')
|
||||||
|
if not policy_exists(client, module):
|
||||||
|
module.fail_json(msg='Policy does not exist', **module_result)
|
||||||
|
if not policy_identical(client, module, cspolicy_proxy):
|
||||||
|
module.fail_json(msg='Policy differs from configured', diff=diff_list(client, module, cspolicy_proxy), **module_result)
|
||||||
|
|
||||||
|
elif module.params['state'] == 'absent':
|
||||||
|
log('Applying actions for state absent')
|
||||||
|
if policy_exists(client, module):
|
||||||
|
if not module.check_mode:
|
||||||
|
cspolicy_proxy.delete()
|
||||||
|
if module.params['save_config']:
|
||||||
|
client.save_config()
|
||||||
|
module_result['changed'] = True
|
||||||
|
else:
|
||||||
|
module_result['changed'] = False
|
||||||
|
|
||||||
|
# Sanity check for state
|
||||||
|
if not module.check_mode:
|
||||||
|
log('Sanity checks for state absent')
|
||||||
|
if policy_exists(client, module):
|
||||||
|
module.fail_json(msg='Policy still exists', **module_result)
|
||||||
|
|
||||||
|
except nitro_exception as e:
|
||||||
|
msg = "nitro exception errorcode=%s, message=%s" % (str(e.errorcode), e.message)
|
||||||
|
module.fail_json(msg=msg, **module_result)
|
||||||
|
|
||||||
|
client.logout()
|
||||||
|
module.exit_json(**module_result)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
main()
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
testcase: "*"
|
||||||
|
test_cases: []
|
||||||
|
|
||||||
|
nitro_user: nsroot
|
||||||
|
nitro_pass: nsroot
|
|
@ -0,0 +1,5 @@
|
||||||
|
|
||||||
|
|
||||||
|
[netscaler]
|
||||||
|
|
||||||
|
netscaler01 nsip=172.18.0.2 nitro_user=nsroot nitro_pass=nsroot
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- { include: testbed.yaml, state: present }
|
||||||
|
|
||||||
|
- { include: nitro.yaml, tags: ['nitro'] }
|
||||||
|
|
||||||
|
- { include: testbed.yaml, state: absent }
|
14
test/integration/roles/netscaler_cs_policy/tasks/nitro.yaml
Normal file
14
test/integration/roles/netscaler_cs_policy/tasks/nitro.yaml
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
- name: collect all nitro test cases
|
||||||
|
find:
|
||||||
|
paths: "{{ role_path }}/tests/nitro"
|
||||||
|
patterns: "{{ testcase }}.yaml"
|
||||||
|
register: test_cases
|
||||||
|
|
||||||
|
- name: set test_items
|
||||||
|
set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}"
|
||||||
|
|
||||||
|
- name: run test case
|
||||||
|
include: "{{ test_case_to_run }}"
|
||||||
|
with_items: "{{ test_items }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: test_case_to_run
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
- name: Setup cs action
|
||||||
|
delegate_to: localhost
|
||||||
|
|
||||||
|
netscaler_cs_action:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
state: "{{ state }}"
|
||||||
|
|
||||||
|
name: action-1
|
||||||
|
targetvserverexpr: '"mylb_" + HTTP.REQ.URL.SUFFIX'
|
|
@ -0,0 +1,85 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/update.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/update.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/update.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/update.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_domain/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
state: absent
|
||||||
|
policyname: somepolicy
|
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
policyname: somepolicy
|
||||||
|
domain: example.com
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Update cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
policyname: somepolicy
|
||||||
|
domain: example2.com
|
|
@ -0,0 +1,57 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_rule/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
state: absent
|
||||||
|
policyname: somepolicy_rule
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
policyname: somepolicy_rule
|
||||||
|
rule: CLIENT.IP.SRC.SUBNET(24).EQ(10.217.84.0)
|
||||||
|
action: action-1
|
|
@ -0,0 +1,57 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/setup.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: yes
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
||||||
|
|
||||||
|
- include: "{{ role_path }}/tests/nitro/policy_url/remove.yaml"
|
||||||
|
vars:
|
||||||
|
check_mode: no
|
||||||
|
|
||||||
|
- assert:
|
||||||
|
that: not result|changed
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
state: absent
|
||||||
|
policyname: somepolicy
|
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
- name: Setup cs policy
|
||||||
|
delegate_to: localhost
|
||||||
|
register: result
|
||||||
|
check_mode: "{{ check_mode }}"
|
||||||
|
netscaler_cs_policy:
|
||||||
|
nitro_user: "{{nitro_user}}"
|
||||||
|
nitro_pass: "{{nitro_pass}}"
|
||||||
|
nsip: "{{nsip}}"
|
||||||
|
|
||||||
|
policyname: somepolicy
|
||||||
|
url: /example.com/basket
|
324
test/units/modules/network/netscaler/test_netscaler_cs_policy.py
Normal file
324
test/units/modules/network/netscaler/test_netscaler_cs_policy.py
Normal file
|
@ -0,0 +1,324 @@
|
||||||
|
|
||||||
|
# Copyright (c) 2017 Citrix Systems
|
||||||
|
#
|
||||||
|
# This file is part of Ansible
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
from ansible.compat.tests.mock import patch, Mock, MagicMock, call
|
||||||
|
|
||||||
|
import sys
|
||||||
|
|
||||||
|
if sys.version_info[:2] != (2, 6):
|
||||||
|
import requests
|
||||||
|
|
||||||
|
|
||||||
|
from .netscaler_module import TestModule, nitro_base_patcher, set_module_args
|
||||||
|
|
||||||
|
|
||||||
|
class TestNetscalerCSPolicyModule(TestModule):
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def setUpClass(cls):
|
||||||
|
class MockException(Exception):
|
||||||
|
pass
|
||||||
|
cls.MockException = MockException
|
||||||
|
m = MagicMock()
|
||||||
|
nssrc_modules_mock = {
|
||||||
|
'nssrc.com.citrix.netscaler.nitro.resource.config.cs': m,
|
||||||
|
'nssrc.com.citrix.netscaler.nitro.resource.config.cs.cspolicy': m,
|
||||||
|
}
|
||||||
|
|
||||||
|
cls.nitro_specific_patcher = patch.dict(sys.modules, nssrc_modules_mock)
|
||||||
|
cls.nitro_base_patcher = nitro_base_patcher
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def tearDownClass(cls):
|
||||||
|
cls.nitro_base_patcher.stop()
|
||||||
|
cls.nitro_specific_patcher.stop()
|
||||||
|
|
||||||
|
def set_module_state(self, state):
|
||||||
|
set_module_args(dict(
|
||||||
|
nitro_user='user',
|
||||||
|
nitro_pass='pass',
|
||||||
|
nsip='1.1.1.1',
|
||||||
|
state=state,
|
||||||
|
))
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
self.nitro_base_patcher.start()
|
||||||
|
self.nitro_specific_patcher.start()
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
self.nitro_base_patcher.stop()
|
||||||
|
self.nitro_specific_patcher.stop()
|
||||||
|
|
||||||
|
def test_graceful_nitro_api_import_error(self):
|
||||||
|
# Stop nitro api patching to cause ImportError
|
||||||
|
self.set_module_state('present')
|
||||||
|
self.nitro_base_patcher.stop()
|
||||||
|
self.nitro_specific_patcher.stop()
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertEqual(result['msg'], 'Could not load nitro python sdk')
|
||||||
|
|
||||||
|
def test_graceful_nitro_error_on_login(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
class MockException(Exception):
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
self.errorcode = 0
|
||||||
|
self.message = ''
|
||||||
|
|
||||||
|
client_mock = Mock()
|
||||||
|
client_mock.login = Mock(side_effect=MockException)
|
||||||
|
m = Mock(return_value=client_mock)
|
||||||
|
with patch('ansible.modules.network.netscaler.netscaler_cs_policy.get_nitro_client', m):
|
||||||
|
with patch('ansible.modules.network.netscaler.netscaler_cs_policy.nitro_exception', MockException):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertTrue(result['msg'].startswith('nitro exception'), msg='nitro exception during login not handled properly')
|
||||||
|
|
||||||
|
def test_graceful_no_connection_error(self):
|
||||||
|
|
||||||
|
if sys.version_info[:2] == (2, 6):
|
||||||
|
self.skipTest('requests library not available under python2.6')
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
client_mock = Mock()
|
||||||
|
attrs = {'login.side_effect': requests.exceptions.ConnectionError}
|
||||||
|
client_mock.configure_mock(**attrs)
|
||||||
|
m = Mock(return_value=client_mock)
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
get_nitro_client=m,
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertTrue(result['msg'].startswith('Connection error'), msg='Connection error was not handled gracefully')
|
||||||
|
|
||||||
|
def test_graceful_login_error(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
if sys.version_info[:2] == (2, 6):
|
||||||
|
self.skipTest('requests library not available under python2.6')
|
||||||
|
|
||||||
|
class MockException(Exception):
|
||||||
|
pass
|
||||||
|
client_mock = Mock()
|
||||||
|
attrs = {'login.side_effect': requests.exceptions.SSLError}
|
||||||
|
client_mock.configure_mock(**attrs)
|
||||||
|
m = Mock(return_value=client_mock)
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
get_nitro_client=m,
|
||||||
|
nitro_exception=MockException,
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertTrue(result['msg'].startswith('SSL Error'), msg='SSL Error was not handled gracefully')
|
||||||
|
|
||||||
|
def test_create_non_existing_cs_policy(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
cs_policy_mock = MagicMock()
|
||||||
|
attrs = {
|
||||||
|
'diff_object.return_value': {},
|
||||||
|
}
|
||||||
|
cs_policy_mock.configure_mock(**attrs)
|
||||||
|
|
||||||
|
m = MagicMock(return_value=cs_policy_mock)
|
||||||
|
policy_exists_mock = Mock(side_effect=[False, True])
|
||||||
|
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
ConfigProxy=m,
|
||||||
|
policy_exists=policy_exists_mock,
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
cs_policy_mock.assert_has_calls([call.add()])
|
||||||
|
self.assertTrue(result['changed'], msg='Change not recorded')
|
||||||
|
|
||||||
|
def test_update_cs_policy_when_cs_policy_differs(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
cs_policy_mock = MagicMock()
|
||||||
|
attrs = {
|
||||||
|
'diff_object.return_value': {},
|
||||||
|
}
|
||||||
|
cs_policy_mock.configure_mock(**attrs)
|
||||||
|
|
||||||
|
m = MagicMock(return_value=cs_policy_mock)
|
||||||
|
policy_exists_mock = Mock(side_effect=[True, True])
|
||||||
|
policy_identical_mock = Mock(side_effect=[False, True])
|
||||||
|
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
ConfigProxy=m,
|
||||||
|
policy_exists=policy_exists_mock,
|
||||||
|
policy_identical=policy_identical_mock,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
cs_policy_mock.assert_has_calls([call.update()])
|
||||||
|
self.assertTrue(result['changed'], msg='Change not recorded')
|
||||||
|
|
||||||
|
def test_no_change_to_module_when_all_identical(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
cs_policy_mock = MagicMock()
|
||||||
|
attrs = {
|
||||||
|
'diff_object.return_value': {},
|
||||||
|
}
|
||||||
|
cs_policy_mock.configure_mock(**attrs)
|
||||||
|
|
||||||
|
m = MagicMock(return_value=cs_policy_mock)
|
||||||
|
policy_exists_mock = Mock(side_effect=[True, True])
|
||||||
|
policy_identical_mock = Mock(side_effect=[True, True])
|
||||||
|
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
ConfigProxy=m,
|
||||||
|
policy_exists=policy_exists_mock,
|
||||||
|
policy_identical=policy_identical_mock,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
self.assertFalse(result['changed'], msg='Erroneous changed status update')
|
||||||
|
|
||||||
|
def test_absent_operation(self):
|
||||||
|
self.set_module_state('absent')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
cs_policy_mock = MagicMock()
|
||||||
|
attrs = {
|
||||||
|
'diff_object.return_value': {},
|
||||||
|
}
|
||||||
|
cs_policy_mock.configure_mock(**attrs)
|
||||||
|
|
||||||
|
m = MagicMock(return_value=cs_policy_mock)
|
||||||
|
policy_exists_mock = Mock(side_effect=[True, False])
|
||||||
|
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
ConfigProxy=m,
|
||||||
|
policy_exists=policy_exists_mock,
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
cs_policy_mock.assert_has_calls([call.delete()])
|
||||||
|
self.assertTrue(result['changed'], msg='Changed status not set correctly')
|
||||||
|
|
||||||
|
def test_absent_operation_no_change(self):
|
||||||
|
self.set_module_state('absent')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
cs_policy_mock = MagicMock()
|
||||||
|
attrs = {
|
||||||
|
'diff_object.return_value': {},
|
||||||
|
}
|
||||||
|
cs_policy_mock.configure_mock(**attrs)
|
||||||
|
|
||||||
|
m = MagicMock(return_value=cs_policy_mock)
|
||||||
|
policy_exists_mock = Mock(side_effect=[False, False])
|
||||||
|
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
ConfigProxy=m,
|
||||||
|
policy_exists=policy_exists_mock,
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
cs_policy_mock.assert_not_called()
|
||||||
|
self.assertFalse(result['changed'], msg='Changed status not set correctly')
|
||||||
|
|
||||||
|
def test_graceful_nitro_exception_operation_present(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
class MockException(Exception):
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
self.errorcode = 0
|
||||||
|
self.message = ''
|
||||||
|
|
||||||
|
m = Mock(side_effect=MockException)
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
policy_exists=m,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
nitro_exception=MockException
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertTrue(
|
||||||
|
result['msg'].startswith('nitro exception'),
|
||||||
|
msg='Nitro exception not caught on operation present'
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_graceful_nitro_exception_operation_absent(self):
|
||||||
|
self.set_module_state('absent')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
class MockException(Exception):
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
self.errorcode = 0
|
||||||
|
self.message = ''
|
||||||
|
|
||||||
|
m = Mock(side_effect=MockException)
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
policy_exists=m,
|
||||||
|
nitro_exception=MockException,
|
||||||
|
ensure_feature_is_enabled=Mock(),
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.failed()
|
||||||
|
self.assertTrue(
|
||||||
|
result['msg'].startswith('nitro exception'),
|
||||||
|
msg='Nitro exception not caught on operation absent'
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_ensure_feature_is_enabled_called(self):
|
||||||
|
self.set_module_state('present')
|
||||||
|
from ansible.modules.network.netscaler import netscaler_cs_policy
|
||||||
|
|
||||||
|
client_mock = Mock()
|
||||||
|
ensure_feature_is_enabled_mock = Mock()
|
||||||
|
with patch.multiple(
|
||||||
|
'ansible.modules.network.netscaler.netscaler_cs_policy',
|
||||||
|
get_nitro_client=Mock(return_value=client_mock),
|
||||||
|
policy_exists=Mock(side_effect=[True, True]),
|
||||||
|
nitro_exception=self.MockException,
|
||||||
|
ensure_feature_is_enabled=ensure_feature_is_enabled_mock,
|
||||||
|
):
|
||||||
|
self.module = netscaler_cs_policy
|
||||||
|
result = self.exited()
|
||||||
|
ensure_feature_is_enabled_mock.assert_has_calls([call(client_mock, 'CS')])
|
Loading…
Add table
Add a link
Reference in a new issue