Skip to content

Commit

Permalink
Added fix for purpose field. Added description field in ansible.
Browse files Browse the repository at this point in the history 
Issue: #485
  • Loading branch information
@abhinavbansal29
abhinavbansal29 committed Oct 3, 2024
1 parent 854442f commit fb58b52
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 95 deletions.
7 changes: 7 additions & 0 deletions plugins/modules/ntnx_security_rules.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@
description: security_rule Name
required: false
type: str
description:
description: security_rule Description
required: false
type: str
security_rule_uuid:
description:
- security_rule UUID
Expand Down Expand Up @@ -881,6 +885,7 @@
- name: create app security rule
ntnx_security_rules:
name: test_app_rule
description: App Security Rule
allow_ipv6_traffic: true
policy_hitlog: true
app_rule:
Expand Down Expand Up @@ -986,6 +991,7 @@
type: dict
sample:
name: test_app_rule
description: App Security Rule
resources:
allow_ipv6_traffic: true
app_rule:
Expand Down Expand Up @@ -1184,6 +1190,7 @@ def get_module_spec():
)
module_args = dict(
name=dict(type="str"),
description=dict(type="str"),
security_rule_uuid=dict(type="str"),
allow_ipv6_traffic=dict(type="bool"),
policy_hitlog=dict(type="bool"),
Expand Down
182 changes: 87 additions & 95 deletions tests/integration/targets/ntnx_security_rules/tasks/app_rule.yml
View file
Original file line number Diff line number Diff line change
@@ -1,81 +1,74 @@
- name: create app security rule with inbound and outbound list
ntnx_security_rules:
name: test_app_rule
description: App Security Rule
app_rule:
target_group:
categories:
apptype: Apache_Spark
apptype_filter_by_category:
AppFamily:
- Backup
apptiers:
- "{{categories.apptiers[0]}}"
- "{{categories.apptiers[1]}}"
categories:
apptype: Apache_Spark
apptype_filter_by_category:
AppFamily:
- Backup
apptiers:
- "{{categories.apptiers[0]}}"
- "{{categories.apptiers[1]}}"

default_internal_policy: DENY_ALL
default_internal_policy: DENY_ALL

inbounds:
-
categories:
AppFamily:
- Databases
- DevOps
description: test description
protocol:
tcp:
- start_port: 22
end_port: 80
-
categories:
AppFamily:
- Databases
- DevOps
protocol:
icmp:
- code: 1
type: 1
-
categories:
AppFamily:
- Databases
- DevOps
protocol:
udp:
- start_port: 82
end_port: 8080
-
categories:
AppFamily:
- Databases
- DevOps
protocol:
service:
name: 6a44
-
ip_subnet:
prefix_length: 24
ip: 192.168.1.0
description: test description
-
address:
- categories:
AppFamily:
- Databases
- DevOps
description: test description
protocol:
tcp:
- start_port: 22
end_port: 80
- categories:
AppFamily:
- Databases
- DevOps
protocol:
icmp:
- code: 1
type: 1
- categories:
AppFamily:
- Databases
- DevOps
protocol:
udp:
- start_port: 82
end_port: 8080
- categories:
AppFamily:
- Databases
- DevOps
protocol:
service:
name: 6a44
- ip_subnet:
prefix_length: 24
ip: 192.168.1.0
description: test description
- address:
name: dest
outbounds:
-
categories:
AppFamily:
- Databases
- DevOps
protocol:
icmp:
- code: 1
type: 1
- categories:
AppFamily:
- Databases
- DevOps
protocol:
icmp:
- code: 1
type: 1
policy_mode: MONITOR
allow_ipv6_traffic: true
policy_hitlog: true
register: result
ignore_errors: true


- name: Creation Status
assert:
that:
Expand All @@ -84,28 +77,27 @@
- result.response.status.state == 'COMPLETE'
- result.response.status.name=="test_app_rule"
- result.response.status.resources.app_rule.target_group.filter.params.AppTier | length == 2
fail_msg: ' fail: unable to create app security rule with inbound and outbound list'
success_msg: 'pass: create app security rule with inbound and outbound list successfully'
- result.response.description=="App Security Rule"
fail_msg: " fail: unable to create app security rule with inbound and outbound list"
success_msg: "pass: create app security rule with inbound and outbound list successfully"

- name: update app security rule by adding to outbound list and remove tule from inbound list
ntnx_security_rules:
security_rule_uuid: '{{ result.response.metadata.uuid }}'
security_rule_uuid: "{{ result.response.metadata.uuid }}"
app_rule:
policy_mode: APPLY
inbounds:
-
rule_id: "{{result.response.spec.resources.app_rule.inbound_allow_list.0.rule_id}}"
- rule_id: "{{result.response.spec.resources.app_rule.inbound_allow_list.0.rule_id}}"
state: absent
outbounds:
-
protocol:
icmp:
- code: 1
type: 1
categories:
AppFamily:
- Databases
- DevOps
- protocol:
icmp:
- code: 1
type: 1
categories:
AppFamily:
- Databases
- DevOps
register: result
ignore_errors: true

Expand All @@ -117,13 +109,13 @@
- result.response.status.state == 'COMPLETE'
- result.response.spec.resources.app_rule.action == "APPLY"
- result.response.spec.resources.app_rule.outbound_allow_list.0.icmp_type_code_list is defined
fail_msg: ' fail: unable to update app security rule with outbound list '
success_msg: 'pass :update app security rule with outbound list successfully'
fail_msg: " fail: unable to update app security rule with outbound list "
success_msg: "pass :update app security rule with outbound list successfully"

- name: delete app security rule
ntnx_security_rules:
state: absent
security_rule_uuid: '{{ result.response.metadata.uuid }}'
security_rule_uuid: "{{ result.response.metadata.uuid }}"
register: result
ignore_errors: true

Expand All @@ -133,22 +125,22 @@
- result.response is defined
- result.failed == false
- result.response.status == 'SUCCEEDED'
fail_msg: ' fail: unable to delete app security rule '
success_msg: 'pass : delete app security rule successfully'
fail_msg: " fail: unable to delete app security rule "
success_msg: "pass : delete app security rule successfully"
- name: create app security rule with allow all inbound and outbound list
ntnx_security_rules:
name: test_app_rule
app_rule:
target_group:
categories:
apptype: Apache_Spark
apptype_filter_by_category:
AppFamily:
- Backup
apptiers:
- "{{categories.apptiers[0]}}"
- "{{categories.apptiers[1]}}"
default_internal_policy: DENY_ALL
categories:
apptype: Apache_Spark
apptype_filter_by_category:
AppFamily:
- Backup
apptiers:
- "{{categories.apptiers[0]}}"
- "{{categories.apptiers[1]}}"
default_internal_policy: DENY_ALL
allow_all_outbounds: true
allow_all_inbounds: true
policy_mode: MONITOR
Expand All @@ -166,12 +158,12 @@
- result.response.spec.name=="test_app_rule"
- result.response.status.resources.app_rule.target_group.filter.params.AppTier | length == 2

fail_msg: ' fail: unable to create app security rule with allow all inbound and outbound list'
success_msg: 'pass: create app security rule with allow all inbound and outbound list successfully'
fail_msg: " fail: unable to create app security rule with allow all inbound and outbound list"
success_msg: "pass: create app security rule with allow all inbound and outbound list successfully"
- name: delete app security rule
ntnx_security_rules:
state: absent
security_rule_uuid: '{{ result.response.metadata.uuid }}'
security_rule_uuid: "{{ result.response.metadata.uuid }}"
register: result
ignore_errors: true

Expand All @@ -181,5 +173,5 @@
- result.response is defined
- result.failed == false
- result.response.status == 'SUCCEEDED'
fail_msg: ' fail: unable to delete app security rule '
success_msg: 'pass : delete app security rule successfully'
fail_msg: " fail: unable to delete app security rule "
success_msg: "pass : delete app security rule successfully"

0 comments on commit fb58b52

Please sign in to comment.