Skip to content

Commit

Permalink
Fixes Resource module cisco.nxos.nxos_acls is not correctly convertin…
Browse files Browse the repository at this point in the history 
…g the ports under port_protocol range keys (#888)

* bugfix/acl port protocol lookup for range start and end

* Create bugfix_vrf_range_resolution.yml

Create Changelog Fragment

* chore: auto fixes from pre-commit.com hooks

* updates

* chore: auto fixes from pre-commit.com hooks

* add unit test case

* chore: auto fixes from pre-commit.com hooks

* update test

* allow non-numeric values to pass through as strings

* chore: auto fixes from pre-commit.com hooks

* allow non-numeric values to pass through as strings

* chore: auto fixes from pre-commit.com hooks

* fix test

* chore: auto fixes from pre-commit.com hooks

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Sagar Paul <[email protected]>
Co-authored-by: Ruchi Pakhle <[email protected]>
  • Loading branch information
@sean-m-sullivan @pre-commit-ci
@KB-perByte @Ruchip16
4 people authored Aug 28, 2024
1 parent 72225be commit abed08a
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 11 deletions.
3 changes: 3 additions & 0 deletions changelogs/fragments/bugfix_vrf_range_resolution.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
bugfixes:
- "acls - Fix lookup of range port conversion from int to string to allow strings (https://github.com/ansible-collections/cisco.nxos/pull/888)."
34 changes: 23 additions & 11 deletions plugins/module_utils/network/nxos/config/acls/acls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,17 +242,29 @@ def convert_values(self, want):
int(val)
]
else:
st = int(ace[x]["port_protocol"]["range"]["start"])
end = int(ace[x]["port_protocol"]["range"]["end"])

if st in port_protocol.keys():
ace[x]["port_protocol"]["range"]["start"] = (
port_protocol[st]
)
if end in port_protocol.keys():
ace[x]["port_protocol"]["range"]["end"] = (
port_protocol[end]
)
st = ace[x]["port_protocol"]["range"]["start"]
end = ace[x]["port_protocol"]["range"]["end"]

if st.isdigit():
if int(st) in port_protocol.keys():
ace[x]["port_protocol"]["range"]["start"] = (
port_protocol[int(st)]
)
else:
if st in port_protocol.keys():
ace[x]["port_protocol"]["range"]["start"] = (
port_protocol[st]
)
if end.isdigit():
if int(end) in port_protocol.keys():
ace[x]["port_protocol"]["range"]["end"] = (
port_protocol[int(end)]
)
else:
if end in port_protocol.keys():
ace[x]["port_protocol"]["range"]["end"] = (
port_protocol[end]
)
return want

def set_state(self, want, have):
Expand Down
39 changes: 39 additions & 0 deletions tests/unit/modules/network/nxos/test_nxos_acls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -990,3 +990,42 @@ def test_nxos_acls_ranges(self):
]
result = self.execute_module(changed=False)
self.assertEqual(result["gathered"], gathered)

def test_nxos_acls_protocol_conversion(self):
set_module_args(
dict(
config=[
dict(
afi="ipv4",
acls=[
dict(
name="SIPS_Automation_Test_ACL_Create",
aces=[
dict(
sequence=17,
grant="permit",
protocol="tcp",
source=dict(any=True),
destination=dict(
prefix="10.247.12.0/24",
port_protocol=dict(
range=dict(
start="ftp-data",
end=23,
),
),
),
),
],
),
],
),
],
state="merged",
),
)
commands = [
"ip access-list SIPS_Automation_Test_ACL_Create",
"17 permit tcp any 10.247.12.0/24 range ftp-data telnet",
]
self.execute_module(changed=True, commands=commands)

0 comments on commit abed08a

Please sign in to comment.