cisco_node_utils 1.2.0 → 1.3.0

data/tests/test_tacacs_server_host.rb

@@ -23,13 +23,27 @@ DEFAULT_TACACS_SERVER_HOST_ENCRYPTION_PASSWORD = ''
 
 # TestTacacsServerHost - Minitest for TacacsServerHost node utility
 class TestTacacsServerHost < CiscoTestCase
+  @skip_unless_supported = 'tacacs_server_host'
+
   def setup
     super
-    @host_name = 'testhost'
-    @default_show_command = 'show run all | inc "tacacs-server" | no-more'
+    if platform == :nexus
+      @host_name = 'testhost'
+      @default_show_command = 'show run all | inc "tacacs-server" | no-more'
+    else
+      @default_show_command = 'show running-config tacacs-server'
+      @host_name = '2.2.2.2'
+    end
     @default_output_pattern = /tacacs-server host\s(#{@host_name})(.*)/
   end
 
+  # Not for Nexus
+  def no_tacacsserver
+    # Turn the feature off for a clean test.
+    config('no aaa group server tacacs red',
+           'no aaa group server tacacs blue')
+  end
+
   def test_tacacsserverhost_collection_empty
     hosts = TacacsServerHost.hosts
     hosts.each_value(&:destroy)
@@ -40,12 +54,16 @@ class TestTacacsServerHost < CiscoTestCase
 
   def test_tacacsserverhost_collection
     hosts_hash = {}
-    hosts_hash['testhost1'] = 1138
-    hosts_hash['testhost2'] = DEFAULT_TACACS_SERVER_HOST_PORT
+    hosts_hash['4.4.4.4'] = 1138
+    hosts_hash['5.5.5.5'] = DEFAULT_TACACS_SERVER_HOST_PORT
 
     hosts_hash.each do |name, port|
-      host = TacacsServerHost.new(name)
-      host.port = port
+      if platform != :ios_xr
+        host = TacacsServerHost.new(name)
+        host.port = port
+      else
+        TacacsServerHost.new(name, true, port)
+      end
     end
 
     hosts = TacacsServerHost.hosts
@@ -71,7 +89,7 @@ class TestTacacsServerHost < CiscoTestCase
   end
 
   def test_tacacsserverhost_create_valid
-    host = TacacsServerHost.new('testhost')
+    host = TacacsServerHost.new(@host_name)
     assert_show_match(msg: 'Error: Tacacs Host not created')
     host.destroy
   end
@@ -113,21 +131,24 @@ class TestTacacsServerHost < CiscoTestCase
     host_name = 'testhost.example.com'
     host_ip = '192.168.1.1'
 
-    config("tacacs-server host #{host_name}", "tacacs-server host #{host_ip}")
+    config("tacacs-server host #{host_name}") unless platform == :ios_xr
+    config("tacacs-server host #{host_ip}")
 
     line_name = assert_show_match(
       pattern: /tacacs-server host\s(testhost\.example\.com)(.*)/,
-      msg:     'Error: Tacacs Host not found')
+      msg:     'Error: Tacacs Host not found') unless platform == :ios_xr
     line_ip = assert_show_match(
       pattern: /tacacs-server host\s(192\.168\.1\.1)(.*)/,
       msg:     'Error: Tacacs Host not found')
     hosts = TacacsServerHost.hosts
 
-    assert_equal(host_name, line_name.captures[0],
-                 "Error: #{host_name} name mismatch")
-    refute_nil(hosts[host_name], "Error: #{host_name} not retrieved.")
-    assert_equal(host_name, hosts[host_name].name,
-                 "Error: #{host_name} name get value mismatch")
+    unless platform == :ios_xr
+      assert_equal(host_name, line_name.captures[0],
+                   "Error: #{host_name} name mismatch")
+      refute_nil(hosts[host_name], "Error: #{host_name} not retrieved.")
+      assert_equal(host_name, hosts[host_name].name,
+                   "Error: #{host_name} name get value mismatch")
+    end
 
     assert_equal(host_ip, line_ip.captures[0],
                  "Error: #{host_ip} name mismatch")
@@ -145,16 +166,19 @@ class TestTacacsServerHost < CiscoTestCase
     port = DEFAULT_TACACS_SERVER_HOST_PORT
     assert_equal(port, host.port, 'Error: Tacacs Host port incorrect')
 
-    # when configured
-    port = 1138
-    config("tacacs-server host #{@host_name} port #{port}")
-    assert_equal(port, host.port, 'Error: Tacacs Host port incorrect')
+    # IOS XR support the same host using different ports
+    unless platform == :ios_xr
+      # when configured
+      port = 1138
+      host.port = port
+      assert_equal(port, host.port, 'Error: Tacacs Host port incorrect')
+    end
 
     host.destroy
   end
 
   def test_tacacsserverhost_get_default_port
-    host = TacacsServerHost.new('testhost')
+    host = TacacsServerHost.new(@host_name)
 
     port = DEFAULT_TACACS_SERVER_HOST_PORT
     assert_equal(port, TacacsServerHost.default_port,
@@ -163,6 +187,8 @@ class TestTacacsServerHost < CiscoTestCase
   end
 
   def test_tacacsserverhost_set_port
+    return if platform == :ios_xr
+
     host = TacacsServerHost.new(@host_name)
 
     port = 1138
@@ -189,14 +215,14 @@ class TestTacacsServerHost < CiscoTestCase
 
     # when configured
     timeout = 30
-    config("tacacs-server host #{@host_name} timeout #{timeout}")
+    host.timeout = timeout
     assert_equal(timeout, host.timeout, 'Error: Tacacs Host timeout incorrect')
 
     host.destroy
   end
 
   def test_tacacsserverhost_get_default_timeout
-    host = TacacsServerHost.new('testhost')
+    host = TacacsServerHost.new(@host_name)
 
     timeout = DEFAULT_TACACS_SERVER_HOST_TIMEOUT
     assert_equal(timeout, TacacsServerHost.default_timeout,
@@ -210,10 +236,14 @@ class TestTacacsServerHost < CiscoTestCase
     timeout = 30
     host.timeout = timeout
     line = assert_show_match(msg: 'Error: Tacacs Host not found')
-    assert_match(/timeout\s(\d*)/, line.captures[1])
-    md = /timeout\s(\d*)/.match(line.captures[1])
-    assert_equal(timeout, md.captures[0].to_i,
-                 'Error: Tacacs Host timeout mismatch')
+
+    if platform != :ios_xr
+      assert_match(/timeout\s(\d*)/, line.captures[1])
+      md = /timeout\s(\d*)/.match(line.captures[1])
+      assert_equal(timeout, md.captures[0].to_i,
+                   'Error: Tacacs Host timeout mismatch')
+    end
+
     assert_equal(timeout, host.timeout, 'Error: Tacacs Host timeout incorrect')
 
     host.destroy
@@ -243,14 +273,14 @@ class TestTacacsServerHost < CiscoTestCase
     # when configured
     enctype = TACACS_SERVER_ENC_NONE
     sh_run_enctype = TACACS_SERVER_ENC_CISCO_TYPE_7
-    config("tacacs-server host #{@host_name} key #{enctype} TEST")
+    host.encryption_key_set(enctype, 'TEST')
     assert_equal(sh_run_enctype, host.encryption_type,
                  'Error: Tacacs Host encryption type incorrect')
     host.destroy
   end
 
   def test_tacacsserverhost_get_default_encryption_type
-    host = TacacsServerHost.new('testhost')
+    host = TacacsServerHost.new(@host_name)
 
     assert_equal(TACACS_SERVER_ENC_NONE,
                  TacacsServerHost.default_encryption_type,
@@ -269,14 +299,21 @@ class TestTacacsServerHost < CiscoTestCase
     # when configured
     pass = 'TEST'
     sh_run_pass = 'WAWY'
-    config("tacacs-server host #{@host_name} key 0 #{pass}")
-    assert_equal(sh_run_pass, host.encryption_password,
-                 'Error: Tacacs Host encryption password incorrect')
+    host.encryption_key_set(0, pass)
+
+    if platform != :ios_xr
+      assert_equal(sh_run_pass, host.encryption_password,
+                   'Error: Tacacs Host encryption password incorrect')
+    else
+      # Only do not-nil checking for IOS XR
+      assert(!host.encryption_password.nil?)
+    end
+
     host.destroy
   end
 
   def test_tacacsserverhost_get_default_encryption_password
-    host = TacacsServerHost.new('testhost')
+    host = TacacsServerHost.new(@host_name)
 
     assert_equal('', TacacsServerHost.default_encryption_password,
                  'Error: Tacacs Host default encryption password incorrect')
@@ -293,18 +330,24 @@ class TestTacacsServerHost < CiscoTestCase
     host.encryption_key_set(enctype, pass)
 
     line = assert_show_match(msg: 'Error: Tacacs Host not found')
-    assert_match(/key\s(\d*)\s(\S*)/, line.captures[1])
-    md = /key\s(\d*)\s(\S*)/.match(line.captures[1])
-    assert_equal(sh_run_enctype, md.captures[0].to_i,
-                 'Error: Tacacs Host encryption type mismatch')
-    assert_equal(sh_run_enctype, host.encryption_type,
-                 'Error: Tacacs Host encryption type incorrect')
-    # remove quotes surrounding the encrypted password
-    pass_no_quotes = md.captures[1].gsub(/(?:^\")|(?:\"$)/, '')
-    assert_equal(sh_run_pass, pass_no_quotes,
-                 'Error: Tacacs Host encryption password mismatch')
-    assert_equal(sh_run_pass, host.encryption_password,
-                 'Error: Tacacs Host encryption password incorrect')
+
+    if platform != :ios_xr
+      assert_match(/key\s(\d*)\s(\S*)/, line.captures[1])
+      md = /key\s(\d*)\s(\S*)/.match(line.captures[1])
+      assert_equal(sh_run_enctype, md.captures[0].to_i,
+                   'Error: Tacacs Host encryption type mismatch')
+      assert_equal(sh_run_enctype, host.encryption_type,
+                   'Error: Tacacs Host encryption type incorrect')
+      # remove quotes surrounding the encrypted password
+      pass_no_quotes = md.captures[1].gsub(/(?:^\")|(?:\"$)/, '')
+      assert_equal(sh_run_pass, pass_no_quotes,
+                   'Error: Tacacs Host encryption password mismatch')
+      assert_equal(sh_run_pass, host.encryption_password,
+                   'Error: Tacacs Host encryption password incorrect')
+    else
+      # Only do not-nil checking for IOS XR
+      assert(!host.encryption_password.nil?)
+    end
 
     host.destroy
   end
@@ -335,4 +378,53 @@ class TestTacacsServerHost < CiscoTestCase
                  'Error: Tacacs Host encryption password incorrect')
     host.destroy
   end
+
+  def setup_duplicates
+    return if platform != :ios_xr
+    config('tacacs-server host 8.8.8.8 port 11',
+           'tacacs-server host 8.8.8.8 port 22',
+           'tacacs-server host 8.8.8.8 port 33')
+  end
+
+  def no_duplicates
+    return if platform != :ios_xr
+    config('no tacacs-server host 8.8.8.8 port 11',
+           'no tacacs-server host 8.8.8.8 port 22',
+           'no tacacs-server host 8.8.8.8 port 33')
+  end
+
+  def test_create_destroy_single_with_duplicates
+    return if platform != :ios_xr
+    setup_duplicates
+
+    id = '8.8.8.8'
+
+    server = Cisco::TacacsServerHost.new(id, true, 55)
+
+    assert_includes(Cisco::TacacsServerHost.hosts, id)
+    assert_equal(server, Cisco::TacacsServerHost.hosts[id])
+
+    assert_equal(55, Cisco::TacacsServerHost.hosts[id].port)
+
+    if platform != :ios_xr
+      server.port = 66
+      assert_equal(66, Cisco::TacacsServerHost.hosts[id].port)
+
+      server.encryption_key_set(nil, nil)
+      assert_equal(nil,
+                   Cisco::TacacsServerHost.hosts[id].encryption_password)
+
+      server.encryption_key_set('44444444', nil)
+      assert_equal('44444444',
+                   Cisco::TacacsServerHost.hosts[id].encryption_password)
+    end
+
+    server.timeout = 33
+    assert_equal(33, Cisco::TacacsServerHost.hosts[id].timeout)
+
+    server.destroy
+    refute_includes(Cisco::TacacsServerHost.hosts, id)
+
+    no_duplicates
+  end
 end

data/tests/test_vdc.rb

@@ -23,11 +23,10 @@ class TestVdc < CiscoTestCase
   #  a) VDC support is limited to a narrow list of platforms.
   #  b) License restrictions may limit platforms to a single vdc
   #  c) Linecard restrictions may limit some tests to specific linecards
+  @skip_unless_supported = 'vdc'
 
   def setup
     super
-    # Check for supported platform
-    skip('Platform does not support VDCs') unless Vdc.vdc_support
   end
 
   def test_all_vdcs
@@ -45,21 +44,8 @@ class TestVdc < CiscoTestCase
     end
   end
 
-  def compatible_interface?
-    # MT-full tests require a specific linecard; either because they need a
-    # compatible interface or simply to enable the features. Either way
-    # we will provide an appropriate interface name if the linecard is present.
-    # Example 'show mod' output to match against:
-    #   '9  12  10/40 Gbps Ethernet Module  N7K-F312FQ-25 ok'
-    sh_mod = @device.cmd("sh mod | i '^[0-9]+.*N7K-F3'")[/^(\d+)\s.*N7K-F3/]
-    slot = sh_mod.nil? ? nil : Regexp.last_match[1]
-    skip('Unable to find compatible interface in chassis') if slot.nil?
-
-    "ethernet#{slot}/1"
-  end
-
   def test_limit_resource_module_type
-    compatible_interface?
+    mt_full_interface?
     v = Vdc.new('default')
     # Set limit-resource module-type to default (this is variable for each
     # device, so the default is for this device only)

data/tests/test_vlan.rb

@@ -20,6 +20,8 @@ include Cisco
 
 # TestVlan - Minitest for Vlan node utility
 class TestVlan < CiscoTestCase
+  @skip_unless_supported = 'vlan'
+
   @@cleaned = false # rubocop:disable Style/ClassVars
   def cleanup
     Vlan.vlans.each do |vlan, obj|
@@ -29,6 +31,7 @@ class TestVlan < CiscoTestCase
       obj.destroy
     end
     interface_ethernet_default(interfaces[0])
+    config_no_warn('no feature vtp')
   end
 
   def setup
@@ -51,23 +54,23 @@ class TestVlan < CiscoTestCase
     flunk(e.message)
   end
 
-  def test_vlan_collection_not_empty
+  def test_collection_not_empty
     vlans = Vlan.vlans
     assert_equal(false, vlans.empty?, 'VLAN collection is empty')
     assert(vlans.key?('1'), 'VLAN 1 does not exist')
   end
 
-  def test_vlan_create_invalid
+  def test_create_invalid
     e = assert_raises(CliError) { Vlan.new(5000) }
     assert_match(/Invalid value.range/, e.message)
   end
 
-  def test_vlan_create_invalid_non_numeric_vlan
+  def test_create_invalid_non_numeric_vlan
     e = assert_raises(ArgumentError) { Vlan.new('fred') }
     assert_match(/Invalid value.non-numeric/, e.message)
   end
 
-  def test_vlan_create_and_destroy
+  def test_create_and_destroy
     v = Vlan.new(1000)
     vlans = Vlan.vlans
     assert(vlans.key?('1000'), 'Error: failed to create vlan 1000')
@@ -77,7 +80,7 @@ class TestVlan < CiscoTestCase
     refute(vlans.key?('1000'), 'Error: failed to destroy vlan 1000')
   end
 
-  def test_vlan_name_default_1000
+  def test_name_default_1000
     v = Vlan.new(1000)
     assert_equal(v.default_vlan_name, v.vlan_name,
                  'Error: Vlan name not initialized to default')
@@ -92,7 +95,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_default_40
+  def test_name_default_40
     v = Vlan.new(40)
     assert_equal(v.default_vlan_name, v.vlan_name,
                  'Error: Vlan name not initialized to default')
@@ -107,7 +110,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_nil
+  def test_name_nil
     v = Vlan.new(1000)
     assert_raises(TypeError) do
       v.vlan_name = nil
@@ -115,7 +118,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_invalid
+  def test_name_invalid
     v = Vlan.new(1000)
     assert_raises(TypeError) do
       v.vlan_name = Cisco::Node.instance
@@ -123,14 +126,14 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_zero_length
+  def test_name_zero_length
     v = Vlan.new(1000)
     v.vlan_name = ''
     assert('', v.vlan_name)
     v.destroy
   end
 
-  def test_vlan_name_length_valid
+  def test_name_length_valid
     v = Vlan.new(1000)
     alphabet = 'abcdefghijklmnopqrstuvwxyz0123456789'
     name = ''
@@ -146,7 +149,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_too_long
+  def test_name_too_long
     v = Vlan.new(1000)
     name = 'a' * VLAN_NAME_SIZE
     assert_raises(RuntimeError, 'vlan misconfig did not raise RuntimeError') do
@@ -157,7 +160,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_name_duplicate
+  def test_name_duplicate
     # Testbed cleanup
     v = Vlan.new(1000)
     v.destroy
@@ -174,15 +177,15 @@ class TestVlan < CiscoTestCase
     v2.destroy
   end
 
-  def test_vlan_state_invalid
+  def test_state_invalid
     v = Vlan.new(1000)
-    assert_raises(RuntimeError) do
+    assert_raises(CliError) do
       v.state = 'unknown'
     end
     v.destroy
   end
 
-  def test_vlan_state_valid
+  def test_state_valid
     states = %w(unknown active suspend)
     v = Vlan.new(1000)
     states.each do |start|
@@ -197,7 +200,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_shutdown_extended
+  def test_shutdown_extended
     v = Vlan.new(2000)
     assert_raises(RuntimeError, 'vlan misconfig did not raise RuntimeError') do
       v.shutdown = 'shutdown'
@@ -205,7 +208,7 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_shutdown_valid
+  def test_shutdown_valid
     shutdown_states = [true, false]
     v = Vlan.new(1000)
     shutdown_states.each do |start|
@@ -219,63 +222,75 @@ class TestVlan < CiscoTestCase
     v.destroy
   end
 
-  def test_vlan_add_remove_interface_valid
-    v = Vlan.new(1000)
-    interfaces = Interface.interfaces
-    interfaces_added_to_vlan = []
-    count = 3
-    interfaces.each do |name, interface|
-      next unless interface.name.match(%r{ethernet[0-9/]+$}) && count > 0
-      interface_ethernet_default(%r{net(\d+/\d+)}.match(name)[1])
-      interfaces_added_to_vlan << name
-      interface.switchport_mode = :access
-      v.add_interface(interface)
-      count -= 1
-    end
-    assert_equal(0, count)
+  def test_add_remove_interface
+    vlan_id = 1000
+    v = Vlan.new(vlan_id)
 
-    interfaces = v.interfaces
-    interfaces.each do |name, interface|
-      assert_includes(interfaces_added_to_vlan, name)
-      assert_equal(v.vlan_id, interface.access_vlan, 'Interface.access_vlan')
-      v.remove_interface(interface)
+    # Remove vlan_id from all interfaces currently using it
+    v.interfaces.each do |_name, i|
+      v.remove_interface(i)
     end
-
-    interfaces = v.interfaces
-    assert(interfaces.empty?)
+    assert_empty(v.interfaces, "access vlan #{vlan_id} should not be "\
+                               'present on any interfaces')
+
+    # Add test vlan to 3 ethernet interfaces
+    vlan_intf_max = 3
+    vlan_intf_list = []
+    Interface.interfaces.each do |name, i|
+      next unless i.name[/ethernet/]
+      interface_ethernet_default(name)
+      i.switchport_mode = :access
+      assert_equal(i.default_access_vlan, i.access_vlan,
+                   "access vlan is not default on #{name}")
+
+      v.add_interface(i)
+      assert_equal(vlan_id, i.access_vlan,
+                   "access vlan #{vlan_id} not present on #{name}")
+      vlan_intf_list << name
+      break if vlan_intf_list.count == vlan_intf_max
+    end
+    count = v.interfaces.count
+    assert_equal(vlan_intf_max, count,
+                 "vlan #{vlan_id} found on #{count} interfaces, "\
+                 "expected #{vlan_intf_max} total")
+
+    # Remove test vlan from interfaces
+    vlan_intf_list.each do |name|
+      i = Interface.new(name)
+      v.remove_interface(i)
+      assert_equal(i.default_access_vlan, i.access_vlan,
+                   "access vlan #{vlan_id} should not be present on #{name}")
+    end
+    assert_empty(v.interfaces, "access vlan #{vlan_id} should not be "\
+                               'present on any interfaces')
     v.destroy
   end
 
-  def test_vlan_add_interface_invalid
+  def test_add_interface_invalid
     v = Vlan.new(1000)
     interface = Interface.new(interfaces[0])
-    begin
-      interface.switchport_mode = :disabled
-      assert_raises(RuntimeError) { v.add_interface(interface) }
-      v.destroy
-    end
+    interface.switchport_mode = :disabled
+    assert_raises(CliError) { v.add_interface(interface) }
+    v.destroy
   rescue RuntimeError => e
     linecard_cfg_change_not_allowed?(e)
   end
 
-  def test_vlan_remove_interface_invalid
+  def test_remove_interface_invalid
     v = Vlan.new(1000)
     interface = Interface.new(interfaces[0])
     interface.switchport_mode = :access
     v.add_interface(interface)
-    begin
-      interface.switchport_mode = :disabled
-      assert_raises(RuntimeError) { v.remove_interface(interface) }
-      v.destroy
-    end
+    interface.switchport_mode = :disabled
+    assert_raises(CliError) { v.remove_interface(interface) }
+
+    v.destroy
   rescue RuntimeError => e
     linecard_cfg_change_not_allowed?(e)
   end
 
-  def test_vlan_mapped_vnis
+  def test_mapped_vnis
     # Map
-    skip('Feature vn-segment-vlan-based is not supported on this platform.') if
-      node.product_id =~ /N3K-C3048/
     v1 = Vlan.new(100)
     vni1 = 10_000
     v1.mapped_vni = vni1
@@ -299,5 +314,42 @@ class TestVlan < CiscoTestCase
 
     v3.mapped_vni = v3.default_mapped_vni
     assert_equal(v3.default_mapped_vni, v3.mapped_vni)
+  rescue RuntimeError => e
+    hardware_supports_feature?(e.message)
+  end
+
+  def test_another_vlan_as_fabric_control
+    if validate_property_excluded?('vlan', 'fabric_control')
+      assert_raises(Cisco::UnsupportedError) do
+        Vlan.new('100').fabric_control = true
+      end
+      return
+    end
+
+    vlan = Vlan.new('100')
+    assert_equal(vlan.default_fabric_control, vlan.fabric_control,
+                 'Error: Vlan fabric-control is not matching')
+    vlan.fabric_control = true
+    assert(vlan.fabric_control)
+    another_vlan = Vlan.new(101)
+
+    assert_raises(RuntimeError,
+                  'VLAN misconfig did not raise CliError') do
+      another_vlan.fabric_control = true
+    end
+    vlan.destroy
+    another_vlan.destroy
+  end
+
+  def test_mode_with_pvlan
+    v = Vlan.new(1000)
+    if validate_property_excluded?('vlan', 'private_vlan_type') ||
+       validate_property_excluded?('vlan', 'mode')
+      features = 'private_vlan_type and/or vlan mode'
+      skip("Skip test: Features #{features} are not supported on this device")
+    end
+    result = 'CE'
+    v.private_vlan_type = 'primary'
+    assert_equal(result, v.mode)
   end
 end