From 76b47676f9727f9957be1818e4d4a8f24200d789 Mon Sep 17 00:00:00 2001 From: Pujol Date: Wed, 17 Jun 2026 19:54:18 +0200 Subject: [PATCH 1/4] test: add testdata fixtures for all resource types Add txtar-format test fixtures for all supported resource types. Signed-off-by: Pujol --- test/e2e/testdata/cisco-nxos-gnmi/acl.txt | 79 ++++++ test/e2e/testdata/cisco-nxos-gnmi/banner.txt | 41 ++++ .../testdata/cisco-nxos-gnmi/bgp_bgppeer.txt | 226 ++++++++++++++++++ .../testdata/cisco-nxos-gnmi/dhcprelay.txt | 178 ++++++++++++++ test/e2e/testdata/cisco-nxos-gnmi/dns.txt | 63 +++++ .../testdata/cisco-nxos-gnmi/evpninstance.txt | 64 +++++ test/e2e/testdata/cisco-nxos-gnmi/isis.txt | 158 ++++++++++++ test/e2e/testdata/cisco-nxos-gnmi/lldp.txt | 58 +++++ .../cisco-nxos-gnmi/managementaccess.txt | 75 ++++++ test/e2e/testdata/cisco-nxos-gnmi/ntp.txt | 62 +++++ test/e2e/testdata/cisco-nxos-gnmi/nve.txt | 144 +++++++++++ test/e2e/testdata/cisco-nxos-gnmi/ospf.txt | 159 ++++++++++++ test/e2e/testdata/cisco-nxos-gnmi/pim.txt | 142 +++++++++++ .../testdata/cisco-nxos-gnmi/routedvlan.txt | 136 +++++++++++ .../routingpolicy_prefixset.txt | 154 ++++++++++++ test/e2e/testdata/cisco-nxos-gnmi/snmp.txt | 76 ++++++ .../testdata/cisco-nxos-gnmi/subinterface.txt | 142 +++++++++++ test/e2e/testdata/cisco-nxos-gnmi/syslog.txt | 76 ++++++ .../testdata/cisco-nxos-gnmi/vpcdomain.txt | 191 +++++++++++++++ test/e2e/testdata/cisco-nxos-gnmi/vrf.txt | 129 ++++++++++ test/e2e/testdata/openconfig/interface.txt | 61 +++++ 21 files changed, 2414 insertions(+) create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/acl.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/banner.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/bgp_bgppeer.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/dhcprelay.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/dns.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/evpninstance.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/isis.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/lldp.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/managementaccess.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/ntp.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/nve.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/ospf.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/pim.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/routedvlan.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/routingpolicy_prefixset.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/snmp.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/subinterface.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/syslog.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/vpcdomain.txt create mode 100644 test/e2e/testdata/cisco-nxos-gnmi/vrf.txt create mode 100644 test/e2e/testdata/openconfig/interface.txt diff --git a/test/e2e/testdata/cisco-nxos-gnmi/acl.txt b/test/e2e/testdata/cisco-nxos-gnmi/acl.txt new file mode 100644 index 00000000..95e5a884 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/acl.txt @@ -0,0 +1,79 @@ +# NX-OS Access Control List Integration Test +# +# Tests ACL configuration with permit/deny entries. + + + +-- accesscontrollist/test-acl -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: AccessControlList +metadata: + name: test-acl + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: BLOCK-EXTERNAL + entries: + - sequence: 10 + action: Permit + protocol: IP + sourceAddress: 10.0.0.0/8 + destinationAddress: 0.0.0.0/0 + description: "Allow internal" + - sequence: 20 + action: Deny + protocol: IP + sourceAddress: 0.0.0.0/0 + destinationAddress: 0.0.0.0/0 + description: "Deny all" + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- state/expect -- +{ + "System": { + "acl-items": { + "ipv4-items": { + "name-items": { + "ACL-list": [ + { + "name": "BLOCK-EXTERNAL", + "seq-items": { + "ACE-list": [ + { + "action": "deny", + "dstPrefix": "0.0.0.0", + "protocol": 0, + "seqNum": 20, + "srcPrefix": "0.0.0.0" + }, + { + "action": "permit", + "dstPrefix": "0.0.0.0", + "protocol": 0, + "seqNum": 10, + "srcPrefix": "10.0.0.0", + "srcPrefixLength": 8 + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/banner.txt b/test/e2e/testdata/cisco-nxos-gnmi/banner.txt new file mode 100644 index 00000000..239703a5 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/banner.txt @@ -0,0 +1,41 @@ +# NX-OS Banner Integration Test + + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- banner/prelogin -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Banner +metadata: + name: prelogin + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + type: PreLogin + message: + inline: "Authorized users only. All activity is monitored." + +-- state/expect -- +{ + "System": { + "userext-items": { + "preloginbanner-items": { + "delimiter": "^", + "message": "Authorized users only. All activity is monitored." + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/bgp_bgppeer.txt b/test/e2e/testdata/cisco-nxos-gnmi/bgp_bgppeer.txt new file mode 100644 index 00000000..990761e8 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/bgp_bgppeer.txt @@ -0,0 +1,226 @@ +# NX-OS BGP and BGPPeer Integration Test +# +# Resource dependency chain: +# loopback-vtep -> Loopback interface (spec.name: lo0) for BGP router-id/update-source +# evpn-settings -> BGPConfig (NX-OS provider config) for advertise-pip +# evpn-bgp -> BGP instance with L2VPN EVPN, references BGPConfig +# spine1 -> BGPPeer referencing BGP instance and loopback for localAddress + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/loopback-vtep -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: loopback-vtep + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: lo0 + adminState: Up + type: Loopback + ipv4: + addresses: + - 10.0.0.1/32 + +-- bgpconfig/evpn-settings -- +apiVersion: nx.cisco.networking.metal.ironcore.dev/v1alpha1 +kind: BGPConfig +metadata: + name: evpn-settings + namespace: default +spec: + addressFamilies: + l2vpnEvpn: + advertisePIP: true + +-- bgp/evpn-bgp -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: BGP +metadata: + name: evpn-bgp + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + asNumber: 65000 + routerId: "10.0.0.1" + providerConfigRef: + apiVersion: nx.cisco.networking.metal.ironcore.dev/v1alpha1 + kind: BGPConfig + name: evpn-settings + addressFamilies: + l2vpnEvpn: + enabled: true + routeTargetPolicy: + retainAll: true + +-- bgppeer/spine1 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: BGPPeer +metadata: + name: spine1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + bgpRef: + name: evpn-bgp + address: "10.0.0.2" + asNumber: 65000 + description: "EVPN peering with spine1" + localAddress: + interfaceRef: + name: loopback-vtep + addressFamilies: + l2vpnEvpn: + enabled: true + sendCommunity: Both + routeReflectorClient: true + +-- state/expect -- +{ + "System": { + "bgp-items": { + "inst-items": { + "adminSt": "enabled", + "asn": "65000", + "dom-items": { + "Dom-list": [ + { + "name": "default", + "rtrId": "10.0.0.1", + "rtrIdAuto": "disabled", + "af-items": { + "DomAf-list": [ + { + "advPip": "enabled", + "exportGwIp": "disabled", + "maxExtEcmp": 1, + "maxExtIntEcmp": 1, + "retainRttAll": "enabled", + "type": "l2vpn-evpn" + } + ] + }, + "peer-items": { + "Peer-list": [ + { + "addr": "10.0.0.2", + "adminSt": "enabled", + "asn": "65000", + "asnType": "none", + "name": "EVPN peering with spine1", + "srcIf": "lo0", + "af-items": { + "PeerAf-list": [ + { + "ctrl": "rr-client", + "sendComExt": "enabled", + "sendComStd": "enabled", + "type": "l2vpn-evpn" + } + ] + } + } + ] + }, + "peercont-items": { + "PeerCont-list": [ + { + "name": "__operator-managed--default__" + } + ] + } + } + ] + } + } + }, + "fm-items": { + "bgp-items": { + "adminSt": "enabled" + }, + "evpn-items": { + "adminSt": "enabled" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "ctrl": "port-unreachable,redirect", + "id": "lo0" + } + ] + } + } + ] + } + } + }, + "intf-items": { + "lb-items": { + "LbRtdIf-list": [ + { + "adminSt": "up", + "id": "lo0", + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + } + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "addr-items": { + "Addr-list": [ + { + "addr": "10.0.0.1/32", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + }, + "id": "lo0" + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/dhcprelay.txt b/test/e2e/testdata/cisco-nxos-gnmi/dhcprelay.txt new file mode 100644 index 00000000..232f4586 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/dhcprelay.txt @@ -0,0 +1,178 @@ +# NX-OS DHCP Relay Integration Test +# +# Resource dependency chain: +# vlan100 -> VLAN (id: 100, name: DHCP-VLAN) +# svi100 -> RoutedVLAN Interface referencing vlan100 (spec.name: Vlan100) +# relay-config -> DHCPRelay with server and interface reference + + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- vlan/vlan100 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: VLAN +metadata: + name: vlan100 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + id: 100 + name: DHCP-VLAN + +-- interface/svi100 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: svi100 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: Vlan100 + adminState: Up + type: RoutedVLAN + vlanRef: + name: vlan100 + ipv4: + addresses: + - 192.168.100.1/24 + +-- dhcprelay/relay-config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: DHCPRelay +metadata: + name: relay-config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + servers: + - "10.0.0.10" + interfaceRefs: + - name: svi100 + +-- state/expect -- +{ + "System": { + "bd-items": { + "bd-items": { + "BD-list": [ + { + "BdState": "active", + "adminSt": "active", + "fabEncap": "vlan-100", + "name": "DHCP-VLAN" + } + ] + } + }, + "dhcp-items": { + "inst-items": { + "relayif-items": { + "RelayIf-list": [ + { + "addr-items": { + "RelayAddr-list": [ + { + "address": "10.0.0.10", + "vrf": "!unspecified" + } + ] + }, + "id": "vlan100" + } + ] + } + } + }, + "fm-items": { + "dhcp-items": { + "adminSt": "enabled" + }, + "ifvlan-items": { + "adminSt": "enabled" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "if-items": { + "If-list": [ + { + "ctrl": "port-unreachable", + "id": "vlan100" + } + ] + }, + "name": "default" + } + ] + } + } + }, + "intf-items": { + "svi-items": { + "If-list": [ + { + "adminSt": "up", + "descr": "", + "id": "vlan100", + "medium": "bcast", + "mtu": 1500, + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + }, + "vlanId": 100 + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "if-items": { + "If-list": [ + { + "addr-items": { + "Addr-list": [ + { + "addr": "192.168.100.1/24", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + }, + "id": "vlan100" + } + ] + }, + "name": "default" + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/dns.txt b/test/e2e/testdata/cisco-nxos-gnmi/dns.txt new file mode 100644 index 00000000..68c640c3 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/dns.txt @@ -0,0 +1,63 @@ +# NX-OS DNS Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- dns/config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: DNS +metadata: + name: config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + domain: example.com + servers: + - address: 10.10.10.10 + vrfName: management + +-- state/expect -- +{ + "System": { + "dns-items": { + "adminSt": "enabled", + "prof-items": { + "Prof-list": [ + { + "name": "default", + "dom-items": { + "name": "example.com" + }, + "vrf-items": { + "Vrf-list": [ + { + "name": "management", + "prov-items": { + "Provider-list": [ + { + "addr": "10.10.10.10" + } + ] + } + } + ] + } + } + ] + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/evpninstance.txt b/test/e2e/testdata/cisco-nxos-gnmi/evpninstance.txt new file mode 100644 index 00000000..c54ba30f --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/evpninstance.txt @@ -0,0 +1,64 @@ +# NX-OS EVPNInstance Integration Test +# +# Tests EVPN Instance (L3VNI) for IP-VRF in VXLAN fabric. +# Using Routed type which doesn't require a VLAN dependency. + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- evpninstance/l3vni -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: EVPNInstance +metadata: + name: l3vni + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + vni: 50000 + type: Routed + routeDistinguisher: "auto" + +-- state/expect -- +{ + "System": { + "eps-items": { + "epId-items": { + "Ep-list": [ + { + "epId": "1", + "nws-items": { + "vni-items": { + "Nw-list": [ + { + "vni": 50000, + "associateVrfFlag": true + } + ] + } + } + } + ] + } + }, + "fm-items": { + "nvo-items": { + "adminSt": "enabled" + }, + "vnsegment-items": { + "adminSt": "enabled" + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/isis.txt b/test/e2e/testdata/cisco-nxos-gnmi/isis.txt new file mode 100644 index 00000000..36a8361d --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/isis.txt @@ -0,0 +1,158 @@ +# NX-OS ISIS Integration Test +# +# Resource dependency chain: +# ethernet1 -> Physical Interface (spec.name: Ethernet1/1 -> eth1/1) +# fabric-isis -> ISIS instance referencing ethernet1 + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/ethernet1 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: ethernet1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: Ethernet1/1 + adminState: Up + type: Physical + ipv4: + addresses: + - 10.0.1.1/30 + +-- isis/fabric-isis -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: ISIS +metadata: + name: fabric-isis + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + instance: FABRIC + networkEntityTitle: "49.0001.0000.0000.0001.00" + type: Level2 + addressFamilies: + - IPv4Unicast + interfaceRefs: + - name: ethernet1 + +-- state/expect -- +{ + "System": { + "fm-items": { + "isis-items": { + "adminSt": "enabled" + } + }, + "intf-items": { + "phys-items": { + "PhysIf-list": [ + { + "FECMode": "auto", + "accessVlan": "unknown", + "adminSt": "up", + "id": "eth1/1", + "layer": "Layer3", + "medium": "broadcast", + "mode": "access", + "mtu": 1500, + "nativeVlan": "unknown", + "physExtd-items": { + "bufferBoost": "enable" + }, + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + }, + "trunkVlans": "1-4094", + "userCfgdFlags": "admin_layer,admin_state" + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "if-items": { + "If-list": [ + { + "addr-items": { + "Addr-list": [ + { + "addr": "10.0.1.1/30", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + }, + "id": "eth1/1" + } + ] + }, + "name": "default" + } + ] + } + } + }, + "isis-items": { + "inst-items": { + "Inst-list": [ + { + "adminSt": "enabled", + "dom-items": { + "Dom-list": [ + { + "af-items": { + "DomAf-list": [ + { + "type": "v4" + } + ] + }, + "if-items": { + "If-list": [ + { + "id": "eth1/1", + "networkTypeP2P": "on", + "v4Bfd": "inheritVrf", + "v4enable": true, + "v6Bfd": "", + "v6enable": false + } + ] + }, + "isType": "l2", + "name": "default", + "net": "49.0001.0000.0000.0001.00", + "passiveDflt": "l2" + } + ] + }, + "name": "FABRIC" + } + ] + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/lldp.txt b/test/e2e/testdata/cisco-nxos-gnmi/lldp.txt new file mode 100644 index 00000000..f3527bad --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/lldp.txt @@ -0,0 +1,58 @@ +# NX-OS LLDP Integration Test + + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- lldpconfig/lldp-settings -- +apiVersion: nx.cisco.networking.metal.ironcore.dev/v1alpha1 +kind: LLDPConfig +metadata: + name: lldp-settings + namespace: default +spec: + holdTime: 180 + initDelay: 5 + +-- lldp/config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: LLDP +metadata: + name: config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + providerConfigRef: + apiVersion: nx.cisco.networking.metal.ironcore.dev/v1alpha1 + kind: LLDPConfig + name: lldp-settings + +-- state/expect -- +{ + "System": { + "fm-items": { + "lldp-items": { + "adminSt": "enabled" + } + }, + "lldp-items": { + "inst-items": { + "holdTime": 180, + "initDelayTime": 5 + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/managementaccess.txt b/test/e2e/testdata/cisco-nxos-gnmi/managementaccess.txt new file mode 100644 index 00000000..f4932744 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/managementaccess.txt @@ -0,0 +1,75 @@ +# NX-OS ManagementAccess Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- managementaccess/config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: ManagementAccess +metadata: + name: config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + grpc: + enabled: true + port: 9339 + vrfName: default + gnmi: + maxConcurrentCall: 8 + keepAliveTimeout: 600s + ssh: + enabled: true + timeout: 10m + sessionLimit: 32 + +-- state/expect -- +{ + "System": { + "fm-items": { + "grpc-items": { + "adminSt": "enabled" + }, + "ssh-items": { + "adminSt": "enabled" + } + }, + "grpc-items": { + "gnmi-items": { + "keepAliveTimeout": 600, + "maxCalls": 8 + }, + "port": 9339, + "useVrf": "default" + }, + "terml-items": { + "ln-items": { + "cons-items": { + "execTmeout-items": { + "timeout": 0 + } + }, + "vty-items": { + "execTmeout-items": { + "timeout": 10 + }, + "ssLmt-items": { + "sesLmt": 32 + } + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/ntp.txt b/test/e2e/testdata/cisco-nxos-gnmi/ntp.txt new file mode 100644 index 00000000..f0cbbbcc --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/ntp.txt @@ -0,0 +1,62 @@ +# NX-OS NTP Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- ntp/config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: NTP +metadata: + name: config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + sourceInterfaceName: mgmt0 + servers: + - address: ntp.example.com + prefer: true + vrfName: management + +-- state/expect -- +{ + "System": { + "fm-items": { + "ntpd-items": { + "adminSt": "enabled" + } + }, + "time-items": { + "adminSt": "enabled", + "logging": "disabled", + "prov-items": { + "NtpProvider-list": [ + { + "keyId": 0, + "maxPoll": 6, + "minPoll": 4, + "name": "ntp.example.com", + "preferred": true, + "provT": "server", + "vrf": "management" + } + ] + }, + "srcIf-items": { + "srcIf": "mgmt0" + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/nve.txt b/test/e2e/testdata/cisco-nxos-gnmi/nve.txt new file mode 100644 index 00000000..1eb31120 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/nve.txt @@ -0,0 +1,144 @@ +# NX-OS NVE (Network Virtualization Edge) Integration Test +# +# NVE requires a loopback interface as source. + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/lo-nve -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: lo-nve + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: lo1 + type: Loopback + adminState: Up + ipv4: + addresses: + - 10.0.0.1/32 + +-- nve/nve1 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: NetworkVirtualizationEdge +metadata: + name: nve1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + sourceInterfaceRef: + name: lo-nve + hostReachability: BGP + +-- state/expect -- +{ + "System": { + "eps-items": { + "epId-items": { + "Ep-list": [ + { + "epId": 1, + "adminSt": "enabled", + "advertiseVmac": false, + "holdDownTime": 180, + "hostReach": "bgp", + "sourceInterface": "lo1", + "suppressARP": false + } + ] + } + }, + "fm-items": { + "evpn-items": { + "adminSt": "enabled" + }, + "nvo-items": { + "adminSt": "enabled" + } + }, + "hmm-items": { + "fwdinst-items": { + "adminSt": "disabled", + "amac": "" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo1", + "ctrl": "port-unreachable,redirect" + } + ] + } + } + ] + } + } + }, + "intf-items": { + "lb-items": { + "LbRtdIf-list": [ + { + "adminSt": "up", + "id": "lo1", + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + } + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo1", + "addr-items": { + "Addr-list": [ + { + "addr": "10.0.0.1/32", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/ospf.txt b/test/e2e/testdata/cisco-nxos-gnmi/ospf.txt new file mode 100644 index 00000000..305bad3f --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/ospf.txt @@ -0,0 +1,159 @@ +# NX-OS OSPF Integration Test +# +# OSPF requires at least one interface. + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/lo-ospf -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: lo-ospf + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: lo10 + type: Loopback + adminState: Up + ipv4: + addresses: + - 10.255.255.10/32 + +-- ospf/underlay -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: OSPF +metadata: + name: underlay + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + instance: UNDERLAY + routerId: 10.255.255.10 + interfaceRefs: + - name: lo-ospf + area: "0.0.0.0" + +-- state/expect -- +{ + "System": { + "fm-items": { + "ospf-items": { + "adminSt": "enabled" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo10", + "ctrl": "port-unreachable,redirect" + } + ] + } + } + ] + } + } + }, + "intf-items": { + "lb-items": { + "LbRtdIf-list": [ + { + "adminSt": "up", + "id": "lo10", + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + } + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo10", + "addr-items": { + "Addr-list": [ + { + "addr": "10.255.255.10/32", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "ospf-items": { + "inst-items": { + "Inst-list": [ + { + "name": "UNDERLAY", + "adminSt": "enabled", + "dom-items": { + "Dom-list": [ + { + "name": "default", + "adminSt": "enabled", + "adjChangeLogLevel": "none", + "bwRef": 40000, + "bwRefUnit": "mbps", + "ctrl": "default-passive", + "dist": 110, + "rtrId": "10.255.255.10", + "if-items": { + "If-list": [ + { + "id": "lo10", + "adminSt": "enabled", + "advertiseSecondaries": true, + "area": "0.0.0.0", + "bfdCtrl": "unspecified", + "nwT": "unspecified", + "passiveCtrl": "disabled" + } + ] + } + } + ] + } + } + ] + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/pim.txt b/test/e2e/testdata/cisco-nxos-gnmi/pim.txt new file mode 100644 index 00000000..a1e1e39c --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/pim.txt @@ -0,0 +1,142 @@ +# NX-OS PIM Integration Test +# +# PIM requires at least one interface. + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/lo-pim -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: lo-pim + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: lo20 + type: Loopback + adminState: Up + ipv4: + addresses: + - 10.255.255.20/32 + +-- pim/multicast -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: PIM +metadata: + name: multicast + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + adminState: Up + interfaceRefs: + - name: lo-pim + mode: Sparse + +-- state/expect -- +{ + "System": { + "fm-items": { + "pim-items": { + "adminSt": "enabled" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo20", + "ctrl": "port-unreachable,redirect" + } + ] + } + } + ] + } + } + }, + "intf-items": { + "lb-items": { + "LbRtdIf-list": [ + { + "adminSt": "up", + "id": "lo20", + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + } + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "lo20", + "addr-items": { + "Addr-list": [ + { + "addr": "10.255.255.20/32", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "pim-items": { + "adminSt": "enabled", + "inst-items": { + "adminSt": "enabled", + "dom-items": { + "Dom-list": [ + { + "name": "default", + "adminSt": "enabled", + "if-items": { + "If-list": [ + { + "id": "lo20", + "pimSparseMode": true + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/routedvlan.txt b/test/e2e/testdata/cisco-nxos-gnmi/routedvlan.txt new file mode 100644 index 00000000..7568c362 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/routedvlan.txt @@ -0,0 +1,136 @@ +# NX-OS RoutedVLAN (SVI) Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- vlan/vlan10 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: VLAN +metadata: + name: vlan10 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + id: 10 + name: SERVERS + +-- interface/svi-vlan10 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: svi-vlan10 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: vlan10 + type: RoutedVLAN + adminState: Up + mtu: 9000 + description: "SVI for VLAN 10 - Servers" + vlanRef: + name: vlan10 + ipv4: + addresses: + - 10.10.0.1/24 + +-- state/expect -- +{ + "System": { + "bd-items": { + "bd-items": { + "BD-list": [ + { + "BdState": "active", + "adminSt": "active", + "fabEncap": "vlan-10", + "name": "SERVERS" + } + ] + } + }, + "fm-items": { + "ifvlan-items": { + "adminSt": "enabled" + } + }, + "icmpv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "vlan10", + "ctrl": "port-unreachable" + } + ] + } + } + ] + } + } + }, + "intf-items": { + "svi-items": { + "If-list": [ + { + "adminSt": "up", + "descr": "SVI for VLAN 10 - Servers", + "id": "vlan10", + "medium": "bcast", + "mtu": 9000, + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + }, + "vlanId": 10 + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "vlan10", + "addr-items": { + "Addr-list": [ + { + "addr": "10.10.0.1/24", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/routingpolicy_prefixset.txt b/test/e2e/testdata/cisco-nxos-gnmi/routingpolicy_prefixset.txt new file mode 100644 index 00000000..dc3a070a --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/routingpolicy_prefixset.txt @@ -0,0 +1,154 @@ +# RoutingPolicy with PrefixSet reference + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- prefixset/test-prefixset-v4 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: PrefixSet +metadata: + name: test-prefixset-v4 + namespace: default + labels: + networking.metal.ironcore.dev/device-name: device +spec: + deviceRef: + name: device + name: IPV4-NETWORKS + entries: + - sequence: 10 + prefix: 10.0.0.0/8 +-- prefixset/test-prefixset-v6 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: PrefixSet +metadata: + name: test-prefixset-v6 + namespace: default + labels: + networking.metal.ironcore.dev/device-name: device +spec: + deviceRef: + name: device + name: IPV6-NETWORKS + entries: + - sequence: 10 + prefix: "2001:db8::/32" +-- routingpolicy/rm-import -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: RoutingPolicy +metadata: + name: rm-import + namespace: default + labels: + networking.metal.ironcore.dev/device-name: device +spec: + deviceRef: + name: device + name: RM-IMPORT + statements: + - sequence: 10 + conditions: + matchPrefixSet: + prefixSetRef: + name: test-prefixset-v4 + actions: + routeDisposition: AcceptRoute + - sequence: 20 + conditions: + matchPrefixSet: + prefixSetRef: + name: test-prefixset-v6 + actions: + routeDisposition: AcceptRoute + +-- state/expect -- +{ + "System": { + "rpm-items": { + "pfxlistv4-items": { + "RuleV4-list": [ + { + "name": "IPV4-NETWORKS", + "ent-items": { + "Entry-list": [ + { + "action": "permit", + "criteria": "exact", + "fromPfxLen": 0, + "order": 10, + "pfx": "10.0.0.0/8", + "toPfxLen": 0 + } + ] + } + } + ] + }, + "pfxlistv6-items": { + "RuleV6-list": [ + { + "name": "IPV6-NETWORKS", + "ent-items": { + "Entry-list": [ + { + "action": "permit", + "criteria": "exact", + "fromPfxLen": 0, + "order": 10, + "pfx": "2001:db8::/32", + "toPfxLen": 0 + } + ] + } + } + ] + }, + "rtmap-items": { + "Rule-list": [ + { + "name": "RM-IMPORT", + "ent-items": { + "Entry-list": [ + { + "action": "permit", + "order": 10, + "mrtdst-items": { + "rsrtDstAtt-items": { + "RsRtDstAtt-list": [ + { + "tDn": "/System/rpm-items/pfxlistv4-items/RuleV4-list[name='IPV4-NETWORKS']" + } + ] + } + } + }, + { + "action": "permit", + "order": 20, + "mrtdst-items": { + "rsrtDstAtt-items": { + "RsRtDstAtt-list": [ + { + "tDn": "/System/rpm-items/pfxlistv6-items/RuleV6-list[name='IPV6-NETWORKS']" + } + ] + } + } + } + ] + } + } + ] + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/snmp.txt b/test/e2e/testdata/cisco-nxos-gnmi/snmp.txt new file mode 100644 index 00000000..8e8515bf --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/snmp.txt @@ -0,0 +1,76 @@ +# NX-OS SNMP Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- snmp/config -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: SNMP +metadata: + name: config + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + contact: "admin@example.com" + location: "DC1-Rack42" + sourceInterfaceName: "mgmt0" + hosts: + - address: "10.0.0.100" + communities: + - name: "public" + group: "network-operator" + +-- state/expect -- +{ + "System": { + "snmp-items": { + "inst-items": { + "community-items": { + "CommSecP-list": [ + { + "commAcess": "unspecified", + "grpName": "network-operator", + "name": "public" + } + ] + }, + "globals-items": { + "srcInterfaceInforms-items": { + "ifname": "mgmt0" + }, + "srcInterfaceTraps-items": { + "ifname": "mgmt0" + } + }, + "host-items": { + "Host-list": [ + { + "hostName": "10.0.0.100", + "notifType": "traps", + "secLevel": "noauth", + "udpPortID": 162, + "version": "v2c" + } + ] + }, + "sysinfo-items": { + "sysContact": "admin@example.com", + "sysLocation": "DC1-Rack42" + }, + "traps-items": {} + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/subinterface.txt b/test/e2e/testdata/cisco-nxos-gnmi/subinterface.txt new file mode 100644 index 00000000..5235e7d7 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/subinterface.txt @@ -0,0 +1,142 @@ +# NX-OS Subinterface Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/parent-eth -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: parent-eth + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: eth1/3 + type: Physical + adminState: Up + mtu: 9216 + description: "Parent interface for subinterfaces" + +-- interface/subif-vlan100 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: subif-vlan100 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: eth1/3.100 + type: Subinterface + adminState: Up + mtu: 1500 + description: "L3 Subinterface VLAN 100" + parentInterfaceRef: + name: parent-eth + encapsulation: + type: "802.1q" + tag: 100 + ipv4: + addresses: + - 10.100.0.1/24 + +-- state/expect -- +{ + "System": { + "intf-items": { + "phys-items": { + "PhysIf-list": [ + { + "FECMode": "auto", + "accessVlan": "vlan-1", + "adminSt": "up", + "descr": "Parent interface for subinterfaces", + "id": "eth1/3", + "layer": "Layer2", + "medium": "broadcast", + "mode": "access", + "mtu": 9216, + "nativeVlan": "vlan-1", + "physExtd-items": { + "bufferBoost": "enable" + }, + "trunkVlans": "1-4094", + "userCfgdFlags": "admin_layer,admin_mtu,admin_state" + } + ] + }, + "encrtd-items": { + "EncRtdIf-list": [ + { + "adminSt": "up", + "descr": "L3 Subinterface VLAN 100", + "encap": "vlan-100", + "id": "eth1/3.100", + "mediumType": "broadcast", + "mtu": 1500, + "mtuInherit": false, + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='default']" + } + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "default", + "if-items": { + "If-list": [ + { + "id": "eth1/3.100", + "addr-items": { + "Addr-list": [ + { + "addr": "10.100.0.1/24", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "stp-items": { + "inst-items": { + "if-items": { + "If-list": [ + { + "id": "eth1/3", + "mode": "default", + "bpdufilter": "default", + "bpduguard": "default" + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/syslog.txt b/test/e2e/testdata/cisco-nxos-gnmi/syslog.txt new file mode 100644 index 00000000..f490780b --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/syslog.txt @@ -0,0 +1,76 @@ +# NX-OS Syslog Integration Test + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- syslog/logging -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Syslog +metadata: + name: logging + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + servers: + - address: "10.0.0.100" + severity: Warning + vrfName: management + facilities: + - name: Local7 + severity: Info + +-- state/expect -- +{ + "System": { + "logging-items": { + "loglevel-items": { + "facility-items": { + "Facility-list": [ + { + "facilityName": "Local7", + "severityLevel": "information" + } + ] + } + } + }, + "syslog-items": { + "logginghistory-items": { + "level": "information", + "size": 500 + }, + "originid-items": { + "idtype": "string", + "idvalue": "logging" + }, + "rdst-items": { + "RemoteDest-list": [ + { + "forwardingFacility": "local7", + "host": "10.0.0.100", + "port": 514, + "severity": "warnings", + "transport": "udp", + "vrfName": "management" + } + ] + }, + "source-items": { + "adminState": "enabled", + "ifName": "mgmt0" + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/vpcdomain.txt b/test/e2e/testdata/cisco-nxos-gnmi/vpcdomain.txt new file mode 100644 index 00000000..22738179 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/vpcdomain.txt @@ -0,0 +1,191 @@ +# NX-OS VPCDomain Integration Test +# +# Tests vPC (Virtual Port Channel) domain configuration. +# VPCDomain is NX-OS specific (nx.cisco.networking.metal.ironcore.dev/v1alpha1). +# Requires a port-channel interface for the peer-link with member interfaces. +# +# Using this payload on a clean device will fail as features must be already enabled. + + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- interface/eth1 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: eth1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: eth1/1 + type: Physical + adminState: Up + +-- interface/vpc-peerlink -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: vpc-peerlink + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: po1 + type: Aggregate + adminState: Up + aggregation: + memberInterfaceRefs: + - name: eth1 + controlProtocol: + mode: Active + +-- vpcdomain/vpc1 -- +apiVersion: nx.cisco.networking.metal.ironcore.dev/v1alpha1 +kind: VPCDomain +metadata: + name: vpc1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + domainId: 100 + adminState: Up + rolePriority: 32667 + systemPriority: 32667 + peer: + adminState: Up + interfaceRef: + name: vpc-peerlink + keepalive: + destination: 10.0.0.2 + source: 10.0.0.1 + vrfName: management + +-- state/expect -- +{ + "System": { + "fm-items": { + "lacp-items": { + "adminSt": "enabled" + }, + "vpc-items": { + "adminSt": "enabled" + } + }, + "intf-items": { + "aggr-items": { + "AggrIf-list": [ + { + "id": "po1", + "adminSt": "up", + "accessVlan": "vlan-1", + "aggrExtd-items": { + "bufferBoost": "enable" + }, + "lacpVpcConvergence": "disable", + "layer": "Layer2", + "medium": "broadcast", + "mode": "access", + "mtu": 1500, + "nativeVlan": "vlan-1", + "pcMode": "active", + "rsmbrIfs-items": { + "RsMbrIfs-list": [ + { + "tDn": "/System/intf-items/phys-items/PhysIf-list[id='eth1/1']" + } + ] + }, + "suspIndividual": "enable", + "trunkVlans": "1-4094", + "userCfgdFlags": "admin_layer,admin_state" + } + ] + }, + "phys-items": { + "PhysIf-list": [ + { + "id": "eth1/1", + "FECMode": "auto", + "accessVlan": "vlan-1", + "adminSt": "up", + "layer": "Layer2", + "medium": "broadcast", + "mode": "access", + "mtu": 1500, + "nativeVlan": "vlan-1", + "physExtd-items": { + "bufferBoost": "enable" + }, + "trunkVlans": "1-4094", + "userCfgdFlags": "admin_layer,admin_state" + } + ] + } + }, + "stp-items": { + "inst-items": { + "if-items": { + "If-list": [ + { + "id": "eth1/1", + "bpdufilter": "default", + "bpduguard": "default", + "mode": "default" + }, + { + "id": "po1", + "bpdufilter": "default", + "bpduguard": "default", + "mode": "default" + } + ] + } + } + }, + "vpc-items": { + "inst-items": { + "dom-items": { + "id": 100, + "adminSt": "enabled", + "autoRecovery": "disabled", + "autoRecoveryIntvl": 240, + "delayRestoreSVI": 10, + "delayRestoreVPC": 30, + "fastConvergence": "disabled", + "keepalive-items": { + "destIp": "10.0.0.2", + "srcIp": "10.0.0.1", + "vrf": "management", + "peerlink-items": { + "adminSt": "enabled", + "id": "po1" + } + }, + "l3PeerRouter": "disabled", + "peerGw": "disabled", + "peerSwitch": "disabled", + "rolePrio": 32667, + "sysPrio": 32667 + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/cisco-nxos-gnmi/vrf.txt b/test/e2e/testdata/cisco-nxos-gnmi/vrf.txt new file mode 100644 index 00000000..5bec2e96 --- /dev/null +++ b/test/e2e/testdata/cisco-nxos-gnmi/vrf.txt @@ -0,0 +1,129 @@ +# NX-OS VRF Integration Test +# +# Tests VRF creation with L3 interface membership: +# tenant1 -> VRF with description +# vrf-uplink -> Physical L3 interface assigned to the VRF + +-- state/preload -- +{ + "System": { + "procsys-items": { + "bootTime": "1700000000" + } + } +} + +-- vrf/tenant1 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: VRF +metadata: + name: k8s-vrf-tenant1 + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: TENANT-1 + description: "Tenant 1 VRF" + +-- interface/vrf-uplink -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: vrf-uplink + namespace: default + labels: + networking.metal.ironcore.dev/device: device +spec: + deviceRef: + name: device + name: eth1/10 + type: Physical + adminState: Up + mtu: 9000 + description: "Uplink in TENANT-1 VRF" + vrfRef: + name: k8s-vrf-tenant1 + ipv4: + addresses: + - 10.1.1.1/30 + +-- state/expect -- +{ + "System": { + "inst-items": { + "Inst-list": [ + { + "name": "TENANT-1", + "descr": "Tenant 1 VRF", + "l3vni": false, + "dom-items": { + "Dom-list": [ + { + "name": "TENANT-1" + } + ] + } + } + ] + }, + "intf-items": { + "phys-items": { + "PhysIf-list": [ + { + "FECMode": "auto", + "accessVlan": "unknown", + "adminSt": "up", + "descr": "Uplink in TENANT-1 VRF", + "id": "eth1/10", + "layer": "Layer3", + "medium": "broadcast", + "mode": "access", + "mtu": 9000, + "nativeVlan": "unknown", + "physExtd-items": { + "bufferBoost": "enable" + }, + "rtvrfMbr-items": { + "tDn": "/System/inst-items/Inst-list[name='TENANT-1']" + }, + "trunkVlans": "1-4094", + "userCfgdFlags": "admin_layer,admin_mtu,admin_state" + } + ] + } + }, + "ipv4-items": { + "inst-items": { + "dom-items": { + "Dom-list": [ + { + "name": "TENANT-1", + "if-items": { + "If-list": [ + { + "id": "eth1/10", + "addr-items": { + "Addr-list": [ + { + "addr": "10.1.1.1/30", + "pref": 0, + "tag": 0, + "type": "primary" + } + ] + } + } + ] + } + } + ] + } + } + }, + "procsys-items": { + "bootTime": "1700000000" + } + } +} diff --git a/test/e2e/testdata/openconfig/interface.txt b/test/e2e/testdata/openconfig/interface.txt new file mode 100644 index 00000000..f6055ec7 --- /dev/null +++ b/test/e2e/testdata/openconfig/interface.txt @@ -0,0 +1,61 @@ +# Loopback Interface +-- interfaces/lo0 -- +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +metadata: + name: lo0 + namespace: default + labels: + networking.metal.ironcore.dev/device-name: device +spec: + deviceRef: + name: device + name: lo0 + description: Router-ID Leaf1 + adminState: Up + type: Loopback + mtu: 1500 + ipv4: + addresses: + - 10.0.0.10/32 +-- state/expect -- +{ + "interfaces": { + "interface": [ + { + "config": { + "description": "Router-ID Leaf1", + "enabled": true, + "mtu": 1500, + "name": "lo0", + "type": "softwareLoopback" + }, + "name": "lo0", + "subinterfaces": { + "subinterface": [ + { + "config": { + "index": 0 + }, + "index": 0, + "ipv4": { + "addresses": { + "address": [ + { + "config": { + "ip": "10.0.0.10", + "prefix-length": 32, + "type": "PRIMARY" + }, + "ip": "10.0.0.10" + } + ] + } + } + } + ] + } + } + ] + } +} From 096badfdb0c62307bf8ad21bc105eb1ecb0921a6 Mon Sep 17 00:00:00 2001 From: Pujol Date: Thu, 18 Jun 2026 02:01:30 +0200 Subject: [PATCH 2/4] fix: prevent stdin inheritance in e2e test commands Commands executed via exec.CommandContext with CombinedOutput can hang when stdin is not explicitly set to nil. This was causing UndeployManager to block indefinitely during test cleanup. Changes: - Set cmd.Stdin = nil on all exec.Command calls to prevent stdin inheritance - Change UndeployManager to use kubectl delete -k directly instead of make undeploy to avoid shell pipeline stdin issues Signed-off-by: Pujol --- test/e2e/testutil/cluster.go | 12 +++++++----- test/e2e/testutil/helpers.go | 1 + 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/test/e2e/testutil/cluster.go b/test/e2e/testutil/cluster.go index f34990ec..bd22fad9 100644 --- a/test/e2e/testutil/cluster.go +++ b/test/e2e/testutil/cluster.go @@ -92,6 +92,7 @@ func (c *ClusterEnvironment) DeployManager(ctx context.Context) error { cmd := exec.CommandContext(ctx, "make", "deploy-crds") cmd.Dir = dir cmd.Env = env + cmd.Stdin = nil // Prevent stdin inheritance that can cause hangs if output, err := cmd.CombinedOutput(); err != nil { return fmt.Errorf("failed to deploy CRDs: %s: %w", string(output), err) } @@ -100,6 +101,7 @@ func (c *ClusterEnvironment) DeployManager(ctx context.Context) error { cmd = exec.CommandContext(ctx, "make", "deploy") cmd.Dir = dir cmd.Env = env + cmd.Stdin = nil // Prevent stdin inheritance that can cause hangs if output, err := cmd.CombinedOutput(); err != nil { return fmt.Errorf("failed to deploy manager: %s: %w", string(output), err) } @@ -114,12 +116,10 @@ func (c *ClusterEnvironment) DeployManager(ctx context.Context) error { } // UndeployManager undeploys the controller-manager. +// Uses kubectl delete -k directly instead of make undeploy to avoid shell pipeline stdin issues. func (c *ClusterEnvironment) UndeployManager(ctx context.Context) error { - cmd := exec.CommandContext(ctx, "make", "undeploy") - dir, _ := GetProjectDir() //nolint:errcheck // uses current dir as fallback - cmd.Dir = dir - if output, err := cmd.CombinedOutput(); err != nil { - return fmt.Errorf("failed to undeploy manager: %s: %w", string(output), err) + if err := c.runKubectl(ctx, "delete", "-k", "config/develop", "--ignore-not-found"); err != nil { + return fmt.Errorf("failed to undeploy manager: %w", err) } return nil } @@ -228,6 +228,7 @@ func (c *ClusterEnvironment) runKubectl(ctx context.Context, args ...string) err cmd := exec.CommandContext(ctx, "kubectl", args...) dir, _ := GetProjectDir() //nolint:errcheck // uses current dir as fallback cmd.Dir = dir + cmd.Stdin = nil // Prevent stdin inheritance that can cause hangs output, err := cmd.CombinedOutput() if err != nil { return fmt.Errorf("%s: %w", string(output), err) @@ -240,6 +241,7 @@ func (c *ClusterEnvironment) runKubectlOutput(ctx context.Context, args ...strin cmd := exec.CommandContext(ctx, "kubectl", args...) dir, _ := GetProjectDir() //nolint:errcheck // uses current dir as fallback cmd.Dir = dir + cmd.Stdin = nil // Prevent stdin inheritance that can cause hangs var stdout, stderr bytes.Buffer cmd.Stdout = &stdout cmd.Stderr = &stderr diff --git a/test/e2e/testutil/helpers.go b/test/e2e/testutil/helpers.go index 5d38e28f..b9888543 100644 --- a/test/e2e/testutil/helpers.go +++ b/test/e2e/testutil/helpers.go @@ -42,6 +42,7 @@ func Run(cmd *exec.Cmd, w io.Writer) (string, error) { } cmd.Dir = dir + cmd.Stdin = nil // Prevent stdin inheritance that can cause hangs if err = os.Chdir(cmd.Dir); err != nil { _, _ = fmt.Fprintf(w, "chdir dir: %s\n", err) } From 315adf2ba01c6d32e82eb881f13d31b9aab84136 Mon Sep 17 00:00:00 2001 From: Pujol Date: Thu, 18 Jun 2026 02:01:34 +0200 Subject: [PATCH 3/4] docs: add AGENTS.md for e2e test documentation Documents the e2e test infrastructure including: - Envtest vs Cluster mode comparison - Test commands and environment variables - Testdata format and test flow - Architecture and gnmi-test-server behavior Signed-off-by: Pujol --- test/e2e/AGENTS.md | 146 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 146 insertions(+) create mode 100644 test/e2e/AGENTS.md diff --git a/test/e2e/AGENTS.md b/test/e2e/AGENTS.md new file mode 100644 index 00000000..86c917bf --- /dev/null +++ b/test/e2e/AGENTS.md @@ -0,0 +1,146 @@ +# E2E Tests + +Integration tests that validate the full reconciliation pipeline from Kubernetes CRD to gNMI JSON output. + +## Rationale + +Unit tests verify individual functions but miss the gaps between layers: CRD validation, controller logic, provider field mapping, and gNMI path construction. For example, a controller passing the wrong value to a provider. + +Two test modes via Go build tags (`//go:build envtest` vs `//go:build !envtest`): + +- **Envtest mode** — runs tests sequantially without infrastructure using envtest + in-process gnmi-test-server. Tests complete in seconds. +- **Cluster mode** — runs tests in parallel against Kind with full operator installation. Validates RBAC, webhooks, metrics. +Each reconciliation test is isolated: unique namespace + dedicated gnmi-test-server pod. + +## Commands + +```bash +make test-e2e-envtest PROVIDER=cisco-nxos-gnmi # no cluster required +make test-e2e-kind PROVIDER=cisco-nxos-gnmi # requires Kind cluster "network" +``` + +**Provider options:** `openconfig`, `cisco-nxos-gnmi` + +## Mode Comparison + +| Aspect | Envtest | Cluster | +|--------|---------|---------| +| **K8s API** | In-process (envtest) | Kind cluster | +| **gNMI server** | In-process (gnmi-test-server) | Deployed pod per test | +| **Controllers** | In-process per test | Deployed operator pod | +| **Speed** | ~10s | ~3-4min (parallel) | +| **Dependencies** | None | Docker + Kind | + +| Coverage | Envtest | Cluster | +|----------|:-------:|:-------:| +| Controller reconciliation | ✅ | ✅ | +| Status conditions | ✅ | ✅ | +| gNMI payload generation | ✅ | ✅ | +| RBAC / ServiceAccount | ❌ | ✅ | +| Webhook TLS + cert-manager | ❌ | ✅ | +| Container image build | ❌ | ✅ | +| Metrics endpoint | ❌ | ✅ | + +## Environment Variables + +| Variable | Purpose | +|----------|---------| +| `PROVIDER` / `E2E_PROVIDER` | Filter tests to specific provider | +| `PROMETHEUS_INSTALL_SKIP=true` | Skip Prometheus installation (cluster mode) | +| `CERT_MANAGER_INSTALL_SKIP=true` | Skip CertManager installation (cluster mode) | + +## Architecture + +Both modes implement `TestEnvironment` interface via `testutil/`: + +| Method | Purpose | +|--------|---------| +| `Setup()` / `Teardown()` | Initialize/cleanup K8s + gNMI server | +| `Client()` / `RESTConfig()` | K8s client for resources and managers | +| `GNMIAddress()` | Endpoint for Device CRDs | +| `GetGNMIState()` / `ClearGNMIState()` | Verify and reset gNMI state | +| `PreloadGNMIState()` | Set initial state before reconciliation | +| `IsEnvtest()` | Detect mode for conditional logic | + +### GNMI test server + +The server accumulates gNMI Set operations and exposes state via `GetState()`. + +When configured with `WithNXOSBehavior()`: +- Strips fields with value `"DME_UNSET_PROPERTY_MARKER"` when storing (the marker means "unset this field", not "store this literal string") +- Returns empty TypedValue for non-existent paths (instead of NOT_FOUND error), matching real NX-OS behavior + + +## Testdata Format + +Location: `test/e2e/testdata//.txt` — auto-discovered, txtar format. + +Each test file contains K8s YAML resources and expected gNMI JSON state: + +``` +-- state/preload -- # OPTIONAL: initial gNMI state +{"System": {"procsys-items": {"bootTime": "1700000000"}}} + +-- / -- # Resource to create +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: Interface +spec: + deviceRef: + name: device # substituted at runtime + ... + +-- / -- # Multiple resources supported +apiVersion: networking.metal.ironcore.dev/v1alpha1 +kind: BGPPeer +spec: + deviceRef: + name: device + ... + +-- state/expect -- # Expected gNMI JSON (array order ignored) +{"System": {"intf-items": ...}} +``` + +### Test Flow + +1. Parse txtar file → extract resources + expected state +2. Create test namespace +3. Deploy/connect to gnmi-test-server +4. Preload gNMI state if `state/preload` section exists +5. Create Device pointing to gnmi-test-server address +6. Apply resources **sequentially**, waiting for `Configured` condition before next +7. Compare final gNMI state vs `state/expect` using semantic JSON comparison + +### Important Notes + +> **gNMI State Differences:** The JSON stored in gnmi-test-server may differ from actual provider output. For example, NXOS `DME_UNSET_PROPERTY_MARKER` values are filtered out by the test server. + +> **Resource Dependencies:** Resources are created in file order. Use ordering to handle dependencies (e.g., BGPPeer after BGP, RoutingPolicy after PrefixSet). + +## Existing Test Files + +``` +test/e2e/testdata/cisco-nxos-gnmi/ +├── acl.txt +├── banner.txt +├── bgp_bgppeer.txt +├── dhcprelay.txt +├── dns.txt +├── evpninstance.txt +├── interfaceconfig.txt +├── interfaces.txt +├── isis.txt +├── lldp.txt +├── managementaccess.txt +├── ntp.txt +├── nve.txt +├── ospf.txt +├── pim.txt +├── routedvlan.txt +├── routingpolicy_prefixset.txt +├── snmp.txt +├── subinterface.txt +├── syslog.txt +├── vpcdomain.txt +└── vrf.txt +``` From 37fea8a4b60a115c60ad4740b38b85331bef4bd9 Mon Sep 17 00:00:00 2001 From: Pujol Date: Thu, 18 Jun 2026 02:04:15 +0200 Subject: [PATCH 4/4] ci: add separate e2e test workflows for envtest and cluster modes - test-e2e-envtest.yml: Fast in-process tests, no cluster required - test-e2e-cluster.yml: Full cluster tests with Kind, 8 parallel processes Signed-off-by: Pujol --- .github/workflows/test-e2e-cluster.yml | 32 ++++++++++++++++++++++++++ .github/workflows/test-e2e-envtest.yml | 26 +++++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 .github/workflows/test-e2e-cluster.yml create mode 100644 .github/workflows/test-e2e-envtest.yml diff --git a/.github/workflows/test-e2e-cluster.yml b/.github/workflows/test-e2e-cluster.yml new file mode 100644 index 00000000..60fe00fe --- /dev/null +++ b/.github/workflows/test-e2e-cluster.yml @@ -0,0 +1,32 @@ +# SPDX-FileCopyrightText: 2026 SAP SE or an SAP affiliate company and IronCore contributors +# SPDX-License-Identifier: Apache-2.0 + +name: Test E2E (Cluster) + +on: + pull_request: + branches: + - main + paths-ignore: + - 'docs/**' + - '**/*.md' + +jobs: + test-e2e-cluster: + name: Run E2E Tests (Cluster) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + - name: Create kind cluster + uses: helm/kind-action@v1 + with: + version: v0.31.0 + kubectl_version: v1.35.0 + cluster_name: network + - name: Running E2E Cluster Tests + run: | + go mod download + make test-e2e-cluster GINKGO_PROCS=8 diff --git a/.github/workflows/test-e2e-envtest.yml b/.github/workflows/test-e2e-envtest.yml new file mode 100644 index 00000000..550de5f8 --- /dev/null +++ b/.github/workflows/test-e2e-envtest.yml @@ -0,0 +1,26 @@ +# SPDX-FileCopyrightText: 2026 SAP SE or an SAP affiliate company and IronCore contributors +# SPDX-License-Identifier: Apache-2.0 + +name: Test E2E (Envtest) + +on: + pull_request: + branches: + - main + paths-ignore: + - 'docs/**' + - '**/*.md' + +jobs: + test-e2e-envtest: + name: Run E2E Tests (Envtest) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - uses: actions/setup-go@v6 + with: + go-version-file: 'go.mod' + - name: Running E2E Envtest Tests + run: | + go mod download + make test-e2e-envtest