Add object-group service support

[ArchelonU]

SUMMARY

Adding the ability to specify an object group of services in the ACL settings.

ISSUE TYPE

• Feature Pull Request

COMPONENT NAME

acls.py

ADDITIONAL INFORMATION

Now you can add object-group service when creating ACL rule.

To do this, it is enough to specify a new variable "service_object_group":

- name: ACL_NAME
  acl_type: extended
  aces:
    - sequence: '10'
       grant: 'permit'
       service_object_group: 'OG_WITH_MANY_PORTS'
       source:
         object_group: 'OG_SOURCE_HOSTS'
       destination:
         object_group: 'OG_DESTINATION_HOSTS'

What actually translates into a command:

ip access-list extended ACL_NAME
 10 permit object-group OG_WITH_MANY_PORTS object-group OG_SOURCE_HOSTS object-group OG_DESTINATION_HOSTS

[roverflow]

@ArchelonU Could you please add some tests to verify the change

[ArchelonU]

@roverflow I have run tests in my branch, added fixes. Now as far as I understand, it requires approval to run testing here. Correct me if I'm wrong. Thx!

[roverflow]

@ArchelonU, could you please add a new unit test for this change? You can find the existing tests for acls in the tests folder, you can either modify the test to make use of the new attribute you have added or add a new test function. Thanks

[ArchelonU]

@roverflow Hello! I added some tests in ef9f60b, is there anything else I need to do? Thanks!

[ArchelonU]

Hi! As I understand it, tests, that do not relate to my changes, fail. Should I do something about it or should I just wait?

[roverflow]

Hi! As I understand it, tests, that do not relate to my changes, fail. Should I do something about it or should I just wait?

Hey @ArchelonU, these test failures are unrelated to your contribution. We're currently investigating them. Meanwhile, we're looking at your PR and will review it and try to get it merged!. Thanks for your contribution!