def test_delete_security_group_nova_os_id(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_2)
])
resp = self.execute('DeleteSecurityGroup',
{'GroupId': fakes.ID_OS_SECURITY_GROUP_2})
self.assertEqual(True, resp['return'])
self.nova.security_groups.delete.assert_called_once_with(
fakes.ID_OS_SECURITY_GROUP_2)
def test_create_security_group(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNeutron())
self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1)
self.neutron.list_security_groups.return_value = ({
'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]
})
self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_2))
resp = self.execute('CreateSecurityGroup', {
'GroupName': 'groupname',
'GroupDescription': 'Group description'
})
self.nova.security_groups.create.assert_called_once_with(
'groupname', 'Group description')
self.nova.security_groups.reset_mock()
resp = self.execute(
'CreateSecurityGroup', {
'VpcId': fakes.ID_EC2_VPC_1,
'GroupName': 'groupname',
'GroupDescription': 'Group description'
})
self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId'])
self.db_api.add_item.assert_called_once_with(
mock.ANY,
'sg',
tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', )),
project_id=None)
self.nova.security_groups.create.assert_called_once_with(
'groupname', 'Group description')
def test_describe_security_groups_nova(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.set_mock_db_items()
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_2)
])
resp = self.execute('DescribeSecurityGroups', {})
self.assertThat(
resp['securityGroupInfo'],
matchers.ListMatches([
fakes.EC2_NOVA_SECURITY_GROUP_1,
fakes.EC2_NOVA_SECURITY_GROUP_2
],
orderless_lists=True))
def test_revoke_security_group_ingress_ip_ranges_nova(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_2)
])
self.nova.security_groups.get.return_value = (fakes.NovaSecurityGroup(
fakes.NOVA_SECURITY_GROUP_2))
self.nova.security_group_rules.delete.return_value = True
self.execute(
'RevokeSecurityGroupIngress', {
'GroupName': fakes.EC2_NOVA_SECURITY_GROUP_2['groupName'],
'IpPermissions.1.FromPort': '10',
'IpPermissions.1.ToPort': '10',
'IpPermissions.1.IpProtocol': 'tcp',
'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24'
})
self.nova.security_group_rules.delete.assert_called_once_with(
fakes.NOVA_SECURITY_GROUP_RULE_1['id'])
def test_revoke_security_group_groups_nova(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_2)
])
self.nova.security_groups.get.return_value = (fakes.NovaSecurityGroup(
fakes.NOVA_SECURITY_GROUP_2))
self.nova.security_group_rules.delete.return_value = True
self.execute(
'RevokeSecurityGroupIngress', {
'GroupName':
fakes.EC2_NOVA_SECURITY_GROUP_2['groupName'],
'IpPermissions.1.IpProtocol':
'icmp',
'IpPermissions.1.Groups.1.GroupName':
fakes.EC2_NOVA_SECURITY_GROUP_1['groupName']
})
self.nova.security_group_rules.delete.assert_called_once_with(
fakes.NOVA_SECURITY_GROUP_RULE_2['id'])
def test_authorize_security_group_ip_ranges_nova(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.nova.security_group_rules.create.return_value = ({
'security_group_rule': [fakes.NOVA_SECURITY_GROUP_RULE_1]
})
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_2)
])
self.execute(
'AuthorizeSecurityGroupIngress', {
'GroupName': fakes.EC2_NOVA_SECURITY_GROUP_2['groupName'],
'IpPermissions.1.FromPort': '10',
'IpPermissions.1.ToPort': '10',
'IpPermissions.1.IpProtocol': 'tcp',
'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24'
})
self.nova.security_group_rules.create.assert_called_once_with(
str(fakes.ID_NOVA_OS_SECURITY_GROUP_2), 'tcp', 10, 10,
'192.168.1.0/24', None)
def test_authorize_security_group_groups_nova(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.nova.security_group_rules.create.return_value = ({
'security_group_rule': [fakes.NOVA_SECURITY_GROUP_RULE_2]
})
self.nova.security_groups.list.return_value = ([
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1),
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_2)
])
self.execute(
'AuthorizeSecurityGroupIngress', {
'GroupName':
fakes.EC2_NOVA_SECURITY_GROUP_2['groupName'],
'IpPermissions.1.IpProtocol':
'icmp',
'IpPermissions.1.Groups.1.GroupName':
fakes.EC2_NOVA_SECURITY_GROUP_1['groupName']
})
self.nova.security_group_rules.create.assert_called_once_with(
str(fakes.ID_NOVA_OS_SECURITY_GROUP_2), 'icmp', -1, -1, None,
str(fakes.ID_NOVA_OS_SECURITY_GROUP_1))
def test_create_security_group_rollback(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNova())
self.set_mock_db_items(fakes.DB_VPC_1)
self.db_api.add_item.side_effect = Exception()
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_1))
self.assert_execution_error(
self.ANY_EXECUTE_ERROR, 'CreateSecurityGroup', {
'VpcId': fakes.ID_EC2_VPC_1,
'GroupName': 'groupname',
'GroupDescription': 'Group description'
})
self.nova.security_groups.delete.assert_called_once_with(
fakes.ID_OS_SECURITY_GROUP_1)
def test_repair_default_security_group(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNeutron())
self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_1
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_1))
self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1,
fakes.DB_SECURITY_GROUP_2)
self.neutron.list_security_groups.return_value = ({
'security_groups': [fakes.OS_SECURITY_GROUP_2]
})
resp = self.execute('DescribeSecurityGroups', {})
self.db_api.add_item.assert_called_once_with(
mock.ANY, 'sg',
tools.purge_dict(fakes.DB_SECURITY_GROUP_1, ('id', )))
self.nova.security_groups.create.assert_called_once_with(
fakes.ID_EC2_VPC_1, 'Default VPC security group')
def test_create_vpc(self):
self.neutron.create_router.side_effect = (
tools.get_neutron_create('router', fakes.ID_OS_ROUTER_1))
self.db_api.add_item.side_effect = (
tools.get_db_api_add_item({
'vpc': fakes.ID_EC2_VPC_1,
'rtb': fakes.ID_EC2_ROUTE_TABLE_1,
'sg': fakes.ID_EC2_SECURITY_GROUP_1}))
self.set_mock_db_items(fakes.DB_VPC_1)
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.NOVA_SECURITY_GROUP_1))
def check_response(response):
self.assertIn('vpc', response)
vpc = resp['vpc']
self.assertThat(fakes.EC2_VPC_1, matchers.DictMatches(vpc))
self.neutron.create_router.assert_called_with({'router': {}})
self.neutron.update_router.assert_called_once_with(
fakes.ID_OS_ROUTER_1,
{'router': {'name': fakes.EC2_VPC_1['vpcId']}})
self.db_api.add_item.assert_any_call(
mock.ANY, 'vpc',
tools.purge_dict(fakes.DB_VPC_1,
('id', 'vpc_id', 'route_table_id')))
self.db_api.add_item.assert_any_call(
mock.ANY, 'rtb',
tools.purge_dict(fakes.DB_ROUTE_TABLE_1,
('id',)))
self.db_api.update_item.assert_called_once_with(
mock.ANY,
fakes.DB_VPC_1)
self.neutron.reset_mock()
self.db_api.reset_mock()
self.db_api.update_item.reset_mock()
resp = self.execute('CreateVpc', {'CidrBlock': fakes.CIDR_VPC_1})
check_response(resp)
resp = self.execute('CreateVpc', {'CidrBlock': fakes.CIDR_VPC_1,
'instanceTenancy': 'default'})
check_response(resp)
def test_create_security_group(self):
security_group.security_group_engine = (
security_group.SecurityGroupEngineNeutron())
self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1)
self.neutron.list_security_groups.return_value = ({
'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]
})
self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_2))
resp = self.execute('CreateSecurityGroup', {
'GroupName': 'groupname',
'GroupDescription': 'Group description'
})
self.nova.security_groups.create.assert_called_once_with(
'groupname', 'Group description')
db_group = tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', ))
db_group['vpc_id'] = None
self.db_api.add_item.assert_called_once_with(mock.ANY, 'sg', db_group)
self.nova.security_groups.reset_mock()
self.db_api.add_item.reset_mock()
self.neutron.list_security_groups.return_value = ({
'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]
})
resp = self.execute(
'CreateSecurityGroup', {
'VpcId': fakes.ID_EC2_VPC_1,
'GroupName': 'groupname',
'GroupDescription': 'Group description'
})
self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId'])
self.db_api.add_item.assert_called_once_with(
mock.ANY, 'sg',
tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', )))
self.nova.security_groups.create.assert_called_once_with(
'groupname', 'Group description')
self.nova.security_groups.reset_mock()
self.db_api.add_item.reset_mock()
self.configure(disable_ec2_classic=True)
self.add_mock_db_items(fakes.DB_VPC_DEFAULT,
fakes.DB_SECURITY_GROUP_DEFAULT)
self.nova.security_groups.create.return_value = (
fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_5))
self.neutron.list_security_groups.return_value = ({
'security_groups': [
copy.deepcopy(fakes.OS_SECURITY_GROUP_1),
fakes.OS_SECURITY_GROUP_DEFAULT
]
})
self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_5
resp = self.execute('CreateSecurityGroup', {
'GroupName': 'groupname2',
'GroupDescription': 'Group description'
})
self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_5, resp['groupId'])
self.db_api.add_item.assert_called_once_with(
mock.ANY, 'sg',
tools.purge_dict(fakes.DB_SECURITY_GROUP_5, ('id', )))
self.nova.security_groups.create.assert_called_once_with(
'groupname2', 'Group description')
