def test_create_sg_rule(
self, mock_check_rg, mock_get_sg, mock_create_sgrule):
mock_check_rg.side_effect = azure_mock.get_fake_resource_group
mock_get_sg.side_effect = azure_mock.get_fake_sg
mock_create_sgrule.side_effect = azure_mock.create_anything
sg_rule = self.get_fake_sg_rule()
azure_rule = utils.convert_sg_rule(sg_rule)
azure_rule['priority'] = 100
self.assertIsNone(self.driver._create_secrule(
security_group_rule=sg_rule))
mock_create_sgrule.assert_called_once_with(
self.driver.network_client, azure_conf.resource_group,
"secgrp-" + sg_rule['security_group_id'],
"secrule-" + sg_rule['id'], azure_rule)
def _create_secrule(self, **kwargs):
net_svc = self.network_client
resource_group = azure_conf.resource_group
rule = kwargs['security_group_rule']
azure_rule = utils.convert_sg_rule(rule)
sg_name = self._azure_secgrp_id(rule['security_group_id'])
name = self._azure_secrule_id(rule['id'])
sg = utils.get_sg(net_svc, resource_group, sg_name)
# Each Azure security rule has a priority.
# The value can be between 100 and 4096. The priority number must be
# unique for each rule in the collection. The lower the priority
# number, the higher the priority of the rule.
previous_priorities = sorted([i.priority for i in sg.security_rules])
if previous_priorities:
priority = previous_priorities[-1] + 1
else:
priority = 100
azure_rule['priority'] = priority
utils.create_sg_rule(net_svc, resource_group, sg_name, name,
azure_rule)
def _validate_secrule(self, **kwargs):
rule = kwargs['security_group_rule']
utils.convert_sg_rule(rule)