def test_env_caps_off_sg_async_update(self): """This test ensures that envcaps off works as designed.""" env_set = [ env.Capabilities.SECURITY_GROUPS, env.Capabilities.TENANT_NETWORK_SG, env.Capabilities.EGRESS, ] override = ','.join(env_set) old_override = cfg.CONF.QUARK.environment_capabilities cfg.CONF.set_override("environment_capabilities", override, "QUARK") cidr = "192.168.1.0/24" network = dict(id='1', name="public", tenant_id="make", network_plugin="BASE", ipam_strategy="ANY") network = {"network": network} subnet_v4 = dict(id='1', ip_version=4, cidr=cidr, tenant_id="fake") subnet_v4_info = {"subnet": subnet_v4} try: with self._stubs(network, subnet_v4_info) as (net, sub_v4, update): port1 = port_api.create_port(self.context, self._make_body(net)) self.assertIsNotNone(port1) sg_body = dict(tenant_id="derp", name="test sg", description="none") sg_body = dict(security_group=sg_body) sg = sg_api.create_security_group(self.context, sg_body) self.assertIsNotNone(sg) sgid = sg['id'] self.assertIsNotNone(sgid) port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port1 = port_api.update_port(self.context, port1['id'], port_body) self.assertIsNotNone(port1) sgr_body = { 'protocol': 'tcp', 'security_group_id': sgid, 'tenant_id': "derp", 'direction': 'ingress' } sgr_body = dict(security_group_rule=sgr_body) sgr = sg_api.create_security_group_rule(self.context, sgr_body) self.assertIsNotNone(sgr) self.assertFalse(update.called) finally: cfg.CONF.set_override("environment_capabilities", old_override, "QUARK")
def test_env_caps_on_sg_async_update(self): """This test ensures that envcaps on works as designed.""" env_set = [ env.Capabilities.SECURITY_GROUPS, env.Capabilities.TENANT_NETWORK_SG, env.Capabilities.EGRESS, env.Capabilities.SG_UPDATE_ASYNC ] override = ','.join(env_set) old_override = cfg.CONF.QUARK.environment_capabilities cfg.CONF.set_override("environment_capabilities", override, "QUARK") cidr = "192.168.1.0/24" network = dict(id='1', name="public", tenant_id="make", network_plugin="BASE", ipam_strategy="ANY") network = {"network": network} subnet_v4 = dict(id='1', ip_version=4, cidr=cidr, tenant_id="fake") subnet_v4_info = {"subnet": subnet_v4} try: with self._stubs(network, subnet_v4_info) as (net, sub_v4, update): port1 = port_api.create_port( self.context, self._make_body(net)) self.assertIsNotNone(port1) sg_body = dict(tenant_id="derp", name="test sg", description="none") sg_body = dict(security_group=sg_body) sg = sg_api.create_security_group(self.context, sg_body) self.assertIsNotNone(sg) sgid = sg['id'] self.assertIsNotNone(sgid) port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port1 = port_api.update_port(self.context, port1['id'], port_body) sgr_body = {'protocol': 'tcp', 'security_group_id': sgid, 'tenant_id': "derp", 'direction': 'ingress'} sgr_body = dict(security_group_rule=sgr_body) sgr = sg_api.create_security_group_rule(self.context, sgr_body) self.assertIsNotNone(sgr) self.assertTrue(update.called) finally: cfg.CONF.set_override("environment_capabilities", old_override, "QUARK")
def create_security_group_rule(self, context, security_group_rule): self._fix_missing_tenant_id(context, security_group_rule["security_group_rule"]) return security_groups.create_security_group_rule(context, security_group_rule)
def create_security_group_rule(self, context, security_group_rule, net_driver): return security_groups.create_security_group_rule(context, security_group_rule, net_driver)
def create_security_group_rule(self, context, security_group, security_group_rule, net_driver): self._fix_missing_tenant_id(context, security_group["security_group"]) return security_groups.create_security_group_rule(context, security_group_rule, net_driver)
def create_security_group_rule(self, context, security_group_rule): self._fix_missing_tenant_id(context, security_group_rule["security_group_rule"]) return security_groups.create_security_group_rule( context, security_group_rule)
def create_security_group_rule(self, context, security_group_rule): return security_groups.create_security_group_rule( context, security_group_rule)
def create_security_group_rule(self, context, security_group_rule): return security_groups.create_security_group_rule(context, security_group_rule)