def test_env_caps_off_sg_async_update(self): """This test ensures that envcaps off works as designed.""" env_set = [ env.Capabilities.SECURITY_GROUPS, env.Capabilities.TENANT_NETWORK_SG, env.Capabilities.EGRESS, ] override = ','.join(env_set) old_override = cfg.CONF.QUARK.environment_capabilities cfg.CONF.set_override("environment_capabilities", override, "QUARK") cidr = "192.168.1.0/24" network = dict(id='1', name="public", tenant_id="make", network_plugin="BASE", ipam_strategy="ANY") network = {"network": network} subnet_v4 = dict(id='1', ip_version=4, cidr=cidr, tenant_id="fake") subnet_v4_info = {"subnet": subnet_v4} try: with self._stubs(network, subnet_v4_info) as (net, sub_v4, update): port1 = port_api.create_port(self.context, self._make_body(net)) self.assertIsNotNone(port1) sg_body = dict(tenant_id="derp", name="test sg", description="none") sg_body = dict(security_group=sg_body) sg = sg_api.create_security_group(self.context, sg_body) self.assertIsNotNone(sg) sgid = sg['id'] self.assertIsNotNone(sgid) port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port1 = port_api.update_port(self.context, port1['id'], port_body) self.assertIsNotNone(port1) sgr_body = { 'protocol': 'tcp', 'security_group_id': sgid, 'tenant_id': "derp", 'direction': 'ingress' } sgr_body = dict(security_group_rule=sgr_body) sgr = sg_api.create_security_group_rule(self.context, sgr_body) self.assertIsNotNone(sgr) self.assertFalse(update.called) finally: cfg.CONF.set_override("environment_capabilities", old_override, "QUARK")
def test_env_caps_on_sg_async_update(self): """This test ensures that envcaps on works as designed.""" env_set = [ env.Capabilities.SECURITY_GROUPS, env.Capabilities.TENANT_NETWORK_SG, env.Capabilities.EGRESS, env.Capabilities.SG_UPDATE_ASYNC ] override = ','.join(env_set) old_override = cfg.CONF.QUARK.environment_capabilities cfg.CONF.set_override("environment_capabilities", override, "QUARK") cidr = "192.168.1.0/24" network = dict(id='1', name="public", tenant_id="make", network_plugin="BASE", ipam_strategy="ANY") network = {"network": network} subnet_v4 = dict(id='1', ip_version=4, cidr=cidr, tenant_id="fake") subnet_v4_info = {"subnet": subnet_v4} try: with self._stubs(network, subnet_v4_info) as (net, sub_v4, update): port1 = port_api.create_port( self.context, self._make_body(net)) self.assertIsNotNone(port1) sg_body = dict(tenant_id="derp", name="test sg", description="none") sg_body = dict(security_group=sg_body) sg = sg_api.create_security_group(self.context, sg_body) self.assertIsNotNone(sg) sgid = sg['id'] self.assertIsNotNone(sgid) port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port1 = port_api.update_port(self.context, port1['id'], port_body) sgr_body = {'protocol': 'tcp', 'security_group_id': sgid, 'tenant_id': "derp", 'direction': 'ingress'} sgr_body = dict(security_group_rule=sgr_body) sgr = sg_api.create_security_group_rule(self.context, sgr_body) self.assertIsNotNone(sgr) self.assertTrue(update.called) finally: cfg.CONF.set_override("environment_capabilities", old_override, "QUARK")
def test_gather_sg_ports(self): """Checking if gather ports works as designed. """ cidr = "192.168.1.0/24" network = dict(id='1', name="public", tenant_id="make", network_plugin="BASE", ipam_strategy="ANY") network = {"network": network} subnet_v4 = dict(id='1', ip_version=4, cidr=cidr, tenant_id="fake") subnet_v4_info = {"subnet": subnet_v4} with self._stubs(network, subnet_v4_info) as (net, sub_v4, update): port1 = port_api.create_port(self.context, self._make_body(net)) self.assertIsNotNone(port1) port2 = port_api.create_port(self.context, self._make_body(net)) self.assertIsNotNone(port2) sg_body = dict(tenant_id="derp", name="test sg", description="none") sg_body = dict(security_group=sg_body) sg = sg_api.create_security_group(self.context, sg_body) self.assertIsNotNone(sg) sgid = sg['id'] self.assertIsNotNone(sgid) assoc_ports = self._get_assoc_ports(sgid) self.assertEqual(0, len(assoc_ports)) port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port1 = port_api.update_port(self.context, port1['id'], port_body) self.assertIsNotNone(port1) assoc_ports = self._get_assoc_ports(sgid) self.assertEqual(1, len(assoc_ports)) # NOTE: this is duplicated because update_port modifies the params port_body = {'security_groups': [sgid]} port_body = dict(port=port_body) port2 = port_api.update_port(self.context, port2['id'], port_body) self.assertIsNotNone(port2) assoc_ports = self._get_assoc_ports(sgid) self.assertEqual(2, len(assoc_ports))
def create_security_group(self, context, security_group): self._fix_missing_tenant_id(context, security_group["security_group"]) return security_groups.create_security_group(context, security_group)
def create_security_group(self, context, security_group, net_driver): return security_groups.create_security_group(context, security_group, net_driver)
def create_security_group(self, context, security_group): return security_groups.create_security_group(context, security_group)