Enable IPv6 in manila(allow access)

Please read spec for design detail [1]. Add support to validate IPv6 based addresses in allow access API when access type is IP. [1] f7202a6cfe32a057f752a4e393f848f8a0211c36 APIImpact DocImpact Change-Id: Ica242007e77a7e21b2151e5fc32401b501d961b2 Partial-Implements: blueprint support-ipv6-access
2016-05-04 11:47:03 +08:00 · 2016-05-04 11:47:03 +08:00 · 72974ff6a5
parent 2982c3b234
commit 72974ff6a5
5 changed files with 62 additions and 74 deletions
--- a/manila_tempest_tests/config.py
+++ b/manila_tempest_tests/config.py
@ -30,7 +30,7 @@ ShareGroup = [
               help="The minimum api microversion is configured to be the "
                    "value of the minimum microversion supported by Manila."),
    cfg.StrOpt("max_api_microversion",
-               default="2.37",
+               default="2.38",
               help="The maximum api microversion is configured to be the "
                    "value of the latest microversion supported by Manila."),
    cfg.StrOpt("region",
--- a/manila_tempest_tests/tests/api/test_rules.py
+++ b/manila_tempest_tests/tests/api/test_rules.py
@ -13,9 +13,9 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-import itertools

 import ddt
+import itertools
 from tempest import config
 from tempest.lib import exceptions as lib_exc
 import testtools
@ -92,11 +92,15 @@ class ShareIpRulesForNFSTest(base.BaseSharesTest):
        cls.access_to = "2.2.2.2"

    @tc.attr(base.TAG_POSITIVE, base.TAG_BACKEND)
-    @ddt.data(*set(['1.0', '2.9', '2.27', '2.28', LATEST_MICROVERSION]))
-    def test_create_delete_access_rules_with_one_ip(self, version):
-
-        # test data
-        access_to = "1.1.1.1"
+    @ddt.data(*itertools.chain(
+        itertools.product({'1.0', '2.9', '2.37', LATEST_MICROVERSION},
+                          {utils.rand_ip()}),
+        itertools.product({'2.37', LATEST_MICROVERSION},
+                          {utils.rand_ipv6_ip()})
+    ))
+    @ddt.unpack
+    def test_create_delete_access_rules_with_one_ip(self, version,
+                                                    access_to):

        # create rule
        if utils.is_microversion_eq(version, '1.0'):
@ -140,11 +144,14 @@ class ShareIpRulesForNFSTest(base.BaseSharesTest):
                rule_id=rule["id"], share_id=self.share['id'], version=version)

    @tc.attr(base.TAG_POSITIVE, base.TAG_BACKEND)
-    @ddt.data(*set(['1.0', '2.9', '2.27', '2.28', LATEST_MICROVERSION]))
-    def test_create_delete_access_rule_with_cidr(self, version):
-
-        # test data
-        access_to = "1.2.3.4/32"
+    @ddt.data(*itertools.chain(
+        itertools.product({'1.0', '2.9', '2.37', LATEST_MICROVERSION},
+                          {utils.rand_ip(network=True)}),
+        itertools.product({'2.37', LATEST_MICROVERSION},
+                          {utils.rand_ipv6_ip(network=True)})
+    ))
+    @ddt.unpack
+    def test_create_delete_access_rule_with_cidr(self, version, access_to):

        # create rule
        if utils.is_microversion_eq(version, '1.0'):
--- a/manila_tempest_tests/tests/api/test_rules_negative.py
+++ b/manila_tempest_tests/tests/api/test_rules_negative.py
@ -46,60 +46,23 @@ class ShareIpRulesForNFSNegativeTest(base.BaseSharesMixedTest):
            cls.snap = cls.create_snapshot_wait_for_active(cls.share["id"])

    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_1(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.256")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_2(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.1.1.-")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_3(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.4/33")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_4(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.*")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_5(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.*/23")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_6(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.1|23")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_7(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.1/-1")
-
-    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
-    @ddt.data('shares_client', 'shares_v2_client')
-    def test_create_access_rule_ip_with_wrong_target_8(self, client_name):
-        self.assertRaises(lib_exc.BadRequest,
-                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "ip", "1.2.3.1/")
+    @ddt.data('1.2.3.256',
+              '1.1.1.-',
+              '1.2.3.4/33',
+              '1.2.3.*',
+              '1.2.3.*/23',
+              '1.2.3.1|23',
+              '1.2.3.1/-1',
+              '1.2.3.1/',
+              'ad80::abaa:0:c2:2/-3',
+              'AD80:ABAA::|26',
+              '2001:DB8:2de:0:0:0:0:e13:200a',
+              )
+    def test_create_access_rule_ip_with_wrong_target(self, ip_address):
+        for client_name in ['shares_client', 'shares_v2_client']:
+            self.assertRaises(lib_exc.BadRequest,
+                              getattr(self, client_name).create_access_rule,
+                              self.share["id"], "ip", ip_address)

    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
    @ddt.data('shares_client', 'shares_v2_client')
--- a/manila_tempest_tests/tests/api/test_snapshot_rules_negative.py
+++ b/manila_tempest_tests/tests/api/test_snapshot_rules_negative.py
@ -48,10 +48,10 @@ class SnapshotIpRulesForNFSNegativeTest(

    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
    @ddt.data("1.2.3.256", "1.1.1.-", "1.2.3.4/33", "1.2.3.*", "1.2.3.*/23",
-              "1.2.3.1|23", "1.2.3.1/",  "1.2.3.1/-1", "fe00::1",
-              "fe80::217:f2ff:fe07:ed62", "2001:db8::/48", "::1/128",
-              "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
-              "2001:0db8:0000:85a3:0000:0000:ac1f:8001")
+              "1.2.3.1|23", "1.2.3.1/",  "1.2.3.1/-1",
+              "fe80:217:f2ff:fe07:ed62", "2001:db8::1/148",
+              "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
+              "2001:0db8:0000:85a3:0000:0000:ac1f:8001/64")
    def test_create_access_rule_ip_with_wrong_target(self, target):
        self.assertRaises(lib_exc.BadRequest,
                          self.shares_v2_client.create_snapshot_access_rule,
--- a/manila_tempest_tests/utils.py
+++ b/manila_tempest_tests/utils.py
@ -13,6 +13,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

+from netaddr import ip
 import random
 import re

@ -90,16 +91,33 @@ def skip_if_microversion_lt(microversion):
    return lambda f: f


-def rand_ip():
+def rand_ip(network=False):
    """This uses the TEST-NET-3 range of reserved IP addresses.

    Using this range, which are reserved solely for use in
    documentation and example source code, should avoid any potential
    conflicts in real-world testing.
    """
-    TEST_NET_3 = '203.0.113.'
-    final_octet = six.text_type(random.randint(0, 255))
-    return TEST_NET_3 + final_octet
+    test_net_3 = '203.0.113.'
+    address = test_net_3 + six.text_type(random.randint(0, 255))
+    if network:
+        mask_length = six.text_type(random.randint(24, 32))
+        address = '/'.join((address, mask_length))
+        ip_network = ip.IPNetwork(address)
+        return '/'.join((six.text_type(ip_network.network), mask_length))
+    return address
+
+
+def rand_ipv6_ip(network=False):
+    """This uses the IPv6 documentation range of 2001:DB8::/32"""
+    ran_add = ["%x" % random.randrange(0, 16**4) for i in range(6)]
+    address = "2001:0DB8:" + ":".join(ran_add)
+    if network:
+        mask_length = six.text_type(random.randint(32, 128))
+        address = '/'.join((address, mask_length))
+        ip_network = ip.IPNetwork(address)
+        return '/'.join((six.text_type(ip_network.network), mask_length))
+    return address


 def choose_matching_backend(share, pools, share_type):