Merge "test to add support of 0.0.0.0/0 remote ip prefix in securitygroup in nsxv"

This commit is contained in:
Zuul 2019-10-23 07:00:20 +00:00 committed by Gerrit Code Review
commit 14f6ba9bc6
1 changed files with 30 additions and 3 deletions

View File

@ -91,11 +91,16 @@ class ProviderSecGroup(base.BaseAdminNetworkTest):
def create_security_group_rule(self, security_group_id,
cmgr=None, project_id=None,
protocol=None):
protocol=None, remote_ip_prefix=None):
cmgr = cmgr or self.cmgr_adm
sgr_client = cmgr.security_group_rules_client
sgr_dict = dict(security_group_id=security_group_id,
direction='ingress', protocol=protocol)
if remote_ip_prefix:
sgr_dict = dict(security_group_id=security_group_id,
direction='ingress', protocol=protocol,
remote_ip_prefix=remote_ip_prefix)
else:
sgr_dict = dict(security_group_id=security_group_id,
direction='ingress', protocol=protocol)
if project_id:
sgr_dict['tenant_id'] = project_id
sgr = sgr_client.create_security_group_rule(**sgr_dict)
@ -249,6 +254,28 @@ class ProviderSecGroup(base.BaseAdminNetworkTest):
sg_rule2_id = sg_rule2.get('id')
self.assertNotEqual(sg_rule1_id, sg_rule2_id)
@decorators.attr(type='nsxv')
@decorators.idempotent_id('b1e904fb-a70a-400e-a757-d772aab152ec')
def test_provider_sec_group_with_0_0_0_0_remote_ip_prefix(self):
cidr = '0.0.0.0/0'
project_id = self.cmgr_adm.networks_client.tenant_id
sg = self.create_security_provider_group(self.cmgr_adm,
project_id=project_id)
sg_id = sg.get('id')
sg_rule1 = self.create_security_group_rule(sg.get('id'),
cmgr=self.cmgr_adm,
project_id=project_id,
protocol='icmp',
remote_ip_prefix=cidr)
sg_rule1_id = sg_rule1.get('id')
sg_client = self.cmgr_adm.security_groups_client
show_sec_group = sg_client.show_security_group(sg_id)
actual_rule_id = None
for rule in show_sec_group['security_group']['security_group_rules']:
if rule['remote_ip_prefix'] == cidr:
actual_rule_id = rule['id']
self.assertEqual(sg_rule1_id, actual_rule_id)
@decorators.attr(type='nsxv')
@decorators.idempotent_id('edd94f8c-53b7-4286-9350-0ddc0af3213b')
def test_clear_provider_sec_group_from_port(self):