From f095452c0cde7870c917c454e878b04fd46410cf Mon Sep 17 00:00:00 2001 From: shubhamk Date: Thu, 2 Apr 2020 13:15:12 +0000 Subject: [PATCH] Tempest fix below cases - test_create_vpnservice_with_router_enable_snat - test_check_security_group_precedence_at_beckend - test_certificate_backend - test_mac_learning_with_provider_sec_group_enabled_on_port - test_port_security_disabled_port_in_exclude_list - test_router_admin_state_when_vms_hosted Change-Id: Iacfc30dbc3d398361d047f588c131ea20afa5bc3 --- .../services/nsxv3_client.py | 25 +++++++--- .../tests/api/test_vpn.py | 4 +- .../nsxv3/api/test_provider_sec_group.py | 17 ++++--- .../tests/scenario/test_new_case_coverage.py | 47 ++++++++++++++----- 4 files changed, 64 insertions(+), 29 deletions(-) diff --git a/vmware_nsx_tempest_plugin/services/nsxv3_client.py b/vmware_nsx_tempest_plugin/services/nsxv3_client.py index 46302e7..b837ffe 100644 --- a/vmware_nsx_tempest_plugin/services/nsxv3_client.py +++ b/vmware_nsx_tempest_plugin/services/nsxv3_client.py @@ -22,6 +22,7 @@ import six.moves.urllib.parse as urlparse from oslo_log import log as logging from oslo_serialization import jsonutils +from tempest import config from vmware_nsx_tempest_plugin.common import constants @@ -29,6 +30,8 @@ requests.packages.urllib3.disable_warnings() LOG = logging.getLogger(__name__) +CONF = config.CONF + class NSXV3Client(object): """Base NSXv3 REST client""" @@ -650,12 +653,22 @@ class NSXV3Client(object): except Exception: LOG.exception(k_err) raise - if (cert['used_by'][0]['service_types'][0] == - 'Client Authentication' and cert["_create_user"] == - "admin" and "'com.vmware.nsx.openstack'" in cert['used_by'][ - 0]['node_id']): - LOG.info('Client certificate created') - return cert + if CONF.network.backend == 'nsxp': + if (cert['used_by'][0]['service_types'][0] == + 'CLIENT_AUTH' and cert["_create_user"] == + "admin" and "'com.vmware.nsx.openstack'" + in cert['used_by'][ + 0]['node_id']): + LOG.info('Client certificate created') + return cert + else: + if (cert['used_by'][0]['service_types'][0] == + 'Client Authentication' and cert["_create_user"] == + "admin" and "'com.vmware.nsx.openstack'" + in cert['used_by'][ + 0]['node_id']): + LOG.info('Client certificate created') + return cert LOG.error("Client Certificate not created") return None diff --git a/vmware_nsx_tempest_plugin/tests/api/test_vpn.py b/vmware_nsx_tempest_plugin/tests/api/test_vpn.py index 7a6d711..65917f0 100644 --- a/vmware_nsx_tempest_plugin/tests/api/test_vpn.py +++ b/vmware_nsx_tempest_plugin/tests/api/test_vpn.py @@ -198,9 +198,9 @@ class TestVpnOps(feature_manager.FeatureManager): router["id"]) vpn_service = self.nsxp_client.get_vpn_service(router["name"], router["id"]) - self.assertEqual(vpn_service[0].get('tags')[0].get("tag").encode(), + self.assertEqual(vpn_service[0].get('tags')[0].get("tag"), nsx_router["id"]) - self.assertEqual(vpn_service[0].get('resource_type').encode(), + self.assertEqual(vpn_service[0].get('resource_type'), 'IPSecVpnService') else: routers = self.nsx_client.get_logical_routers() diff --git a/vmware_nsx_tempest_plugin/tests/nsxv3/api/test_provider_sec_group.py b/vmware_nsx_tempest_plugin/tests/nsxv3/api/test_provider_sec_group.py index eb9165c..d6ecce2 100644 --- a/vmware_nsx_tempest_plugin/tests/nsxv3/api/test_provider_sec_group.py +++ b/vmware_nsx_tempest_plugin/tests/nsxv3/api/test_provider_sec_group.py @@ -576,15 +576,14 @@ class ProviderSecurityGroupTest(base.BaseAdminNetworkTest): if CONF.network.backend != 'nsxp': if section['applied_tos'][0]['target_type'] == "LogicalRouter": continue - if PROVIDER_SECURITY_GRP in section['display_name'] and \ - provider_sg_name not in section['display_name']: - pass - else: - # check the sec name - break - msg = "Provider group does not have highest priority " \ - "over default security group" - self.assertIn(provider_sg_name, section['display_name'], msg) + if PROVIDER_SECURITY_GRP in section['display_name'] and \ + provider_sg_name not in section['display_name']: + pass + else: + break + msg = "Provider group does not have highest priority " \ + "over default security group" + self.assertIn(provider_sg_name, section['display_name'], msg) @decorators.attr(type='nsxv3') @decorators.idempotent_id('37d8fbfc-eb3f-40c8-a146-70f5df937a2e') diff --git a/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py b/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py index ebb39af..ceded07 100644 --- a/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py +++ b/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py @@ -376,9 +376,37 @@ class TestNewCase(feature_manager.FeatureManager): which is attached to router """ # Create single network attached to router topo - topology_dict = self.create_topo_single_network("admin_state") - router_state = topology_dict['router_state'] - network_state = topology_dict['network_state'] + rtr_name = data_utils.rand_name(name='tempest-router') + network_name = data_utils.rand_name(name='tempest-net') + subnet_name = data_utils.rand_name(name='tempest-subnet') + kwargs = {} + router_state = self.create_topology_router(rtr_name, + set_gateway=True, + routers_client=self. + cmgr_adm.routers_client, + **kwargs) + network_state = self.create_topology_network( + network_name, networks_client=self.cmgr_adm.networks_client) + self.create_topology_subnet( + subnet_name, network_state, router_id=router_state["id"], + routers_client=self.cmgr_adm.routers_client, + subnets_client=self.cmgr_adm.subnets_client) + sec_rule_client = self.sec_rule_client + sec_client = self.sec_client + kwargs = dict(tenant_id=network_state['tenant_id'], + security_group_rules_client=sec_rule_client, + security_groups_client=sec_client) + self.sg = self.create_topology_security_group(**kwargs) + image_id = self.get_glance_image_id(['cirros', "esx"]) + security_groups = [{'name': self.sg['name']}] + self.create_topology_instance( + "state_vm_1", [network_state], + create_floating_ip=True, image_id=image_id, + security_groups=security_groups, clients=self.cmgr_adm) + self.create_topology_instance( + "state_vm_2", [network_state], + create_floating_ip=True, image_id=image_id, + security_groups=security_groups, clients=self.cmgr_adm) # Update router admin state to False kwargs = {"admin_state_up": "False"} self.assertRaises(exceptions.BadRequest, @@ -394,14 +422,8 @@ class TestNewCase(feature_manager.FeatureManager): self.servers_details.get("state_vm_2").floating_ips[0], self.servers_details.get("state_vm_2").server, should_connect=True) # Verify fip ping N-S traffic - for server, details in self.servers_details.items(): - self.verify_ping_to_fip_from_ext_vm(details) self.verify_ping_own_fip(self.topology_servers["state_vm_1"]) self.verify_ping_own_fip(self.topology_servers["state_vm_2"]) - # Update router admin state to False - self.assertRaises(exceptions.BadRequest, - self.routers_client.update_router, - router_state['id'], **kwargs) @decorators.idempotent_id('9006016a-91cc-8905-b217-98844caa2212') def test_dhcp_port_update_with_device_owner_field(self): @@ -518,8 +540,9 @@ class TestNewCase(feature_manager.FeatureManager): for tag in port['tags']: if tag['tag'] == port_id: port_tags = {'tags': port['tags']} - result = (item for item in port_tags['tags'] if - item["tag"] == "Exclude-Port").next() + for item in port_tags['tags']: + if item["tag"] == "Exclude-Port": + result = item["tag"] if result is None: raise Exception("Port is not in exclude list") @@ -562,7 +585,7 @@ class TestNewCase(feature_manager.FeatureManager): vm_state = self.create_topology_instance( "state_vm_1", create_floating_ip=False, image_id=image_id, port=port['port'], - clients=self.cmgr_adm) + clients=self.cmgr_adm, security_groups="undef") self.assertEqual("ACTIVE", vm_state['status']) @decorators.idempotent_id('1207561e-91cc-8905-b217-98844caa79f6')