Ed & Cameron | Refactoring: replace rule comparator with transformers and rule class equality method in rule refresher
This commit is contained in:
parent
d126579181
commit
3751616fbf
|
@ -2,7 +2,7 @@ from copy import deepcopy
|
|||
from rule import Rule
|
||||
|
||||
|
||||
class OpenStackRuleTransformer:
|
||||
class OpenstackRuleTransformer:
|
||||
|
||||
def to_rule(self, openstack_rule):
|
||||
rule_args = deepcopy(openstack_rule)
|
||||
|
|
|
@ -1,31 +1,28 @@
|
|||
class RuleRefresher:
|
||||
|
||||
def __init__(self, openstack_group_manager, ec2_conn, rule_comparator):
|
||||
def __init__(self, openstack_group_manager, ec2_conn, openstack_rule_transformer, ec2_rule_transformer):
|
||||
self.openstack_group_manager = openstack_group_manager
|
||||
self.ec2_conn = ec2_conn
|
||||
self.rule_comparator = rule_comparator
|
||||
self.openstack_rule_transformer = openstack_rule_transformer
|
||||
self.ec2_rule_transformer = ec2_rule_transformer
|
||||
|
||||
def refresh(self, openstack_instance):
|
||||
openstack_group = self.openstack_group_manager.list()[0]
|
||||
openstack_rules = openstack_group.rules
|
||||
|
||||
ec2_group = self.ec2_conn.get_all_security_groups()[0]
|
||||
ec2_rules = ec2_group.rules
|
||||
|
||||
for openstack_rule in openstack_rules:
|
||||
same_rule_exists_on_ec2 = False
|
||||
for ec2_rule in ec2_rules:
|
||||
if self.rule_comparator.rules_are_equal(openstack_rule, ec2_rule):
|
||||
same_rule_exists_on_ec2 = True
|
||||
break
|
||||
|
||||
if not same_rule_exists_on_ec2:
|
||||
self.ec2_conn.authorize_security_group(
|
||||
group_name=openstack_group.name,
|
||||
ip_protocol=openstack_rule['ip_protocol'],
|
||||
from_port=openstack_rule['from_port'],
|
||||
to_port=openstack_rule['to_port'],
|
||||
cidr_ip=openstack_rule['ip_range']['cidr']
|
||||
)
|
||||
for group_dict in openstack_instance.security_groups:
|
||||
openstack_group = [group for group in self.openstack_group_manager.list() if group.name == group_dict['name']][0]
|
||||
ec2_group = self.ec2_conn.get_all_security_groups(groupnames=group_dict['name'])[0]
|
||||
|
||||
for openstack_rule in openstack_group.rules:
|
||||
same_rule_exists_on_ec2 = False
|
||||
for ec2_rule in ec2_group.rules:
|
||||
if self.openstack_rule_transformer.to_rule(openstack_rule) == self.ec2_rule_transformer.to_rule(ec2_rule):
|
||||
same_rule_exists_on_ec2 = True
|
||||
break
|
||||
|
||||
if not same_rule_exists_on_ec2:
|
||||
self.ec2_conn.authorize_security_group(
|
||||
group_name=openstack_group.name,
|
||||
ip_protocol=openstack_rule['ip_protocol'],
|
||||
from_port=openstack_rule['from_port'],
|
||||
to_port=openstack_rule['to_port'],
|
||||
cidr_ip=openstack_rule['ip_range']['cidr']
|
||||
)
|
|
@ -5,20 +5,25 @@ from fake_ec2_rule_builder import FakeEC2RuleBuilder
|
|||
import unittest
|
||||
|
||||
|
||||
|
||||
class TestEC2RuleTransformer(unittest.TestCase):
|
||||
|
||||
def setUp(self):
|
||||
self.ec2_connection = Mock()
|
||||
self.ec2_rule_transformer = EC2RuleTransformer(self.ec2_connection)
|
||||
|
||||
def test_should_copy_ip_protocol_and_port_attributes(self):
|
||||
def test_should_copy_ip_protocol(self):
|
||||
ec2_rule = FakeEC2RuleBuilder.an_ec2_rule().build()
|
||||
|
||||
rule = self.ec2_rule_transformer.to_rule(ec2_rule)
|
||||
|
||||
self.assertEqual(rule.ip_protocol, ec2_rule.ip_protocol)
|
||||
|
||||
def test_should_copy_from_port(self):
|
||||
ec2_rule = FakeEC2RuleBuilder.an_ec2_rule().build()
|
||||
rule = self.ec2_rule_transformer.to_rule(ec2_rule)
|
||||
self.assertEqual(rule.from_port, ec2_rule.from_port)
|
||||
|
||||
def test_should_copy_to_port(self):
|
||||
ec2_rule = FakeEC2RuleBuilder.an_ec2_rule().build()
|
||||
rule = self.ec2_rule_transformer.to_rule(ec2_rule)
|
||||
self.assertEqual(rule.to_port, ec2_rule.to_port)
|
||||
|
||||
def test_should_copy_ip_range_attribute_from_grant(self):
|
||||
|
|
|
@ -8,13 +8,15 @@ import novaclient
|
|||
from novaclient.v1_1.servers import Server
|
||||
|
||||
from nova.virt.ec2.rule_refresher import RuleRefresher
|
||||
from nova.virt.ec2.rule_comparator import RuleComparator
|
||||
from nova.virt.ec2.openstack_rule_transformer import OpenstackRuleTransformer
|
||||
from nova.virt.ec2.ec2_rule_transformer import EC2RuleTransformer
|
||||
from nova.virt.ec2.rule import Rule
|
||||
|
||||
GROUP_NAME = 'secGroup'
|
||||
|
||||
class TestRuleRefresher(unittest.TestCase):
|
||||
def setUp(self):
|
||||
self.new_rule = {'ip_protocol': 'abc', 'from_port': 1111, 'to_port': 2222, 'ip_range': {'cidr': '1.2.3.4/55'}}
|
||||
self.existing_new_rule = {'ip_protocol': 'abc', 'from_port': 1111, 'to_port': 2222, 'ip_range': {'cidr': '1.2.3.4/55'}}
|
||||
|
||||
self.openstack_group = Mock()
|
||||
self.openstack_group.name = GROUP_NAME
|
||||
|
@ -31,12 +33,14 @@ class TestRuleRefresher(unittest.TestCase):
|
|||
self.ec2_connection = Mock(spec=EC2Connection)
|
||||
self.ec2_connection.get_all_security_groups.return_value = [self.ec2_group]
|
||||
|
||||
self.rule_comparator = Mock(spec=RuleComparator)
|
||||
self.openstack_rule_transformer = Mock(spec=OpenstackRuleTransformer)
|
||||
self.ec2_rule_transformer = Mock(spec=EC2RuleTransformer)
|
||||
|
||||
self.rule_refresher = RuleRefresher(self.openstack_group_manager, self.ec2_connection, self.rule_comparator)
|
||||
self.rule_refresher = RuleRefresher(self.openstack_group_manager, self.ec2_connection,
|
||||
self.openstack_rule_transformer, self.ec2_rule_transformer)
|
||||
|
||||
def test_should_add_rule_to_ec2_security_group_when_rule_associated_with_group_on_openstack(self):
|
||||
self.openstack_group.rules = [self.new_rule]
|
||||
self.openstack_group.rules = [self.existing_new_rule]
|
||||
self.ec2_group.rules = []
|
||||
|
||||
self.rule_refresher.refresh(self.openstack_instance)
|
||||
|
@ -50,25 +54,62 @@ class TestRuleRefresher(unittest.TestCase):
|
|||
)
|
||||
|
||||
def test_should_add_rule_to_ec2_security_group_when_other_rule_already_on_both(self):
|
||||
existing_rule = {'ip_protocol': 'hi', 'from_port': 3333, 'to_port': 4444, 'ip_range': {'cidr': '6.7.8.9/00'}}
|
||||
existing_openstack_rule = {'ip_protocol': 'hi', 'from_port': 3333, 'to_port': 4444, 'ip_range': {'cidr': '6.7.8.9/00'}}
|
||||
existing_ec2_rule = {'attribute': 'value'}
|
||||
existing_transformed_rule = Rule('sdfg', 5, 6, '7.7.7.7/77')
|
||||
new_transformed_rule = Rule('hjkl', 7, 8, '9.9.9.9/99')
|
||||
|
||||
self.openstack_group.rules = [
|
||||
existing_rule,
|
||||
self.new_rule
|
||||
existing_openstack_rule,
|
||||
self.existing_new_rule
|
||||
]
|
||||
self.ec2_group.rules = [existing_ec2_rule]
|
||||
|
||||
def mock_rules_are_equal(openstack_rule, ec2_rule):
|
||||
return openstack_rule == existing_rule
|
||||
self.rule_comparator.rules_are_equal.side_effect = mock_rules_are_equal
|
||||
def mock_openstack_to_rule(openstack_rule):
|
||||
return existing_transformed_rule if openstack_rule == existing_openstack_rule else new_transformed_rule
|
||||
|
||||
def mock_ec2_to_rule(ec2_rule):
|
||||
if ec2_rule == existing_ec2_rule:
|
||||
return existing_transformed_rule
|
||||
|
||||
self.openstack_rule_transformer.to_rule.side_effect = mock_openstack_to_rule
|
||||
self.ec2_rule_transformer.to_rule.side_effect = mock_ec2_to_rule
|
||||
|
||||
self.rule_refresher.refresh(self.openstack_instance)
|
||||
|
||||
self.ec2_connection.authorize_security_group.assert_called_once_with(
|
||||
group_name=GROUP_NAME,
|
||||
ip_protocol=self.new_rule['ip_protocol'],
|
||||
from_port=self.new_rule['from_port'],
|
||||
to_port=self.new_rule['to_port'],
|
||||
cidr_ip=self.new_rule['ip_range']['cidr']
|
||||
ip_protocol=self.existing_new_rule['ip_protocol'],
|
||||
from_port=self.existing_new_rule['from_port'],
|
||||
to_port=self.existing_new_rule['to_port'],
|
||||
cidr_ip=self.existing_new_rule['ip_range']['cidr']
|
||||
)
|
||||
|
||||
def test_should_add_rule_to_corresponding_ec2_group_when_other_groups_present(self):
|
||||
openstack_group2 = Mock()
|
||||
openstack_group2.name = "group2"
|
||||
ec2_group2 = Mock()
|
||||
ec2_group2.rules = []
|
||||
self.ec2_group.rules = []
|
||||
|
||||
self.openstack_group.rules = [self.existing_new_rule]
|
||||
openstack_group2.rules = []
|
||||
self.openstack_instance.security_groups = [{'name': GROUP_NAME}, {'name': openstack_group2.name}]
|
||||
|
||||
self.openstack_group_manager.list.return_value = [openstack_group2, self.openstack_group]
|
||||
|
||||
def mock_get_all_security_groups(groupnames=None):
|
||||
if groupnames == ec2_group2.name:
|
||||
return [ec2_group2]
|
||||
return [self.ec2_group]
|
||||
self.ec2_connection.get_all_security_groups.side_effect = mock_get_all_security_groups
|
||||
|
||||
self.rule_refresher.refresh(self.openstack_instance)
|
||||
|
||||
self.ec2_connection.authorize_security_group.assert_called_once_with(
|
||||
group_name=GROUP_NAME,
|
||||
ip_protocol=self.existing_new_rule['ip_protocol'],
|
||||
from_port=self.existing_new_rule['from_port'],
|
||||
to_port=self.existing_new_rule['to_port'],
|
||||
cidr_ip=self.existing_new_rule['ip_range']['cidr']
|
||||
)
|
Loading…
Reference in New Issue