Allow port security to be disabled
Allow Murano application packages to specify whether port security should be disabled for a network. With this change, Murano will now propagate to Heat the application's desire to disable port security if the application sets a new flag, port_security_disable, to true in the Neutron network object. Change-Id: Iab25b4901010c24aef42213a7a9082b7594a5a16 Closes-Bug: 1759914
This commit is contained in:
parent
2670b434a7
commit
17f00ca8b0
|
@ -17,6 +17,10 @@ Namespaces:
|
|||
|
||||
Name: NeutronNetworkBase
|
||||
|
||||
Properties:
|
||||
port_security_disable:
|
||||
Contract: $.bool()
|
||||
|
||||
Extends: Network
|
||||
|
||||
Methods:
|
||||
|
@ -82,7 +86,7 @@ Methods:
|
|||
- subnet: $subnetRef
|
||||
- $patchTemplate: $patchTemplate.mergeWith($template)
|
||||
|
||||
- If: $securityGroupsEnabled
|
||||
- If: $securityGroupsEnabled and not $.port_security_disable
|
||||
Then:
|
||||
- If: len($securityGroups) > 0 and $securityGroups[0] != ""
|
||||
Then:
|
||||
|
@ -107,6 +111,16 @@ Methods:
|
|||
- get_resource: $securityGroupName
|
||||
- $patchTemplate: $patchTemplate.mergeWith($template)
|
||||
|
||||
- If: $.port_security_disable
|
||||
Then:
|
||||
- $template:
|
||||
resources:
|
||||
$portName:
|
||||
properties:
|
||||
port_security_enabled: false
|
||||
|
||||
- $patchTemplate: $patchTemplate.mergeWith($template)
|
||||
|
||||
- $instanceResources: [$portName]
|
||||
- $instanceOutputs: [$addressesOutputName]
|
||||
|
||||
|
|
Loading…
Reference in New Issue