Merge "Allow updating TLS refs" into stable/liberty

2015-10-07 00:30:34 +00:00 · 2015-10-07 00:30:34 +00:00 · 2ada28e3d0
parent b3460886cd aaa235010c
commit 2ada28e3d0
3 changed files with 75 additions and 9 deletions
--- a/neutron_lbaas/db/loadbalancer/loadbalancer_dbv2.py
+++ b/neutron_lbaas/db/loadbalancer/loadbalancer_dbv2.py
@ -319,8 +319,9 @@ class LoadBalancerPluginDbv2(base_db.CommonDbMixin,
                        listener[id] = None

                self._validate_listener_data(context, listener)
-
-                sni_container_ids = listener.pop('sni_container_ids')
+                sni_container_ids = []
+                if 'sni_container_ids' in listener:
+                    sni_container_ids = listener.pop('sni_container_ids')
                listener_db_entry = models.Listener(**listener)
                for container_id in sni_container_ids:
                    sni = models.SNI(listener_id=listener_db_entry.id,
--- a/neutron_lbaas/services/loadbalancer/plugin.py
+++ b/neutron_lbaas/services/loadbalancer/plugin.py
@ -566,10 +566,14 @@ class LoadBalancerPluginv2(loadbalancerv2.LoadBalancerPluginBaseV2):
    def _validate_tls(self, listener, curr_listener=None):
        def validate_tls_container(container_ref):
            cert_container = None
+            if curr_listener:
+                service_url = self._get_service_url(curr_listener)
+            else:
+                service_url = self._get_service_url(listener)
            try:
                cert_container = CERT_MANAGER_PLUGIN.CertManager.get_cert(
                    container_ref,
-                    resource_ref=self._get_service_url(listener))
+                    resource_ref=service_url)
            except Exception as e:
                if hasattr(e, 'status_code') and e.status_code == 404:
                    raise loadbalancerv2.TLSContainerNotFound(
@ -602,7 +606,8 @@ class LoadBalancerPluginv2(loadbalancerv2.LoadBalancerPluginBaseV2):
            raise loadbalancerv2.TLSDefaultContainerNotSpecified()
        if not curr_listener:
            to_validate.extend([listener['default_tls_container_ref']])
-            to_validate.extend(listener['sni_container_refs'])
+            if 'sni_container_refs' in listener:
+                to_validate.extend(listener['sni_container_refs'])
        elif curr_listener['provisioning_status'] == constants.ERROR:
            to_validate.extend(curr_listener['default_tls_container_id'])
            to_validate.extend([
@ -611,9 +616,9 @@ class LoadBalancerPluginv2(loadbalancerv2.LoadBalancerPluginBaseV2):
        else:
            if (curr_listener['default_tls_container_id'] !=
                    listener['default_tls_container_ref']):
-                to_validate.extend(listener['default_tls_container_ref'])
+                to_validate.extend([listener['default_tls_container_ref']])

-            if (listener['sni_container_refs'] is not None and
+            if ('sni_container_refs' in listener and
                    [container['tls_container_id'] for container in (
                        curr_listener['sni_containers'])] !=
                    listener['sni_container_refs']):
@ -630,7 +635,7 @@ class LoadBalancerPluginv2(loadbalancerv2.LoadBalancerPluginBaseV2):
            cfg.CONF.service_auth.service_name,
            cfg.CONF.service_auth.region,
            constants.LOADBALANCER,
-            listener.get('loadbalancer_id'))
+            listener['loadbalancer_id'])

    def create_listener(self, context, listener):
        listener = listener.get('listener')
@ -664,13 +669,12 @@ class LoadBalancerPluginv2(loadbalancerv2.LoadBalancerPluginBaseV2):

            default_tls_container_ref = listener.get(
                'default_tls_container_ref')
-            sni_container_refs = listener.get('sni_container_refs')
            if not default_tls_container_ref:
                listener['default_tls_container_ref'] = (
                    # NOTE(blogan): not changing to ref bc this dictionary is
                    # created from a data model
                    curr_listener['default_tls_container_id'])
-            if not sni_container_refs:
+            if 'sni_container_refs' not in listener:
                listener['sni_container_ids'] = [
                    container.tls_container_id for container in (
                        curr_listener['sni_containers'])]
--- a/neutron_lbaas/tests/unit/services/loadbalancer/test_loadbalancer_plugin.py
+++ b/neutron_lbaas/tests/unit/services/loadbalancer/test_loadbalancer_plugin.py
@ -589,6 +589,39 @@ class LoadBalancerExtensionV2TestCase(base.ExtensionTestCase):
        self.assertIn('listener', res)
        self.assertEqual(res['listener'], return_value)

+    def test_listener_create_with_tls(self):
+        listener_id = _uuid()
+        tls_ref = 'http://example.ref/uuid'
+        sni_refs = ['http://example.ref/uuid',
+                    'http://example.ref/uuid1']
+        data = {'listener': {'tenant_id': _uuid(),
+                             'name': 'listen-name-1',
+                             'description': 'listen-1-desc',
+                             'protocol': 'HTTP',
+                             'protocol_port': 80,
+                             'default_tls_container_ref': tls_ref,
+                             'sni_container_refs': sni_refs,
+                             'connection_limit': 100,
+                             'admin_state_up': True,
+                             'loadbalancer_id': _uuid()}}
+        return_value = copy.copy(data['listener'])
+        return_value.update({'id': listener_id})
+        del return_value['loadbalancer_id']
+
+        instance = self.plugin.return_value
+        instance.create_listener.return_value = return_value
+
+        res = self.api.post(_get_path('lbaas/listeners', fmt=self.fmt),
+                            self.serialize(data),
+                            content_type='application/{0}'.format(self.fmt))
+        instance.create_listener.assert_called_with(mock.ANY,
+                                                    listener=data)
+
+        self.assertEqual(res.status_int, exc.HTTPCreated.code)
+        res = self.deserialize(res)
+        self.assertIn('listener', res)
+        self.assertEqual(res['listener'], return_value)
+
    def test_listener_list(self):
        listener_id = _uuid()
        return_value = [{'admin_state_up': True,
@ -628,6 +661,34 @@ class LoadBalancerExtensionV2TestCase(base.ExtensionTestCase):
        self.assertIn('listener', res)
        self.assertEqual(res['listener'], return_value)

+    def test_listener_update_with_tls(self):
+        listener_id = _uuid()
+        tls_ref = 'http://example.ref/uuid'
+        sni_refs = ['http://example.ref/uuid',
+                    'http://example.ref/uuid1']
+        update_data = {'listener': {'admin_state_up': False}}
+        return_value = {'name': 'listener1',
+                        'admin_state_up': False,
+                        'tenant_id': _uuid(),
+                        'id': listener_id,
+                        'default_tls_container_ref': tls_ref,
+                        'sni_container_refs': sni_refs}
+
+        instance = self.plugin.return_value
+        instance.update_listener.return_value = return_value
+
+        res = self.api.put(_get_path('lbaas/listeners',
+                                     id=listener_id,
+                                     fmt=self.fmt),
+                           self.serialize(update_data))
+
+        instance.update_listener.assert_called_with(
+            mock.ANY, listener_id, listener=update_data)
+        self.assertEqual(res.status_int, exc.HTTPOk.code)
+        res = self.deserialize(res)
+        self.assertIn('listener', res)
+        self.assertEqual(res['listener'], return_value)
+
    def test_listener_get(self):
        listener_id = _uuid()
        return_value = {'name': 'listener1',