Raise exception for nova egress secgroup rule
Nova does not support egress security group rules, only Neutron. Trying to add one with the current code base simply ignores the direction and creates an ingress rule. Not ideal. Change-Id: I10f3d67b1f66b8c05eb36ec5cecfb530d93458aa
This commit is contained in:
parent
6a967f737f
commit
2ab23109cb
|
@ -3104,6 +3104,12 @@ class OpenStackCloud(object):
|
|||
if protocol is None:
|
||||
raise OpenStackCloudException('Protocol must be specified')
|
||||
|
||||
if direction == 'egress':
|
||||
self.log.debug(
|
||||
'Rule creation failed: Nova does not support egress rules'
|
||||
)
|
||||
raise OpenStackCloudException('No support for egress rules')
|
||||
|
||||
# NOTE: Neutron accepts None for ports, but Nova requires -1
|
||||
# as the equivalent value for ICMP.
|
||||
#
|
||||
|
|
|
@ -324,3 +324,12 @@ class TestSecurityGroups(base.TestCase):
|
|||
)
|
||||
r = self.cloud.delete_security_group('doesNotExist')
|
||||
self.assertFalse(r)
|
||||
|
||||
@mock.patch.object(shade.OpenStackCloud, 'nova_client')
|
||||
def test_nova_egress_security_group_rule(self, mock_nova):
|
||||
self.cloud.secgroup_source = 'nova'
|
||||
mock_nova.security_groups.list.return_value = [nova_grp_obj]
|
||||
self.assertRaises(shade.OpenStackCloudException,
|
||||
self.cloud.create_security_group_rule,
|
||||
secgroup_name_or_id='nova-sec-group',
|
||||
direction='egress')
|
||||
|
|
Loading…
Reference in New Issue