AWS SecurityGroup use is_using_neutron()
Allow for better decision on what networking backend to use when working with AWS::EC2::SecurityGroup. Change-Id: I6c887e76d4852d298ae8537486665291739c1f99
This commit is contained in:
parent
04de60093b
commit
1f51e1cdd5
|
@ -70,7 +70,7 @@ class SecurityGroup(resource.Resource):
|
|||
),
|
||||
VPC_ID: properties.Schema(
|
||||
properties.Schema.STRING,
|
||||
_('Physical ID of the VPC.')
|
||||
_('Physical ID of the VPC. Not implemented.')
|
||||
),
|
||||
SECURITY_GROUP_INGRESS: properties.Schema(
|
||||
properties.Schema.LIST,
|
||||
|
@ -91,7 +91,7 @@ class SecurityGroup(resource.Resource):
|
|||
}
|
||||
|
||||
def handle_create(self):
|
||||
if self.properties[self.VPC_ID]:
|
||||
if self.is_using_neutron():
|
||||
self._handle_create_neutron()
|
||||
else:
|
||||
self._handle_create_nova()
|
||||
|
@ -214,7 +214,7 @@ class SecurityGroup(resource.Resource):
|
|||
raise
|
||||
|
||||
def handle_delete(self):
|
||||
if self.properties[self.VPC_ID]:
|
||||
if self.is_using_neutron():
|
||||
self._handle_delete_neutron()
|
||||
else:
|
||||
self._handle_delete_nova()
|
||||
|
@ -256,7 +256,7 @@ class SecurityGroup(resource.Resource):
|
|||
self.client_plugin('neutron').ignore_not_found(ex)
|
||||
|
||||
def FnGetRefId(self):
|
||||
if self.properties[self.VPC_ID]:
|
||||
if self.is_using_neutron():
|
||||
return super(SecurityGroup, self).FnGetRefId()
|
||||
else:
|
||||
return self.physical_resource_name()
|
||||
|
@ -266,8 +266,8 @@ class SecurityGroup(resource.Resource):
|
|||
if res:
|
||||
return res
|
||||
|
||||
if self.properties[self.SECURITY_GROUP_EGRESS] and not \
|
||||
self.properties[self.VPC_ID]:
|
||||
if (self.properties[self.SECURITY_GROUP_EGRESS] and
|
||||
not self.is_using_neutron()):
|
||||
raise exception.EgressRuleNotAllowed()
|
||||
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@ from neutronclient.common.exceptions import NeutronClientException
|
|||
from neutronclient.v2_0 import client as neutronclient
|
||||
from novaclient.v1_1 import security_group_rules as nova_sgr
|
||||
from novaclient.v1_1 import security_groups as nova_sg
|
||||
from oslo.config import cfg
|
||||
|
||||
from heat.common import exception
|
||||
from heat.common import template_format
|
||||
|
@ -436,6 +437,7 @@ Resources:
|
|||
self.assertRaises(exception.EgressRuleNotAllowed, sg.validate)
|
||||
|
||||
def test_security_group_neutron(self):
|
||||
cfg.CONF.set_override('networking_service', 'neutron')
|
||||
#create script
|
||||
sg_name = utils.PhysName('test_stack', 'the_sg')
|
||||
neutronclient.Client.create_security_group({
|
||||
|
@ -681,6 +683,7 @@ Resources:
|
|||
self.m.VerifyAll()
|
||||
|
||||
def test_security_group_neutron_exception(self):
|
||||
cfg.CONF.set_override('networking_service', 'neutron')
|
||||
#create script
|
||||
sg_name = utils.PhysName('test_stack', 'the_sg')
|
||||
neutronclient.Client.create_security_group({
|
||||
|
|
|
@ -11,6 +11,8 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from heat.common import exception
|
||||
from heat.common import template_format
|
||||
from heat.engine import parser
|
||||
|
@ -574,6 +576,7 @@ Resources:
|
|||
neutronclient.Client.delete_port('dddd').AndReturn(None)
|
||||
|
||||
def test_network_interface(self):
|
||||
cfg.CONF.set_override('networking_service', 'neutron')
|
||||
self.mock_create_security_group()
|
||||
self.mock_create_network()
|
||||
self.mock_create_subnet()
|
||||
|
@ -599,6 +602,7 @@ Resources:
|
|||
self.m.VerifyAll()
|
||||
|
||||
def test_network_interface_existing_groupset(self):
|
||||
cfg.CONF.set_override('networking_service', 'neutron')
|
||||
self.m.StubOutWithMock(parser.Stack, 'resource_by_refid')
|
||||
|
||||
self.mock_create_security_group()
|
||||
|
|
Loading…
Reference in New Issue