From 8a02abd8af80c7755269c3b262192f8a673060e5 Mon Sep 17 00:00:00 2001 From: Suiong Ng Date: Wed, 25 Dec 2024 13:39:38 +0800 Subject: [PATCH] support "tenant_id" property in provider_net and router Currently, OS::Neutron::ProviderNet and OS::Neutron::Router do not support the property tenant_id. Supporting this field can enable an admin user to create physnet and router for non-admin users. Change-Id: I451f73098ee8af9b562fe19fae8a92cfb2d8a5d0 --- .../resources/openstack/neutron/provider_net.py | 12 +++++++++--- heat/engine/resources/openstack/neutron/router.py | 11 +++++++++-- .../openstack/neutron/test_neutron_provider_net.py | 1 + .../notes/add-tenant_id-for-physnet-and-router.yaml | 8 ++++++++ 4 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 releasenotes/notes/add-tenant_id-for-physnet-and-router.yaml diff --git a/heat/engine/resources/openstack/neutron/provider_net.py b/heat/engine/resources/openstack/neutron/provider_net.py index 95a41aafbc..7fff7a34b2 100644 --- a/heat/engine/resources/openstack/neutron/provider_net.py +++ b/heat/engine/resources/openstack/neutron/provider_net.py @@ -38,13 +38,12 @@ class ProviderNet(net.Net): NAME, PROVIDER_NETWORK_TYPE, PROVIDER_PHYSICAL_NETWORK, PROVIDER_SEGMENTATION_ID, ADMIN_STATE_UP, SHARED, PORT_SECURITY_ENABLED, ROUTER_EXTERNAL, DNS_DOMAIN, - AVAILABILITY_ZONE_HINTS, TAGS, + AVAILABILITY_ZONE_HINTS, TAGS, TENANT_ID, ) = ( 'name', 'network_type', 'physical_network', 'segmentation_id', 'admin_state_up', 'shared', 'port_security_enabled', 'router_external', 'dns_domain', - 'availability_zone_hints', 'tags', - + 'availability_zone_hints', 'tags', 'tenant_id', ) ATTRIBUTES = ( @@ -128,6 +127,13 @@ class ProviderNet(net.Net): update_allowed=True, support_status=support.SupportStatus(version='19.0.0') ), + TENANT_ID: properties.Schema( + properties.Schema.STRING, + _('The ID of the tenant which will own the provider network. Only ' + 'administrative users can set the tenant identifier; this ' + 'cannot be changed using authorization policies.'), + support_status=support.SupportStatus(version='24.0.0') + ), } attributes_schema = { diff --git a/heat/engine/resources/openstack/neutron/router.py b/heat/engine/resources/openstack/neutron/router.py index 72f7dbbdd4..8a5a116832 100644 --- a/heat/engine/resources/openstack/neutron/router.py +++ b/heat/engine/resources/openstack/neutron/router.py @@ -36,11 +36,11 @@ class Router(neutron.NeutronResource): PROPERTIES = ( NAME, EXTERNAL_GATEWAY, VALUE_SPECS, ADMIN_STATE_UP, L3_AGENT_ID, L3_AGENT_IDS, DISTRIBUTED, HA, AVAILABILITY_ZONE_HINTS, - TAGS, + TAGS, TENANT_ID, ) = ( 'name', 'external_gateway_info', 'value_specs', 'admin_state_up', 'l3_agent_id', 'l3_agent_ids', 'distributed', 'ha', - 'availability_zone_hints', 'tags', + 'availability_zone_hints', 'tags', 'tenant_id', ) _EXTERNAL_GATEWAY_KEYS = ( @@ -187,6 +187,13 @@ class Router(neutron.NeutronResource): update_allowed=True, support_status=support.SupportStatus(version='9.0.0') ), + TENANT_ID: properties.Schema( + properties.Schema.STRING, + _('The ID of the tenant which will own the router. Only ' + 'administrative users can set the tenant identifier; this ' + 'cannot be changed using authorization policies.'), + support_status=support.SupportStatus(version='24.0.0') + ), } attributes_schema = { diff --git a/heat/tests/openstack/neutron/test_neutron_provider_net.py b/heat/tests/openstack/neutron/test_neutron_provider_net.py index 157b233eda..09d8dbf7b6 100644 --- a/heat/tests/openstack/neutron/test_neutron_provider_net.py +++ b/heat/tests/openstack/neutron/test_neutron_provider_net.py @@ -251,6 +251,7 @@ class NeutronProviderNetTest(common.HeatTestCase): 'router_external': False, 'availability_zone_hints': [], 'tags': ['tag1', 'tag2'], + 'tenant_id': 'df49ea64e87c43a792a510698364f03e', } self.assertEqual(expected, reality) diff --git a/releasenotes/notes/add-tenant_id-for-physnet-and-router.yaml b/releasenotes/notes/add-tenant_id-for-physnet-and-router.yaml new file mode 100644 index 0000000000..350718cf2a --- /dev/null +++ b/releasenotes/notes/add-tenant_id-for-physnet-and-router.yaml @@ -0,0 +1,8 @@ +--- +features: + - | + Added the ``tenant_id`` property to the following resources. This property + allows admin users to create these resources in specific tenants. + + - ``OS::Neutron::ProviderNet`` + - ``OS::Neutron::Router``