From e3eea29909dd2eadd2d1b7ae24ac97f2b8c0cd63 Mon Sep 17 00:00:00 2001 From: Zane Bitter Date: Fri, 16 Mar 2018 22:59:48 -0400 Subject: [PATCH] Remove mox from test_neutron_security_group Change-Id: Ib039f6785efd64935f3e0b0ddab8fed0fed3cbd0 --- .../neutron/test_neutron_security_group.py | 983 +++++++++--------- 1 file changed, 490 insertions(+), 493 deletions(-) diff --git a/heat/tests/openstack/neutron/test_neutron_security_group.py b/heat/tests/openstack/neutron/test_neutron_security_group.py index f25c6d58de..ea269aa224 100644 --- a/heat/tests/openstack/neutron/test_neutron_security_group.py +++ b/heat/tests/openstack/neutron/test_neutron_security_group.py @@ -11,7 +11,7 @@ # License for the specific language governing permissions and limitations # under the License. -import mox +import mock from neutronclient.common import exceptions as neutron_exc from neutronclient.neutron import v2_0 as neutronV20 @@ -86,17 +86,16 @@ resources: def setUp(self): super(SecurityGroupTest, self).setUp() - self.m.StubOutWithMock(neutronclient.Client, 'create_security_group') - self.m.StubOutWithMock( - neutronclient.Client, 'create_security_group_rule') - self.m.StubOutWithMock(neutronclient.Client, 'show_security_group') - self.m.StubOutWithMock( - neutronclient.Client, 'delete_security_group_rule') - self.m.StubOutWithMock(neutronclient.Client, 'delete_security_group') - self.m.StubOutWithMock(neutronclient.Client, 'update_security_group') + self.mockclient = mock.Mock(spec=neutronclient.Client) + self.patchobject(neutronclient, 'Client', return_value=self.mockclient) + + def lookup(client, lookup_type, name, cmd_resource): + return name + + self.patchobject(neutronV20, 'find_resourceid_by_name_or_id', + side_effect=lookup) self.patchobject(neutron.NeutronClientPlugin, 'has_extension', return_value=True) - self.m.StubOutWithMock(neutronV20, 'find_resourceid_by_name_or_id') def create_stack(self, templ): t = template_format.parse(templ) @@ -196,24 +195,7 @@ resources: # create script sg_name = utils.PhysName('test_stack', 'the_sg') - neutronV20.find_resourceid_by_name_or_id( - mox.IsA(neutronclient.Client), - 'security_group', - 'wwww', - cmd_resource=None, - ).MultipleTimes().AndReturn('wwww') - neutronV20.find_resourceid_by_name_or_id( - mox.IsA(neutronclient.Client), - 'security_group', - 'xxxx', - cmd_resource=None, - ).MultipleTimes().AndReturn('xxxx') - neutronclient.Client.create_security_group({ - 'security_group': { - 'name': sg_name, - 'description': 'HTTP and SSH access' - } - }).AndReturn({ + self.mockclient.create_security_group.return_value = { 'security_group': { 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', 'name': sg_name, @@ -243,195 +225,176 @@ resources: }], 'id': 'aaaa' } - }) + } - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa', - 'id': 'bbbb' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '80', - 'ethertype': 'IPv4', - 'port_range_max': '80', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '80', - 'ethertype': 'IPv4', - 'port_range_max': '80', - 'protocol': 'tcp', - 'security_group_id': 'aaaa', - 'id': 'cccc' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': 'wwww', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': 'wwww', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': 'tcp', - 'security_group_id': 'aaaa', - 'id': 'dddd' - } - }) - neutronclient.Client.show_security_group('aaaa').AndReturn({ - 'security_group': { - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'name': sg_name, - 'description': 'HTTP and SSH access', - 'security_group_rules': [{ - "direction": "egress", - "ethertype": "IPv4", - "id": "aaaa-1", - "port_range_max": None, - "port_range_min": None, - "protocol": None, - "remote_group_id": None, - "remote_ip_prefix": None, - "security_group_id": "aaaa", - "tenant_id": "f18ca530cc05425e8bac0a5ff92f7e88" - }, { - "direction": "egress", - "ethertype": "IPv6", - "id": "aaaa-2", - "port_range_max": None, - "port_range_min": None, - "protocol": None, - "remote_group_id": None, - "remote_ip_prefix": None, - "security_group_id": "aaaa", - "tenant_id": "f18ca530cc05425e8bac0a5ff92f7e88" - }], - 'id': 'aaaa' - } - }) - neutronclient.Client.delete_security_group_rule('aaaa-1').AndReturn( - None) - neutronclient.Client.delete_security_group_rule('aaaa-2').AndReturn( - None) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': None, - 'remote_ip_prefix': '10.0.1.0/24', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': None, - 'remote_ip_prefix': '10.0.1.0/24', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa', - 'id': 'eeee' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'xxxx', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'xxxx', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa', - 'id': 'ffff' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'aaaa', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'aaaa', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa', - 'id': 'gggg' - } - }) + self.mockclient.create_security_group_rule.side_effect = [ + { + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa', + 'id': 'bbbb' + } + }, + { + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'port_range_min': '80', + 'ethertype': 'IPv4', + 'port_range_max': '80', + 'protocol': 'tcp', + 'security_group_id': 'aaaa', + 'id': 'cccc' + } + }, + { + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': 'wwww', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': 'tcp', + 'security_group_id': 'aaaa', + 'id': 'dddd' + } + }, + { + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': None, + 'remote_ip_prefix': '10.0.1.0/24', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa', + 'id': 'eeee' + } + }, + { + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': 'xxxx', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa', + 'id': 'ffff' + } + }, + { + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': 'aaaa', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa', + 'id': 'gggg' + } + }, + { + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': None, + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa', + 'id': 'hhhh' + } + }, + { + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': None, + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv6', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa', + 'id': 'iiii' + } + }, + { + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': None, + 'remote_ip_prefix': '10.0.0.10/24', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa', + 'id': 'jjjj' + } + }, + ] + + self.mockclient.show_security_group.side_effect = [ + { + 'security_group': { + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'name': sg_name, + 'description': 'HTTP and SSH access', + 'security_group_rules': [{ + "direction": "egress", + "ethertype": "IPv4", + "id": "aaaa-1", + "port_range_max": None, + "port_range_min": None, + "protocol": None, + "remote_group_id": None, + "remote_ip_prefix": None, + "security_group_id": "aaaa", + "tenant_id": "f18ca530cc05425e8bac0a5ff92f7e88" + }, { + "direction": "egress", + "ethertype": "IPv6", + "id": "aaaa-2", + "port_range_max": None, + "port_range_min": None, + "protocol": None, + "remote_group_id": None, + "remote_ip_prefix": None, + "security_group_id": "aaaa", + "tenant_id": "f18ca530cc05425e8bac0a5ff92f7e88" + }], + 'id': 'aaaa' + } + }, + show_created, + { + 'security_group': { + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'name': 'sc1', + 'description': '', + 'security_group_rules': [], + 'id': 'aaaa' + } + }, + show_created, + ] + self.mockclient.delete_security_group_rule.return_value = None # update script - neutronclient.Client.update_security_group( - 'aaaa', - {'security_group': { - 'description': 'SSH access for private network', - 'name': 'myrules'}} - ).AndReturn({ + self.mockclient.update_security_group.return_value = { 'security_group': { 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', 'name': 'myrules', @@ -439,102 +402,11 @@ resources: 'security_group_rules': [], 'id': 'aaaa' } - }) - - neutronclient.Client.show_security_group('aaaa').AndReturn( - show_created) - neutronclient.Client.delete_security_group_rule('bbbb').AndReturn(None) - neutronclient.Client.delete_security_group_rule('cccc').AndReturn(None) - neutronclient.Client.delete_security_group_rule('dddd').AndReturn(None) - neutronclient.Client.delete_security_group_rule('eeee').AndReturn(None) - neutronclient.Client.delete_security_group_rule('ffff').AndReturn(None) - neutronclient.Client.delete_security_group_rule('gggg').AndReturn(None) - - neutronclient.Client.show_security_group('aaaa').AndReturn({ - 'security_group': { - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'name': 'sc1', - 'description': '', - 'security_group_rules': [], - 'id': 'aaaa' - } - }) - - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'ethertype': 'IPv4', - 'security_group_id': 'aaaa', - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': None, - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa', - 'id': 'hhhh' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'ethertype': 'IPv6', - 'security_group_id': 'aaaa', - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': None, - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv6', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa', - 'id': 'iiii' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '10.0.0.10/24', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndReturn({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '10.0.0.10/24', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa', - 'id': 'jjjj' - } - }) + } # delete script - neutronclient.Client.show_security_group('aaaa').AndReturn( - show_created) - neutronclient.Client.delete_security_group_rule('bbbb').AndReturn(None) - neutronclient.Client.delete_security_group_rule('cccc').AndReturn(None) - neutronclient.Client.delete_security_group_rule('dddd').AndReturn(None) - neutronclient.Client.delete_security_group_rule('eeee').AndReturn(None) - neutronclient.Client.delete_security_group_rule('ffff').AndReturn(None) - neutronclient.Client.delete_security_group_rule('gggg').AndReturn(None) - neutronclient.Client.delete_security_group('aaaa').AndReturn(None) + self.mockclient.delete_security_group.return_value = None - self.m.ReplayAll() stack = self.create_stack(self.test_template) sg = stack['the_sg'] @@ -545,219 +417,255 @@ resources: stack.update(updated_stack) stack.delete() - self.m.VerifyAll() - def test_security_group_exception(self): - # create script - sg_name = utils.PhysName('test_stack', 'the_sg') - neutronV20.find_resourceid_by_name_or_id( - mox.IsA(neutronclient.Client), - 'security_group', - 'wwww', - cmd_resource=None, - ).MultipleTimes().AndReturn('wwww') - neutronV20.find_resourceid_by_name_or_id( - mox.IsA(neutronclient.Client), - 'security_group', - 'xxxx', - cmd_resource=None, - ).MultipleTimes().AndReturn('xxxx') - neutronclient.Client.create_security_group({ + self.mockclient.create_security_group.assert_called_once_with({ 'security_group': { 'name': sg_name, 'description': 'HTTP and SSH access' } - }).AndReturn({ - 'security_group': { - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'name': sg_name, - 'description': 'HTTP and SSH access', - 'security_group_rules': [], - 'id': 'aaaa' - } }) - - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'port_range_min': '80', - 'ethertype': 'IPv4', - 'port_range_max': '80', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'ingress', - 'remote_group_id': 'wwww', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - neutronclient.Client.show_security_group('aaaa').AndReturn({ - 'security_group': { - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'name': sg_name, - 'description': 'HTTP and SSH access', - 'security_group_rules': [], - 'id': 'aaaa' - } - }) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': None, - 'remote_ip_prefix': '10.0.1.0/24', - 'port_range_min': '22', - 'ethertype': 'IPv4', - 'port_range_max': '22', - 'protocol': 'tcp', - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'xxxx', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - neutronclient.Client.create_security_group_rule({ - 'security_group_rule': { - 'direction': 'egress', - 'remote_group_id': 'aaaa', - 'remote_ip_prefix': None, - 'port_range_min': None, - 'ethertype': 'IPv4', - 'port_range_max': None, - 'protocol': None, - 'security_group_id': 'aaaa' - } - }).AndRaise( - neutron_exc.Conflict()) - - # delete script - neutronclient.Client.show_security_group('aaaa').AndReturn({ - 'security_group': { - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'name': 'sc1', - 'description': '', - 'security_group_rules': [{ + self.mockclient.create_security_group_rule.assert_has_calls([ + mock.call({ + 'security_group_rule': { 'direction': 'ingress', - 'protocol': 'tcp', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'port_range_min': '22', + 'ethertype': 'IPv4', 'port_range_max': '22', - 'id': 'bbbb', - 'ethertype': 'IPv4', - 'security_group_id': 'aaaa', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', 'remote_group_id': None, 'remote_ip_prefix': '0.0.0.0/0', - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': '22' - }, { - 'direction': 'ingress', - 'protocol': 'tcp', + 'port_range_min': '80', + 'ethertype': 'IPv4', 'port_range_max': '80', - 'id': 'cccc', - 'ethertype': 'IPv4', - 'security_group_id': 'aaaa', - 'remote_group_id': None, - 'remote_ip_prefix': '0.0.0.0/0', - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': '80' - }, { - 'direction': 'ingress', 'protocol': 'tcp', - 'port_range_max': None, - 'id': 'dddd', - 'ethertype': 'IPv4', - 'security_group_id': 'aaaa', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', 'remote_group_id': 'wwww', 'remote_ip_prefix': None, - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': None - }, { - 'direction': 'egress', - 'protocol': 'tcp', - 'port_range_max': '22', - 'id': 'eeee', + 'port_range_min': None, 'ethertype': 'IPv4', - 'security_group_id': 'aaaa', + 'port_range_max': None, + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', 'remote_group_id': None, 'remote_ip_prefix': '10.0.1.0/24', - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': '22' - }, { + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { 'direction': 'egress', - 'protocol': None, + 'remote_group_id': 'xxxx', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', 'port_range_max': None, - 'id': 'ffff', + 'protocol': None, + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': 'aaaa', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', 'ethertype': 'IPv4', 'security_group_id': 'aaaa', - 'remote_group_id': None, - 'remote_ip_prefix': 'xxxx', - 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': None - }, { + } + }), + mock.call({ + 'security_group_rule': { 'direction': 'egress', - 'protocol': None, - 'port_range_max': None, - 'id': 'gggg', - 'ethertype': 'IPv4', + 'ethertype': 'IPv6', 'security_group_id': 'aaaa', + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', 'remote_group_id': None, - 'remote_ip_prefix': 'aaaa', + 'remote_ip_prefix': '10.0.0.10/24', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + ]) + self.mockclient.show_security_group.assert_called_with('aaaa') + self.mockclient.delete_security_group_rule.assert_has_calls([ + mock.call('aaaa-1'), + mock.call('aaaa-2'), + # update script + mock.call('bbbb'), + mock.call('cccc'), + mock.call('dddd'), + mock.call('eeee'), + mock.call('ffff'), + mock.call('gggg'), + # delete script + mock.call('bbbb'), + mock.call('cccc'), + mock.call('dddd'), + mock.call('eeee'), + mock.call('ffff'), + mock.call('gggg'), + ]) + self.mockclient.update_security_group.assert_called_once_with( + 'aaaa', + {'security_group': { + 'description': 'SSH access for private network', + 'name': 'myrules'}} + ) + self.mockclient.delete_security_group.assert_called_once_with('aaaa') + + def test_security_group_exception(self): + # create script + sg_name = utils.PhysName('test_stack', 'the_sg') + self.mockclient.create_security_group.return_value = { + 'security_group': { + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'name': sg_name, + 'description': 'HTTP and SSH access', + 'security_group_rules': [], + 'id': 'aaaa' + } + } + self.mockclient.create_security_group_rule.side_effect = [ + neutron_exc.Conflict, + neutron_exc.Conflict, + neutron_exc.Conflict, + neutron_exc.Conflict, + neutron_exc.Conflict, + neutron_exc.Conflict, + ] + + self.mockclient.show_security_group.side_effect = [ + { + 'security_group': { 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', - 'port_range_min': None - }], - 'id': 'aaaa'}}) - neutronclient.Client.delete_security_group_rule('bbbb').AndRaise( + 'name': sg_name, + 'description': 'HTTP and SSH access', + 'security_group_rules': [], + 'id': 'aaaa' + } + }, + # delete script + { + 'security_group': { + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'name': 'sc1', + 'description': '', + 'security_group_rules': [{ + 'direction': 'ingress', + 'protocol': 'tcp', + 'port_range_max': '22', + 'id': 'bbbb', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': '22' + }, { + 'direction': 'ingress', + 'protocol': 'tcp', + 'port_range_max': '80', + 'id': 'cccc', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': '80' + }, { + 'direction': 'ingress', + 'protocol': 'tcp', + 'port_range_max': None, + 'id': 'dddd', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': 'wwww', + 'remote_ip_prefix': None, + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': None + }, { + 'direction': 'egress', + 'protocol': 'tcp', + 'port_range_max': '22', + 'id': 'eeee', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': None, + 'remote_ip_prefix': '10.0.1.0/24', + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': '22' + }, { + 'direction': 'egress', + 'protocol': None, + 'port_range_max': None, + 'id': 'ffff', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': None, + 'remote_ip_prefix': 'xxxx', + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': None + }, { + 'direction': 'egress', + 'protocol': None, + 'port_range_max': None, + 'id': 'gggg', + 'ethertype': 'IPv4', + 'security_group_id': 'aaaa', + 'remote_group_id': None, + 'remote_ip_prefix': 'aaaa', + 'tenant_id': 'f18ca530cc05425e8bac0a5ff92f7e88', + 'port_range_min': None + }], + 'id': 'aaaa'} + }, + neutron_exc.NeutronClientException(status_code=404), + ] + + # delete script + self.mockclient.delete_security_group_rule.side_effect = ( neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group_rule('cccc').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group_rule('dddd').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group_rule('eeee').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group_rule('ffff').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group_rule('gggg').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.delete_security_group('aaaa').AndRaise( + self.mockclient.delete_security_group.side_effect = ( neutron_exc.NeutronClientException(status_code=404)) - neutronclient.Client.show_security_group('aaaa').AndRaise( - neutron_exc.NeutronClientException(status_code=404)) - - self.m.ReplayAll() stack = self.create_stack(self.test_template) sg = stack['the_sg'] @@ -770,7 +678,96 @@ resources: sg.resource_id = 'aaaa' stack.delete() - self.m.VerifyAll() + self.mockclient.create_security_group.assert_called_once_with({ + 'security_group': { + 'name': sg_name, + 'description': 'HTTP and SSH access' + } + }) + self.mockclient.create_security_group_rule.assert_has_calls([ + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': None, + 'remote_ip_prefix': '0.0.0.0/0', + 'port_range_min': '80', + 'ethertype': 'IPv4', + 'port_range_max': '80', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'ingress', + 'remote_group_id': 'wwww', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': None, + 'remote_ip_prefix': '10.0.1.0/24', + 'port_range_min': '22', + 'ethertype': 'IPv4', + 'port_range_max': '22', + 'protocol': 'tcp', + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': 'xxxx', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa' + } + }), + mock.call({ + 'security_group_rule': { + 'direction': 'egress', + 'remote_group_id': 'aaaa', + 'remote_ip_prefix': None, + 'port_range_min': None, + 'ethertype': 'IPv4', + 'port_range_max': None, + 'protocol': None, + 'security_group_id': 'aaaa' + } + }), + ]) + self.mockclient.show_security_group.assert_called_with('aaaa') + self.mockclient.delete_security_group_rule.assert_has_calls([ + mock.call('bbbb'), + mock.call('cccc'), + mock.call('dddd'), + mock.call('eeee'), + mock.call('ffff'), + mock.call('gggg'), + ]) + self.mockclient.delete_security_group.assert_called_with('aaaa') def test_security_group_validate(self): stack = self.create_stack(self.test_template_validate)