Browse Source

Merge "Removes SG rules on port with SG disabled"

Zuul 1 year ago
parent
commit
73ab324afc

+ 2
- 3
networking_hyperv/neutron/security_groups_driver.py View File

@@ -219,9 +219,8 @@ class HyperVSecurityGroupsDriverMixin(object):
219 219
             LOG.info('Port %s does not have security enabled. '
220 220
                      'Removing existing rules if any.', port['id'])
221 221
             self._security_ports.pop(port.get('device'), None)
222
-            existing_rules = self._sec_group_rules.pop(port['id'], None)
223
-            if existing_rules:
224
-                self._utils.remove_all_security_rules(port['id'])
222
+            self._sec_group_rules.pop(port['id'], None)
223
+            self._utils.remove_all_security_rules(port['id'])
225 224
             return
226 225
         LOG.info('Updating port rules.')
227 226
 

+ 0
- 10
networking_hyperv/tests/unit/neutron/test_security_groups_driver.py View File

@@ -229,16 +229,6 @@ class TestHyperVSecurityGroupsDriver(SecurityGroupRuleTestHelper):
229 229
         self.assertNotIn(new_mock_port['device'], self._driver._security_ports)
230 230
         mock_method.assert_called_once_with(new_mock_port)
231 231
 
232
-    def test_update_port_filter_security_disabled(self):
233
-        mock_port = self._get_port()
234
-        mock_port['port_security_enabled'] = False
235
-
236
-        self._driver.update_port_filter(mock_port)
237
-
238
-        self.assertFalse(self._driver._utils.remove_all_security_rules.called)
239
-        self.assertNotIn(mock_port['device'], self._driver._security_ports)
240
-        self.assertNotIn(mock_port['id'], self._driver._sec_group_rules)
241
-
242 232
     def test_update_port_filter_security_disabled_existing_rules(self):
243 233
         mock_port = self._get_port()
244 234
         mock_port.pop('port_security_enabled')

Loading…
Cancel
Save