Fix removing non-last port from the group
When a firewall group has few ports, and some of those are removed the status of the firewall group should not become INACTIVE Change-Id: Ie3c0538ca31af9abb1b8c1cc5e4f6c3df9b16a1c Closes-Bug: #1832450
This commit is contained in:
parent
45a36b8ba8
commit
fbea371e65
@ -326,9 +326,10 @@ class FirewallAgentDriver(driver_api.FirewallDriverDB,
|
||||
)
|
||||
|
||||
# last-port drives agent to ack with status to set state to INACTIVE
|
||||
fwg_with_rules['last-port'] = not (
|
||||
set(new_firewall_group['ports']) - set(old_firewall_group['ports'])
|
||||
)
|
||||
# Set last-port to True if there are no ports in the new group,
|
||||
# but the old group had ports
|
||||
fwg_with_rules['last-port'] = (old_firewall_group['ports'] and
|
||||
not(new_firewall_group['ports']))
|
||||
|
||||
LOG.debug("update_firewall_group %s: Add Ports: %s, Del Ports: %s",
|
||||
new_firewall_group['id'],
|
||||
|
@ -473,7 +473,8 @@ class FWaaSL3AgentExtension(l3_extension.L3AgentExtension):
|
||||
"for firewall group: %s")
|
||||
LOG.exception(msg, firewall_group['id'])
|
||||
status = nl_constants.ERROR
|
||||
else:
|
||||
elif not status:
|
||||
# if status not set by now, set it to INACTIVE
|
||||
status = nl_constants.INACTIVE
|
||||
|
||||
# Return status to plugin.
|
||||
|
@ -278,6 +278,27 @@ class TestFWaaSL3AgentExtension(base.BaseTestCase):
|
||||
self.api.update_firewall_group(self.context, firewall_group,
|
||||
host='host')
|
||||
|
||||
def test_update_firewall_group_with_only_ports_removed(self):
|
||||
firewall_group = {'id': 0, 'project_id': 1,
|
||||
'admin_state_up': True,
|
||||
'ports': [1, 2],
|
||||
'add-port-ids': [],
|
||||
'del-port-ids': ['1'],
|
||||
'last-port': False
|
||||
}
|
||||
self.api.plugin_rpc = mock.Mock()
|
||||
with mock.patch.object(self.api.fwaas_driver, 'update_firewall_group'
|
||||
) as mock_driver_update_firewall_group, \
|
||||
mock.patch.object(self.api.fwplugin_rpc,
|
||||
'set_firewall_group_status'
|
||||
) as mock_set_firewall_group_status:
|
||||
|
||||
mock_driver_update_firewall_group.return_value = True
|
||||
self.api.update_firewall_group(self.context, firewall_group,
|
||||
host='host')
|
||||
mock_set_firewall_group_status.assert_called_once_with(
|
||||
self.context, firewall_group['id'], 'ACTIVE')
|
||||
|
||||
def test_delete_firewall_group(self):
|
||||
firewall_group = {'id': 0, 'project_id': 1,
|
||||
'admin_state_up': True,
|
||||
|
Loading…
Reference in New Issue
Block a user