From 691ca918f093291d55a66e3d54e112f0f2472d4e Mon Sep 17 00:00:00 2001 From: YAMAMOTO Takashi Date: Wed, 7 Dec 2016 18:23:47 +0900 Subject: [PATCH] Migrate logging-resource extension from networking-midonet This is a part of the stadium implosion effort. [1] References: http://docs.openstack.org/developer/networking-midonet/specs/mitaka/logging-API-for-firewall-rules.html http://docs.openstack.org/developer/networking-midonet/devstack.html#logging-resource-service [1] https://review.openstack.org/#/c/389397/ Partial-Bug: #1614349 Change-Id: I078974c6c583caa2b1713595874c7e039a82884d --- api-ref/source/v2/firewall_log.inc | 222 ++++++++++++++++++ api-ref/source/v2/index.rst | 5 + api-ref/source/v2/logging_resource.inc | 218 +++++++++++++++++ api-ref/source/v2/parameters.yaml | 104 +++++++- .../firewall_log-create-request.json | 7 + .../firewall_log-create-response.json | 11 + .../firewall_log-show-response.json | 11 + .../firewall_log-update-request.json | 6 + .../firewall_log-update-response.json | 11 + .../firewall_logs-list-response.json | 22 ++ .../logging_resource-create-request.json | 7 + .../logging_resource-create-response.json | 11 + .../logging_resource-show-response.json | 21 ++ .../logging_resource-update-request.json | 6 + .../logging_resource-update-response.json | 21 ++ .../logging_resources-list-response.json | 22 ++ .../api/definitions/logging_resource.py | 135 +++++++++++ .../api/definitions/test_logging_resource.py | 25 ++ ...logging-resource-api-cecf33e3be468eb2.yaml | 3 + 19 files changed, 867 insertions(+), 1 deletion(-) create mode 100644 api-ref/source/v2/firewall_log.inc create mode 100644 api-ref/source/v2/logging_resource.inc create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_log-create-request.json create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_log-create-response.json create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_log-show-response.json create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_log-update-request.json create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_log-update-response.json create mode 100644 api-ref/source/v2/samples/firewall_log/firewall_logs-list-response.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resource-create-request.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resource-create-response.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resource-show-response.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resource-update-request.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resource-update-response.json create mode 100644 api-ref/source/v2/samples/logging_resource/logging_resources-list-response.json create mode 100644 neutron_lib/api/definitions/logging_resource.py create mode 100644 neutron_lib/tests/unit/api/definitions/test_logging_resource.py create mode 100644 releasenotes/notes/logging-resource-api-cecf33e3be468eb2.yaml diff --git a/api-ref/source/v2/firewall_log.inc b/api-ref/source/v2/firewall_log.inc new file mode 100644 index 000000000..be02bbc80 --- /dev/null +++ b/api-ref/source/v2/firewall_log.inc @@ -0,0 +1,222 @@ +.. -*- rst -*- + +=============== + Firewall Logs +=============== + +.. note:: Currently this extension ``logging-resource`` is only available for networking-midonet. + +Lists, shows information for, creates, updates and deletes firewall logs. + +List Firewall Logs +================== + +.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs + +Lists firewall logs. + +Use the ``fields`` query parameter to control which fields are +returned in the response body. Additionally, you can filter results +by using query string parameters. For information, see `Filtering +and Column Selection `__. + +Normal response codes: 200 + +Error response codes: 401,403 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - fields: fields + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - firewall_logs: firewall_logs + - logging_resource_id: logging_resource_id-body + - id: firewall_log_id-body + - tenant_id: project_id + - project_id: project_id + - description: description + - fw_event: fw_event + - firewall_id: firewall_id-body + +Response Example +---------------- + +.. literalinclude:: samples/firewall_log/firewall_logs-list-response.json + :language: javascript + +Create Firewall Log +=================== + +.. rest_method:: POST /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs + +Creates a firewall log. + +Normal response codes: 200 + +Error response codes: 400,401,403 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - firewall_log: firewall_log + - tenant_id: project_id-request + - project_id: project_id-request + - description: description-request + - fw_event: fw_event-request + - firewall_id: firewall_id-body + +Request Example +--------------- + +.. literalinclude:: samples/firewall_log/firewall_log-create-request.json + :language: javascript + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - firewall_log: firewall_log + - logging_resource_id: logging_resource_id-body + - id: firewall_log_id-body + - tenant_id: project_id + - project_id: project_id + - description: description + - fw_event: fw_event + - firewall_id: firewall_id-body + +Response Example +---------------- + +.. literalinclude:: samples/firewall_log/firewall_log-create-response.json + :language: javascript + +Show Firewall Log Details +========================= + +.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id} + +Shows details for a firewall log. + +Use the ``fields`` query parameter to control which fields are +returned in the response body. Additionally, you can filter results +by using query string parameters. For information, see `Filtering +and Column Selection `__. + +Normal response codes: 200 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - firewall_log_id: firewall_log_id + - fields: fields + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - firewall_log: firewall_log + - logging_resource_id: logging_resource_id-body + - id: firewall_log_id-body + - tenant_id: project_id + - project_id: project_id + - description: description + - fw_event: fw_event + - firewall_id: firewall_id-body + +Response Example +---------------- + +.. literalinclude:: samples/firewall_log/firewall_log-show-response.json + :language: javascript + +Update Firewall Log +=================== + +.. rest_method:: PUT /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id} + +Updates a firewall log. + +Normal response codes: 200 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - firewall_log_id: firewall_log_id + - firewall_log: firewall_log + - description: description-request-put + - fw_event: fw_event-request-put + +Request Example +---------------- + +.. literalinclude:: samples/firewall_log/firewall_log-update-request.json + :language: javascript + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - firewall_log: firewall_log + - logging_resource_id: logging_resource_id-body + - id: firewall_log_id-body + - tenant_id: project_id + - project_id: project_id + - description: description + - fw_event: fw_event + - firewall_id: firewall_id-body + +Response Example +---------------- + +.. literalinclude:: samples/firewall_log/firewall_log-update-response.json + :language: javascript + +Delete Firewall Log +=================== + +.. rest_method:: DELETE /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id} + +Deletes a firewall log. + +Normal response codes: 202 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - firewall_log_id: firewall_log_id + +Response +-------- + +There is no body content for the response of a successful DELETE request. diff --git a/api-ref/source/v2/index.rst b/api-ref/source/v2/index.rst index 83e7ce012..b9ca30364 100644 --- a/api-ref/source/v2/index.rst +++ b/api-ref/source/v2/index.rst @@ -54,3 +54,8 @@ Load Balancer as a Service ########################## .. include:: lbaas-v2.inc .. include:: lbaas-v1.inc +##################################### +Logging Resource (networking-midonet) +##################################### +.. include:: logging_resource.inc +.. include:: firewall_log.inc diff --git a/api-ref/source/v2/logging_resource.inc b/api-ref/source/v2/logging_resource.inc new file mode 100644 index 000000000..a74556d11 --- /dev/null +++ b/api-ref/source/v2/logging_resource.inc @@ -0,0 +1,218 @@ +.. -*- rst -*- + +=================== + Logging Resources +=================== + +.. note:: Currently this extension ``logging-resource`` is only available for networking-midonet. + +Lists, shows information for, creates, updates and deletes logging resources. + +List Logging Resources +====================== + +.. rest_method:: GET /v2.0/logging/logging_resources + +Lists logging resources. + +Use the ``fields`` query parameter to control which fields are +returned in the response body. Additionally, you can filter results +by using query string parameters. For information, see `Filtering +and Column Selection `__. + +Normal response codes: 200 + +Error response codes: 401,403 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - fields: fields + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - logging_resources: logging_resources + - id: logging_resource_id-body + - tenant_id: project_id + - project_id: project_id + - firewall_logs: firewall_logs + - name: name + - description: description + - enabled: logging_resource_enabled + +Response Example +---------------- + +.. literalinclude:: samples/logging_resource/logging_resources-list-response.json + :language: javascript + +Create Logging Resource +======================= + +.. rest_method:: POST /v2.0/logging/logging_resources + +Creates a logging resource. + +Normal response codes: 200 + +Error response codes: 400,401,403 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource: logging_resource + - tenant_id: project_id-request + - project_id: project_id-request + - name: name-request + - description: description-request + - enabled: logging_resource_enabled-request + +Request Example +--------------- + +.. literalinclude:: samples/logging_resource/logging_resource-create-request.json + :language: javascript + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - logging_resource: logging_resource + - id: logging_resource_id-body + - tenant_id: project_id + - project_id: project_id + - firewall_logs: firewall_logs + - name: name + - description: description + - enabled: logging_resource_enabled + +Response Example +---------------- + +.. literalinclude:: samples/logging_resource/logging_resource-create-response.json + :language: javascript + +Show Logging Resource Details +============================= + +.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id} + +Shows details for a logging resource. + +Use the ``fields`` query parameter to control which fields are +returned in the response body. For information, see `Filtering and +Column Selection `__. + +Normal response codes: 200 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - fields: fields + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - logging_resource: logging_resource + - id: logging_resource_id-body + - tenant_id: project_id + - project_id: project_id + - firewall_logs: firewall_logs + - name: name + - description: description + - enabled: logging_resource_enabled + +Response Example +---------------- + +.. literalinclude:: samples/logging_resource/logging_resource-show-response.json + :language: javascript + +Update Logging Resource +======================= + +.. rest_method:: PUT /v2.0/logging/logging_resources/{logging_resource_id} + +Updates a logging resource. + +Normal response codes: 200 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + - logging_resource: logging_resource + - name: name-request-put + - description: description-request-put + - enabled: logging_resource_enabled-request-put + +Request Example +---------------- + +.. literalinclude:: samples/logging_resource/logging_resource-update-request.json + :language: javascript + +Response +-------- + +.. rest_parameters:: parameters.yaml + + - logging_resource: logging_resource + - id: logging_resource_id-body + - tenant_id: project_id + - project_id: project_id + - firewall_logs: firewall_logs + - name: name + - description: description + - enabled: logging_resource_enabled + +Response Example +---------------- + +.. literalinclude:: samples/logging_resource/logging_resource-update-response.json + :language: javascript + +Delete Logging Resource +======================= + +.. rest_method:: DELETE /v2.0/logging/logging_resources/{logging_resource_id} + +Deletes a logging resource. + +Normal response codes: 202 + +Error response codes: 400,401,403,404 + +Request +------- + +.. rest_parameters:: parameters.yaml + + - logging_resource_id: logging_resource_id + +Response +-------- + +There is no body content for the response of a successful DELETE request. diff --git a/api-ref/source/v2/parameters.yaml b/api-ref/source/v2/parameters.yaml index 776918c5a..6130e2838 100644 --- a/api-ref/source/v2/parameters.yaml +++ b/api-ref/source/v2/parameters.yaml @@ -37,6 +37,12 @@ firewall_id: in: path required: true type: string +firewall_log_id: + description: | + The ID of the firewall log resource. + in: path + required: true + type: string firewall_policy_id-path: description: | The ID of the firewall policy. @@ -103,6 +109,12 @@ loadbalancer-id-path: in: path required: true type: string +logging_resource_id: + description: | + The ID of the logging resource. + in: path + required: true + type: string member_id-path: description: | The ID for the member. @@ -847,6 +859,13 @@ description: required: true type: string description-request: + description: | + A human-readable description for the resource. + Default is an empty string. + in: body + required: false + type: string +description-request-put: description: | A human-readable description for the resource. in: body @@ -1598,7 +1617,7 @@ firewall_groups_object: type: array firewall_id-body: description: | - The ID of the firewall. + The ID of the FWaaS v1 firewall. in: body required: true type: string @@ -1609,6 +1628,24 @@ firewall_list: in: body required: true type: array +firewall_log: + description: | + A ``firewall_log`` object. + in: body + required: true + type: object +firewall_log_id-body: + description: | + The ID of the firewall log resource. + in: body + required: true + type: string +firewall_logs: + description: | + A list of ``firewall_log`` objects. + in: body + required: true + type: array firewall_policies: description: | A list of ``firewall_policy`` objects. @@ -2223,6 +2260,28 @@ floatingips: in: body required: true type: array +fw_event: + description: | + Type of firewall events to log. + ``ACCEPT``, ``DROP``, or ``ALL``. + in: body + required: true + type: string +fw_event-request: + description: | + Type of firewall events to log. + ``ACCEPT``, ``DROP``, or ``ALL``. + Default is ``ALL``. + in: body + required: false + type: string +fw_event-request-put: + description: | + Type of firewall events to log. + ``ACCEPT``, ``DROP``, or ``ALL``. + in: body + required: false + type: string health_monitor: description: | A ``health_monitor`` object. @@ -2734,6 +2793,43 @@ location: in: body required: true type: string +logging_resource: + description: | + A ``logging_resource`` object. + in: body + required: true + type: object +logging_resource_enabled: + description: | + Indicates whether this logging resource is enabled or disabled. + in: body + required: true + type: boolean +logging_resource_enabled-request: + description: | + Indicates whether this logging resource is enabled or disabled. + Default is false. + in: body + required: false + type: boolean +logging_resource_enabled-request-put: + description: | + Indicates whether this logging resource is enabled or disabled. + in: body + required: false + type: boolean +logging_resource_id-body: + description: | + The ID of the logging resource. + in: body + required: true + type: string +logging_resources: + description: | + A list of ``logging_resource`` objects. + in: body + required: true + type: array mac_address: description: | The MAC address of the port. @@ -2989,6 +3085,12 @@ name-request: in: body required: false type: string +name-request-put: + description: | + Human-readable name of the resource. + in: body + required: false + type: string name-segment: description: | Human-readable name of the segment. diff --git a/api-ref/source/v2/samples/firewall_log/firewall_log-create-request.json b/api-ref/source/v2/samples/firewall_log/firewall_log-create-request.json new file mode 100644 index 000000000..026ecc0df --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_log-create-request.json @@ -0,0 +1,7 @@ +{ + "firewall_log": { + "description": "my firewall log", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "DROP" + } +} diff --git a/api-ref/source/v2/samples/firewall_log/firewall_log-create-response.json b/api-ref/source/v2/samples/firewall_log/firewall_log-create-response.json new file mode 100644 index 000000000..6844e2122 --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_log-create-response.json @@ -0,0 +1,11 @@ +{ + "firewall_log": { + "description": "my firewall log", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "DROP", + "id": "deb19331-e5d5-4a80-a37f-5e5ad407b353", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/firewall_log/firewall_log-show-response.json b/api-ref/source/v2/samples/firewall_log/firewall_log-show-response.json new file mode 100644 index 000000000..0961fece4 --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_log-show-response.json @@ -0,0 +1,11 @@ +{ + "firewall_log": { + "description": "my firewall log 3", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "ALL", + "id": "3969b708-d600-4343-93b9-01645f8e9a8a", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/firewall_log/firewall_log-update-request.json b/api-ref/source/v2/samples/firewall_log/firewall_log-update-request.json new file mode 100644 index 000000000..d7798f17d --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_log-update-request.json @@ -0,0 +1,6 @@ +{ + "firewall_log": { + "description": "my firewall log 3", + "fw_event": "ALL" + } +} diff --git a/api-ref/source/v2/samples/firewall_log/firewall_log-update-response.json b/api-ref/source/v2/samples/firewall_log/firewall_log-update-response.json new file mode 100644 index 000000000..0961fece4 --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_log-update-response.json @@ -0,0 +1,11 @@ +{ + "firewall_log": { + "description": "my firewall log 3", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "ALL", + "id": "3969b708-d600-4343-93b9-01645f8e9a8a", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/firewall_log/firewall_logs-list-response.json b/api-ref/source/v2/samples/firewall_log/firewall_logs-list-response.json new file mode 100644 index 000000000..5d8199110 --- /dev/null +++ b/api-ref/source/v2/samples/firewall_log/firewall_logs-list-response.json @@ -0,0 +1,22 @@ +{ + "firewall_logs": [ + { + "description": "my firewall log 2", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "ACCEPT", + "id": "3969b708-d600-4343-93b9-01645f8e9a8a", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + }, + { + "description": "my firewall log", + "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8", + "fw_event": "DROP", + "id": "deb19331-e5d5-4a80-a37f-5e5ad407b353", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } + ] +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resource-create-request.json b/api-ref/source/v2/samples/logging_resource/logging_resource-create-request.json new file mode 100644 index 000000000..a13c906a4 --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resource-create-request.json @@ -0,0 +1,7 @@ +{ + "logging_resource": { + "description": "my log", + "enabled": true, + "name": "log" + } +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resource-create-response.json b/api-ref/source/v2/samples/logging_resource/logging_resource-create-response.json new file mode 100644 index 000000000..d273ab9e5 --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resource-create-response.json @@ -0,0 +1,11 @@ +{ + "logging_resource": { + "description": "my log", + "enabled": true, + "firewall_logs": [], + "id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "name": "log", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resource-show-response.json b/api-ref/source/v2/samples/logging_resource/logging_resource-show-response.json new file mode 100644 index 000000000..6acd1656c --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resource-show-response.json @@ -0,0 +1,21 @@ +{ + "logging_resource": { + "description": "my log", + "enabled": true, + "firewall_logs": [ + { + "description": "", + "firewall_id": "682cfe44-5fcf-4c16-982e-1176493f6825", + "fw_event": "ALL", + "id": "1ee6fea7-c294-418e-9b97-06db48e3f3d5", + "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } + ], + "id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "name": "log", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resource-update-request.json b/api-ref/source/v2/samples/logging_resource/logging_resource-update-request.json new file mode 100644 index 000000000..819310eda --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resource-update-request.json @@ -0,0 +1,6 @@ +{ + "logging_resource": { + "description": "my log2", + "enabled": false + } +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resource-update-response.json b/api-ref/source/v2/samples/logging_resource/logging_resource-update-response.json new file mode 100644 index 000000000..5a9baa543 --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resource-update-response.json @@ -0,0 +1,21 @@ +{ + "logging_resource": { + "description": "my log2", + "enabled": false, + "firewall_logs": [ + { + "description": "", + "firewall_id": "682cfe44-5fcf-4c16-982e-1176493f6825", + "fw_event": "ALL", + "id": "1ee6fea7-c294-418e-9b97-06db48e3f3d5", + "logging_resource_id": "335c7b7d-c4a9-423a-9c24-9f4982f31e24", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } + ], + "id": "335c7b7d-c4a9-423a-9c24-9f4982f31e24", + "name": "log2", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } +} diff --git a/api-ref/source/v2/samples/logging_resource/logging_resources-list-response.json b/api-ref/source/v2/samples/logging_resource/logging_resources-list-response.json new file mode 100644 index 000000000..03ffca8dc --- /dev/null +++ b/api-ref/source/v2/samples/logging_resource/logging_resources-list-response.json @@ -0,0 +1,22 @@ +{ + "logging_resources": [ + { + "description": "my log", + "enabled": true, + "firewall_logs": [], + "id": "13b64f3c-20af-4741-b230-658ab7d5b257", + "name": "log", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + }, + { + "description": "my log2", + "enabled": true, + "firewall_logs": [], + "id": "335c7b7d-c4a9-423a-9c24-9f4982f31e24", + "name": "log2", + "project_id": "8d018258316e4f22890561e8780c85bb", + "tenant_id": "8d018258316e4f22890561e8780c85bb" + } + ] +} diff --git a/neutron_lib/api/definitions/logging_resource.py b/neutron_lib/api/definitions/logging_resource.py new file mode 100644 index 000000000..7386ecedd --- /dev/null +++ b/neutron_lib/api/definitions/logging_resource.py @@ -0,0 +1,135 @@ +# All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from neutron_lib.api import converters +from neutron_lib.api.definitions import firewall +from neutron_lib.db import constants as db_const + + +# The alias of the extension. +ALIAS = 'logging-resource' + +# Whether or not this extension is simply signaling behavior to the user +# or it actively modifies the attribute map. +IS_SHIM_EXTENSION = False + +# Whether the extension is marking the adoption of standardattr model for +# legacy resources, or introducing new standardattr attributes. False or +# None if the standardattr model is adopted since the introduction of +# resource extension. +# If this is True, the alias for the extension should be prefixed with +# 'standard-attr-'. +IS_STANDARD_ATTR_EXTENSION = False + +# The name of the extension. +NAME = 'Logging Resource Extension' + +# A prefix for API resources. An empty prefix means that the API is going +# to be exposed at the v2/ level as any other core resource. +API_PREFIX = '/logging' + +# The description of the extension. +DESCRIPTION = "The logging resource extension." + +# A timestamp of when the extension was introduced. +UPDATED_TIMESTAMP = "2016-06-06T10:00:00-00:00" + +# The name of the resource. +RESOURCE_NAME = 'logging_resource' + +# The plural for the resource. +COLLECTION_NAME = 'logging_resources' + +# Attributes +ENABLED = 'enabled' + +# Sub resource +FIREWALL_LOGS = 'firewall_logs' + + +LOGGING_RESOURCE_ID = 'logging_resource_id' +FW_EVENT = 'fw_event' +FIREWALL_ID = 'firewall_id' + + +FW_EVENT_ACCEPT = 'ACCEPT' +FW_EVENT_DROP = 'DROP' +FW_EVENT_ALL = 'ALL' +FW_EVENTS = [FW_EVENT_ACCEPT, FW_EVENT_DROP, FW_EVENT_ALL] +LOG_COMMON_FIELDS = { + 'id': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid': None}, + 'is_visible': True, 'primary_key': True}, + 'tenant_id': {'allow_post': True, 'allow_put': False, + 'required_by_policy': True, 'is_visible': True}, + LOGGING_RESOURCE_ID: {'allow_post': False, 'allow_put': False, + 'is_visible': True} +} + +RESOURCE_ATTRIBUTE_MAP = { + COLLECTION_NAME: { + 'id': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid': None}, 'is_visible': True, + 'primary_key': True}, + 'tenant_id': {'allow_post': True, 'allow_put': False, + 'required_by_policy': True, 'is_visible': True}, + 'name': {'allow_post': True, 'allow_put': True, + 'validate': {'type:string': db_const.NAME_FIELD_SIZE}, + 'default': '', 'is_visible': True}, + 'description': { + 'allow_post': True, 'allow_put': True, + 'validate': {'type:string': db_const.LONG_DESCRIPTION_FIELD_SIZE}, + 'default': '', 'is_visible': True}, + ENABLED: {'allow_post': True, 'allow_put': True, + 'is_visible': True, 'default': False, + 'convert_to': converters.convert_to_boolean}, + FIREWALL_LOGS: {'allow_post': False, 'allow_put': False, + 'is_visible': True} + } +} + + +SUB_RESOURCE_ATTRIBUTE_MAP = { + FIREWALL_LOGS: { + 'parent': {'collection_name': COLLECTION_NAME, + 'member_name': RESOURCE_NAME}, + 'parameters': dict((LOG_COMMON_FIELDS), **{ + 'description': { + 'allow_post': True, 'allow_put': True, + 'validate': { + 'type:string': db_const.LONG_DESCRIPTION_FIELD_SIZE}, + 'default': '', 'is_visible': True}, + FIREWALL_ID: { + 'allow_post': True, 'allow_put': False, + 'is_visible': True, + 'validate': {'type:uuid': None}}, + FW_EVENT: { + 'allow_post': True, 'allow_put': True, + 'is_visible': True, + 'validate': {'type:values': FW_EVENTS}, + 'default': FW_EVENT_ALL} + }), + }, +} + +# The action map. +ACTION_MAP = {} + +# The list of required extensions. +REQUIRED_EXTENSIONS = [ + firewall.ALIAS, +] + +# The list of optional extensions. +OPTIONAL_EXTENSIONS = [] diff --git a/neutron_lib/tests/unit/api/definitions/test_logging_resource.py b/neutron_lib/tests/unit/api/definitions/test_logging_resource.py new file mode 100644 index 000000000..17fe21d04 --- /dev/null +++ b/neutron_lib/tests/unit/api/definitions/test_logging_resource.py @@ -0,0 +1,25 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from neutron_lib.api.definitions import logging_resource +from neutron_lib.tests.unit.api.definitions import base + + +class LoggingResourceDefinitionTestCase(base.DefinitionBaseTestCase): + extension_module = logging_resource + extension_resources = (logging_resource.COLLECTION_NAME,) + extension_subresources = (logging_resource.FIREWALL_LOGS,) + extension_attributes = (logging_resource.ENABLED, + logging_resource.FIREWALL_LOGS, + logging_resource.LOGGING_RESOURCE_ID, + logging_resource.FW_EVENT, + logging_resource.FIREWALL_ID,) diff --git a/releasenotes/notes/logging-resource-api-cecf33e3be468eb2.yaml b/releasenotes/notes/logging-resource-api-cecf33e3be468eb2.yaml new file mode 100644 index 000000000..ab91847f4 --- /dev/null +++ b/releasenotes/notes/logging-resource-api-cecf33e3be468eb2.yaml @@ -0,0 +1,3 @@ +--- +features: + - API reference and definition for networking-midonet's ``logging-resource`` extension.