[OVN] Set 'unknown' address properly when port sec is disabled

Previous to this patch, the 'unknown' address was added to the
OVN Logical_Switch_Port row. However, the '<ip> <mac1> <macN>'
was still there so the port security was not really disabled.

The correct behavior is to set the 'addresses' field to 'unknown'
and remove everything else.

Change-Id: I0b84f41865e3fdea49cf169df5431249c35f5ff8
Closes-Bug: #1728886
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>

neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/maintenance.py

@@ -426,7 +426,7 @@ class DBInconsistenciesPeriodics(object):
             type_ = port.type.strip()
             if not port.port_security:
                 if not type_ and ovn_const.UNKNOWN_ADDR not in addresses:
-                    addresses.append(ovn_const.UNKNOWN_ADDR)
+                    addresses = [ovn_const.UNKNOWN_ADDR]
                 elif type_ and ovn_const.UNKNOWN_ADDR in addresses:
                     addresses.remove(ovn_const.UNKNOWN_ADDR)
             else:

neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py

@@ -261,7 +261,10 @@ class OVNClient(object):
                 # OVN allows any mac address from a port if "unknown"
                 # is added to the Logical_Switch_Port.addresses column.
                 # So add it.
-                addresses.append(ovn_const.UNKNOWN_ADDR)
+                addresses = [ovn_const.UNKNOWN_ADDR]
+            else:
+                addresses = [address]
+                addresses.extend(new_macs)
 
         dhcpv4_options = self._get_port_dhcp_options(port, const.IP_VERSION_4)
         dhcpv6_options = self._get_port_dhcp_options(port, const.IP_VERSION_6)

neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/test_mech_driver.py

@@ -405,8 +405,9 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
                     self.assertEqual([],
                                      called_args_dict.get('port_security'))
 
-                    self.assertEqual('unknown',
-                                     called_args_dict.get('addresses')[1])
+                    self.assertEqual(1, len(called_args_dict.get('addresses')))
+                    self.assertEqual(ovn_const.UNKNOWN_ADDR,
+                                     called_args_dict.get('addresses')[0])
                     data = {'port': {'mac_address': '00:00:00:00:00:01'}}
                     req = self.new_update_request(
                         'ports',
@@ -418,9 +419,9 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
                          ).call_args_list[0][1])
                     self.assertEqual([],
                                      called_args_dict.get('port_security'))
-                    self.assertEqual(2, len(called_args_dict.get('addresses')))
-                    self.assertEqual('unknown',
-                                     called_args_dict.get('addresses')[1])
+                    self.assertEqual(1, len(called_args_dict.get('addresses')))
+                    self.assertEqual(ovn_const.UNKNOWN_ADDR,
+                                     called_args_dict.get('addresses')[0])
 
                     # Enable port security
                     data = {'port': {'port_security_enabled': 'True'}}
@@ -434,7 +435,7 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
                     self.assertEqual(2,
                                      self.nb_ovn.set_lswitch_port.call_count)
                     self.assertEqual(1, len(called_args_dict.get('addresses')))
-                    self.assertNotIn('unknown',
+                    self.assertNotIn(ovn_const.UNKNOWN_ADDR,
                                      called_args_dict.get('addresses'))
 
     def test_create_port_security_allowed_address_pairs(self):