Merge "Don't try to create default SG when security groups are disabled" into stable/rocky
This commit is contained in:
commit
165cdfde4e
|
@ -14,6 +14,7 @@
|
|||
|
||||
import netaddr
|
||||
from neutron_lib.api.definitions import port as port_def
|
||||
from neutron_lib.api import extensions
|
||||
from neutron_lib.api import validators
|
||||
from neutron_lib.callbacks import events
|
||||
from neutron_lib.callbacks import exceptions
|
||||
|
@ -794,6 +795,8 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
|||
|
||||
:returns: the default security group id for given tenant.
|
||||
"""
|
||||
if not extensions.is_extension_supported(self, 'security-group'):
|
||||
return
|
||||
default_group_id = self._get_default_sg_id(context, tenant_id)
|
||||
if default_group_id:
|
||||
return default_group_id
|
||||
|
@ -845,7 +848,8 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
|||
if not validators.is_attr_set(port.get(ext_sg.SECURITYGROUPS)):
|
||||
default_sg = self._ensure_default_security_group(context,
|
||||
port['tenant_id'])
|
||||
port[ext_sg.SECURITYGROUPS] = [default_sg]
|
||||
if default_sg:
|
||||
port[ext_sg.SECURITYGROUPS] = [default_sg]
|
||||
|
||||
def _check_update_deletes_security_groups(self, port):
|
||||
"""Return True if port has as a security group and it's value
|
||||
|
|
|
@ -74,6 +74,10 @@ class SecurityGroupDbMixinTestCase(testlib_api.SqlTestCase):
|
|||
self.setup_coreplugin(core_plugin=DB_PLUGIN_KLASS)
|
||||
self.ctx = context.get_admin_context()
|
||||
self.mixin = SecurityGroupDbMixinImpl()
|
||||
is_ext_supported = mock.patch(
|
||||
'neutron_lib.api.extensions.is_extension_supported')
|
||||
self.is_ext_supported = is_ext_supported.start()
|
||||
self.is_ext_supported.return_value = True
|
||||
|
||||
def test_create_security_group_conflict(self):
|
||||
with mock.patch.object(registry, "notify") as mock_notify:
|
||||
|
@ -564,3 +568,13 @@ class SecurityGroupDbMixinTestCase(testlib_api.SqlTestCase):
|
|||
get_default_sg_id.assert_has_calls([
|
||||
mock.call(self.ctx, 'tenant_1'),
|
||||
mock.call(self.ctx, 'tenant_1')])
|
||||
|
||||
def test__ensure_default_security_group_when_disabled(self):
|
||||
with mock.patch.object(
|
||||
self.mixin, '_get_default_sg_id') as get_default_sg_id,\
|
||||
mock.patch.object(
|
||||
self.mixin, 'create_security_group') as create_sg:
|
||||
self.is_ext_supported.return_value = False
|
||||
self.mixin._ensure_default_security_group(self.ctx, 'tenant_1')
|
||||
create_sg.assert_not_called()
|
||||
get_default_sg_id.assert_not_called()
|
||||
|
|
Loading…
Reference in New Issue