Merge "Handle neutron-client conflict" into stable/2024.1
This commit is contained in:
commit
8555afb07d
@ -439,7 +439,8 @@ class SecurityGroupActionController(wsgi.Controller):
|
|||||||
except (exception.SecurityGroupNotFound,
|
except (exception.SecurityGroupNotFound,
|
||||||
exception.InstanceNotFound) as exp:
|
exception.InstanceNotFound) as exp:
|
||||||
raise exc.HTTPNotFound(explanation=exp.format_message())
|
raise exc.HTTPNotFound(explanation=exp.format_message())
|
||||||
except exception.NoUniqueMatch as exp:
|
except (exception.NoUniqueMatch,
|
||||||
|
exception.SecurityGroupConnectionStateConflict) as exp:
|
||||||
raise exc.HTTPConflict(explanation=exp.format_message())
|
raise exc.HTTPConflict(explanation=exp.format_message())
|
||||||
except exception.SecurityGroupCannotBeApplied as exp:
|
except exception.SecurityGroupCannotBeApplied as exp:
|
||||||
raise exc.HTTPBadRequest(explanation=exp.format_message())
|
raise exc.HTTPBadRequest(explanation=exp.format_message())
|
||||||
|
@ -1056,6 +1056,12 @@ class SecurityGroupCannotBeApplied(Invalid):
|
|||||||
" in order to apply security groups.")
|
" in order to apply security groups.")
|
||||||
|
|
||||||
|
|
||||||
|
class SecurityGroupConnectionStateConflict(Invalid):
|
||||||
|
code = 409
|
||||||
|
msg_fmt = _("Cannot apply both stateful and stateless security groups on "
|
||||||
|
"the same port.")
|
||||||
|
|
||||||
|
|
||||||
class NoUniqueMatch(NovaException):
|
class NoUniqueMatch(NovaException):
|
||||||
msg_fmt = _("No Unique Match Found.")
|
msg_fmt = _("No Unique Match Found.")
|
||||||
code = 409
|
code = 409
|
||||||
|
@ -649,6 +649,8 @@ def add_to_instance(context, instance, security_group_name):
|
|||||||
except n_exc.NeutronClientException as e:
|
except n_exc.NeutronClientException as e:
|
||||||
if e.status_code == 400:
|
if e.status_code == 400:
|
||||||
raise exception.SecurityGroupCannotBeApplied(str(e))
|
raise exception.SecurityGroupCannotBeApplied(str(e))
|
||||||
|
elif e.status_code == 409:
|
||||||
|
raise exception.SecurityGroupConnectionStateConflict(str(e))
|
||||||
else:
|
else:
|
||||||
raise e
|
raise e
|
||||||
except Exception:
|
except Exception:
|
||||||
|
@ -373,6 +373,38 @@ class TestNeutronDriver(test.NoDBTestCase):
|
|||||||
self.mocked_client.update_port.assert_called_once_with(
|
self.mocked_client.update_port.assert_called_once_with(
|
||||||
port_id, {'port': {'security_groups': [sg_id]}})
|
port_id, {'port': {'security_groups': [sg_id]}})
|
||||||
|
|
||||||
|
def test_add_to_instance_with_conflicting_sg(self):
|
||||||
|
sg1_name = 'sg-stateful'
|
||||||
|
sg1_id = '85cc3048-abc3-43cc-89b3-377341426ac5'
|
||||||
|
port_id = 1
|
||||||
|
port_list = {'ports': [{'id': port_id, 'device_id': uuids.instance,
|
||||||
|
'fixed_ips': [{'ip_address': '10.0.0.1'}],
|
||||||
|
'port_security_enabled': True, 'security_groups': []}]}
|
||||||
|
self.mocked_client.list_ports.return_value = port_list
|
||||||
|
with mock.patch.object(neutronv20, 'find_resourceid_by_name_or_id',
|
||||||
|
return_value=sg1_id):
|
||||||
|
sg_api.add_to_instance(
|
||||||
|
self.context, objects.Instance(uuid=uuids.instance), sg1_name)
|
||||||
|
self.mocked_client.list_ports.assert_called_once_with(
|
||||||
|
device_id=uuids.instance)
|
||||||
|
self.mocked_client.update_port.assert_called_once_with(
|
||||||
|
port_id, {'port': {'security_groups': [sg1_id]}})
|
||||||
|
|
||||||
|
sg2_name = 'sg-stateless'
|
||||||
|
sg2_id = '85cc3048-abc3-43cc-89b3-377341426ac5'
|
||||||
|
port_id = 1
|
||||||
|
port_list = {'ports': [{'id': port_id, 'device_id': uuids.instance,
|
||||||
|
'fixed_ips': [{'ip_address': '10.0.0.1'}],
|
||||||
|
'port_security_enabled': True, 'security_groups': []}]}
|
||||||
|
self.mocked_client.list_ports.return_value = port_list
|
||||||
|
self.mocked_client.update_port.side_effect = (
|
||||||
|
n_exc.Conflict(message='error'))
|
||||||
|
with mock.patch.object(neutronv20, 'find_resourceid_by_name_or_id',
|
||||||
|
return_value=sg2_id):
|
||||||
|
self.assertRaises(exception.SecurityGroupConnectionStateConflict,
|
||||||
|
sg_api.add_to_instance, self.context,
|
||||||
|
objects.Instance(uuid=uuids.instance), sg2_name)
|
||||||
|
|
||||||
def test_add_to_instance_duplicate_sg_name(self):
|
def test_add_to_instance_duplicate_sg_name(self):
|
||||||
sg_name = 'web_server'
|
sg_name = 'web_server'
|
||||||
with mock.patch.object(neutronv20, 'find_resourceid_by_name_or_id',
|
with mock.patch.object(neutronv20, 'find_resourceid_by_name_or_id',
|
||||||
|
Loading…
x
Reference in New Issue
Block a user