nova/gate
melanie witt 416290f193 Remove redundant call to get/create default security group
In the instance_create DB API method, it ensures the (legacy) default
security group gets created for the specified project_id if it does
not already exist. If the security group does not exist, it is created
in a separate transaction.

Later in the instance_create method, it reads the default security group
back that it wrote earlier (via the same ensure default security group
code). But since it was written in a separate transaction, the current
transaction will not be able to see it and will get back 0 rows. So, it
creates a duplicate default security group record if project_id=NULL
(which it will be, if running nova-manage db online_data_migrations,
which uses an anonymous RequestContext with project_id=NULL). This
succeeds despite the unique constraint on project_id because in MySQL,
unique constraints are only enforced on non-NULL values [1].

To avoid creation of a duplicate default security group for
project_id=NULL, we can use the default security group object that was
returned from the first security_group_ensure_default call earlier in
instance_create method and remove the second, redundant call.

This also breaks out the security groups setup code from a nested
method as it was causing confusion during code review and is not being
used for any particular purpose. Inspection of the original commit
where it was added in 2012 [2] did not contain any comments about the
nested method and it appeared to either be a way to organize the code
or a way to reuse the 'models' module name as a local variable name.

Closes-Bug: #1824435

[1] https://dev.mysql.com/doc/refman/8.0/en/create-index.html#create-index-unique
[2] https://review.opendev.org/#/c/8973/2/nova/db/sqlalchemy/api.py@1339

Change-Id: Idb205ab5b16bbf96965418cd544016fa9cc92de9
(cherry picked from commit 6ea945e3b1)
2019-10-25 17:40:05 +00:00
..
live_migration/hooks Add cold migrate and resize to nova-grenade-multinode 2019-08-30 15:35:46 -04:00
post_test_hook.sh Remove redundant call to get/create default security group 2019-10-25 17:40:05 +00:00
README move gate hooks to gate/ 2017-01-04 11:05:16 +00:00
test_evacuate.sh Pass --nic when creating servers in evacuate integration test script 2019-04-01 09:58:01 -04:00

These are hooks to be used by the OpenStack infra test system. These scripts
may be called by certain jobs at important times to do extra testing, setup,
etc. They are really only relevant within the scope of the OpenStack infra
system and are not expected to be useful to anyone else.