From 3e1278391fcfb7d14b651e2fdb380dae35cd28cd Mon Sep 17 00:00:00 2001
From: Noah Mickus <noah.mickus@gmail.com>
Date: Thu, 26 Mar 2020 16:35:51 +0000
Subject: [PATCH] Adding cipher list Support for provider drivers

updated the data models for pools and listeners to
add support for cipher lists and added the needed
constants

updated the test models to include the new
parameters

Change-Id: Id5f4c20abd40dd092558a711987953012d4ae67f
Story: 2006627
Task: 37185
---
 octavia_lib/api/drivers/data_models.py               |  6 ++++--
 octavia_lib/common/constants.py                      |  1 +
 .../tests/unit/api/drivers/test_data_models.py       | 12 ++++++++----
 ...upport-for-provider-drivers-6a4dbec2d0254aae.yaml |  6 ++++++
 zuul.d/projects.yaml                                 |  4 ++++
 5 files changed, 23 insertions(+), 6 deletions(-)
 create mode 100644 releasenotes/notes/adding-cipher-list-support-for-provider-drivers-6a4dbec2d0254aae.yaml

diff --git a/octavia_lib/api/drivers/data_models.py b/octavia_lib/api/drivers/data_models.py
index 1fdb8e9..d6ba211 100644
--- a/octavia_lib/api/drivers/data_models.py
+++ b/octavia_lib/api/drivers/data_models.py
@@ -133,7 +133,7 @@ class Listener(BaseDataModel):
                  client_ca_tls_container_data=Unset,
                  client_authentication=Unset, client_crl_container_ref=Unset,
                  client_crl_container_data=Unset, project_id=Unset,
-                 allowed_cidrs=Unset):
+                 allowed_cidrs=Unset, tls_ciphers=Unset):
 
         self.admin_state_up = admin_state_up
         self.connection_limit = connection_limit
@@ -162,6 +162,7 @@ class Listener(BaseDataModel):
         self.client_crl_container_data = client_crl_container_data
         self.project_id = project_id
         self.allowed_cidrs = allowed_cidrs
+        self.tls_ciphers = tls_ciphers
 
 
 class Pool(BaseDataModel):
@@ -173,7 +174,7 @@ class Pool(BaseDataModel):
                  tls_container_data=Unset, ca_tls_container_ref=Unset,
                  ca_tls_container_data=Unset, crl_container_ref=Unset,
                  crl_container_data=Unset, tls_enabled=Unset,
-                 project_id=Unset):
+                 project_id=Unset, tls_ciphers=Unset):
 
         self.admin_state_up = admin_state_up
         self.description = description
@@ -194,6 +195,7 @@ class Pool(BaseDataModel):
         self.crl_container_data = crl_container_data
         self.tls_enabled = tls_enabled
         self.project_id = project_id
+        self.tls_ciphers = tls_ciphers
 
 
 class Member(BaseDataModel):
diff --git a/octavia_lib/common/constants.py b/octavia_lib/common/constants.py
index c9e437a..1ab1821 100644
--- a/octavia_lib/common/constants.py
+++ b/octavia_lib/common/constants.py
@@ -247,6 +247,7 @@ TIMEOUT_CLIENT_DATA = 'timeout_client_data'
 TIMEOUT_MEMBER_CONNECT = 'timeout_member_connect'
 TIMEOUT_MEMBER_DATA = 'timeout_member_data'
 TIMEOUT_TCP_INSPECT = 'timeout_tcp_inspect'
+TLS_CIPHERS = 'tls_ciphers'
 TLS_CONTAINER_DATA = 'tls_container_data'
 TLS_CONTAINER_REF = 'tls_container_ref'
 TLS_ENABLED = 'tls_enabled'
diff --git a/octavia_lib/tests/unit/api/drivers/test_data_models.py b/octavia_lib/tests/unit/api/drivers/test_data_models.py
index d580793..2c2dc39 100644
--- a/octavia_lib/tests/unit/api/drivers/test_data_models.py
+++ b/octavia_lib/tests/unit/api/drivers/test_data_models.py
@@ -100,7 +100,8 @@ class TestProviderDataModels(base.TestCase):
             client_ca_tls_container_ref=None,
             client_crl_container_data=None,
             client_crl_container_ref=None,
-            allowed_cidrs=None)
+            allowed_cidrs=None,
+            tls_ciphers=None)
 
         self.ref_lb = data_models.LoadBalancer(
             admin_state_up=False,
@@ -167,7 +168,8 @@ class TestProviderDataModels(base.TestCase):
             project_id=self.project_id,
             listener_id=self.listener_id,
             protocol='avian',
-            session_persistence=self.session_persistence)
+            session_persistence=self.session_persistence,
+            tls_ciphers=None)
 
         self.ref_l7rule_dict = {'admin_state_up': True,
                                 'compare_type': 'STARTS_WITH',
@@ -234,7 +236,8 @@ class TestProviderDataModels(base.TestCase):
             'client_ca_tls_container_ref': None,
             'client_crl_container_data': None,
             'client_crl_container_ref': None,
-            'allowed_cidrs': None, }
+            'allowed_cidrs': None,
+            'tls_ciphers': None}
 
         self.ref_lb_dict_with_listener = {
             'admin_state_up': False,
@@ -301,7 +304,8 @@ class TestProviderDataModels(base.TestCase):
             'project_id': self.project_id,
             'listener_id': self.listener_id,
             'protocol': 'avian',
-            'session_persistence': self.session_persistence}
+            'session_persistence': self.session_persistence,
+            'tls_ciphers': None}
 
     def test_equality(self):
         second_ref_lb = deepcopy(self.ref_lb)
diff --git a/releasenotes/notes/adding-cipher-list-support-for-provider-drivers-6a4dbec2d0254aae.yaml b/releasenotes/notes/adding-cipher-list-support-for-provider-drivers-6a4dbec2d0254aae.yaml
new file mode 100644
index 0000000..c3acca9
--- /dev/null
+++ b/releasenotes/notes/adding-cipher-list-support-for-provider-drivers-6a4dbec2d0254aae.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Added a parameter called ``tls_ciphers``
+    for passing OpenSSL cipher strings in pools
+    and listeners.
diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml
index 7e4d5a0..a2b44c5 100644
--- a/zuul.d/projects.yaml
+++ b/zuul.d/projects.yaml
@@ -7,3 +7,7 @@
       - publish-openstack-docs-pti
       - release-notes-jobs-python3
       - octavia-tox-tips
+    check:
+      jobs:
+        - octavia-tox-functional-py37-tips:
+            voting: false