Add VPNaaS IpsecPolicy resource
Change-Id: Id2513fd77fc303b42a52c436e3b0d46f93b7d376
This commit is contained in:
parent
4ce7a3fb61
commit
54e77e6215
@ -254,7 +254,9 @@ VPNaaS Operations
|
||||
delete_vpn_ipsec_site_connection, get_vpn_ipsec_site_connection,
|
||||
find_vpn_ipsec_site_connection, vpn_ipsec_site_connections,
|
||||
create_vpn_ikepolicy, update_vpn_ikepolicy, delete_vpn_ikepolicy,
|
||||
get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies
|
||||
get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies,
|
||||
create_vpn_ipsecpolicy, update_vpn_ipsecpolicy, delete_vpn_ipsecpolicy,
|
||||
get_vpn_ipsecpolicy, find_vpn_ipsecpolicy, vpn_ipsecpolicies
|
||||
|
||||
Extension Operations
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
@ -7,4 +7,5 @@ VPNaaS Resources
|
||||
endpoint_group
|
||||
ipsec_site_connection
|
||||
ikepolicy
|
||||
ipsecpolicy
|
||||
service
|
||||
|
13
doc/source/user/resources/network/v2/vpn/ipsecpolicy.rst
Normal file
13
doc/source/user/resources/network/v2/vpn/ipsecpolicy.rst
Normal file
@ -0,0 +1,13 @@
|
||||
openstack.network.v2.vpn_ikepolicy
|
||||
==================================
|
||||
|
||||
.. automodule:: openstack.network.v2.vpn_ikepolicy
|
||||
|
||||
The VpnIkePolicy Class
|
||||
----------------------
|
||||
|
||||
The ``VpnIkePolicy`` class inherits from
|
||||
:class:`~openstack.resource.Resource`.
|
||||
|
||||
.. autoclass:: openstack.network.v2.vpn_ikepolicy.VpnIkePolicy
|
||||
:members:
|
@ -65,6 +65,7 @@ from openstack.network.v2 import vpn_endpoint_group as _vpn_endpoint_group
|
||||
from openstack.network.v2 import vpn_ikepolicy as _ikepolicy
|
||||
from openstack.network.v2 import vpn_ipsec_site_connection as \
|
||||
_ipsec_site_connection
|
||||
from openstack.network.v2 import vpn_ipsecpolicy as _ipsecpolicy
|
||||
from openstack.network.v2 import vpn_service as _vpn_service
|
||||
from openstack import proxy
|
||||
|
||||
@ -4672,8 +4673,105 @@ class Proxy(proxy.Proxy):
|
||||
_ikepolicy.VpnIkePolicy, ikepolicy,
|
||||
ignore_missing=ignore_missing)
|
||||
|
||||
# ========== VPN Service ==========
|
||||
# ========== IPSecPolicy ==========
|
||||
def create_vpn_ipsecpolicy(self, **attrs):
|
||||
"""Create a new ipsec policy from attributes
|
||||
|
||||
:param dict attrs: Keyword arguments which will be used to create a
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`,
|
||||
comprised of the properties on the VpnIpsecPolicy class.
|
||||
|
||||
:returns: The results of ipsec policy creation :rtype:
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
"""
|
||||
return self._create(
|
||||
_ipsecpolicy.VpnIpsecPolicy, **attrs)
|
||||
|
||||
def find_vpn_ipsecpolicy(
|
||||
self, name_or_id, ignore_missing=True, **args
|
||||
):
|
||||
"""Find a single ipsec policy
|
||||
|
||||
:param name_or_id: The name or ID of an ipsec policy.
|
||||
:param bool ignore_missing: When set to ``False``
|
||||
:class:`~openstack.exceptions.ResourceNotFound`
|
||||
will be raised when the resource does not exist. When set to
|
||||
``True``, None will be returned when attempting to find a
|
||||
nonexistent resource.
|
||||
:param dict args: Any additional parameters to be passed into
|
||||
underlying methods such as query filters.
|
||||
:returns: One
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
or None.
|
||||
"""
|
||||
return self._find(
|
||||
_ipsecpolicy.VpnIpsecPolicy, name_or_id,
|
||||
ignore_missing=ignore_missing, **args)
|
||||
|
||||
def get_vpn_ipsecpolicy(self, ipsecpolicy):
|
||||
"""Get a single ipsec policy
|
||||
|
||||
:param ipsecpolicy: The value can be the ID of an ipsecpolicy or a
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
instance.
|
||||
|
||||
:returns: One
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
:rtype: :class:`~openstack.network.v2.ipsecpolicy.VpnIpsecPolicy`
|
||||
:raises: :class:`~openstack.exceptions.ResourceNotFound` when no
|
||||
resource can be found.
|
||||
"""
|
||||
return self._get(
|
||||
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy)
|
||||
|
||||
def vpn_ipsecpolicies(self, **query):
|
||||
"""Return a generator of ipsec policy
|
||||
|
||||
:param dict query: Optional query parameters to be sent to limit the
|
||||
resources being returned.
|
||||
|
||||
:returns: A generator of ipsec policy objects
|
||||
:rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
"""
|
||||
return self._list(
|
||||
_ipsecpolicy.VpnIpsecPolicy, **query)
|
||||
|
||||
def update_vpn_ipsecpolicy(self, ipsecpolicy, **attrs):
|
||||
"""Update a ipsec policy
|
||||
|
||||
:ipsecpolicy: Either the id of an ipsec policy or a
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
instance.
|
||||
:param dict attrs: The attributes to update on the ipsec policy
|
||||
represented by ``ipsecpolicy``.
|
||||
|
||||
:returns: The updated ipsec policy
|
||||
:rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
"""
|
||||
return self._update(
|
||||
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy, **attrs)
|
||||
|
||||
def delete_vpn_ipsecpolicy(self, ipsecpolicy, ignore_missing=True):
|
||||
"""Delete a ipsecpolicy
|
||||
|
||||
:param ipsecpolicy: The value can be either the ID of an ipsec policy,
|
||||
or a
|
||||
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
|
||||
instance.
|
||||
:param bool ignore_missing:
|
||||
When set to ``False``
|
||||
:class:`~openstack.exceptions.ResourceNotFound`
|
||||
will be raised when the ipsec policy does not exist. When set to
|
||||
``True``, no exception will be set when attempting to delete a
|
||||
nonexistent ipsec policy.
|
||||
|
||||
:returns: ``None``
|
||||
"""
|
||||
self._delete(
|
||||
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy,
|
||||
ignore_missing=ignore_missing)
|
||||
|
||||
# ========== VPN Service ==========
|
||||
def create_vpn_service(self, **attrs):
|
||||
"""Create a new vpn service from attributes
|
||||
|
||||
|
59
openstack/network/v2/vpn_ipsec_policy.py
Normal file
59
openstack/network/v2/vpn_ipsec_policy.py
Normal file
@ -0,0 +1,59 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from openstack import resource
|
||||
|
||||
|
||||
class VpnIpsecPolicy(resource.Resource):
|
||||
resource_key = 'ipsecpolicy'
|
||||
resources_key = 'ipsecpolicies'
|
||||
base_path = '/vpn/ipsecpolicies'
|
||||
|
||||
# capabilities
|
||||
allow_create = True
|
||||
allow_fetch = True
|
||||
allow_commit = True
|
||||
allow_delete = True
|
||||
allow_list = True
|
||||
|
||||
# Properties
|
||||
#: The authentication hash algorithm. Valid values are sha1,
|
||||
# sha256, sha384, sha512. The default is sha1.
|
||||
auth_algorithm = resource.Body('auth_algorithm')
|
||||
#: A human-readable description for the resource.
|
||||
# Default is an empty string.
|
||||
description = resource.Body('description')
|
||||
#: The encryption algorithm. A valid value is 3des, aes-128,
|
||||
# aes-192, aes-256, and so on. Default is aes-128.
|
||||
encryption_algorithm = resource.Body('encryption_algorithm')
|
||||
#: The lifetime of the security association. The lifetime consists
|
||||
# of a unit and integer value. You can omit either the unit or value
|
||||
# portion of the lifetime. Default unit is seconds and
|
||||
# default value is 3600.
|
||||
lifetime = resource.Body('lifetime', type=dict)
|
||||
#: Perfect forward secrecy (PFS). A valid value is Group2,
|
||||
# Group5, Group14, and so on. Default is Group5.
|
||||
pfs = resource.Body('pfs')
|
||||
#: The ID of the project.
|
||||
project_id = resource.Body('project_id')
|
||||
#: The IKE mode. A valid value is main, which is the default.
|
||||
phase1_negotiation_mode = resource.Body('phase1_negotiation_mode')
|
||||
#: The units for the lifetime of the security association.
|
||||
# The lifetime consists of a unit and integer value.
|
||||
# You can omit either the unit or value portion of the lifetime.
|
||||
# Default unit is seconds and default value is 3600.
|
||||
units = resource.Body('units')
|
||||
#: The lifetime value, as a positive integer. The lifetime
|
||||
# consists of a unit and integer value.
|
||||
# You can omit either the unit or value portion of the lifetime.
|
||||
# Default unit is seconds and default value is 3600.
|
||||
value = resource.Body('value', type=int)
|
57
openstack/network/v2/vpn_ipsecpolicy.py
Normal file
57
openstack/network/v2/vpn_ipsecpolicy.py
Normal file
@ -0,0 +1,57 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from openstack import resource
|
||||
|
||||
|
||||
class VpnIpsecPolicy(resource.Resource):
|
||||
resource_key = 'ipsecpolicy'
|
||||
resources_key = 'ipsecpolicies'
|
||||
base_path = '/vpn/ipsecpolicies'
|
||||
|
||||
# capabilities
|
||||
allow_create = True
|
||||
allow_fetch = True
|
||||
allow_commit = True
|
||||
allow_delete = True
|
||||
allow_list = True
|
||||
|
||||
# Properties
|
||||
#: The authentication hash algorithm. Valid values are sha1,
|
||||
# sha256, sha384, sha512. The default is sha1.
|
||||
auth_algorithm = resource.Body('auth_algorithm')
|
||||
#: A human-readable description for the resource.
|
||||
# Default is an empty string.
|
||||
description = resource.Body('description')
|
||||
#: The encryption algorithm. A valid value is 3des, aes-128,
|
||||
# aes-192, aes-256, and so on. Default is aes-128.
|
||||
encryption_algorithm = resource.Body('encryption_algorithm')
|
||||
#: The lifetime of the security association. The lifetime consists
|
||||
# of a unit and integer value. You can omit either the unit or value
|
||||
# portion of the lifetime. Default unit is seconds and
|
||||
# default value is 3600.
|
||||
lifetime = resource.Body('lifetime', type=dict)
|
||||
#: Perfect forward secrecy (PFS). A valid value is Group2,
|
||||
# Group5, Group14, and so on. Default is Group5.
|
||||
pfs = resource.Body('pfs')
|
||||
#: The ID of the project.
|
||||
project_id = resource.Body('project_id')
|
||||
#: The units for the lifetime of the security association.
|
||||
# The lifetime consists of a unit and integer value.
|
||||
# You can omit either the unit or value portion of the lifetime.
|
||||
# Default unit is seconds and default value is 3600.
|
||||
units = resource.Body('units')
|
||||
#: The lifetime value, as a positive integer. The lifetime
|
||||
# consists of a unit and integer value.
|
||||
# You can omit either the unit or value portion of the lifetime.
|
||||
# Default unit is seconds and default value is 3600.
|
||||
value = resource.Body('value', type=int)
|
@ -61,6 +61,7 @@ from openstack.network.v2 import subnet_pool
|
||||
from openstack.network.v2 import vpn_endpoint_group
|
||||
from openstack.network.v2 import vpn_ikepolicy
|
||||
from openstack.network.v2 import vpn_ipsec_site_connection
|
||||
from openstack.network.v2 import vpn_ipsecpolicy
|
||||
from openstack.network.v2 import vpn_service
|
||||
from openstack import proxy as proxy_base
|
||||
from openstack.tests.unit import test_proxy_base
|
||||
@ -1684,6 +1685,43 @@ class TestNetworkVpnIkePolicy(TestNetworkProxy):
|
||||
vpn_ikepolicy.VpnIkePolicy)
|
||||
|
||||
|
||||
class TestNetworkVpnIpsecPolicy(TestNetworkProxy):
|
||||
def test_ipsecpolicy_create_attrs(self):
|
||||
self.verify_create(
|
||||
self.proxy.create_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy)
|
||||
|
||||
def test_ipsecpolicy_delete(self):
|
||||
self.verify_delete(
|
||||
self.proxy.delete_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy, False)
|
||||
|
||||
def test_ipsecpolicy_delete_ignore(self):
|
||||
self.verify_delete(
|
||||
self.proxy.delete_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy, True)
|
||||
|
||||
def test_ipsecpolicy_find(self):
|
||||
self.verify_find(
|
||||
self.proxy.find_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy)
|
||||
|
||||
def test_ipsecpolicy_get(self):
|
||||
self.verify_get(
|
||||
self.proxy.get_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy)
|
||||
|
||||
def test_ipsecpolicies(self):
|
||||
self.verify_list(
|
||||
self.proxy.vpn_ipsecpolicies,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy)
|
||||
|
||||
def test_ipsecpolicy_update(self):
|
||||
self.verify_update(
|
||||
self.proxy.update_vpn_ipsecpolicy,
|
||||
vpn_ipsecpolicy.VpnIpsecPolicy)
|
||||
|
||||
|
||||
class TestNetworkVpnService(TestNetworkProxy):
|
||||
def test_vpn_service_create_attrs(self):
|
||||
self.verify_create(self.proxy.create_vpn_service,
|
||||
|
61
openstack/tests/unit/network/v2/test_vpn_ipsecpolicy.py
Normal file
61
openstack/tests/unit/network/v2/test_vpn_ipsecpolicy.py
Normal file
@ -0,0 +1,61 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from openstack.network.v2 import vpn_ipsecpolicy
|
||||
from openstack.tests.unit import base
|
||||
|
||||
|
||||
EXAMPLE = {
|
||||
"auth_algorithm": "1",
|
||||
"description": "2",
|
||||
"encryption_algorithm": "3",
|
||||
"lifetime": {'a': 5},
|
||||
"name": "5",
|
||||
"pfs": "6",
|
||||
"project_id": "7",
|
||||
"units": "9",
|
||||
"value": 10
|
||||
}
|
||||
|
||||
|
||||
class TestVpnIpsecPolicy(base.TestCase):
|
||||
|
||||
def test_basic(self):
|
||||
sot = vpn_ipsecpolicy.VpnIpsecPolicy()
|
||||
self.assertEqual('ipsecpolicy', sot.resource_key)
|
||||
self.assertEqual('ipsecpolicies', sot.resources_key)
|
||||
self.assertEqual('/vpn/ipsecpolicies', sot.base_path)
|
||||
self.assertTrue(sot.allow_create)
|
||||
self.assertTrue(sot.allow_fetch)
|
||||
self.assertTrue(sot.allow_commit)
|
||||
self.assertTrue(sot.allow_delete)
|
||||
self.assertTrue(sot.allow_list)
|
||||
|
||||
def test_make_it(self):
|
||||
sot = vpn_ipsecpolicy.VpnIpsecPolicy(**EXAMPLE)
|
||||
self.assertEqual(EXAMPLE['auth_algorithm'], sot.auth_algorithm)
|
||||
self.assertEqual(EXAMPLE['description'], sot.description)
|
||||
self.assertEqual(EXAMPLE['encryption_algorithm'],
|
||||
sot.encryption_algorithm)
|
||||
self.assertEqual(EXAMPLE['lifetime'], sot.lifetime)
|
||||
self.assertEqual(EXAMPLE['name'], sot.name)
|
||||
self.assertEqual(EXAMPLE['pfs'], sot.pfs)
|
||||
self.assertEqual(EXAMPLE['project_id'], sot.project_id)
|
||||
self.assertEqual(EXAMPLE['units'], sot.units)
|
||||
self.assertEqual(EXAMPLE['value'], sot.value)
|
||||
|
||||
self.assertDictEqual(
|
||||
{
|
||||
"limit": "limit",
|
||||
"marker": "marker",
|
||||
},
|
||||
sot._query_mapping._mapping)
|
Loading…
Reference in New Issue
Block a user