Add VPNaaS IpsecPolicy resource

Change-Id: Id2513fd77fc303b42a52c436e3b0d46f93b7d376
This commit is contained in:
Artem Goncharov 2022-06-20 12:28:21 +02:00
parent 4ce7a3fb61
commit 54e77e6215
8 changed files with 331 additions and 2 deletions

View File

@ -254,7 +254,9 @@ VPNaaS Operations
delete_vpn_ipsec_site_connection, get_vpn_ipsec_site_connection,
find_vpn_ipsec_site_connection, vpn_ipsec_site_connections,
create_vpn_ikepolicy, update_vpn_ikepolicy, delete_vpn_ikepolicy,
get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies
get_vpn_ikepolicy, find_vpn_ikepolicy, vpn_ikepolicies,
create_vpn_ipsecpolicy, update_vpn_ipsecpolicy, delete_vpn_ipsecpolicy,
get_vpn_ipsecpolicy, find_vpn_ipsecpolicy, vpn_ipsecpolicies
Extension Operations
^^^^^^^^^^^^^^^^^^^^

View File

@ -7,4 +7,5 @@ VPNaaS Resources
endpoint_group
ipsec_site_connection
ikepolicy
ipsecpolicy
service

View File

@ -0,0 +1,13 @@
openstack.network.v2.vpn_ikepolicy
==================================
.. automodule:: openstack.network.v2.vpn_ikepolicy
The VpnIkePolicy Class
----------------------
The ``VpnIkePolicy`` class inherits from
:class:`~openstack.resource.Resource`.
.. autoclass:: openstack.network.v2.vpn_ikepolicy.VpnIkePolicy
:members:

View File

@ -65,6 +65,7 @@ from openstack.network.v2 import vpn_endpoint_group as _vpn_endpoint_group
from openstack.network.v2 import vpn_ikepolicy as _ikepolicy
from openstack.network.v2 import vpn_ipsec_site_connection as \
_ipsec_site_connection
from openstack.network.v2 import vpn_ipsecpolicy as _ipsecpolicy
from openstack.network.v2 import vpn_service as _vpn_service
from openstack import proxy
@ -4672,8 +4673,105 @@ class Proxy(proxy.Proxy):
_ikepolicy.VpnIkePolicy, ikepolicy,
ignore_missing=ignore_missing)
# ========== VPN Service ==========
# ========== IPSecPolicy ==========
def create_vpn_ipsecpolicy(self, **attrs):
"""Create a new ipsec policy from attributes
:param dict attrs: Keyword arguments which will be used to create a
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`,
comprised of the properties on the VpnIpsecPolicy class.
:returns: The results of ipsec policy creation :rtype:
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
"""
return self._create(
_ipsecpolicy.VpnIpsecPolicy, **attrs)
def find_vpn_ipsecpolicy(
self, name_or_id, ignore_missing=True, **args
):
"""Find a single ipsec policy
:param name_or_id: The name or ID of an ipsec policy.
:param bool ignore_missing: When set to ``False``
:class:`~openstack.exceptions.ResourceNotFound`
will be raised when the resource does not exist. When set to
``True``, None will be returned when attempting to find a
nonexistent resource.
:param dict args: Any additional parameters to be passed into
underlying methods such as query filters.
:returns: One
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
or None.
"""
return self._find(
_ipsecpolicy.VpnIpsecPolicy, name_or_id,
ignore_missing=ignore_missing, **args)
def get_vpn_ipsecpolicy(self, ipsecpolicy):
"""Get a single ipsec policy
:param ipsecpolicy: The value can be the ID of an ipsecpolicy or a
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
instance.
:returns: One
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
:rtype: :class:`~openstack.network.v2.ipsecpolicy.VpnIpsecPolicy`
:raises: :class:`~openstack.exceptions.ResourceNotFound` when no
resource can be found.
"""
return self._get(
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy)
def vpn_ipsecpolicies(self, **query):
"""Return a generator of ipsec policy
:param dict query: Optional query parameters to be sent to limit the
resources being returned.
:returns: A generator of ipsec policy objects
:rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
"""
return self._list(
_ipsecpolicy.VpnIpsecPolicy, **query)
def update_vpn_ipsecpolicy(self, ipsecpolicy, **attrs):
"""Update a ipsec policy
:ipsecpolicy: Either the id of an ipsec policy or a
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
instance.
:param dict attrs: The attributes to update on the ipsec policy
represented by ``ipsecpolicy``.
:returns: The updated ipsec policy
:rtype: :class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
"""
return self._update(
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy, **attrs)
def delete_vpn_ipsecpolicy(self, ipsecpolicy, ignore_missing=True):
"""Delete a ipsecpolicy
:param ipsecpolicy: The value can be either the ID of an ipsec policy,
or a
:class:`~openstack.network.v2.vpn_ipsecpolicy.VpnIpsecPolicy`
instance.
:param bool ignore_missing:
When set to ``False``
:class:`~openstack.exceptions.ResourceNotFound`
will be raised when the ipsec policy does not exist. When set to
``True``, no exception will be set when attempting to delete a
nonexistent ipsec policy.
:returns: ``None``
"""
self._delete(
_ipsecpolicy.VpnIpsecPolicy, ipsecpolicy,
ignore_missing=ignore_missing)
# ========== VPN Service ==========
def create_vpn_service(self, **attrs):
"""Create a new vpn service from attributes

View File

@ -0,0 +1,59 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack import resource
class VpnIpsecPolicy(resource.Resource):
resource_key = 'ipsecpolicy'
resources_key = 'ipsecpolicies'
base_path = '/vpn/ipsecpolicies'
# capabilities
allow_create = True
allow_fetch = True
allow_commit = True
allow_delete = True
allow_list = True
# Properties
#: The authentication hash algorithm. Valid values are sha1,
# sha256, sha384, sha512. The default is sha1.
auth_algorithm = resource.Body('auth_algorithm')
#: A human-readable description for the resource.
# Default is an empty string.
description = resource.Body('description')
#: The encryption algorithm. A valid value is 3des, aes-128,
# aes-192, aes-256, and so on. Default is aes-128.
encryption_algorithm = resource.Body('encryption_algorithm')
#: The lifetime of the security association. The lifetime consists
# of a unit and integer value. You can omit either the unit or value
# portion of the lifetime. Default unit is seconds and
# default value is 3600.
lifetime = resource.Body('lifetime', type=dict)
#: Perfect forward secrecy (PFS). A valid value is Group2,
# Group5, Group14, and so on. Default is Group5.
pfs = resource.Body('pfs')
#: The ID of the project.
project_id = resource.Body('project_id')
#: The IKE mode. A valid value is main, which is the default.
phase1_negotiation_mode = resource.Body('phase1_negotiation_mode')
#: The units for the lifetime of the security association.
# The lifetime consists of a unit and integer value.
# You can omit either the unit or value portion of the lifetime.
# Default unit is seconds and default value is 3600.
units = resource.Body('units')
#: The lifetime value, as a positive integer. The lifetime
# consists of a unit and integer value.
# You can omit either the unit or value portion of the lifetime.
# Default unit is seconds and default value is 3600.
value = resource.Body('value', type=int)

View File

@ -0,0 +1,57 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack import resource
class VpnIpsecPolicy(resource.Resource):
resource_key = 'ipsecpolicy'
resources_key = 'ipsecpolicies'
base_path = '/vpn/ipsecpolicies'
# capabilities
allow_create = True
allow_fetch = True
allow_commit = True
allow_delete = True
allow_list = True
# Properties
#: The authentication hash algorithm. Valid values are sha1,
# sha256, sha384, sha512. The default is sha1.
auth_algorithm = resource.Body('auth_algorithm')
#: A human-readable description for the resource.
# Default is an empty string.
description = resource.Body('description')
#: The encryption algorithm. A valid value is 3des, aes-128,
# aes-192, aes-256, and so on. Default is aes-128.
encryption_algorithm = resource.Body('encryption_algorithm')
#: The lifetime of the security association. The lifetime consists
# of a unit and integer value. You can omit either the unit or value
# portion of the lifetime. Default unit is seconds and
# default value is 3600.
lifetime = resource.Body('lifetime', type=dict)
#: Perfect forward secrecy (PFS). A valid value is Group2,
# Group5, Group14, and so on. Default is Group5.
pfs = resource.Body('pfs')
#: The ID of the project.
project_id = resource.Body('project_id')
#: The units for the lifetime of the security association.
# The lifetime consists of a unit and integer value.
# You can omit either the unit or value portion of the lifetime.
# Default unit is seconds and default value is 3600.
units = resource.Body('units')
#: The lifetime value, as a positive integer. The lifetime
# consists of a unit and integer value.
# You can omit either the unit or value portion of the lifetime.
# Default unit is seconds and default value is 3600.
value = resource.Body('value', type=int)

View File

@ -61,6 +61,7 @@ from openstack.network.v2 import subnet_pool
from openstack.network.v2 import vpn_endpoint_group
from openstack.network.v2 import vpn_ikepolicy
from openstack.network.v2 import vpn_ipsec_site_connection
from openstack.network.v2 import vpn_ipsecpolicy
from openstack.network.v2 import vpn_service
from openstack import proxy as proxy_base
from openstack.tests.unit import test_proxy_base
@ -1684,6 +1685,43 @@ class TestNetworkVpnIkePolicy(TestNetworkProxy):
vpn_ikepolicy.VpnIkePolicy)
class TestNetworkVpnIpsecPolicy(TestNetworkProxy):
def test_ipsecpolicy_create_attrs(self):
self.verify_create(
self.proxy.create_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy)
def test_ipsecpolicy_delete(self):
self.verify_delete(
self.proxy.delete_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy, False)
def test_ipsecpolicy_delete_ignore(self):
self.verify_delete(
self.proxy.delete_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy, True)
def test_ipsecpolicy_find(self):
self.verify_find(
self.proxy.find_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy)
def test_ipsecpolicy_get(self):
self.verify_get(
self.proxy.get_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy)
def test_ipsecpolicies(self):
self.verify_list(
self.proxy.vpn_ipsecpolicies,
vpn_ipsecpolicy.VpnIpsecPolicy)
def test_ipsecpolicy_update(self):
self.verify_update(
self.proxy.update_vpn_ipsecpolicy,
vpn_ipsecpolicy.VpnIpsecPolicy)
class TestNetworkVpnService(TestNetworkProxy):
def test_vpn_service_create_attrs(self):
self.verify_create(self.proxy.create_vpn_service,

View File

@ -0,0 +1,61 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack.network.v2 import vpn_ipsecpolicy
from openstack.tests.unit import base
EXAMPLE = {
"auth_algorithm": "1",
"description": "2",
"encryption_algorithm": "3",
"lifetime": {'a': 5},
"name": "5",
"pfs": "6",
"project_id": "7",
"units": "9",
"value": 10
}
class TestVpnIpsecPolicy(base.TestCase):
def test_basic(self):
sot = vpn_ipsecpolicy.VpnIpsecPolicy()
self.assertEqual('ipsecpolicy', sot.resource_key)
self.assertEqual('ipsecpolicies', sot.resources_key)
self.assertEqual('/vpn/ipsecpolicies', sot.base_path)
self.assertTrue(sot.allow_create)
self.assertTrue(sot.allow_fetch)
self.assertTrue(sot.allow_commit)
self.assertTrue(sot.allow_delete)
self.assertTrue(sot.allow_list)
def test_make_it(self):
sot = vpn_ipsecpolicy.VpnIpsecPolicy(**EXAMPLE)
self.assertEqual(EXAMPLE['auth_algorithm'], sot.auth_algorithm)
self.assertEqual(EXAMPLE['description'], sot.description)
self.assertEqual(EXAMPLE['encryption_algorithm'],
sot.encryption_algorithm)
self.assertEqual(EXAMPLE['lifetime'], sot.lifetime)
self.assertEqual(EXAMPLE['name'], sot.name)
self.assertEqual(EXAMPLE['pfs'], sot.pfs)
self.assertEqual(EXAMPLE['project_id'], sot.project_id)
self.assertEqual(EXAMPLE['units'], sot.units)
self.assertEqual(EXAMPLE['value'], sot.value)
self.assertDictEqual(
{
"limit": "limit",
"marker": "marker",
},
sot._query_mapping._mapping)