Add VPNaaS commands for OSC plugin
Closes-Bug: 1669252 Change-Id: I447f5c50725fc0d9d8a1574ad5e28772f472fba9
This commit is contained in:
parent
0ce9051b38
commit
dd044bd92e
doc/source/cli/osc/v2
vpn-endpoint-group.rstvpn-ike-policy.rstvpn-ipsec-policy.rstvpn-ipsec-site-connection.rstvpn-service.rst
neutronclient
osc/v2/vpnaas
tests/unit/osc/v2/vpnaas
releasenotes/notes
setup.cfg
11
doc/source/cli/osc/v2/vpn-endpoint-group.rst
Normal file
11
doc/source/cli/osc/v2/vpn-endpoint-group.rst
Normal file
@ -0,0 +1,11 @@
|
||||
==================
|
||||
VPN Endpoint Group
|
||||
==================
|
||||
|
||||
The **Endpoint Group** is used to configure multiple local and remote subnets
|
||||
in vpnservice object.
|
||||
|
||||
Network v2
|
||||
|
||||
.. autoprogram-cliff:: openstack.neutronclient.v2
|
||||
:command: vpn endpoint group *
|
12
doc/source/cli/osc/v2/vpn-ike-policy.rst
Normal file
12
doc/source/cli/osc/v2/vpn-ike-policy.rst
Normal file
@ -0,0 +1,12 @@
|
||||
==============
|
||||
VPN IKE Policy
|
||||
==============
|
||||
|
||||
The **IKE Policy** is used for phases one and two negotiation of the
|
||||
VPN connection. You can specify both the authentication and encryption
|
||||
algorithms for connections.
|
||||
|
||||
Network v2
|
||||
|
||||
.. autoprogram-cliff:: openstack.neutronclient.v2
|
||||
:command: vpn ike policy *
|
11
doc/source/cli/osc/v2/vpn-ipsec-policy.rst
Normal file
11
doc/source/cli/osc/v2/vpn-ipsec-policy.rst
Normal file
@ -0,0 +1,11 @@
|
||||
================
|
||||
VPN IPsec Policy
|
||||
================
|
||||
|
||||
The **IPsec Policy** specifies the authentication and encryption algorithms
|
||||
and encapsulation mode to use for the established VPN connection.
|
||||
|
||||
Network v2
|
||||
|
||||
.. autoprogram-cliff:: openstack.neutronclient.v2
|
||||
:command: vpn ipsec policy *
|
10
doc/source/cli/osc/v2/vpn-ipsec-site-connection.rst
Normal file
10
doc/source/cli/osc/v2/vpn-ipsec-site-connection.rst
Normal file
@ -0,0 +1,10 @@
|
||||
=========================
|
||||
VPN IPsec Site Connection
|
||||
=========================
|
||||
|
||||
Creates a site-to-site **IPsec Site Connection** for a VPN service.
|
||||
|
||||
Network v2
|
||||
|
||||
.. autoprogram-cliff:: openstack.neutronclient.v2
|
||||
:command: vpn ipsec site connection *
|
11
doc/source/cli/osc/v2/vpn-service.rst
Normal file
11
doc/source/cli/osc/v2/vpn-service.rst
Normal file
@ -0,0 +1,11 @@
|
||||
===========
|
||||
VPN Service
|
||||
===========
|
||||
|
||||
The **VPN Service** is associated with a router. After you
|
||||
create the service, it can contain multiple VPN connections.
|
||||
|
||||
Network v2
|
||||
|
||||
.. autoprogram-cliff:: openstack.neutronclient.v2
|
||||
:command: vpn service *
|
216
neutronclient/osc/v2/vpnaas/endpoint_group.py
Normal file
216
neutronclient/osc/v2/vpnaas/endpoint_group.py
Normal file
@ -0,0 +1,216 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from osc_lib.command import command
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils
|
||||
from oslo_log import log as logging
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
_attr_map = (
|
||||
('id', 'ID', osc_utils.LIST_BOTH),
|
||||
('name', 'Name', osc_utils.LIST_BOTH),
|
||||
('type', 'Type', osc_utils.LIST_BOTH),
|
||||
('endpoints', 'Endpoints', osc_utils.LIST_BOTH),
|
||||
('description', 'Description', osc_utils.LIST_LONG_ONLY),
|
||||
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
|
||||
)
|
||||
|
||||
|
||||
def _get_common_parser(parser):
|
||||
parser.add_argument(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
help=_('Description for the endpoint group'))
|
||||
return parser
|
||||
|
||||
|
||||
def _get_common_attrs(client_manager, parsed_args, is_create=True):
|
||||
attrs = {}
|
||||
if is_create:
|
||||
if parsed_args.project is not None:
|
||||
attrs['tenant_id'] = osc_utils.find_project(
|
||||
client_manager.identity,
|
||||
parsed_args.project,
|
||||
parsed_args.project_domain,
|
||||
).id
|
||||
if parsed_args.description:
|
||||
attrs['description'] = parsed_args.description
|
||||
return attrs
|
||||
|
||||
|
||||
class CreateEndpointGroup(command.ShowOne):
|
||||
_description = _("Create an endpoint group")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(CreateEndpointGroup, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'name',
|
||||
metavar='<name>',
|
||||
help=_('Name for the endpoint group'))
|
||||
parser.add_argument(
|
||||
'--type',
|
||||
required=True,
|
||||
help=_('Type of endpoints in group (e.g. subnet, cidr)'))
|
||||
parser.add_argument(
|
||||
'--value',
|
||||
action='append',
|
||||
dest='endpoints',
|
||||
required=True,
|
||||
help=_('Endpoint(s) for the group. Must all be of the same type. '
|
||||
'(--value) option can be repeated'))
|
||||
osc_utils.add_project_owner_option_to_parser(parser)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
attrs['type'] = parsed_args.type
|
||||
if parsed_args.type == 'subnet':
|
||||
_subnet_ids = [client.find_resource(
|
||||
'subnet',
|
||||
endpoint,
|
||||
cmd_resource='subnet')['id']
|
||||
for endpoint in parsed_args.endpoints]
|
||||
attrs['endpoints'] = _subnet_ids
|
||||
else:
|
||||
attrs['endpoints'] = parsed_args.endpoints
|
||||
obj = client.create_endpoint_group(
|
||||
{'endpoint_group': attrs})['endpoint_group']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return display_columns, data
|
||||
|
||||
|
||||
class DeleteEndpointGroup(command.Command):
|
||||
_description = _("Delete endpoint group(s)")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(DeleteEndpointGroup, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'endpoint_group',
|
||||
metavar='<endpoint-group>',
|
||||
nargs='+',
|
||||
help=_('Endpoint group(s) to delete (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
result = 0
|
||||
for endpoint in parsed_args.endpoint_group:
|
||||
try:
|
||||
endpoint_id = client.find_resource(
|
||||
'endpoint_group',
|
||||
endpoint,
|
||||
cmd_resource='endpoint_group')['id']
|
||||
client.delete_endpoint_group(endpoint_id)
|
||||
except Exception as e:
|
||||
result += 1
|
||||
LOG.error(_("Failed to delete endpoint group with "
|
||||
"name or ID '%(endpoint_group)s': %(e)s"),
|
||||
{'endpoint_group': endpoint, 'e': e})
|
||||
|
||||
if result > 0:
|
||||
total = len(parsed_args.endpoint_group)
|
||||
msg = (_("%(result)s of %(total)s endpoint group failed "
|
||||
"to delete.") % {'result': result, 'total': total})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ListEndpointGroup(command.Lister):
|
||||
_description = _("List endpoint groups that belong to a given project")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ListEndpointGroup, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'--long',
|
||||
action='store_true',
|
||||
default=False,
|
||||
help=_("List additional fields in output")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
obj = client.list_endpoint_groups()['endpoint_groups']
|
||||
headers, columns = osc_utils.get_column_definitions(
|
||||
_attr_map, long_listing=parsed_args.long)
|
||||
return (headers, (utils.get_dict_properties(s, columns) for s in obj))
|
||||
|
||||
|
||||
class SetEndpointGroup(command.Command):
|
||||
_description = _("Set endpoint group properties")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(SetEndpointGroup, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--name',
|
||||
metavar='<name>',
|
||||
help=_('Set a name for the endpoint group'))
|
||||
parser.add_argument(
|
||||
'endpoint_group',
|
||||
metavar='<endpoint-group>',
|
||||
help=_('Endpoint group to set (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager,
|
||||
parsed_args, is_create=False)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
endpoint_id = client.find_resource(
|
||||
'endpoint_group', parsed_args.endpoint_group,
|
||||
cmd_resource='endpoint_group')['id']
|
||||
try:
|
||||
client.update_endpoint_group(endpoint_id,
|
||||
{'endpoint_group': attrs})
|
||||
except Exception as e:
|
||||
msg = (_("Failed to set endpoint group "
|
||||
"%(endpoint_group)s: %(e)s")
|
||||
% {'endpoint_group': parsed_args.endpoint_group, 'e': e})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ShowEndpointGroup(command.ShowOne):
|
||||
_description = _("Display endpoint group details")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ShowEndpointGroup, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'endpoint_group',
|
||||
metavar='<endpoint-group>',
|
||||
help=_('Endpoint group to display (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
endpoint_id = client.find_resource(
|
||||
'endpoint_group', parsed_args.endpoint_group,
|
||||
cmd_resource='endpoint_group')['id']
|
||||
obj = client.show_endpoint_group(endpoint_id)['endpoint_group']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return (display_columns, data)
|
243
neutronclient/osc/v2/vpnaas/ikepolicy.py
Normal file
243
neutronclient/osc/v2/vpnaas/ikepolicy.py
Normal file
@ -0,0 +1,243 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from osc_lib.command import command
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils
|
||||
from oslo_log import log as logging
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.common import utils as nc_utils
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import utils as vpn_utils
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
_attr_map = (
|
||||
('id', 'ID', osc_utils.LIST_BOTH),
|
||||
('name', 'Name', osc_utils.LIST_BOTH),
|
||||
('auth_algorithm', 'Authentication Algorithm', osc_utils.LIST_BOTH),
|
||||
('encryption_algorithm', 'Encryption Algorithm', osc_utils.LIST_BOTH),
|
||||
('ike_version', 'IKE Version', osc_utils.LIST_BOTH),
|
||||
('pfs', 'Perfect Forward Secrecy (PFS)', osc_utils.LIST_BOTH),
|
||||
('description', 'Description', osc_utils.LIST_LONG_ONLY),
|
||||
('phase1_negotiation_mode', 'Phase1 Negotiation Mode',
|
||||
osc_utils.LIST_LONG_ONLY),
|
||||
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
|
||||
('lifetime', 'Lifetime', osc_utils.LIST_LONG_ONLY),
|
||||
)
|
||||
|
||||
|
||||
def _convert_to_lowercase(string):
|
||||
return string.lower()
|
||||
|
||||
|
||||
def _get_common_parser(parser):
|
||||
parser.add_argument(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
help=_('Description of the IKE policy'))
|
||||
parser.add_argument(
|
||||
'--auth-algorithm',
|
||||
choices=['sha1', 'sha256', 'sha384', 'sha512'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Authentication algorithm'))
|
||||
parser.add_argument(
|
||||
'--encryption-algorithm',
|
||||
choices=['aes-128', '3des', 'aes-192', 'aes-256'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Encryption algorithm'))
|
||||
parser.add_argument(
|
||||
'--phase1-negotiation-mode',
|
||||
choices=['main'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('IKE Phase1 negotiation mode'))
|
||||
parser.add_argument(
|
||||
'--ike-version',
|
||||
choices=['v1', 'v2'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('IKE version for the policy'))
|
||||
parser.add_argument(
|
||||
'--pfs',
|
||||
choices=['group5', 'group2', 'group14'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Perfect Forward Secrecy'))
|
||||
parser.add_argument(
|
||||
'--lifetime',
|
||||
metavar="units=UNITS,value=VALUE",
|
||||
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
|
||||
help=vpn_utils.lifetime_help("IKE"))
|
||||
return parser
|
||||
|
||||
|
||||
def _get_common_attrs(client_manager, parsed_args, is_create=True):
|
||||
attrs = {}
|
||||
if is_create:
|
||||
if 'project' in parsed_args and parsed_args.project is not None:
|
||||
attrs['tenant_id'] = osc_utils.find_project(
|
||||
client_manager.identity,
|
||||
parsed_args.project,
|
||||
parsed_args.project_domain,
|
||||
).id
|
||||
if parsed_args.description:
|
||||
attrs['description'] = parsed_args.description
|
||||
if parsed_args.auth_algorithm:
|
||||
attrs['auth_algorithm'] = parsed_args.auth_algorithm
|
||||
if parsed_args.encryption_algorithm:
|
||||
attrs['encryption_algorithm'] = parsed_args.encryption_algorithm
|
||||
if parsed_args.phase1_negotiation_mode:
|
||||
attrs['phase1_negotiation_mode'] = parsed_args.phase1_negotiation_mode
|
||||
if parsed_args.ike_version:
|
||||
attrs['ike_version'] = parsed_args.ike_version
|
||||
if parsed_args.pfs:
|
||||
attrs['pfs'] = parsed_args.pfs
|
||||
if parsed_args.lifetime:
|
||||
vpn_utils.validate_lifetime_dict(parsed_args.lifetime)
|
||||
attrs['lifetime'] = parsed_args.lifetime
|
||||
return attrs
|
||||
|
||||
|
||||
class CreateIKEPolicy(command.ShowOne):
|
||||
_description = _("Create an IKE policy")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(CreateIKEPolicy, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'name',
|
||||
metavar='<name>',
|
||||
help=_('Name of the IKE policy'))
|
||||
osc_utils.add_project_owner_option_to_parser(parser)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
obj = client.create_ikepolicy({'ikepolicy': attrs})['ikepolicy']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return display_columns, data
|
||||
|
||||
|
||||
class DeleteIKEPolicy(command.Command):
|
||||
_description = _("Delete IKE policy (policies)")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(DeleteIKEPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ikepolicy',
|
||||
metavar='<ike-policy>',
|
||||
nargs='+',
|
||||
help=_('IKE policy to delete (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
result = 0
|
||||
for ike in parsed_args.ikepolicy:
|
||||
try:
|
||||
ike_id = client.find_resource(
|
||||
'ikepolicy', ike, cmd_resource='ikepolicy')['id']
|
||||
client.delete_ikepolicy(ike_id)
|
||||
except Exception as e:
|
||||
result += 1
|
||||
LOG.error(_("Failed to delete IKE policy with "
|
||||
"name or ID '%(ikepolicy)s': %(e)s"),
|
||||
{'ikepolicy': ike, 'e': e})
|
||||
|
||||
if result > 0:
|
||||
total = len(parsed_args.ikepolicy)
|
||||
msg = (_("%(result)s of %(total)s IKE policy failed "
|
||||
"to delete.") % {'result': result, 'total': total})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ListIKEPolicy(command.Lister):
|
||||
_description = _("List IKE policies that belong to a given project")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ListIKEPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'--long',
|
||||
action='store_true',
|
||||
help=_("List additional fields in output")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
obj = client.list_ikepolicies()['ikepolicies']
|
||||
headers, columns = osc_utils.get_column_definitions(
|
||||
_attr_map, long_listing=parsed_args.long)
|
||||
return (headers, (utils.get_dict_properties(s, columns) for s in obj))
|
||||
|
||||
|
||||
class SetIKEPolicy(command.Command):
|
||||
_description = _("Set IKE policy properties")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(SetIKEPolicy, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--name',
|
||||
metavar='<name>',
|
||||
help=_('Name of the IKE policy'))
|
||||
parser.add_argument(
|
||||
'ikepolicy',
|
||||
metavar='<ike-policy>',
|
||||
help=_('IKE policy to set (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager,
|
||||
parsed_args, is_create=False)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = parsed_args.name
|
||||
ike_id = client.find_resource(
|
||||
'ikepolicy', parsed_args.ikepolicy,
|
||||
cmd_resource='ikepolicy')['id']
|
||||
try:
|
||||
client.update_ikepolicy(ike_id, {'ikepolicy': attrs})
|
||||
except Exception as e:
|
||||
msg = (_("Failed to set IKE policy '%(ike)s': %(e)s")
|
||||
% {'ike': parsed_args.ikepolicy, 'e': e})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ShowIKEPolicy(command.ShowOne):
|
||||
_description = _("Display IKE policy details")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ShowIKEPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ikepolicy',
|
||||
metavar='<ike-policy>',
|
||||
help=_('IKE policy to display (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
ike_id = client.find_resource(
|
||||
'ikepolicy', parsed_args.ikepolicy,
|
||||
cmd_resource='ikepolicy')['id']
|
||||
obj = client.show_ikepolicy(ike_id)['ikepolicy']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return (display_columns, data)
|
372
neutronclient/osc/v2/vpnaas/ipsec_site_connection.py
Normal file
372
neutronclient/osc/v2/vpnaas/ipsec_site_connection.py
Normal file
@ -0,0 +1,372 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from osc_lib.cli import format_columns
|
||||
from osc_lib.command import command
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils
|
||||
from oslo_log import log as logging
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.common import utils as nc_utils
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import utils as vpn_utils
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
_formatters = {
|
||||
'peer_cidrs': format_columns.ListColumn
|
||||
}
|
||||
|
||||
|
||||
_attr_map = (
|
||||
('id', 'ID', osc_utils.LIST_BOTH),
|
||||
('name', 'Name', osc_utils.LIST_BOTH),
|
||||
('peer_address', 'Peer Address', osc_utils.LIST_BOTH),
|
||||
('auth_mode', 'Authentication Algorithm', osc_utils.LIST_BOTH),
|
||||
('status', 'Status', osc_utils.LIST_BOTH),
|
||||
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
|
||||
('peer_cidrs', 'Peer CIDRs', osc_utils.LIST_LONG_ONLY),
|
||||
('vpnservice_id', 'VPN Service', osc_utils.LIST_LONG_ONLY),
|
||||
('ipsecpolicy_id', 'IPSec Policy', osc_utils.LIST_LONG_ONLY),
|
||||
('ikepolicy_id', 'IKE Policy', osc_utils.LIST_LONG_ONLY),
|
||||
('mtu', 'MTU', osc_utils.LIST_LONG_ONLY),
|
||||
('initiator', 'Initiator', osc_utils.LIST_LONG_ONLY),
|
||||
('admin_state_up', 'State', osc_utils.LIST_LONG_ONLY),
|
||||
('description', 'Description', osc_utils.LIST_LONG_ONLY),
|
||||
('psk', 'Pre-shared Key', osc_utils.LIST_LONG_ONLY),
|
||||
('route_mode', 'Route Mode', osc_utils.LIST_LONG_ONLY),
|
||||
('local_id', 'Local ID', osc_utils.LIST_LONG_ONLY),
|
||||
('peer_id', 'Peer ID', osc_utils.LIST_LONG_ONLY),
|
||||
('local_ep_group_id', 'Local Endpoint Group ID', osc_utils.LIST_LONG_ONLY),
|
||||
('peer_ep_group_id', 'Peer Endpoint Group ID', osc_utils.LIST_LONG_ONLY),
|
||||
)
|
||||
|
||||
|
||||
def _convert_to_lowercase(string):
|
||||
return string.lower()
|
||||
|
||||
|
||||
def _get_common_parser(parser, is_create=True):
|
||||
parser.add_argument(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
help=_('Description for the connection'))
|
||||
parser.add_argument(
|
||||
'--dpd',
|
||||
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
|
||||
type=nc_utils.str2dict_type(
|
||||
optional_keys=['action', 'interval', 'timeout']),
|
||||
help=vpn_utils.dpd_help("IPsec connection"))
|
||||
parser.add_argument(
|
||||
'--mtu',
|
||||
help=_('MTU size for the connection'))
|
||||
parser.add_argument(
|
||||
'--initiator',
|
||||
choices=['bi-directional', 'response-only'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Initiator state'))
|
||||
peer_group = parser.add_mutually_exclusive_group()
|
||||
peer_group.add_argument(
|
||||
'--peer-cidr',
|
||||
dest='peer_cidrs',
|
||||
help=_('Remote subnet(s) in CIDR format. '
|
||||
'Cannot be specified when using endpoint groups. Only '
|
||||
'applicable, if subnet provided for VPN service.')
|
||||
)
|
||||
peer_group.add_argument(
|
||||
'--local-endpoint-group',
|
||||
help=_('Local endpoint group (name or ID) with subnet(s) '
|
||||
'for IPsec connection')
|
||||
)
|
||||
parser.add_argument(
|
||||
'--peer-endpoint-group',
|
||||
help=_('Peer endpoint group (name or ID) with CIDR(s) for '
|
||||
'IPSec connection'))
|
||||
admin_group = parser.add_mutually_exclusive_group()
|
||||
admin_group.add_argument(
|
||||
'--enable',
|
||||
action='store_true',
|
||||
help=_("Enable IPSec site connection")
|
||||
)
|
||||
admin_group.add_argument(
|
||||
'--disable',
|
||||
action='store_true',
|
||||
help=_("Disable IPSec site connection")
|
||||
)
|
||||
parser.add_argument(
|
||||
'--local-id',
|
||||
help=_('An ID to be used instead of the external IP '
|
||||
'address for a virtual router'))
|
||||
return parser
|
||||
|
||||
|
||||
def _get_common_attrs(client_manager, parsed_args, is_create=True):
|
||||
attrs = {}
|
||||
if is_create:
|
||||
if 'project' in parsed_args and parsed_args.project is not None:
|
||||
attrs['tenant_id'] = osc_utils.find_project(
|
||||
client_manager.identity,
|
||||
parsed_args.project,
|
||||
parsed_args.project_domain,
|
||||
).id
|
||||
if parsed_args.description:
|
||||
attrs['description'] = str(parsed_args.description)
|
||||
if parsed_args.mtu:
|
||||
attrs['mtu'] = parsed_args.mtu
|
||||
if parsed_args.enable:
|
||||
attrs['admin_state_up'] = True
|
||||
if parsed_args.disable:
|
||||
attrs['admin_state_up'] = False
|
||||
if parsed_args.initiator:
|
||||
attrs['initiator'] = parsed_args.initiator
|
||||
if parsed_args.dpd:
|
||||
vpn_utils.validate_dpd_dict(parsed_args.dpd)
|
||||
attrs['dpd'] = parsed_args.dpd
|
||||
if parsed_args.local_endpoint_group:
|
||||
_local_epg = client_manager.neutronclient.find_resource(
|
||||
'endpoint_group',
|
||||
parsed_args.local_endpoint_group,
|
||||
cmd_resource='endpoint_group')['id']
|
||||
attrs['local_ep_group_id'] = _local_epg
|
||||
if parsed_args.peer_endpoint_group:
|
||||
_peer_epg = client_manager.neutronclient.find_resource(
|
||||
'endpoint_group',
|
||||
parsed_args.peer_endpoint_group,
|
||||
cmd_resource='endpoint_group')['id']
|
||||
attrs['peer_ep_group_id'] = _peer_epg
|
||||
if parsed_args.peer_cidrs:
|
||||
attrs['peer_cidrs'] = parsed_args.peer_cidrs
|
||||
if parsed_args.local_id:
|
||||
attrs['local_id'] = parsed_args.local_id
|
||||
return attrs
|
||||
|
||||
|
||||
class CreateIPsecSiteConnection(command.ShowOne):
|
||||
_description = _("Create an IPsec site connection")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(CreateIPsecSiteConnection, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--peer-id',
|
||||
required=True,
|
||||
help=_('Peer router identity for authentication. Can be '
|
||||
'IPv4/IPv6 address, e-mail address, key id, or FQDN'))
|
||||
parser.add_argument(
|
||||
'--peer-address',
|
||||
required=True,
|
||||
help=_('Peer gateway public IPv4/IPv6 address or FQDN'))
|
||||
parser.add_argument(
|
||||
'--psk',
|
||||
required=True,
|
||||
help=_('Pre-shared key string.'))
|
||||
parser.add_argument(
|
||||
'--vpnservice',
|
||||
metavar='VPNSERVICE',
|
||||
required=True,
|
||||
help=_('VPN service instance associated with this '
|
||||
'connection (name or ID)'))
|
||||
parser.add_argument(
|
||||
'--ikepolicy',
|
||||
metavar='IKEPOLICY',
|
||||
required=True,
|
||||
help=_('IKE policy associated with this connection (name or ID)'))
|
||||
parser.add_argument(
|
||||
'--ipsecpolicy',
|
||||
metavar='IPSECPOLICY',
|
||||
required=True,
|
||||
help=_('IPsec policy associated with this connection '
|
||||
'(name or ID)'))
|
||||
parser.add_argument(
|
||||
'name',
|
||||
metavar='<name>',
|
||||
help=_('Set friendly name for the connection'))
|
||||
osc_utils.add_project_owner_option_to_parser(parser)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
||||
if parsed_args.vpnservice:
|
||||
_vpnservice_id = client.find_resource(
|
||||
'vpnservice',
|
||||
parsed_args.vpnservice,
|
||||
cmd_resource='vpnservice')['id']
|
||||
attrs['vpnservice_id'] = _vpnservice_id
|
||||
if parsed_args.ikepolicy:
|
||||
_ikepolicy_id = client.find_resource(
|
||||
'ikepolicy',
|
||||
parsed_args.ikepolicy,
|
||||
cmd_resource='ikepolicy')['id']
|
||||
attrs['ikepolicy_id'] = _ikepolicy_id
|
||||
if parsed_args.ipsecpolicy:
|
||||
_ipsecpolicy_id = client.find_resource(
|
||||
'ipsecpolicy',
|
||||
parsed_args.ipsecpolicy,
|
||||
cmd_resource='ipsecpolicy')['id']
|
||||
attrs['ipsecpolicy_id'] = _ipsecpolicy_id
|
||||
if parsed_args.peer_id:
|
||||
attrs['peer_id'] = parsed_args.peer_id
|
||||
if parsed_args.peer_address:
|
||||
attrs['peer_address'] = parsed_args.peer_address
|
||||
if parsed_args.psk:
|
||||
attrs['psk'] = parsed_args.psk
|
||||
if parsed_args.name:
|
||||
attrs['name'] = parsed_args.name
|
||||
if (bool(parsed_args.local_endpoint_group) !=
|
||||
bool(parsed_args.peer_endpoint_group)):
|
||||
message = _("You must specify both local and peer endpoint "
|
||||
"groups")
|
||||
raise exceptions.CommandError(message)
|
||||
if not parsed_args.peer_cidrs and not parsed_args.local_endpoint_group:
|
||||
message = _("You must specify endpoint groups or peer CIDR(s)")
|
||||
raise exceptions.CommandError(message)
|
||||
obj = client.create_ipsec_site_connection(
|
||||
{'ipsec_site_connection': attrs})['ipsec_site_connection']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns, formatters=_formatters)
|
||||
return display_columns, data
|
||||
|
||||
|
||||
class DeleteIPsecSiteConnection(command.Command):
|
||||
_description = _("Delete IPsec site connection(s)")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(DeleteIPsecSiteConnection, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ipsec_site_connection',
|
||||
metavar='<ipsec-site-connection>',
|
||||
nargs='+',
|
||||
help=_('IPsec site connection to delete (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
result = 0
|
||||
for ipsec_conn in parsed_args.ipsec_site_connection:
|
||||
try:
|
||||
ipsec_con_id = client.find_resource(
|
||||
'ipsec_site_connection',
|
||||
ipsec_conn,
|
||||
cmd_resource='ipsec_site_connection')['id']
|
||||
client.delete_ipsec_site_connection(ipsec_con_id)
|
||||
except Exception as e:
|
||||
result += 1
|
||||
LOG.error(_("Failed to delete IPsec site connection with "
|
||||
"name or ID '%(ipsec_site_conn)s': %(e)s"),
|
||||
{'ipsec_site_conn': ipsec_conn, 'e': e})
|
||||
|
||||
if result > 0:
|
||||
total = len(parsed_args.ipsec_site_connection)
|
||||
msg = (_("%(result)s of %(total)s IPsec site connection failed "
|
||||
"to delete.") % {'result': result, 'total': total})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ListIPsecSiteConnection(command.Lister):
|
||||
_description = _("List IPsec site connections "
|
||||
"that belong to a given project")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ListIPsecSiteConnection, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'--long',
|
||||
action='store_true',
|
||||
default=False,
|
||||
help=_("List additional fields in output")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
obj = client.list_ipsec_site_connections()['ipsec_site_connections']
|
||||
headers, columns = osc_utils.get_column_definitions(
|
||||
_attr_map, long_listing=parsed_args.long)
|
||||
return (headers, (utils.get_dict_properties(
|
||||
s, columns, formatters=_formatters) for s in obj))
|
||||
|
||||
|
||||
class SetIPsecSiteConnection(command.Command):
|
||||
_description = _("Set IPsec site connection properties")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(SetIPsecSiteConnection, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--peer-id',
|
||||
help=_('Peer router identity for authentication. Can be '
|
||||
'IPv4/IPv6 address, e-mail address, key id, or FQDN'))
|
||||
parser.add_argument(
|
||||
'--peer-address',
|
||||
help=_('Peer gateway public IPv4/IPv6 address or FQDN'))
|
||||
parser.add_argument(
|
||||
'--name',
|
||||
metavar='<name>',
|
||||
help=_('Set friendly name for the connection'))
|
||||
parser.add_argument(
|
||||
'ipsec_site_connection',
|
||||
metavar='<ipsec-site-connection>',
|
||||
help=_('IPsec site connection to set (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager,
|
||||
parsed_args, is_create=False)
|
||||
if parsed_args.peer_id:
|
||||
attrs['peer_id'] = parsed_args.peer_id
|
||||
if parsed_args.peer_address:
|
||||
attrs['peer_address'] = parsed_args.peer_address
|
||||
if parsed_args.name:
|
||||
attrs['name'] = parsed_args.name
|
||||
ipsec_conn_id = client.find_resource(
|
||||
'ipsec_site_connection', parsed_args.ipsec_site_connection,
|
||||
cmd_resource='ipsec_site_connection')['id']
|
||||
try:
|
||||
client.update_ipsec_site_connection(
|
||||
ipsec_conn_id,
|
||||
{'ipsec_site_connection': attrs})
|
||||
except Exception as e:
|
||||
msg = (_("Failed to set IPsec site "
|
||||
"connection '%(ipsec_conn)s': %(e)s")
|
||||
% {'ipsec_conn': parsed_args.ipsec_site_connection, 'e': e})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ShowIPsecSiteConnection(command.ShowOne):
|
||||
_description = _("Show information of a given IPsec site connection")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ShowIPsecSiteConnection, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ipsec_site_connection',
|
||||
metavar='<ipsec-site-connection>',
|
||||
help=_('IPsec site connection to display (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
ipsec_site_id = client.find_resource(
|
||||
'ipsec_site_connection', parsed_args.ipsec_site_connection,
|
||||
cmd_resource='ipsec_site_connection')['id']
|
||||
obj = client.show_ipsec_site_connection(
|
||||
ipsec_site_id)['ipsec_site_connection']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns, formatters=_formatters)
|
||||
return (display_columns, data)
|
242
neutronclient/osc/v2/vpnaas/ipsecpolicy.py
Normal file
242
neutronclient/osc/v2/vpnaas/ipsecpolicy.py
Normal file
@ -0,0 +1,242 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from osc_lib.command import command
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils
|
||||
from oslo_log import log as logging
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.common import utils as nc_utils
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import utils as vpn_utils
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
_attr_map = (
|
||||
('id', 'ID', osc_utils.LIST_BOTH),
|
||||
('name', 'Name', osc_utils.LIST_BOTH),
|
||||
('auth_algorithm', 'Authentication Algorithm', osc_utils.LIST_BOTH),
|
||||
('encapsulation_mode', 'Encapsulation Mode', osc_utils.LIST_BOTH),
|
||||
('transform_protocol', 'Transform Protocol', osc_utils.LIST_BOTH),
|
||||
('encryption_algorithm', 'Encryption Algorithm', osc_utils.LIST_BOTH),
|
||||
('pfs', 'Perfect Forward Secrecy (PFS)', osc_utils.LIST_LONG_ONLY),
|
||||
('description', 'Description', osc_utils.LIST_LONG_ONLY),
|
||||
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
|
||||
('lifetime', 'Lifetime', osc_utils.LIST_LONG_ONLY),
|
||||
)
|
||||
|
||||
|
||||
def _convert_to_lowercase(string):
|
||||
return string.lower()
|
||||
|
||||
|
||||
def _get_common_parser(parser):
|
||||
parser.add_argument(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
help=_('Description of the IPsec policy'))
|
||||
parser.add_argument(
|
||||
'--auth-algorithm',
|
||||
choices=['sha1', 'sha256', 'sha384', 'sha512'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Authentication algorithm for IPsec policy'))
|
||||
parser.add_argument(
|
||||
'--encapsulation-mode',
|
||||
choices=['tunnel', 'transport'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Encapsulation mode for IPsec policy'))
|
||||
parser.add_argument(
|
||||
'--encryption-algorithm',
|
||||
choices=['3des', 'aes-128', 'aes-192', 'aes-256'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Encryption algorithm for IPsec policy'))
|
||||
parser.add_argument(
|
||||
'--lifetime',
|
||||
metavar="units=UNITS,value=VALUE",
|
||||
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
|
||||
help=vpn_utils.lifetime_help("IPsec"))
|
||||
parser.add_argument(
|
||||
'--pfs',
|
||||
choices=['group2', 'group5', 'group14'],
|
||||
type=_convert_to_lowercase,
|
||||
help=_('Perfect Forward Secrecy for IPsec policy'))
|
||||
parser.add_argument(
|
||||
'--transform-protocol',
|
||||
type=_convert_to_lowercase,
|
||||
choices=['esp', 'ah', 'ah-esp'],
|
||||
help=_('Transform protocol for IPsec policy'))
|
||||
|
||||
|
||||
def _get_common_attrs(client_manager, parsed_args, is_create=True):
|
||||
attrs = {}
|
||||
if is_create:
|
||||
if 'project' in parsed_args and parsed_args.project is not None:
|
||||
attrs['tenant_id'] = osc_utils.find_project(
|
||||
client_manager.identity,
|
||||
parsed_args.project,
|
||||
parsed_args.project_domain,
|
||||
).id
|
||||
if parsed_args.description:
|
||||
attrs['description'] = str(parsed_args.description)
|
||||
if parsed_args.auth_algorithm:
|
||||
attrs['auth_algorithm'] = parsed_args.auth_algorithm
|
||||
if parsed_args.encapsulation_mode:
|
||||
attrs['encapsulation_mode'] = parsed_args.encapsulation_mode
|
||||
if parsed_args.transform_protocol:
|
||||
attrs['transform_protocol'] = parsed_args.transform_protocol
|
||||
if parsed_args.encryption_algorithm:
|
||||
attrs['encryption_algorithm'] = parsed_args.encryption_algorithm
|
||||
if parsed_args.pfs:
|
||||
attrs['pfs'] = parsed_args.pfs
|
||||
if parsed_args.lifetime:
|
||||
vpn_utils.validate_lifetime_dict(parsed_args.lifetime)
|
||||
attrs['lifetime'] = parsed_args.lifetime
|
||||
return attrs
|
||||
|
||||
|
||||
class CreateIPsecPolicy(command.ShowOne):
|
||||
_description = _("Create an IPsec policy")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(CreateIPsecPolicy, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'name',
|
||||
metavar='<name>',
|
||||
help=_('Name of the IPsec policy'))
|
||||
osc_utils.add_project_owner_option_to_parser(parser)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
obj = client.create_ipsecpolicy({'ipsecpolicy': attrs})['ipsecpolicy']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return display_columns, data
|
||||
|
||||
|
||||
class DeleteIPsecPolicy(command.Command):
|
||||
_description = _("Delete IPsec policy(policies)")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(DeleteIPsecPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ipsecpolicy',
|
||||
metavar='<ipsec-policy>',
|
||||
nargs='+',
|
||||
help=_('ipsec policy to delete (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
result = 0
|
||||
for ipsec in parsed_args.ipsecpolicy:
|
||||
try:
|
||||
ipsec_id = client.find_resource(
|
||||
'ipsecpolicy', ipsec, cmd_resource='ipsecpolicy')['id']
|
||||
client.delete_ipsecpolicy(ipsec_id)
|
||||
except Exception as e:
|
||||
result += 1
|
||||
LOG.error(_("Failed to delete IPsec policy with "
|
||||
"name or ID '%(ipsecpolicy)s': %(e)s"),
|
||||
{'ipsecpolicy': ipsec, 'e': e})
|
||||
|
||||
if result > 0:
|
||||
total = len(parsed_args.ipsecpolicy)
|
||||
msg = (_("%(result)s of %(total)s IPsec policy failed "
|
||||
"to delete.") % {'result': result, 'total': total})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ListIPsecPolicy(command.Lister):
|
||||
_description = _("List IPsec policies that belong to a given project")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ListIPsecPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'--long',
|
||||
action='store_true',
|
||||
default=False,
|
||||
help=_("List additional fields in output")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
obj = client.list_ipsecpolicies()['ipsecpolicies']
|
||||
headers, columns = osc_utils.get_column_definitions(
|
||||
_attr_map, long_listing=parsed_args.long)
|
||||
return (headers, (utils.get_dict_properties(s, columns) for s in obj))
|
||||
|
||||
|
||||
class SetIPsecPolicy(command.Command):
|
||||
_description = _("Set IPsec policy properties")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(SetIPsecPolicy, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--name',
|
||||
metavar='<name>',
|
||||
help=_('Name of the IPsec policy'))
|
||||
parser.add_argument(
|
||||
'ipsecpolicy',
|
||||
metavar='<ipsec-policy>',
|
||||
help=_('IPsec policy to set (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager,
|
||||
parsed_args, is_create=False)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
ipsec_id = client.find_resource(
|
||||
'ipsecpolicy', parsed_args.ipsecpolicy,
|
||||
cmd_resource='ipsecpolicy')['id']
|
||||
try:
|
||||
client.update_ipsecpolicy(ipsec_id, {'ipsecpolicy': attrs})
|
||||
except Exception as e:
|
||||
msg = (_("Failed to set IPsec policy '%(ipsec)s': %(e)s")
|
||||
% {'ipsec': parsed_args.ipsecpolicy, 'e': e})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ShowIPsecPolicy(command.ShowOne):
|
||||
_description = _("Display IPsec policy details")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ShowIPsecPolicy, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'ipsecpolicy',
|
||||
metavar='<ipsec-policy>',
|
||||
help=_('IPsec policy to display (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
ipsec_id = client.find_resource(
|
||||
'ipsecpolicy', parsed_args.ipsecpolicy,
|
||||
cmd_resource='ipsecpolicy')['id']
|
||||
obj = client.show_ipsecpolicy(ipsec_id)['ipsecpolicy']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return (display_columns, data)
|
112
neutronclient/osc/v2/vpnaas/utils.py
Normal file
112
neutronclient/osc/v2/vpnaas/utils.py
Normal file
@ -0,0 +1,112 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
|
||||
"""VPN Utilities and helper functions."""
|
||||
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.common import exceptions
|
||||
|
||||
DPD_SUPPORTED_ACTIONS = ['hold', 'clear', 'restart',
|
||||
'restart-by-peer', 'disabled']
|
||||
DPD_SUPPORTED_KEYS = ['action', 'interval', 'timeout']
|
||||
|
||||
lifetime_keys = ['units', 'value']
|
||||
lifetime_units = ['seconds']
|
||||
|
||||
|
||||
def validate_dpd_dict(dpd_dict):
|
||||
for key, value in dpd_dict.items():
|
||||
if key not in DPD_SUPPORTED_KEYS:
|
||||
message = _(
|
||||
"DPD Dictionary KeyError: "
|
||||
"Reason-Invalid DPD key : "
|
||||
"'%(key)s' not in %(supported_key)s") % {
|
||||
'key': key, 'supported_key': DPD_SUPPORTED_KEYS}
|
||||
raise exceptions.CommandError(message)
|
||||
if key == 'action' and value not in DPD_SUPPORTED_ACTIONS:
|
||||
message = _(
|
||||
"DPD Dictionary ValueError: "
|
||||
"Reason-Invalid DPD action : "
|
||||
"'%(key_value)s' not in %(supported_action)s") % {
|
||||
'key_value': value,
|
||||
'supported_action': DPD_SUPPORTED_ACTIONS}
|
||||
raise exceptions.CommandError(message)
|
||||
if key in ('interval', 'timeout'):
|
||||
try:
|
||||
if int(value) <= 0:
|
||||
raise ValueError()
|
||||
except ValueError:
|
||||
message = _(
|
||||
"DPD Dictionary ValueError: "
|
||||
"Reason-Invalid positive integer value: "
|
||||
"'%(key)s' = %(value)s") % {
|
||||
'key': key, 'value': value}
|
||||
raise exceptions.CommandError(message)
|
||||
else:
|
||||
dpd_dict[key] = int(value)
|
||||
return
|
||||
|
||||
|
||||
def validate_lifetime_dict(lifetime_dict):
|
||||
|
||||
for key, value in lifetime_dict.items():
|
||||
if key not in lifetime_keys:
|
||||
message = _(
|
||||
"Lifetime Dictionary KeyError: "
|
||||
"Reason-Invalid unit key : "
|
||||
"'%(key)s' not in %(supported_key)s") % {
|
||||
'key': key, 'supported_key': lifetime_keys}
|
||||
raise exceptions.CommandError(message)
|
||||
if key == 'units' and value not in lifetime_units:
|
||||
message = _(
|
||||
"Lifetime Dictionary ValueError: "
|
||||
"Reason-Invalid units : "
|
||||
"'%(key_value)s' not in %(supported_units)s") % {
|
||||
'key_value': key, 'supported_units': lifetime_units}
|
||||
raise exceptions.CommandError(message)
|
||||
if key == 'value':
|
||||
try:
|
||||
if int(value) < 60:
|
||||
raise ValueError()
|
||||
except ValueError:
|
||||
message = _(
|
||||
"Lifetime Dictionary ValueError: "
|
||||
"Reason-Invalid value should be at least 60:"
|
||||
"'%(key_value)s' = %(value)s") % {
|
||||
'key_value': key, 'value': value}
|
||||
raise exceptions.CommandError(message)
|
||||
else:
|
||||
lifetime_dict['value'] = int(value)
|
||||
return
|
||||
|
||||
|
||||
def lifetime_help(policy):
|
||||
lifetime = _("%s lifetime attributes. "
|
||||
"'units'-seconds, default:seconds. "
|
||||
"'value'-non negative integer, default:3600.") % policy
|
||||
return lifetime
|
||||
|
||||
|
||||
def dpd_help(policy):
|
||||
dpd = _(" %s Dead Peer Detection attributes."
|
||||
" 'action'-hold,clear,disabled,restart,restart-by-peer."
|
||||
" 'interval' and 'timeout' are non negative integers. "
|
||||
" 'interval' should be less than 'timeout' value. "
|
||||
" 'action', default:hold 'interval', default:30, "
|
||||
" 'timeout', default:120.") % policy.capitalize()
|
||||
return dpd
|
235
neutronclient/osc/v2/vpnaas/vpnservice.py
Normal file
235
neutronclient/osc/v2/vpnaas/vpnservice.py
Normal file
@ -0,0 +1,235 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from osc_lib.command import command
|
||||
from osc_lib import exceptions
|
||||
from osc_lib import utils
|
||||
from oslo_log import log as logging
|
||||
|
||||
from neutronclient._i18n import _
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
_attr_map = (
|
||||
('id', 'ID', osc_utils.LIST_BOTH),
|
||||
('name', 'Name', osc_utils.LIST_BOTH),
|
||||
('router_id', 'Router', osc_utils.LIST_BOTH),
|
||||
('subnet_id', 'Subnet', osc_utils.LIST_BOTH),
|
||||
('flavor_id', 'Flavor', osc_utils.LIST_BOTH),
|
||||
('admin_state_up', 'State', osc_utils.LIST_BOTH),
|
||||
('status', 'Status', osc_utils.LIST_BOTH),
|
||||
('description', 'Description', osc_utils.LIST_LONG_ONLY),
|
||||
('tenant_id', 'Project', osc_utils.LIST_LONG_ONLY),
|
||||
)
|
||||
|
||||
|
||||
def _get_common_parser(parser):
|
||||
parser.add_argument(
|
||||
'--description',
|
||||
metavar='<description>',
|
||||
help=_('Description for the VPN service'))
|
||||
parser.add_argument(
|
||||
'--subnet',
|
||||
metavar='<subnet>',
|
||||
help=_('Local private subnet (name or ID)'))
|
||||
parser.add_argument(
|
||||
'--flavor',
|
||||
metavar='<flavor>',
|
||||
help=_('Flavor for the VPN service (name or ID)'))
|
||||
admin_group = parser.add_mutually_exclusive_group()
|
||||
admin_group.add_argument(
|
||||
'--enable',
|
||||
action='store_true',
|
||||
help=_("Enable VPN service")
|
||||
)
|
||||
admin_group.add_argument(
|
||||
'--disable',
|
||||
action='store_true',
|
||||
help=_("Disable VPN service")
|
||||
)
|
||||
return parser
|
||||
|
||||
|
||||
def _get_common_attrs(client_manager, parsed_args, is_create=True):
|
||||
attrs = {}
|
||||
if is_create:
|
||||
if 'project' in parsed_args and parsed_args.project is not None:
|
||||
attrs['tenant_id'] = osc_utils.find_project(
|
||||
client_manager.identity,
|
||||
parsed_args.project,
|
||||
parsed_args.project_domain,
|
||||
).id
|
||||
if parsed_args.description:
|
||||
attrs['description'] = str(parsed_args.description)
|
||||
if parsed_args.subnet:
|
||||
_subnet_id = client_manager.network.find_subnet(
|
||||
parsed_args.subnet).id
|
||||
attrs['subnet_id'] = _subnet_id
|
||||
if parsed_args.flavor:
|
||||
_flavor_id = client_manager.network.find_flavor(
|
||||
parsed_args.flavor,
|
||||
ignore_missing=False
|
||||
).id
|
||||
attrs['flavor_id'] = _flavor_id
|
||||
if parsed_args.enable:
|
||||
attrs['admin_state_up'] = True
|
||||
if parsed_args.disable:
|
||||
attrs['admin_state_up'] = False
|
||||
return attrs
|
||||
|
||||
|
||||
class CreateVPNService(command.ShowOne):
|
||||
_description = _("Create an VPN service")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(CreateVPNService, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'name',
|
||||
metavar='<name>',
|
||||
help=_('Name for the VPN service'))
|
||||
parser.add_argument(
|
||||
'--router',
|
||||
metavar='ROUTER',
|
||||
required=True,
|
||||
help=_('Router for the VPN service (name or ID)'))
|
||||
osc_utils.add_project_owner_option_to_parser(parser)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager, parsed_args)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
if parsed_args.router:
|
||||
_router_id = self.app.client_manager.network.find_router(
|
||||
parsed_args.router).id
|
||||
attrs['router_id'] = _router_id
|
||||
obj = client.create_vpnservice({'vpnservice': attrs})['vpnservice']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return display_columns, data
|
||||
|
||||
|
||||
class DeleteVPNService(command.Command):
|
||||
_description = _("Delete VPN service(s)")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(DeleteVPNService, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'vpnservice',
|
||||
metavar='<vpn-service>',
|
||||
nargs='+',
|
||||
help=_('VPN service to delete (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
result = 0
|
||||
for vpn in parsed_args.vpnservice:
|
||||
try:
|
||||
vpn_id = client.find_resource(
|
||||
'vpnservice', vpn, cmd_resource='vpnservice')['id']
|
||||
client.delete_vpnservice(vpn_id)
|
||||
except Exception as e:
|
||||
result += 1
|
||||
LOG.error(_("Failed to delete VPN service with "
|
||||
"name or ID '%(vpnservice)s': %(e)s"),
|
||||
{'vpnservice': vpn, 'e': e})
|
||||
|
||||
if result > 0:
|
||||
total = len(parsed_args.vpnservice)
|
||||
msg = (_("%(result)s of %(total)s vpn service failed "
|
||||
"to delete.") % {'result': result, 'total': total})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ListVPNService(command.Lister):
|
||||
_description = _("List VPN services that belong to a given project")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ListVPNService, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'--long',
|
||||
action='store_true',
|
||||
default=False,
|
||||
help=_("List additional fields in output")
|
||||
)
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
obj = client.list_vpnservices()['vpnservices']
|
||||
headers, columns = osc_utils.get_column_definitions(
|
||||
_attr_map, long_listing=parsed_args.long)
|
||||
return (headers, (utils.get_dict_properties(s, columns) for s in obj))
|
||||
|
||||
|
||||
class SetVPNSercice(command.Command):
|
||||
_description = _("Set VPN service properties")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(SetVPNSercice, self).get_parser(prog_name)
|
||||
_get_common_parser(parser)
|
||||
parser.add_argument(
|
||||
'--name',
|
||||
metavar='<name>',
|
||||
help=_('Name for the VPN service'))
|
||||
parser.add_argument(
|
||||
'vpnservice',
|
||||
metavar='<vpn-service>',
|
||||
help=_('VPN service to modify (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
attrs = _get_common_attrs(self.app.client_manager,
|
||||
parsed_args, is_create=False)
|
||||
if parsed_args.name:
|
||||
attrs['name'] = str(parsed_args.name)
|
||||
vpn_id = client.find_resource(
|
||||
'vpnservice', parsed_args.vpnservice,
|
||||
cmd_resource='vpnservice')['id']
|
||||
try:
|
||||
client.update_vpnservice(vpn_id, {'vpnservice': attrs})
|
||||
except Exception as e:
|
||||
msg = (_("Failed to set vpn service '%(vpn)s': %(e)s")
|
||||
% {'vpn': parsed_args.vpnservice, 'e': e})
|
||||
raise exceptions.CommandError(msg)
|
||||
|
||||
|
||||
class ShowVPNService(command.ShowOne):
|
||||
_description = _("Display VPN service details")
|
||||
|
||||
def get_parser(self, prog_name):
|
||||
parser = super(ShowVPNService, self).get_parser(prog_name)
|
||||
parser.add_argument(
|
||||
'vpnservice',
|
||||
metavar='<vpn-service>',
|
||||
help=_('VPN service to display (name or ID)'))
|
||||
return parser
|
||||
|
||||
def take_action(self, parsed_args):
|
||||
client = self.app.client_manager.neutronclient
|
||||
vpn_id = client.find_resource(
|
||||
'vpnservice', parsed_args.vpnservice,
|
||||
cmd_resource='vpnservice')['id']
|
||||
obj = client.show_vpnservice(vpn_id)['vpnservice']
|
||||
columns, display_columns = osc_utils.get_columns(obj, _attr_map)
|
||||
data = utils.get_dict_properties(obj, columns)
|
||||
return (display_columns, data)
|
157
neutronclient/tests/unit/osc/v2/vpnaas/common.py
Normal file
157
neutronclient/tests/unit/osc/v2/vpnaas/common.py
Normal file
@ -0,0 +1,157 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import testtools
|
||||
|
||||
from osc_lib import exceptions
|
||||
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
|
||||
|
||||
class TestCreateVPNaaS(test_fakes.TestNeutronClientOSCV2):
|
||||
pass
|
||||
|
||||
|
||||
class TestDeleteVPNaaS(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def test_delete_with_one_resource(self):
|
||||
target = self.resource['id']
|
||||
arglist = [target]
|
||||
verifylist = [(self.res, [target])]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(target)
|
||||
self.assertIsNone(result)
|
||||
|
||||
def test_delete_with_multiple_resources(self):
|
||||
|
||||
def _mock_vpnaas(*args, **kwargs):
|
||||
self.assertEqual(self.res, args[0])
|
||||
self.assertIsNotNone(args[1])
|
||||
self.assertEqual({'cmd_resource': self.res}, kwargs)
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = _mock_vpnaas
|
||||
|
||||
target1 = 'target1'
|
||||
target2 = 'target2'
|
||||
arglist = [target1, target2]
|
||||
verifylist = [(self.res, [target1, target2])]
|
||||
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
self.assertIsNone(result)
|
||||
|
||||
self.assertEqual(2, self.mocked.call_count)
|
||||
for idx, reference in enumerate([target1, target2]):
|
||||
actual = ''.join(self.mocked.call_args_list[idx][0])
|
||||
self.assertEqual(reference, actual)
|
||||
|
||||
def test_delete_multiple_with_exception(self):
|
||||
target1 = 'target'
|
||||
arglist = [target1]
|
||||
verifylist = [(self.res, [target1])]
|
||||
|
||||
self.neutronclient.find_resource.side_effect = [
|
||||
target1, exceptions.CommandError
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
resource_name = self.res.replace('_', ' ')
|
||||
msg = "1 of 2 %s(s) failed to delete." % resource_name
|
||||
with testtools.ExpectedException(exceptions.CommandError) as e:
|
||||
self.cmd.take_action(parsed_args)
|
||||
self.assertEqual(msg, str(e))
|
||||
|
||||
|
||||
class TestListVPNaaS(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.list_headers), headers)
|
||||
self.assertEqual([self.list_data], list(data))
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertEqual([self.data], list(data))
|
||||
|
||||
|
||||
class TestSetVPNaaS(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def test_set_name(self):
|
||||
target = self.resource['id']
|
||||
update = 'change'
|
||||
arglist = [target, '--name', update]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('name', update),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'name': update}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
def test_set_description(self):
|
||||
target = self.resource['id']
|
||||
update = 'change-desc'
|
||||
arglist = [target, '--description', update]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('description', update),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'description': update}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
||||
class TestShowVPNaaS(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def test_show_filtered_by_id_or_name(self):
|
||||
target = self.resource['id']
|
||||
|
||||
def _mock_vpnaas(*args, **kwargs):
|
||||
if self.neutronclient.find_resource.call_count == 1:
|
||||
self.assertEqual(self.res, args[0])
|
||||
self.assertEqual(self.resource['id'], args[1])
|
||||
self.assertEqual({'cmd_resource': self.res}, kwargs)
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = _mock_vpnaas
|
||||
|
||||
arglist = [target]
|
||||
verifylist = [(self.res, target)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(target)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertItemEqual(self.ordered_data, data)
|
178
neutronclient/tests/unit/osc/v2/vpnaas/fakes.py
Normal file
178
neutronclient/tests/unit/osc/v2/vpnaas/fakes.py
Normal file
@ -0,0 +1,178 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import collections
|
||||
import copy
|
||||
import uuid
|
||||
|
||||
import mock
|
||||
|
||||
|
||||
class FakeVPNaaS(object):
|
||||
|
||||
def create(self, attrs={}):
|
||||
"""Create a fake vpnaas resources
|
||||
|
||||
:param Dictionary attrs:
|
||||
A dictionary with all attributes
|
||||
:return:
|
||||
A OrderedDict faking the vpnaas resource
|
||||
"""
|
||||
self.ordered.update(attrs)
|
||||
return copy.deepcopy(self.ordered)
|
||||
|
||||
def bulk_create(self, attrs=None, count=2):
|
||||
"""Create multiple fake vpnaas resources
|
||||
|
||||
:param Dictionary attrs:
|
||||
A dictionary with all attributes
|
||||
:param int count:
|
||||
The number of vpnaas resources to fake
|
||||
:return:
|
||||
A list of dictionaries faking the vpnaas resources
|
||||
"""
|
||||
return [self.create(attrs=attrs) for i in range(0, count)]
|
||||
|
||||
def get(self, attrs=None, count=2):
|
||||
"""Get multiple fake vpnaas resources
|
||||
|
||||
:param Dictionary attrs:
|
||||
A dictionary with all attributes
|
||||
:param int count:
|
||||
The number of vpnaas resources to fake
|
||||
:return:
|
||||
A list of dictionaries faking the vpnaas resource
|
||||
"""
|
||||
if attrs is None:
|
||||
self.attrs = self.bulk_create(count=count)
|
||||
return mock.Mock(side_effect=attrs)
|
||||
|
||||
|
||||
class IKEPolicy(FakeVPNaaS):
|
||||
"""Fake one or more IKE policies"""
|
||||
|
||||
def __init__(self):
|
||||
super(IKEPolicy, self).__init__()
|
||||
self.ordered = collections.OrderedDict((
|
||||
('id', 'ikepolicy-id-' + uuid.uuid4().hex),
|
||||
('name', 'my-ikepolicy-' + uuid.uuid4().hex),
|
||||
('auth_algorithm', 'sha1'),
|
||||
('encryption_algorithm', 'aes-128'),
|
||||
('ike_version', 'v1'),
|
||||
('pfs', 'group5'),
|
||||
('description', 'my-desc-' + uuid.uuid4().hex),
|
||||
('phase1_negotiation_mode', 'main'),
|
||||
('tenant_id', 'tenant-id-' + uuid.uuid4().hex),
|
||||
('lifetime', {'units': 'seconds', 'value': 3600}),
|
||||
))
|
||||
|
||||
|
||||
class IPSecPolicy(FakeVPNaaS):
|
||||
"""Fake one or more IPsec policies"""
|
||||
|
||||
def __init__(self):
|
||||
super(IPSecPolicy, self).__init__()
|
||||
self.ordered = collections.OrderedDict((
|
||||
('id', 'ikepolicy-id-' + uuid.uuid4().hex),
|
||||
('name', 'my-ikepolicy-' + uuid.uuid4().hex),
|
||||
('auth_algorithm', 'sha1'),
|
||||
('encapsulation_mode', 'tunnel'),
|
||||
('transform_protocol', 'esp'),
|
||||
('encryption_algorithm', 'aes-128'),
|
||||
('pfs', 'group5'),
|
||||
('description', 'my-desc-' + uuid.uuid4().hex),
|
||||
('tenant_id', 'tenant-id-' + uuid.uuid4().hex),
|
||||
('lifetime', {'units': 'seconds', 'value': 3600}),
|
||||
))
|
||||
|
||||
|
||||
class VPNService(FakeVPNaaS):
|
||||
"""Fake one or more VPN services"""
|
||||
|
||||
def __init__(self):
|
||||
super(VPNService, self).__init__()
|
||||
self.ordered = collections.OrderedDict((
|
||||
('id', 'vpnservice-id-' + uuid.uuid4().hex),
|
||||
('name', 'my-vpnservice-' + uuid.uuid4().hex),
|
||||
('router_id', 'router-id-' + uuid.uuid4().hex),
|
||||
('subnet_id', 'subnet-id-' + uuid.uuid4().hex),
|
||||
('flavor_id', 'flavor-id-' + uuid.uuid4().hex),
|
||||
('admin_state_up', True),
|
||||
('status', 'ACTIVE'),
|
||||
('description', 'my-desc-' + uuid.uuid4().hex),
|
||||
('tenant_id', 'tenant-id-' + uuid.uuid4().hex),
|
||||
))
|
||||
|
||||
|
||||
class EndpointGroup(FakeVPNaaS):
|
||||
"""Fake one or more Endpoint Groups"""
|
||||
|
||||
def __init__(self):
|
||||
super(EndpointGroup, self).__init__()
|
||||
self.ordered = collections.OrderedDict((
|
||||
('id', 'ep-group-id-' + uuid.uuid4().hex),
|
||||
('name', 'my-ep-group-' + uuid.uuid4().hex),
|
||||
('type', 'cidr'),
|
||||
('endpoints', ['10.0.0.0/24', '20.0.0.0/24']),
|
||||
('description', 'my-desc-' + uuid.uuid4().hex),
|
||||
('tenant_id', 'tenant-id-' + uuid.uuid4().hex),
|
||||
))
|
||||
|
||||
|
||||
class IPsecSiteConnection(object):
|
||||
"""Fake one or more IPsec site connections"""
|
||||
@staticmethod
|
||||
def create_conn(attrs=None):
|
||||
"""Create a fake IPsec conn.
|
||||
|
||||
:param Dictionary attrs:
|
||||
A dictionary with all attributes
|
||||
:return:
|
||||
A Dictionary with id, name, peer_address, auth_mode, status,
|
||||
tenant_id, peer_cidrs, vpnservice_id, ipsecpolicy_id,
|
||||
ikepolicy_id, mtu, initiator, admin_state_up, description,
|
||||
psk, route_mode, local_id, peer_id, local_ep_group_id,
|
||||
peer_ep_group_id
|
||||
"""
|
||||
attrs = attrs or {}
|
||||
|
||||
# Set default attributes.
|
||||
conn_attrs = {
|
||||
'id': 'ipsec-site-conn-id-' + uuid.uuid4().hex,
|
||||
'name': 'my-ipsec-site-conn-' + uuid.uuid4().hex,
|
||||
'peer_address': '192.168.2.10',
|
||||
'auth_mode': '',
|
||||
'status': '',
|
||||
'tenant_id': 'tenant-id-' + uuid.uuid4().hex,
|
||||
'peer_cidrs': [],
|
||||
'vpnservice_id': 'vpnservice-id-' + uuid.uuid4().hex,
|
||||
'ipsecpolicy_id': 'ipsecpolicy-id-' + uuid.uuid4().hex,
|
||||
'ikepolicy_id': 'ikepolicy-id-' + uuid.uuid4().hex,
|
||||
'mtu': 1500,
|
||||
'initiator': 'bi-directional',
|
||||
'admin_state_up': True,
|
||||
'description': 'my-vpn-connection',
|
||||
'psk': 'abcd',
|
||||
'route_mode': '',
|
||||
'local_id': '',
|
||||
'peer_id': '192.168.2.10',
|
||||
'local_ep_group_id': 'local-ep-group-id-' + uuid.uuid4().hex,
|
||||
'peer_ep_group_id': 'peer-ep-group-id-' + uuid.uuid4().hex,
|
||||
}
|
||||
|
||||
# Overwrite default attributes.
|
||||
conn_attrs.update(attrs)
|
||||
return copy.deepcopy(conn_attrs)
|
257
neutronclient/tests/unit/osc/v2/vpnaas/test_endpoint_group.py
Normal file
257
neutronclient/tests/unit/osc/v2/vpnaas/test_endpoint_group.py
Normal file
@ -0,0 +1,257 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import copy
|
||||
|
||||
import mock
|
||||
from osc_lib.tests import utils as tests_utils
|
||||
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import endpoint_group
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import common
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import fakes
|
||||
|
||||
|
||||
_endpoint_group = fakes.EndpointGroup().create()
|
||||
CONVERT_MAP = {
|
||||
'project': 'tenant_id',
|
||||
}
|
||||
|
||||
|
||||
def _generate_data(ordered_dict=None, data=None):
|
||||
source = ordered_dict if ordered_dict else _endpoint_group
|
||||
if data:
|
||||
source.update(data)
|
||||
return tuple(source[key] for key in source)
|
||||
|
||||
|
||||
def _generate_req_and_res(verifylist):
|
||||
request = dict(verifylist)
|
||||
response = copy.deepcopy(_endpoint_group)
|
||||
for key, val in verifylist:
|
||||
converted = CONVERT_MAP.get(key, key)
|
||||
del request[key]
|
||||
new_value = val
|
||||
request[converted] = new_value
|
||||
response[converted] = new_value
|
||||
return request, response
|
||||
|
||||
|
||||
class TestEndpointGroup(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def check_results(self, headers, data, exp_req, is_list=False):
|
||||
if is_list:
|
||||
req_body = {self.res_plural: [exp_req]}
|
||||
else:
|
||||
req_body = {self.res: exp_req}
|
||||
self.mocked.assert_called_once_with(req_body)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertEqual(self.ordered_data, data)
|
||||
|
||||
def setUp(self):
|
||||
super(TestEndpointGroup, self).setUp()
|
||||
|
||||
def _mock_endpoint_group(*args, **kwargs):
|
||||
self.neutronclient.find_resource.assert_called_once_with(
|
||||
self.res, self.resource['id'], cmd_resource='endpoint_group')
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = mock.Mock(
|
||||
side_effect=_mock_endpoint_group)
|
||||
osc_utils.find_project = mock.Mock()
|
||||
osc_utils.find_project.id = _endpoint_group['tenant_id']
|
||||
self.res = 'endpoint_group'
|
||||
self.res_plural = 'endpoint_groups'
|
||||
self.resource = _endpoint_group
|
||||
self.headers = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Type',
|
||||
'Endpoints',
|
||||
'Description',
|
||||
'Project',
|
||||
)
|
||||
self.data = _generate_data()
|
||||
self.ordered_headers = (
|
||||
'Description',
|
||||
'Endpoints',
|
||||
'ID',
|
||||
'Name',
|
||||
'Project',
|
||||
'Type',
|
||||
)
|
||||
self.ordered_data = (
|
||||
_endpoint_group['description'],
|
||||
_endpoint_group['endpoints'],
|
||||
_endpoint_group['id'],
|
||||
_endpoint_group['name'],
|
||||
_endpoint_group['tenant_id'],
|
||||
_endpoint_group['type'],
|
||||
)
|
||||
self.ordered_columns = (
|
||||
'description',
|
||||
'endpoints',
|
||||
'id',
|
||||
'name',
|
||||
'tenant_id',
|
||||
'type',
|
||||
)
|
||||
|
||||
|
||||
class TestCreateEndpointGroup(TestEndpointGroup, common.TestCreateVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestCreateEndpointGroup, self).setUp()
|
||||
self.neutronclient.create_endpoint_group = mock.Mock(
|
||||
return_value={self.res: _endpoint_group})
|
||||
self.mocked = self.neutronclient.create_endpoint_group
|
||||
self.cmd = endpoint_group.CreateEndpointGroup(self.app, self.namespace)
|
||||
|
||||
def _update_expect_response(self, request, response):
|
||||
"""Set expected request and response
|
||||
|
||||
:param request
|
||||
A dictionary of request body(dict of verifylist)
|
||||
:param response
|
||||
A OrderedDict of request body
|
||||
"""
|
||||
# Update response body
|
||||
self.neutronclient.create_endpoint_group.return_value = \
|
||||
{self.res: dict(response)}
|
||||
osc_utils.find_project.return_value.id = response['tenant_id']
|
||||
# Update response(finally returns 'data')
|
||||
self.data = _generate_data(ordered_dict=response)
|
||||
self.ordered_data = tuple(
|
||||
response[column] for column in self.ordered_columns
|
||||
)
|
||||
|
||||
def _set_all_params_cidr(self, args={}):
|
||||
name = args.get('name') or 'my-name'
|
||||
description = args.get('description') or 'my-desc'
|
||||
endpoint_type = args.get('type') or 'cidr'
|
||||
endpoints = args.get('endpoints') or ['10.0.0.0/24', '20.0.0.0/24']
|
||||
tenant_id = args.get('tenant_id') or 'my-tenant'
|
||||
arglist = [
|
||||
'--description', description,
|
||||
'--type', endpoint_type,
|
||||
'--value', '10.0.0.0/24',
|
||||
'--value', '20.0.0.0/24',
|
||||
'--project', tenant_id,
|
||||
name,
|
||||
]
|
||||
verifylist = [
|
||||
('description', description),
|
||||
('type', endpoint_type),
|
||||
('endpoints', endpoints),
|
||||
('project', tenant_id),
|
||||
('name', name),
|
||||
]
|
||||
return arglist, verifylist
|
||||
|
||||
def _test_create_with_all_params_cidr(self, args={}):
|
||||
arglist, verifylist = self._set_all_params_cidr(args)
|
||||
request, response = _generate_req_and_res(verifylist)
|
||||
self._update_expect_response(request, response)
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.check_results(headers, data, request)
|
||||
|
||||
def test_create_with_no_options(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
|
||||
self.assertRaises(tests_utils.ParserException, self.check_parser,
|
||||
self.cmd, arglist, verifylist)
|
||||
|
||||
def test_create_with_all_params_cidr(self):
|
||||
self._test_create_with_all_params_cidr()
|
||||
|
||||
|
||||
class TestDeleteEndpointGroup(TestEndpointGroup, common.TestDeleteVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestDeleteEndpointGroup, self).setUp()
|
||||
self.neutronclient.delete_endpoint_group = mock.Mock(
|
||||
return_value={self.res: _endpoint_group})
|
||||
self.mocked = self.neutronclient.delete_endpoint_group
|
||||
self.cmd = endpoint_group.DeleteEndpointGroup(self.app, self.namespace)
|
||||
|
||||
|
||||
class TestListEndpointGroup(TestEndpointGroup):
|
||||
|
||||
def setUp(self):
|
||||
super(TestListEndpointGroup, self).setUp()
|
||||
self.cmd = endpoint_group.ListEndpointGroup(self.app, self.namespace)
|
||||
|
||||
self.short_header = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Type',
|
||||
'Endpoints',
|
||||
)
|
||||
|
||||
self.short_data = (
|
||||
_endpoint_group['id'],
|
||||
_endpoint_group['name'],
|
||||
_endpoint_group['type'],
|
||||
_endpoint_group['endpoints'],
|
||||
)
|
||||
|
||||
self.neutronclient.list_endpoint_groups = mock.Mock(
|
||||
return_value={self.res_plural: [_endpoint_group]})
|
||||
self.mocked = self.neutronclient.list_endpoint_groups
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertEqual([self.data], list(data))
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.short_header), headers)
|
||||
self.assertEqual([self.short_data], list(data))
|
||||
|
||||
|
||||
class TestSetEndpointGroup(TestEndpointGroup, common.TestSetVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestSetEndpointGroup, self).setUp()
|
||||
self.neutronclient.update_endpoint_group = mock.Mock(
|
||||
return_value={self.res: _endpoint_group})
|
||||
self.mocked = self.neutronclient.update_endpoint_group
|
||||
self.cmd = endpoint_group.SetEndpointGroup(self.app, self.namespace)
|
||||
|
||||
|
||||
class TestShowEndpointGroup(TestEndpointGroup, common.TestShowVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestShowEndpointGroup, self).setUp()
|
||||
self.neutronclient.show_endpoint_group = mock.Mock(
|
||||
return_value={self.res: _endpoint_group})
|
||||
self.mocked = self.neutronclient.show_endpoint_group
|
||||
self.cmd = endpoint_group.ShowEndpointGroup(self.app, self.namespace)
|
303
neutronclient/tests/unit/osc/v2/vpnaas/test_ikepolicy.py
Normal file
303
neutronclient/tests/unit/osc/v2/vpnaas/test_ikepolicy.py
Normal file
@ -0,0 +1,303 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import copy
|
||||
|
||||
import mock
|
||||
from osc_lib.tests import utils as tests_utils
|
||||
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import ikepolicy
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import common
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import fakes
|
||||
|
||||
|
||||
_ikepolicy = fakes.IKEPolicy().create()
|
||||
CONVERT_MAP = {
|
||||
'project': 'tenant_id',
|
||||
}
|
||||
|
||||
|
||||
def _generate_data(ordered_dict=None, data=None):
|
||||
source = ordered_dict if ordered_dict else _ikepolicy
|
||||
if data:
|
||||
source.update(data)
|
||||
return tuple(source[key] for key in source)
|
||||
|
||||
|
||||
def _generate_req_and_res(verifylist):
|
||||
request = dict(verifylist)
|
||||
response = copy.deepcopy(_ikepolicy)
|
||||
for key, val in verifylist:
|
||||
converted = CONVERT_MAP.get(key, key)
|
||||
del request[key]
|
||||
new_value = val
|
||||
request[converted] = new_value
|
||||
response[converted] = new_value
|
||||
return request, response
|
||||
|
||||
|
||||
class TestIKEPolicy(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def check_results(self, headers, data, exp_req, is_list=False):
|
||||
if is_list:
|
||||
req_body = {self.res_plural: [exp_req]}
|
||||
else:
|
||||
req_body = {self.res: exp_req}
|
||||
self.mocked.assert_called_once_with(req_body)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertEqual(self.ordered_data, data)
|
||||
|
||||
def setUp(self):
|
||||
super(TestIKEPolicy, self).setUp()
|
||||
|
||||
def _mock_ikepolicy(*args, **kwargs):
|
||||
self.neutronclient.find_resource.assert_called_once_with(
|
||||
self.res, self.resource['id'], cmd_resource='ikepolicy')
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = mock.Mock(
|
||||
side_effect=_mock_ikepolicy)
|
||||
osc_utils.find_project = mock.Mock()
|
||||
osc_utils.find_project.id = _ikepolicy['tenant_id']
|
||||
self.res = 'ikepolicy'
|
||||
self.res_plural = 'ikepolicies'
|
||||
self.resource = _ikepolicy
|
||||
self.headers = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Authentication Algorithm',
|
||||
'Encryption Algorithm',
|
||||
'IKE Version',
|
||||
'Perfect Forward Secrecy (PFS)',
|
||||
'Description',
|
||||
'Phase1 Negotiation Mode',
|
||||
'Project',
|
||||
'Lifetime',
|
||||
)
|
||||
self.data = _generate_data()
|
||||
self.ordered_headers = (
|
||||
'Authentication Algorithm',
|
||||
'Description',
|
||||
'Encryption Algorithm',
|
||||
'ID',
|
||||
'IKE Version',
|
||||
'Lifetime',
|
||||
'Name',
|
||||
'Perfect Forward Secrecy (PFS)',
|
||||
'Phase1 Negotiation Mode',
|
||||
'Project',
|
||||
)
|
||||
self.ordered_data = (
|
||||
_ikepolicy['auth_algorithm'],
|
||||
_ikepolicy['description'],
|
||||
_ikepolicy['encryption_algorithm'],
|
||||
_ikepolicy['id'],
|
||||
_ikepolicy['ike_version'],
|
||||
_ikepolicy['lifetime'],
|
||||
_ikepolicy['name'],
|
||||
_ikepolicy['pfs'],
|
||||
_ikepolicy['phase1_negotiation_mode'],
|
||||
_ikepolicy['tenant_id'],
|
||||
)
|
||||
self.ordered_columns = (
|
||||
'auth_algorithm',
|
||||
'description',
|
||||
'encryption_algorithm',
|
||||
'id',
|
||||
'ike_version',
|
||||
'lifetime',
|
||||
'name',
|
||||
'pfs',
|
||||
'phase1_negotiation_mode',
|
||||
'tenant_id',
|
||||
)
|
||||
|
||||
|
||||
class TestCreateIKEPolicy(TestIKEPolicy, common.TestCreateVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestCreateIKEPolicy, self).setUp()
|
||||
self.neutronclient.create_ikepolicy = mock.Mock(
|
||||
return_value={self.res: _ikepolicy})
|
||||
self.mocked = self.neutronclient.create_ikepolicy
|
||||
self.cmd = ikepolicy.CreateIKEPolicy(self.app, self.namespace)
|
||||
|
||||
def _update_expect_response(self, request, response):
|
||||
"""Set expected request and response
|
||||
|
||||
:param request
|
||||
A dictionary of request body(dict of verifylist)
|
||||
:param response
|
||||
A OrderedDict of request body
|
||||
"""
|
||||
# Update response body
|
||||
self.neutronclient.create_ikepolicy.return_value = \
|
||||
{self.res: dict(response)}
|
||||
osc_utils.find_project.return_value.id = response['tenant_id']
|
||||
# Update response(finally returns 'data')
|
||||
self.data = _generate_data(ordered_dict=response)
|
||||
self.ordered_data = tuple(
|
||||
response[column] for column in self.ordered_columns
|
||||
)
|
||||
|
||||
def _set_all_params(self, args={}):
|
||||
name = args.get('name') or 'my-name'
|
||||
description = args.get('description') or 'my-desc'
|
||||
auth_algorithm = args.get('auth_algorithm') or 'sha1'
|
||||
encryption_algorithm = args.get('encryption_algorithm') or 'aes-128'
|
||||
phase1_negotiation_mode = args.get('phase1_negotiation_mode') or 'main'
|
||||
ike_version = args.get('ike_version') or 'v1'
|
||||
pfs = args.get('pfs') or 'group5'
|
||||
tenant_id = args.get('tenant_id') or 'my-tenant'
|
||||
arglist = [
|
||||
'--description', description,
|
||||
'--auth-algorithm', auth_algorithm,
|
||||
'--encryption-algorithm', encryption_algorithm,
|
||||
'--phase1-negotiation-mode', phase1_negotiation_mode,
|
||||
'--ike-version', ike_version,
|
||||
'--pfs', pfs,
|
||||
'--project', tenant_id,
|
||||
name,
|
||||
]
|
||||
verifylist = [
|
||||
('description', description),
|
||||
('auth_algorithm', auth_algorithm),
|
||||
('encryption_algorithm', encryption_algorithm),
|
||||
('phase1_negotiation_mode', phase1_negotiation_mode),
|
||||
('ike_version', ike_version),
|
||||
('pfs', pfs),
|
||||
('project', tenant_id),
|
||||
('name', name),
|
||||
]
|
||||
return arglist, verifylist
|
||||
|
||||
def _test_create_with_all_params(self, args={}):
|
||||
arglist, verifylist = self._set_all_params(args)
|
||||
request, response = _generate_req_and_res(verifylist)
|
||||
self._update_expect_response(request, response)
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.check_results(headers, data, request)
|
||||
|
||||
def test_create_with_no_options(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
|
||||
self.assertRaises(tests_utils.ParserException, self.check_parser,
|
||||
self.cmd, arglist, verifylist)
|
||||
|
||||
def test_create_with_all_params(self):
|
||||
self._test_create_with_all_params()
|
||||
|
||||
def test_create_with_all_params_name(self):
|
||||
self._test_create_with_all_params({'name': 'new_ikepolicy'})
|
||||
|
||||
|
||||
class TestDeleteIKEPolicy(TestIKEPolicy, common.TestDeleteVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestDeleteIKEPolicy, self).setUp()
|
||||
self.neutronclient.delete_ikepolicy = mock.Mock(
|
||||
return_value={self.res: _ikepolicy})
|
||||
self.mocked = self.neutronclient.delete_ikepolicy
|
||||
self.cmd = ikepolicy.DeleteIKEPolicy(self.app, self.namespace)
|
||||
|
||||
|
||||
class TestListIKEPolicy(TestIKEPolicy):
|
||||
|
||||
def setUp(self):
|
||||
super(TestListIKEPolicy, self).setUp()
|
||||
self.cmd = ikepolicy.ListIKEPolicy(self.app, self.namespace)
|
||||
|
||||
self.short_header = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Authentication Algorithm',
|
||||
'Encryption Algorithm',
|
||||
'IKE Version',
|
||||
'Perfect Forward Secrecy (PFS)',
|
||||
)
|
||||
|
||||
self.short_data = (
|
||||
_ikepolicy['id'],
|
||||
_ikepolicy['name'],
|
||||
_ikepolicy['auth_algorithm'],
|
||||
_ikepolicy['encryption_algorithm'],
|
||||
_ikepolicy['ike_version'],
|
||||
_ikepolicy['pfs'],
|
||||
)
|
||||
|
||||
self.neutronclient.list_ikepolicies = mock.Mock(
|
||||
return_value={self.res_plural: [_ikepolicy]})
|
||||
self.mocked = self.neutronclient.list_ikepolicies
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertEqual([self.data], list(data))
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.short_header), headers)
|
||||
self.assertEqual([self.short_data], list(data))
|
||||
|
||||
|
||||
class TestSetIKEPolicy(TestIKEPolicy, common.TestSetVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestSetIKEPolicy, self).setUp()
|
||||
self.neutronclient.update_ikepolicy = mock.Mock(
|
||||
return_value={self.res: _ikepolicy})
|
||||
self.mocked = self.neutronclient.update_ikepolicy
|
||||
self.cmd = ikepolicy.SetIKEPolicy(self.app, self.namespace)
|
||||
|
||||
def test_set_auth_algorithm_with_sha256(self):
|
||||
target = self.resource['id']
|
||||
auth_algorithm = 'sha256'
|
||||
arglist = [target, '--auth-algorithm', auth_algorithm]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('auth_algorithm', auth_algorithm),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'auth_algorithm': 'sha256'}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
||||
class TestShowIKEPolicy(TestIKEPolicy, common.TestShowVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestShowIKEPolicy, self).setUp()
|
||||
self.neutronclient.show_ikepolicy = mock.Mock(
|
||||
return_value={self.res: _ikepolicy})
|
||||
self.mocked = self.neutronclient.show_ikepolicy
|
||||
self.cmd = ikepolicy.ShowIKEPolicy(self.app, self.namespace)
|
@ -0,0 +1,381 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import copy
|
||||
|
||||
import mock
|
||||
from osc_lib.cli import format_columns
|
||||
from osc_lib.tests import utils as tests_utils
|
||||
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import ipsec_site_connection
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import common
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import fakes
|
||||
|
||||
|
||||
_ipsec_site_conn = fakes.IPsecSiteConnection().create_conn()
|
||||
CONVERT_MAP = {
|
||||
'project': 'tenant_id',
|
||||
'ikepolicy': 'ikepolicy_id',
|
||||
'ipsecpolicy': 'ipsecpolicy_id',
|
||||
'vpnservice': 'vpnservice_id',
|
||||
'peer_endpoint_group': 'peer_ep_group_id',
|
||||
'local_endpoint_group': 'local_ep_group_id',
|
||||
}
|
||||
|
||||
|
||||
def _generate_data(ordered_dict=None, data=None):
|
||||
source = ordered_dict if ordered_dict else _ipsec_site_conn
|
||||
if data:
|
||||
source.update(data)
|
||||
return (
|
||||
_ipsec_site_conn['id'],
|
||||
_ipsec_site_conn['name'],
|
||||
_ipsec_site_conn['peer_address'],
|
||||
_ipsec_site_conn['auth_mode'],
|
||||
_ipsec_site_conn['status'],
|
||||
_ipsec_site_conn['tenant_id'],
|
||||
format_columns.ListColumn(_ipsec_site_conn['peer_cidrs']),
|
||||
_ipsec_site_conn['vpnservice_id'],
|
||||
_ipsec_site_conn['ipsecpolicy_id'],
|
||||
_ipsec_site_conn['ikepolicy_id'],
|
||||
_ipsec_site_conn['mtu'],
|
||||
_ipsec_site_conn['initiator'],
|
||||
_ipsec_site_conn['admin_state_up'],
|
||||
_ipsec_site_conn['description'],
|
||||
_ipsec_site_conn['psk'],
|
||||
_ipsec_site_conn['route_mode'],
|
||||
_ipsec_site_conn['local_id'],
|
||||
_ipsec_site_conn['peer_id'],
|
||||
_ipsec_site_conn['local_ep_group_id'],
|
||||
_ipsec_site_conn['peer_ep_group_id'],
|
||||
)
|
||||
|
||||
|
||||
def _generate_req_and_res(verifylist):
|
||||
request = dict(verifylist)
|
||||
response = copy.deepcopy(_ipsec_site_conn)
|
||||
for key, val in verifylist:
|
||||
converted = CONVERT_MAP.get(key, key)
|
||||
del request[key]
|
||||
new_value = val
|
||||
request[converted] = new_value
|
||||
response[converted] = new_value
|
||||
return request, response
|
||||
|
||||
|
||||
class TestIPsecSiteConn(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def check_results(self, headers, data, exp_req, is_list=False):
|
||||
if is_list:
|
||||
req_body = {self.res_plural: [exp_req]}
|
||||
else:
|
||||
req_body = {self.res: exp_req}
|
||||
self.mocked.assert_called_once_with(req_body)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertItemEqual(self.ordered_data, data)
|
||||
|
||||
def setUp(self):
|
||||
super(TestIPsecSiteConn, self).setUp()
|
||||
|
||||
def _mock_ipsec_site_conn(*args, **kwargs):
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = mock.Mock(
|
||||
side_effect=_mock_ipsec_site_conn)
|
||||
osc_utils.find_project = mock.Mock()
|
||||
osc_utils.find_project.id = _ipsec_site_conn['tenant_id']
|
||||
self.res = 'ipsec_site_connection'
|
||||
self.res_plural = 'ipsec_site_connections'
|
||||
self.resource = _ipsec_site_conn
|
||||
self.headers = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Peer Address',
|
||||
'Authentication Algorithm',
|
||||
'Status',
|
||||
'Project',
|
||||
'Peer CIDRs',
|
||||
'VPN Service',
|
||||
'IPSec Policy',
|
||||
'IKE Policy',
|
||||
'MTU',
|
||||
'Initiator',
|
||||
'State',
|
||||
'Description',
|
||||
'Pre-shared Key',
|
||||
'Route Mode',
|
||||
'Local ID',
|
||||
'Peer ID',
|
||||
'Local Endpoint Group ID',
|
||||
'Peer Endpoint Group ID'
|
||||
)
|
||||
self.data = _generate_data()
|
||||
self.ordered_headers = (
|
||||
'Authentication Algorithm',
|
||||
'Description',
|
||||
'ID',
|
||||
'IKE Policy',
|
||||
'IPSec Policy',
|
||||
'Initiator',
|
||||
'Local Endpoint Group ID',
|
||||
'Local ID',
|
||||
'MTU',
|
||||
'Name',
|
||||
'Peer Address',
|
||||
'Peer CIDRs',
|
||||
'Peer Endpoint Group ID',
|
||||
'Peer ID',
|
||||
'Pre-shared Key',
|
||||
'Project',
|
||||
'Route Mode',
|
||||
'State',
|
||||
'Status',
|
||||
'VPN Service',
|
||||
)
|
||||
self.ordered_data = (
|
||||
_ipsec_site_conn['auth_mode'],
|
||||
_ipsec_site_conn['description'],
|
||||
_ipsec_site_conn['id'],
|
||||
_ipsec_site_conn['ikepolicy_id'],
|
||||
_ipsec_site_conn['ipsecpolicy_id'],
|
||||
_ipsec_site_conn['initiator'],
|
||||
_ipsec_site_conn['local_ep_group_id'],
|
||||
_ipsec_site_conn['local_id'],
|
||||
_ipsec_site_conn['mtu'],
|
||||
_ipsec_site_conn['name'],
|
||||
_ipsec_site_conn['peer_address'],
|
||||
format_columns.ListColumn(_ipsec_site_conn['peer_cidrs']),
|
||||
_ipsec_site_conn['peer_ep_group_id'],
|
||||
_ipsec_site_conn['peer_id'],
|
||||
_ipsec_site_conn['psk'],
|
||||
_ipsec_site_conn['tenant_id'],
|
||||
_ipsec_site_conn['route_mode'],
|
||||
_ipsec_site_conn['admin_state_up'],
|
||||
_ipsec_site_conn['status'],
|
||||
_ipsec_site_conn['vpnservice_id'],
|
||||
)
|
||||
|
||||
|
||||
class TestCreateIPsecSiteConn(TestIPsecSiteConn, common.TestCreateVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestCreateIPsecSiteConn, self).setUp()
|
||||
self.neutronclient.create_ipsec_site_connection = mock.Mock(
|
||||
return_value={self.res: _ipsec_site_conn})
|
||||
self.mocked = self.neutronclient.create_ipsec_site_connection
|
||||
self.cmd = ipsec_site_connection.CreateIPsecSiteConnection(
|
||||
self.app, self.namespace)
|
||||
|
||||
def _update_expect_response(self, request, response):
|
||||
"""Set expected request and response
|
||||
|
||||
:param request
|
||||
A dictionary of request body(dict of verifylist)
|
||||
:param response
|
||||
A OrderedDict of request body
|
||||
"""
|
||||
# Update response body
|
||||
self.neutronclient.create_ipsec_site_connection.return_value = \
|
||||
{self.res: dict(response)}
|
||||
osc_utils.find_project.return_value.id = response['tenant_id']
|
||||
# Update response(finally returns 'data')
|
||||
self.data = _generate_data(ordered_dict=response)
|
||||
self.ordered_data = (
|
||||
response['auth_mode'],
|
||||
response['description'],
|
||||
response['id'],
|
||||
response['ikepolicy_id'],
|
||||
response['ipsecpolicy_id'],
|
||||
response['initiator'],
|
||||
response['local_ep_group_id'],
|
||||
response['local_id'],
|
||||
response['mtu'],
|
||||
response['name'],
|
||||
response['peer_address'],
|
||||
format_columns.ListColumn(response['peer_cidrs']),
|
||||
response['peer_ep_group_id'],
|
||||
response['peer_id'],
|
||||
response['psk'],
|
||||
response['tenant_id'],
|
||||
response['route_mode'],
|
||||
response['admin_state_up'],
|
||||
response['status'],
|
||||
response['vpnservice_id'],
|
||||
)
|
||||
|
||||
def _set_all_params(self, args={}):
|
||||
tenant_id = args.get('tenant_id') or 'my-tenant'
|
||||
name = args.get('name') or 'connection1'
|
||||
peer_address = args.get('peer_address') or '192.168.2.10'
|
||||
peer_id = args.get('peer_id') or '192.168.2.10'
|
||||
psk = args.get('psk') or 'abcd'
|
||||
mtu = args.get('mtu') or '1500'
|
||||
initiator = args.get('initiator') or 'bi-directional'
|
||||
vpnservice_id = args.get('vpnservice') or 'vpnservice_id'
|
||||
ikepolicy_id = args.get('ikepolicy') or 'ikepolicy_id'
|
||||
ipsecpolicy_id = args.get('ipsecpolicy') or 'ipsecpolicy_id'
|
||||
local_ep_group = args.get('local_ep_group_id') or 'local-epg'
|
||||
peer_ep_group = args.get('peer_ep_group_id') or 'peer-epg'
|
||||
description = args.get('description') or 'my-vpn-connection'
|
||||
|
||||
arglist = [
|
||||
'--project', tenant_id,
|
||||
'--peer-address', peer_address,
|
||||
'--peer-id', peer_id,
|
||||
'--psk', psk,
|
||||
'--initiator', initiator,
|
||||
'--vpnservice', vpnservice_id,
|
||||
'--ikepolicy', ikepolicy_id,
|
||||
'--ipsecpolicy', ipsecpolicy_id,
|
||||
'--mtu', mtu,
|
||||
'--description', description,
|
||||
'--local-endpoint-group', local_ep_group,
|
||||
'--peer-endpoint-group', peer_ep_group,
|
||||
name,
|
||||
]
|
||||
verifylist = [
|
||||
('project', tenant_id),
|
||||
('peer_address', peer_address),
|
||||
('peer_id', peer_id),
|
||||
('psk', psk),
|
||||
('initiator', initiator),
|
||||
('vpnservice', vpnservice_id),
|
||||
('ikepolicy', ikepolicy_id),
|
||||
('ipsecpolicy', ipsecpolicy_id),
|
||||
('mtu', mtu),
|
||||
('description', description),
|
||||
('local_endpoint_group', local_ep_group),
|
||||
('peer_endpoint_group', peer_ep_group),
|
||||
('name', name),
|
||||
]
|
||||
return arglist, verifylist
|
||||
|
||||
def _test_create_with_all_params(self, args={}):
|
||||
arglist, verifylist = self._set_all_params(args)
|
||||
request, response = _generate_req_and_res(verifylist)
|
||||
self._update_expect_response(request, response)
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.check_results(headers, data, request)
|
||||
|
||||
def test_create_with_no_options(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
|
||||
self.assertRaises(tests_utils.ParserException, self.check_parser,
|
||||
self.cmd, arglist, verifylist)
|
||||
|
||||
def test_create_with_all_params(self):
|
||||
self._test_create_with_all_params()
|
||||
|
||||
|
||||
class TestDeleteIPsecSiteConn(TestIPsecSiteConn, common.TestDeleteVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestDeleteIPsecSiteConn, self).setUp()
|
||||
self.neutronclient.delete_ipsec_site_connection = mock.Mock(
|
||||
return_value={self.res: _ipsec_site_conn})
|
||||
self.mocked = self.neutronclient.delete_ipsec_site_connection
|
||||
self.cmd = ipsec_site_connection.DeleteIPsecSiteConnection(
|
||||
self.app, self.namespace)
|
||||
|
||||
|
||||
class TestListIPsecSiteConn(TestIPsecSiteConn):
|
||||
|
||||
def setUp(self):
|
||||
super(TestListIPsecSiteConn, self).setUp()
|
||||
self.cmd = ipsec_site_connection.ListIPsecSiteConnection(
|
||||
self.app, self.namespace)
|
||||
|
||||
self.short_header = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Peer Address',
|
||||
'Authentication Algorithm',
|
||||
'Status',
|
||||
)
|
||||
|
||||
self.short_data = (
|
||||
_ipsec_site_conn['id'],
|
||||
_ipsec_site_conn['name'],
|
||||
_ipsec_site_conn['peer_address'],
|
||||
_ipsec_site_conn['auth_mode'],
|
||||
_ipsec_site_conn['status'],
|
||||
)
|
||||
|
||||
self.neutronclient.list_ipsec_site_connections = mock.Mock(
|
||||
return_value={self.res_plural: [_ipsec_site_conn]})
|
||||
self.mocked = self.neutronclient.list_ipsec_site_connections
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertListItemEqual([self.data], list(data))
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.short_header), headers)
|
||||
self.assertEqual([self.short_data], list(data))
|
||||
|
||||
|
||||
class TestSetIPsecSiteConn(TestIPsecSiteConn, common.TestSetVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestSetIPsecSiteConn, self).setUp()
|
||||
self.neutronclient.update_ipsec_site_connection = mock.Mock(
|
||||
return_value={self.res: _ipsec_site_conn})
|
||||
self.mocked = self.neutronclient.update_ipsec_site_connection
|
||||
self.cmd = ipsec_site_connection.SetIPsecSiteConnection(
|
||||
self.app, self.namespace)
|
||||
|
||||
def test_set_ipsec_site_conn_with_peer_id(self):
|
||||
target = self.resource['id']
|
||||
peer_id = '192.168.3.10'
|
||||
arglist = [target, '--peer-id', peer_id]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('peer_id', peer_id),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'peer_id': peer_id}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
||||
class TestShowIPsecSiteConn(TestIPsecSiteConn, common.TestShowVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestShowIPsecSiteConn, self).setUp()
|
||||
self.neutronclient.show_ipsec_site_connection = mock.Mock(
|
||||
return_value={self.res: _ipsec_site_conn})
|
||||
self.mocked = self.neutronclient.show_ipsec_site_connection
|
||||
self.cmd = ipsec_site_connection.ShowIPsecSiteConnection(
|
||||
self.app, self.namespace)
|
303
neutronclient/tests/unit/osc/v2/vpnaas/test_ipsecpolicy.py
Normal file
303
neutronclient/tests/unit/osc/v2/vpnaas/test_ipsecpolicy.py
Normal file
@ -0,0 +1,303 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import copy
|
||||
|
||||
import mock
|
||||
from osc_lib.tests import utils as tests_utils
|
||||
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import ipsecpolicy
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import common
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import fakes
|
||||
|
||||
|
||||
_ipsecpolicy = fakes.IPSecPolicy().create()
|
||||
CONVERT_MAP = {
|
||||
'project': 'tenant_id',
|
||||
}
|
||||
|
||||
|
||||
def _generate_data(ordered_dict=None, data=None):
|
||||
source = ordered_dict if ordered_dict else _ipsecpolicy
|
||||
if data:
|
||||
source.update(data)
|
||||
return tuple(source[key] for key in source)
|
||||
|
||||
|
||||
def _generate_req_and_res(verifylist):
|
||||
request = dict(verifylist)
|
||||
response = copy.deepcopy(_ipsecpolicy)
|
||||
for key, val in verifylist:
|
||||
converted = CONVERT_MAP.get(key, key)
|
||||
del request[key]
|
||||
new_value = val
|
||||
request[converted] = new_value
|
||||
response[converted] = new_value
|
||||
return request, response
|
||||
|
||||
|
||||
class TestIPSecPolicy(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def check_results(self, headers, data, exp_req, is_list=False):
|
||||
if is_list:
|
||||
req_body = {self.res_plural: [exp_req]}
|
||||
else:
|
||||
req_body = {self.res: exp_req}
|
||||
self.mocked.assert_called_once_with(req_body)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertEqual(self.ordered_data, data)
|
||||
|
||||
def setUp(self):
|
||||
super(TestIPSecPolicy, self).setUp()
|
||||
|
||||
def _mock_ipsecpolicy(*args, **kwargs):
|
||||
self.neutronclient.find_resource.assert_called_once_with(
|
||||
self.res, self.resource['id'], cmd_resource='ipsecpolicy')
|
||||
return {'id': args[1]}
|
||||
|
||||
self.neutronclient.find_resource.side_effect = mock.Mock(
|
||||
side_effect=_mock_ipsecpolicy)
|
||||
osc_utils.find_project = mock.Mock()
|
||||
osc_utils.find_project.id = _ipsecpolicy['tenant_id']
|
||||
self.res = 'ipsecpolicy'
|
||||
self.res_plural = 'ipsecpolicies'
|
||||
self.resource = _ipsecpolicy
|
||||
self.headers = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Authentication Algorithm',
|
||||
'Encapsulation Mode',
|
||||
'Transform Protocol',
|
||||
'Encryption Algorithm',
|
||||
'Perfect Forward Secrecy (PFS)',
|
||||
'Description',
|
||||
'Project',
|
||||
'Lifetime',
|
||||
)
|
||||
self.data = _generate_data()
|
||||
self.ordered_headers = (
|
||||
'Authentication Algorithm',
|
||||
'Description',
|
||||
'Encapsulation Mode',
|
||||
'Encryption Algorithm',
|
||||
'ID',
|
||||
'Lifetime',
|
||||
'Name',
|
||||
'Perfect Forward Secrecy (PFS)',
|
||||
'Project',
|
||||
'Transform Protocol',
|
||||
)
|
||||
self.ordered_data = (
|
||||
_ipsecpolicy['auth_algorithm'],
|
||||
_ipsecpolicy['description'],
|
||||
_ipsecpolicy['encapsulation_mode'],
|
||||
_ipsecpolicy['encryption_algorithm'],
|
||||
_ipsecpolicy['id'],
|
||||
_ipsecpolicy['lifetime'],
|
||||
_ipsecpolicy['name'],
|
||||
_ipsecpolicy['pfs'],
|
||||
_ipsecpolicy['tenant_id'],
|
||||
_ipsecpolicy['transform_protocol'],
|
||||
)
|
||||
self.ordered_columns = (
|
||||
'auth_algorithm',
|
||||
'description',
|
||||
'encapsulation_mode',
|
||||
'encryption_algorithm',
|
||||
'id',
|
||||
'lifetime',
|
||||
'name',
|
||||
'pfs',
|
||||
'tenant_id',
|
||||
'transform_protocol',
|
||||
)
|
||||
|
||||
|
||||
class TestCreateIPSecPolicy(TestIPSecPolicy, common.TestCreateVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestCreateIPSecPolicy, self).setUp()
|
||||
self.neutronclient.create_ipsecpolicy = mock.Mock(
|
||||
return_value={self.res: _ipsecpolicy})
|
||||
self.mocked = self.neutronclient.create_ipsecpolicy
|
||||
self.cmd = ipsecpolicy.CreateIPsecPolicy(self.app, self.namespace)
|
||||
|
||||
def _update_expect_response(self, request, response):
|
||||
"""Set expected request and response
|
||||
|
||||
:param request
|
||||
A dictionary of request body(dict of verifylist)
|
||||
:param response
|
||||
A OrderedDict of request body
|
||||
"""
|
||||
# Update response body
|
||||
self.neutronclient.create_ipsecpolicy.return_value = \
|
||||
{self.res: dict(response)}
|
||||
osc_utils.find_project.return_value.id = response['tenant_id']
|
||||
# Update response(finally returns 'data')
|
||||
self.data = _generate_data(ordered_dict=response)
|
||||
self.ordered_data = tuple(
|
||||
response[column] for column in self.ordered_columns
|
||||
)
|
||||
|
||||
def _set_all_params(self, args={}):
|
||||
name = args.get('name') or 'my-name'
|
||||
auth_algorithm = args.get('auth_algorithm') or 'sha1'
|
||||
encapsulation_mode = args.get('encapsulation_mode') or 'tunnel'
|
||||
transform_protocol = args.get('transform_protocol') or 'esp'
|
||||
encryption_algorithm = args.get('encryption_algorithm') or 'aes-128'
|
||||
pfs = args.get('pfs') or 'group5'
|
||||
description = args.get('description') or 'my-desc'
|
||||
tenant_id = args.get('tenant_id') or 'my-tenant'
|
||||
arglist = [
|
||||
name,
|
||||
'--auth-algorithm', auth_algorithm,
|
||||
'--encapsulation-mode', encapsulation_mode,
|
||||
'--transform-protocol', transform_protocol,
|
||||
'--encryption-algorithm', encryption_algorithm,
|
||||
'--pfs', pfs,
|
||||
'--description', description,
|
||||
'--project', tenant_id,
|
||||
]
|
||||
verifylist = [
|
||||
('name', name),
|
||||
('auth_algorithm', auth_algorithm),
|
||||
('encapsulation_mode', encapsulation_mode),
|
||||
('transform_protocol', transform_protocol),
|
||||
('encryption_algorithm', encryption_algorithm),
|
||||
('pfs', pfs),
|
||||
('description', description),
|
||||
('project', tenant_id),
|
||||
]
|
||||
return arglist, verifylist
|
||||
|
||||
def _test_create_with_all_params(self, args={}):
|
||||
arglist, verifylist = self._set_all_params(args)
|
||||
request, response = _generate_req_and_res(verifylist)
|
||||
self._update_expect_response(request, response)
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.check_results(headers, data, request)
|
||||
|
||||
def test_create_with_no_options(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
|
||||
self.assertRaises(tests_utils.ParserException, self.check_parser,
|
||||
self.cmd, arglist, verifylist)
|
||||
|
||||
def test_create_with_all_params(self):
|
||||
self._test_create_with_all_params()
|
||||
|
||||
def test_create_with_all_params_name(self):
|
||||
self._test_create_with_all_params({'name': 'new_ipsecpolicy'})
|
||||
|
||||
|
||||
class TestDeleteIPSecPolicy(TestIPSecPolicy, common.TestDeleteVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestDeleteIPSecPolicy, self).setUp()
|
||||
self.neutronclient.delete_ipsecpolicy = mock.Mock(
|
||||
return_value={self.res: _ipsecpolicy})
|
||||
self.mocked = self.neutronclient.delete_ipsecpolicy
|
||||
self.cmd = ipsecpolicy.DeleteIPsecPolicy(self.app, self.namespace)
|
||||
|
||||
|
||||
class TestListIPSecPolicy(TestIPSecPolicy):
|
||||
|
||||
def setUp(self):
|
||||
super(TestListIPSecPolicy, self).setUp()
|
||||
self.cmd = ipsecpolicy.ListIPsecPolicy(self.app, self.namespace)
|
||||
|
||||
self.short_header = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Authentication Algorithm',
|
||||
'Encapsulation Mode',
|
||||
'Transform Protocol',
|
||||
'Encryption Algorithm',
|
||||
)
|
||||
|
||||
self.short_data = (
|
||||
_ipsecpolicy['id'],
|
||||
_ipsecpolicy['name'],
|
||||
_ipsecpolicy['auth_algorithm'],
|
||||
_ipsecpolicy['encapsulation_mode'],
|
||||
_ipsecpolicy['transform_protocol'],
|
||||
_ipsecpolicy['encryption_algorithm'],
|
||||
)
|
||||
|
||||
self.neutronclient.list_ipsecpolicies = mock.Mock(
|
||||
return_value={self.res_plural: [_ipsecpolicy]})
|
||||
self.mocked = self.neutronclient.list_ipsecpolicies
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertEqual([self.data], list(data))
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.short_header), headers)
|
||||
self.assertEqual([self.short_data], list(data))
|
||||
|
||||
|
||||
class TestSetIPSecPolicy(TestIPSecPolicy, common.TestSetVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestSetIPSecPolicy, self).setUp()
|
||||
self.neutronclient.update_ipsecpolicy = mock.Mock(
|
||||
return_value={self.res: _ipsecpolicy})
|
||||
self.mocked = self.neutronclient.update_ipsecpolicy
|
||||
self.cmd = ipsecpolicy.SetIPsecPolicy(self.app, self.namespace)
|
||||
|
||||
def test_set_auth_algorithm_with_sha256(self):
|
||||
target = self.resource['id']
|
||||
auth_algorithm = 'sha256'
|
||||
arglist = [target, '--auth-algorithm', auth_algorithm]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('auth_algorithm', auth_algorithm),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'auth_algorithm': 'sha256'}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
||||
class TestShowIPSecPolicy(TestIPSecPolicy, common.TestShowVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestShowIPSecPolicy, self).setUp()
|
||||
self.neutronclient.show_ipsecpolicy = mock.Mock(
|
||||
return_value={self.res: _ipsecpolicy})
|
||||
self.mocked = self.neutronclient.show_ipsecpolicy
|
||||
self.cmd = ipsecpolicy.ShowIPsecPolicy(self.app, self.namespace)
|
305
neutronclient/tests/unit/osc/v2/vpnaas/test_vpnservice.py
Normal file
305
neutronclient/tests/unit/osc/v2/vpnaas/test_vpnservice.py
Normal file
@ -0,0 +1,305 @@
|
||||
# Copyright 2017 FUJITSU LIMITED
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
import copy
|
||||
import uuid
|
||||
|
||||
import mock
|
||||
|
||||
from neutronclient.osc import utils as osc_utils
|
||||
from neutronclient.osc.v2.vpnaas import vpnservice
|
||||
from neutronclient.tests.unit.osc.v2 import fakes as test_fakes
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import common
|
||||
from neutronclient.tests.unit.osc.v2.vpnaas import fakes
|
||||
|
||||
|
||||
_vpnservice = fakes.VPNService().create()
|
||||
CONVERT_MAP = {
|
||||
'project': 'tenant_id',
|
||||
'router': 'router_id',
|
||||
'subnet': 'subnet_id'
|
||||
}
|
||||
|
||||
|
||||
def _generate_data(ordered_dict=None, data=None):
|
||||
source = ordered_dict if ordered_dict else _vpnservice
|
||||
if data:
|
||||
source.update(data)
|
||||
return tuple(source[key] for key in source)
|
||||
|
||||
|
||||
def _generate_req_and_res(verifylist):
|
||||
request = dict(verifylist)
|
||||
response = copy.deepcopy(_vpnservice)
|
||||
for key, val in verifylist:
|
||||
converted = CONVERT_MAP.get(key, key)
|
||||
del request[key]
|
||||
new_value = val
|
||||
request[converted] = new_value
|
||||
response[converted] = new_value
|
||||
return request, response
|
||||
|
||||
|
||||
class TestVPNService(test_fakes.TestNeutronClientOSCV2):
|
||||
|
||||
def _check_results(self, headers, data, exp_req, is_list=False):
|
||||
if is_list:
|
||||
req_body = {self.res_plural: [exp_req]}
|
||||
else:
|
||||
req_body = {self.res: exp_req}
|
||||
self.mocked.assert_called_once_with(req_body)
|
||||
self.assertEqual(self.ordered_headers, headers)
|
||||
self.assertEqual(self.ordered_data, data)
|
||||
|
||||
def setUp(self):
|
||||
super(TestVPNService, self).setUp()
|
||||
|
||||
def _mock_vpnservice(*args, **kwargs):
|
||||
self.neutronclient.find_resource.assert_called_once_with(
|
||||
self.res, self.resource['id'], cmd_resource='vpnservice')
|
||||
return {'id': args[1]}
|
||||
|
||||
self.app.client_manager.network = mock.Mock()
|
||||
self.app.client_manager.network.find_router = mock.Mock()
|
||||
self.app.client_manager.network.find_subnet = mock.Mock()
|
||||
self.fake_router = mock.Mock()
|
||||
self.fake_subnet = mock.Mock()
|
||||
self.app.client_manager.network.find_router.return_value = \
|
||||
self.fake_router
|
||||
self.app.client_manager.network.find_subnet.return_value = \
|
||||
self.fake_subnet
|
||||
self.args = {
|
||||
'name': 'my-name',
|
||||
'description': 'my-desc',
|
||||
'tenant_id': 'tenant-id-' + uuid.uuid4().hex,
|
||||
'router_id': 'router-id-' + uuid.uuid4().hex,
|
||||
'subnet_id': 'subnet-id-' + uuid.uuid4().hex,
|
||||
|
||||
}
|
||||
self.fake_subnet.id = self.args['subnet_id']
|
||||
self.fake_router.id = self.args['router_id']
|
||||
|
||||
self.neutronclient.find_resource.side_effect = mock.Mock(
|
||||
side_effect=_mock_vpnservice)
|
||||
osc_utils.find_project = mock.Mock()
|
||||
osc_utils.find_project.id = _vpnservice['tenant_id']
|
||||
|
||||
self.res = 'vpnservice'
|
||||
self.res_plural = 'vpnservices'
|
||||
self.resource = _vpnservice
|
||||
self.headers = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Router',
|
||||
'Subnet',
|
||||
'Flavor',
|
||||
'State',
|
||||
'Status',
|
||||
'Description',
|
||||
'Project',
|
||||
)
|
||||
self.data = _generate_data()
|
||||
self.ordered_headers = (
|
||||
'Description',
|
||||
'Flavor',
|
||||
'ID',
|
||||
'Name',
|
||||
'Project',
|
||||
'Router',
|
||||
'State',
|
||||
'Status',
|
||||
'Subnet',
|
||||
)
|
||||
self.ordered_data = (
|
||||
_vpnservice['description'],
|
||||
_vpnservice['flavor_id'],
|
||||
_vpnservice['id'],
|
||||
_vpnservice['name'],
|
||||
_vpnservice['tenant_id'],
|
||||
_vpnservice['router_id'],
|
||||
_vpnservice['admin_state_up'],
|
||||
_vpnservice['status'],
|
||||
_vpnservice['subnet_id'],
|
||||
)
|
||||
self.ordered_columns = (
|
||||
'description',
|
||||
'flavor_id',
|
||||
'id',
|
||||
'name',
|
||||
'tenant_id',
|
||||
'router_id',
|
||||
'admin_state_up',
|
||||
'status',
|
||||
'subnet_id',
|
||||
)
|
||||
|
||||
|
||||
class TestCreateVPNService(TestVPNService, common.TestCreateVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestCreateVPNService, self).setUp()
|
||||
self.neutronclient.create_vpnservice = mock.Mock(
|
||||
return_value={self.res: _vpnservice})
|
||||
self.mocked = self.neutronclient.create_vpnservice
|
||||
self.cmd = vpnservice.CreateVPNService(self.app, self.namespace)
|
||||
|
||||
def _update_expect_response(self, request, response):
|
||||
"""Set expected request and response
|
||||
|
||||
:param request
|
||||
A dictionary of request body(dict of verifylist)
|
||||
:param response
|
||||
A OrderedDict of request body
|
||||
"""
|
||||
# Update response body
|
||||
self.neutronclient.create_vpnservice.return_value = \
|
||||
{self.res: dict(response)}
|
||||
osc_utils.find_project.return_value.id = response['tenant_id']
|
||||
# Update response(finally returns 'data')
|
||||
self.data = _generate_data(ordered_dict=response)
|
||||
self.ordered_data = tuple(
|
||||
response[column] for column in self.ordered_columns
|
||||
)
|
||||
|
||||
def _set_all_params(self):
|
||||
name = self.args.get('name')
|
||||
description = self.args.get('description')
|
||||
router_id = self.args.get('router_id')
|
||||
subnet_id = self.args.get('subnet_id')
|
||||
tenant_id = self.args.get('tenant_id')
|
||||
arglist = [
|
||||
'--description', description,
|
||||
'--project', tenant_id,
|
||||
'--subnet', subnet_id,
|
||||
'--router', router_id,
|
||||
name,
|
||||
]
|
||||
verifylist = [
|
||||
('description', description),
|
||||
('project', tenant_id),
|
||||
('subnet', subnet_id),
|
||||
('router', router_id),
|
||||
('name', name),
|
||||
]
|
||||
return arglist, verifylist
|
||||
|
||||
def _test_create_with_all_params(self):
|
||||
arglist, verifylist = self._set_all_params()
|
||||
request, response = _generate_req_and_res(verifylist)
|
||||
self._update_expect_response(request, response)
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self._check_results(headers, data, request)
|
||||
|
||||
def test_create_with_all_params(self):
|
||||
self._test_create_with_all_params()
|
||||
|
||||
|
||||
class TestDeleteVPNService(TestVPNService, common.TestDeleteVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestDeleteVPNService, self).setUp()
|
||||
self.neutronclient.delete_vpnservice = mock.Mock(
|
||||
return_value={self.res: _vpnservice})
|
||||
self.mocked = self.neutronclient.delete_vpnservice
|
||||
self.cmd = vpnservice.DeleteVPNService(self.app, self.namespace)
|
||||
|
||||
|
||||
class TestListVPNService(TestVPNService):
|
||||
|
||||
def setUp(self):
|
||||
super(TestListVPNService, self).setUp()
|
||||
self.cmd = vpnservice.ListVPNService(self.app, self.namespace)
|
||||
|
||||
self.short_header = (
|
||||
'ID',
|
||||
'Name',
|
||||
'Router',
|
||||
'Subnet',
|
||||
'Flavor',
|
||||
'State',
|
||||
'Status',
|
||||
)
|
||||
|
||||
self.short_data = (
|
||||
_vpnservice['id'],
|
||||
_vpnservice['name'],
|
||||
_vpnservice['router_id'],
|
||||
_vpnservice['subnet_id'],
|
||||
_vpnservice['flavor_id'],
|
||||
_vpnservice['admin_state_up'],
|
||||
_vpnservice['status'],
|
||||
)
|
||||
|
||||
self.neutronclient.list_vpnservices = mock.Mock(
|
||||
return_value={self.res_plural: [_vpnservice]})
|
||||
self.mocked = self.neutronclient.list_vpnservices
|
||||
|
||||
def test_list_with_long_option(self):
|
||||
arglist = ['--long']
|
||||
verifylist = [('long', True)]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.headers), headers)
|
||||
self.assertEqual([self.data], list(data))
|
||||
|
||||
def test_list_with_no_option(self):
|
||||
arglist = []
|
||||
verifylist = []
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
headers, data = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with()
|
||||
self.assertEqual(list(self.short_header), headers)
|
||||
self.assertEqual([self.short_data], list(data))
|
||||
|
||||
|
||||
class TestSetVPNService(TestVPNService, common.TestSetVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestSetVPNService, self).setUp()
|
||||
self.neutronclient.update_vpnservice = mock.Mock(
|
||||
return_value={self.res: _vpnservice})
|
||||
self.mocked = self.neutronclient.update_vpnservice
|
||||
self.cmd = vpnservice.SetVPNSercice(self.app, self.namespace)
|
||||
|
||||
def test_set_name(self):
|
||||
target = self.resource['id']
|
||||
update = 'change'
|
||||
arglist = [target, '--name', update]
|
||||
verifylist = [
|
||||
(self.res, target),
|
||||
('name', update),
|
||||
]
|
||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||
result = self.cmd.take_action(parsed_args)
|
||||
|
||||
self.mocked.assert_called_once_with(
|
||||
target, {self.res: {'name': update}})
|
||||
self.assertIsNone(result)
|
||||
|
||||
|
||||
class TestShowVPNService(TestVPNService, common.TestShowVPNaaS):
|
||||
|
||||
def setUp(self):
|
||||
super(TestShowVPNService, self).setUp()
|
||||
self.neutronclient.show_vpnservice = mock.Mock(
|
||||
return_value={self.res: _vpnservice})
|
||||
self.mocked = self.neutronclient.show_vpnservice
|
||||
self.cmd = vpnservice.ShowVPNService(self.app, self.namespace)
|
@ -0,0 +1,5 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
CLI support for the "VPN as a Service" feature, which is enhanced
|
||||
VPNaaS functionality, as OSC plugin commands.
|
30
setup.cfg
30
setup.cfg
@ -132,6 +132,36 @@ openstack.neutronclient.v2 =
|
||||
network_log_set = neutronclient.osc.v2.logging.network_log:SetNetworkLog
|
||||
network_log_show = neutronclient.osc.v2.logging.network_log:ShowNetworkLog
|
||||
|
||||
vpn_endpoint_group_create = neutronclient.osc.v2.vpnaas.endpoint_group:CreateEndpointGroup
|
||||
vpn_endpoint_group_delete = neutronclient.osc.v2.vpnaas.endpoint_group:DeleteEndpointGroup
|
||||
vpn_endpoint_group_list = neutronclient.osc.v2.vpnaas.endpoint_group:ListEndpointGroup
|
||||
vpn_endpoint_group_set = neutronclient.osc.v2.vpnaas.endpoint_group:SetEndpointGroup
|
||||
vpn_endpoint_group_show = neutronclient.osc.v2.vpnaas.endpoint_group:ShowEndpointGroup
|
||||
|
||||
vpn_ike_policy_create = neutronclient.osc.v2.vpnaas.ikepolicy:CreateIKEPolicy
|
||||
vpn_ike_policy_delete = neutronclient.osc.v2.vpnaas.ikepolicy:DeleteIKEPolicy
|
||||
vpn_ike_policy_list = neutronclient.osc.v2.vpnaas.ikepolicy:ListIKEPolicy
|
||||
vpn_ike_policy_set = neutronclient.osc.v2.vpnaas.ikepolicy:SetIKEPolicy
|
||||
vpn_ike_policy_show = neutronclient.osc.v2.vpnaas.ikepolicy:ShowIKEPolicy
|
||||
|
||||
vpn_ipsec_policy_create = neutronclient.osc.v2.vpnaas.ipsecpolicy:CreateIPsecPolicy
|
||||
vpn_ipsec_policy_delete = neutronclient.osc.v2.vpnaas.ipsecpolicy:DeleteIPsecPolicy
|
||||
vpn_ipsec_policy_list = neutronclient.osc.v2.vpnaas.ipsecpolicy:ListIPsecPolicy
|
||||
vpn_ipsec_policy_set = neutronclient.osc.v2.vpnaas.ipsecpolicy:SetIPsecPolicy
|
||||
vpn_ipsec_policy_show = neutronclient.osc.v2.vpnaas.ipsecpolicy:ShowIPsecPolicy
|
||||
|
||||
vpn_service_create = neutronclient.osc.v2.vpnaas.vpnservice:CreateVPNService
|
||||
vpn_service_delete = neutronclient.osc.v2.vpnaas.vpnservice:DeleteVPNService
|
||||
vpn_service_list = neutronclient.osc.v2.vpnaas.vpnservice:ListVPNService
|
||||
vpn_service_set = neutronclient.osc.v2.vpnaas.vpnservice:SetVPNSercice
|
||||
vpn_service_show = neutronclient.osc.v2.vpnaas.vpnservice:ShowVPNService
|
||||
|
||||
vpn_ipsec_site_connection_create = neutronclient.osc.v2.vpnaas.ipsec_site_connection:CreateIPsecSiteConnection
|
||||
vpn_ipsec_site_connection_delete = neutronclient.osc.v2.vpnaas.ipsec_site_connection:DeleteIPsecSiteConnection
|
||||
vpn_ipsec_site_connection_list = neutronclient.osc.v2.vpnaas.ipsec_site_connection:ListIPsecSiteConnection
|
||||
vpn_ipsec_site_connection_set = neutronclient.osc.v2.vpnaas.ipsec_site_connection:SetIPsecSiteConnection
|
||||
vpn_ipsec_site_connection_show = neutronclient.osc.v2.vpnaas.ipsec_site_connection:ShowIPsecSiteConnection
|
||||
|
||||
neutron.cli.v2 =
|
||||
bash-completion = neutronclient.shell:BashCompletionCommand
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user