Merge "Add --enable/disable-port-security
option to port set
and port create
"
This commit is contained in:
commit
9b19a35bb7
@ -29,6 +29,7 @@ Create new port
|
|||||||
[--mac-address <mac-address>]
|
[--mac-address <mac-address>]
|
||||||
[--security-group <security-group> | --no-security-group]
|
[--security-group <security-group> | --no-security-group]
|
||||||
[--project <project> [--project-domain <project-domain>]]
|
[--project <project> [--project-domain <project-domain>]]
|
||||||
|
[--enable-port-security | --disable-port-security]
|
||||||
<name>
|
<name>
|
||||||
|
|
||||||
.. option:: --network <network>
|
.. option:: --network <network>
|
||||||
@ -99,6 +100,14 @@ Create new port
|
|||||||
Domain the project belongs to (name or ID).
|
Domain the project belongs to (name or ID).
|
||||||
This can be used in case collisions between project names exist.
|
This can be used in case collisions between project names exist.
|
||||||
|
|
||||||
|
.. option:: --enable-port-security
|
||||||
|
|
||||||
|
Enable port security for this port (Default)
|
||||||
|
|
||||||
|
.. option:: --disable-port-security
|
||||||
|
|
||||||
|
Disable port security for this port
|
||||||
|
|
||||||
.. _port_create-name:
|
.. _port_create-name:
|
||||||
.. describe:: <name>
|
.. describe:: <name>
|
||||||
|
|
||||||
@ -182,6 +191,7 @@ Set port properties
|
|||||||
[--name <name>]
|
[--name <name>]
|
||||||
[--security-group <security-group>]
|
[--security-group <security-group>]
|
||||||
[--no-security-group]
|
[--no-security-group]
|
||||||
|
[--enable-port-security | --disable-port-security]
|
||||||
<port>
|
<port>
|
||||||
|
|
||||||
.. option:: --description <description>
|
.. option:: --description <description>
|
||||||
@ -251,6 +261,14 @@ Set port properties
|
|||||||
|
|
||||||
Clear existing security groups associated with this port
|
Clear existing security groups associated with this port
|
||||||
|
|
||||||
|
.. option:: --enable-port-security
|
||||||
|
|
||||||
|
Enable port security for this port
|
||||||
|
|
||||||
|
.. option:: --disable-port-security
|
||||||
|
|
||||||
|
Disable port security for this port
|
||||||
|
|
||||||
.. _port_set-port:
|
.. _port_set-port:
|
||||||
.. describe:: <port>
|
.. describe:: <port>
|
||||||
|
|
||||||
|
@ -148,6 +148,12 @@ def _get_attrs(client_manager, parsed_args):
|
|||||||
).id
|
).id
|
||||||
attrs['tenant_id'] = project_id
|
attrs['tenant_id'] = project_id
|
||||||
|
|
||||||
|
if parsed_args.disable_port_security:
|
||||||
|
attrs['port_security_enabled'] = False
|
||||||
|
|
||||||
|
if parsed_args.enable_port_security:
|
||||||
|
attrs['port_security_enabled'] = True
|
||||||
|
|
||||||
return attrs
|
return attrs
|
||||||
|
|
||||||
|
|
||||||
@ -304,6 +310,17 @@ class CreatePort(command.ShowOne):
|
|||||||
action='store_true',
|
action='store_true',
|
||||||
help=_("Associate no security groups with this port")
|
help=_("Associate no security groups with this port")
|
||||||
)
|
)
|
||||||
|
port_security = parser.add_mutually_exclusive_group()
|
||||||
|
port_security.add_argument(
|
||||||
|
'--enable-port-security',
|
||||||
|
action='store_true',
|
||||||
|
help=_("Enable port security for this port (Default)")
|
||||||
|
)
|
||||||
|
port_security.add_argument(
|
||||||
|
'--disable-port-security',
|
||||||
|
action='store_true',
|
||||||
|
help=_("Disable port security for this port")
|
||||||
|
)
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
@ -526,6 +543,17 @@ class SetPort(command.Command):
|
|||||||
action='store_true',
|
action='store_true',
|
||||||
help=_("Clear existing security groups associated with this port")
|
help=_("Clear existing security groups associated with this port")
|
||||||
)
|
)
|
||||||
|
port_security = parser.add_mutually_exclusive_group()
|
||||||
|
port_security.add_argument(
|
||||||
|
'--enable-port-security',
|
||||||
|
action='store_true',
|
||||||
|
help=_("Enable port security for this port")
|
||||||
|
)
|
||||||
|
port_security.add_argument(
|
||||||
|
'--disable-port-security',
|
||||||
|
action='store_true',
|
||||||
|
help=_("Disable port security for this port")
|
||||||
|
)
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
|
@ -320,6 +320,54 @@ class TestCreatePort(TestPort):
|
|||||||
self.assertEqual(ref_columns, columns)
|
self.assertEqual(ref_columns, columns)
|
||||||
self.assertEqual(ref_data, data)
|
self.assertEqual(ref_data, data)
|
||||||
|
|
||||||
|
def test_create_port_security_enabled(self):
|
||||||
|
arglist = [
|
||||||
|
'--network', self._port.network_id,
|
||||||
|
'--enable-port-security',
|
||||||
|
'test-port',
|
||||||
|
]
|
||||||
|
verifylist = [
|
||||||
|
('network', self._port.network_id,),
|
||||||
|
('enable', True),
|
||||||
|
('enable_port_security', True),
|
||||||
|
('name', 'test-port'),
|
||||||
|
]
|
||||||
|
|
||||||
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
|
self.network.create_port.assert_called_once_with(**{
|
||||||
|
'admin_state_up': True,
|
||||||
|
'network_id': self._port.network_id,
|
||||||
|
'port_security_enabled': True,
|
||||||
|
'name': 'test-port',
|
||||||
|
})
|
||||||
|
|
||||||
|
def test_create_port_security_disabled(self):
|
||||||
|
arglist = [
|
||||||
|
'--network', self._port.network_id,
|
||||||
|
'--disable-port-security',
|
||||||
|
'test-port',
|
||||||
|
]
|
||||||
|
verifylist = [
|
||||||
|
('network', self._port.network_id,),
|
||||||
|
('enable', True),
|
||||||
|
('disable_port_security', True),
|
||||||
|
('name', 'test-port'),
|
||||||
|
]
|
||||||
|
|
||||||
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
|
self.network.create_port.assert_called_once_with(**{
|
||||||
|
'admin_state_up': True,
|
||||||
|
'network_id': self._port.network_id,
|
||||||
|
'port_security_enabled': False,
|
||||||
|
'name': 'test-port',
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
class TestDeletePort(TestPort):
|
class TestDeletePort(TestPort):
|
||||||
|
|
||||||
@ -898,6 +946,42 @@ class TestSetPort(TestPort):
|
|||||||
self.network.update_port.assert_called_once_with(_testport, **attrs)
|
self.network.update_port.assert_called_once_with(_testport, **attrs)
|
||||||
self.assertIsNone(result)
|
self.assertIsNone(result)
|
||||||
|
|
||||||
|
def test_port_security_enabled(self):
|
||||||
|
arglist = [
|
||||||
|
'--enable-port-security',
|
||||||
|
self._port.id,
|
||||||
|
]
|
||||||
|
verifylist = [
|
||||||
|
('enable_port_security', True),
|
||||||
|
('port', self._port.id,)
|
||||||
|
]
|
||||||
|
|
||||||
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
|
self.network.update_port.assert_called_once_with(self._port, **{
|
||||||
|
'port_security_enabled': True,
|
||||||
|
})
|
||||||
|
|
||||||
|
def test_port_security_disabled(self):
|
||||||
|
arglist = [
|
||||||
|
'--disable-port-security',
|
||||||
|
self._port.id,
|
||||||
|
]
|
||||||
|
verifylist = [
|
||||||
|
('disable_port_security', True),
|
||||||
|
('port', self._port.id,)
|
||||||
|
]
|
||||||
|
|
||||||
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
|
self.network.update_port.assert_called_once_with(self._port, **{
|
||||||
|
'port_security_enabled': False,
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
class TestShowPort(TestPort):
|
class TestShowPort(TestPort):
|
||||||
|
|
||||||
|
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Added ``--enable-port-security`` and ``--disable-port-security``
|
||||||
|
options to ``port set`` and ``port create`` commands.
|
||||||
|
[Blueprint :oscbp:`network-commands-options`]
|
Loading…
x
Reference in New Issue
Block a user