Merge "Coalesce port values in secgroup rules"

2015-06-14 12:32:03 +00:00
parent 4ab9ff278e 2f499ab98b
commit 1ad4e334ce
2 changed files with 47 additions and 2 deletions
--- a/shade/_utils.py
+++ b/shade/_utils.py
@@ -121,6 +121,9 @@ def normalize_nova_secgroups(groups):
    security group dicts as returned from neutron. This does not make them
    look exactly the same, but it's pretty close.

+    Note that nova uses -1 for non-specific port values, but neutron
+    represents these with None.
+
    :param list groups: A list of security group dicts.

    :returns: A list of normalized dicts.
@@ -132,8 +135,10 @@ def normalize_nova_secgroups(groups):
                 'id': r['id'],
                 'direction': 'ingress',
                 'ethertype': 'IPv4',
-                 'port_range_min': r['from_port'],
-                 'port_range_max': r['to_port'],
+                 'port_range_min':
+                     None if r['from_port'] == -1 else r['from_port'],
+                 'port_range_max':
+                     None if r['to_port'] == -1 else r['to_port'],
                 'protocol': r['ip_protocol'],
                 'remote_ip_prefix': r['ip_range'].get('cidr', None),
                 'security_group_id': r['parent_group_id'],
--- a/shade/tests/unit/test__utils.py
+++ b/shade/tests/unit/test__utils.py
@@ -59,3 +59,43 @@ class TestUtils(base.TestCase):
                'financial': {'status': 'rich'}
                }})
        self.assertEquals([el2, el3], ret)
+
+    def test_normalize_nova_secgroups(self):
+        nova_secgroup = dict(
+            id='abc123',
+            name='nova_secgroup',
+            description='A Nova security group',
+            rules=[
+                dict(id='123', from_port=80, to_port=81, ip_protocol='tcp',
+                     ip_range={'cidr': '0.0.0.0/0'}, parent_group_id='xyz123')
+            ]
+        )
+
+        expected = dict(
+            id='abc123',
+            name='nova_secgroup',
+            description='A Nova security group',
+            security_group_rules=[
+                dict(id='123', direction='ingress', ethertype='IPv4',
+                     port_range_min=80, port_range_max=81, protocol='tcp',
+                     remote_ip_prefix='0.0.0.0/0', security_group_id='xyz123')
+            ]
+        )
+
+        retval = _utils.normalize_nova_secgroups([nova_secgroup])[0]
+        self.assertEqual(expected, retval)
+
+    def test_normalize_nova_secgroups_negone_port(self):
+        nova_secgroup = dict(
+            id='abc123',
+            name='nova_secgroup',
+            description='A Nova security group with -1 ports',
+            rules=[
+                dict(id='123', from_port=-1, to_port=-1, ip_protocol='icmp',
+                     ip_range={'cidr': '0.0.0.0/0'}, parent_group_id='xyz123')
+            ]
+        )
+
+        retval = _utils.normalize_nova_secgroups([nova_secgroup])[0]
+        self.assertIsNone(retval['security_group_rules'][0]['port_range_min'])
+        self.assertIsNone(retval['security_group_rules'][0]['port_range_max'])