Stabilize _create_loginable_secgroup_rule

rulesets argument is added for the method signature, which uses
compute clients, in order to allow passing custom rulesets.

Implements: blueprint tempest-scenario-manager-stable
Change-Id: I387e5f3073f51689d8bfb6571539e0cad1dacbbe
This commit is contained in:
Martin Kopec 2020-11-02 12:19:54 +00:00
parent 711e9f21c8
commit e1d873a5fc
1 changed files with 26 additions and 18 deletions

View File

@ -491,7 +491,14 @@ class ScenarioTest(tempest.test.BaseTestCase):
self.addCleanup(self._cleanup_volume_type, volume_type) self.addCleanup(self._cleanup_volume_type, volume_type)
return volume_type return volume_type
def _create_loginable_secgroup_rule(self, secgroup_id=None): def _create_loginable_secgroup_rule(self, secgroup_id=None, rulesets=None):
"""Create loginable security group rule by compute clients.
This function will create by default the following rules:
1. tcp port 22 allow rule in order to allow ssh access for ipv4
2. ipv4 icmp allow rule in order to allow icmpv4
"""
_client = self.compute_security_groups_client _client = self.compute_security_groups_client
_client_rules = self.compute_security_group_rules_client _client_rules = self.compute_security_group_rules_client
if secgroup_id is None: if secgroup_id is None:
@ -504,22 +511,23 @@ class ScenarioTest(tempest.test.BaseTestCase):
# traffic from all sources, so no group_id is provided. # traffic from all sources, so no group_id is provided.
# Setting a group_id would only permit traffic from ports # Setting a group_id would only permit traffic from ports
# belonging to the same security group. # belonging to the same security group.
rulesets = [ if not rulesets:
{ rulesets = [
# ssh {
'ip_protocol': 'tcp', # ssh
'from_port': 22, 'ip_protocol': 'tcp',
'to_port': 22, 'from_port': 22,
'cidr': '0.0.0.0/0', 'to_port': 22,
}, 'cidr': '0.0.0.0/0',
{ },
# ping {
'ip_protocol': 'icmp', # ping
'from_port': -1, 'ip_protocol': 'icmp',
'to_port': -1, 'from_port': -1,
'cidr': '0.0.0.0/0', 'to_port': -1,
} 'cidr': '0.0.0.0/0',
] }
]
rules = list() rules = list()
for ruleset in rulesets: for ruleset in rulesets:
sg_rule = _client_rules.create_security_group_rule( sg_rule = _client_rules.create_security_group_rule(
@ -1340,7 +1348,7 @@ class NetworkScenarioTest(ScenarioTest):
def _create_loginable_secgroup_rule(self, security_group_rules_client=None, def _create_loginable_secgroup_rule(self, security_group_rules_client=None,
secgroup=None, secgroup=None,
security_groups_client=None): security_groups_client=None):
"""Create loginable security group rule """Create loginable security group rule by neutron clients by default.
This function will create: This function will create:
1. egress and ingress tcp port 22 allow rule in order to allow ssh 1. egress and ingress tcp port 22 allow rule in order to allow ssh