x/python-group-based-policy-client
Code Issues Proposed changes

Add no nat cidrs network extension

Browse Source 
Change-Id: I65ecfc1737eaddc0c3f2bc2157dcf21d3c7e971b
This commit is contained in:
mdsufair
2022-05-25 04:33:44 -04:00
committed by Thomas Bachman
parent bda6d4ce78
commit b4119d9e3a
2 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
gbpclient/gbp/v2_0/network.py
View File

@@ -88,6 +88,11 @@ def _get_attrs_network_extension(client_manager, parsed_args):
if parsed_args.apic_policy_enforcement_pref: if parsed_args.apic_policy_enforcement_pref:
attrs['apic:policy_enforcement_pref' attrs['apic:policy_enforcement_pref'
] = parsed_args.apic_policy_enforcement_pref ] = parsed_args.apic_policy_enforcement_pref
if parsed_args.apic_no_nat_cidrs:
attrs['apic:no_nat_cidrs'] = parsed_args.apic_no_nat_cidrs.split(",")
if ('no_apic_no_nat_cidrs' in parsed_args and
parsed_args.no_apic_no_nat_cidrs):
attrs['apic:no_nat_cidrs'] = []
if parsed_args.external: if parsed_args.external:
if ('apic_nat_type' in parsed_args and if ('apic_nat_type' in parsed_args and
parsed_args.apic_nat_type is not None): parsed_args.apic_nat_type is not None):
@@ -133,6 +138,7 @@ network_sdk.Network.apic_policy_enforcement_pref = resource.Body(
'apic:policy_enforcement_pref') 'apic:policy_enforcement_pref')
network_sdk.Network.apic_nat_type = resource.Body('apic:nat_type') network_sdk.Network.apic_nat_type = resource.Body('apic:nat_type')
network_sdk.Network.apic_external_cidrs = resource.Body('apic:external_cidrs') network_sdk.Network.apic_external_cidrs = resource.Body('apic:external_cidrs')
network_sdk.Network.apic_no_nat_cidrs = resource.Body('apic:no_nat_cidrs')
class CreateNetworkExtension(hooks.CommandHook): class CreateNetworkExtension(hooks.CommandHook):
@@ -299,6 +305,16 @@ class CreateNetworkExtension(hooks.CommandHook):
"Syntax Example: 10.10.10.0/24 " "Syntax Example: 10.10.10.0/24 "
"or 10.10.10.0/24,20.20.20.0/24 ") "or 10.10.10.0/24,20.20.20.0/24 ")
) )
parser.add_argument(
'--apic-no-nat-cidrs',
metavar="<subnet1,subnet2>",
dest='apic_no_nat_cidrs',
help=_("APIC CIDRS for a network to config no NAT routing\n"
"Data is passed as comma separated valid ip subnets\n"
"Default value is []\n"
"Syntax Example: 10.10.10.0/24 "
"or 10.10.10.0/24,20.20.20.0/24 ")
)
return parser return parser
def get_epilog(self): def get_epilog(self):
@@ -447,6 +463,23 @@ class SetNetworkExtension(hooks.CommandHook):
"Need to pass the --external argument wth this field\n" "Need to pass the --external argument wth this field\n"
"Resets the apic:external_cidrs field to 0.0.0.0/0 ") "Resets the apic:external_cidrs field to 0.0.0.0/0 ")
) )
parser.add_argument(
'--apic-no-nat-cidrs',
metavar="<subnet1,subnet2>",
dest='apic_no_nat_cidrs',
help=_("APIC CIDRS for a network to config no NAT routing\n"
"Data is passed as comma separated valid ip subnets\n"
"Default value is []\n"
"Syntax Example: 10.10.10.0/24 "
"or 10.10.10.0/24,20.20.20.0/24 ")
)
parser.add_argument(
'--no-apic-no-nat-cidrs',
dest='no_apic_no_nat_cidrs',
action='store_true',
help=_("Reset APIC no NAT CIDRS for a network\n"
"Resets the apic:no_nat_cidrs field to []")
)
return parser return parser
def get_epilog(self): def get_epilog(self):

14
gbpclient/tests/unit/test_network.py
View File

@@ -54,6 +54,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_extra_provided_contracts', None), ('apic_extra_provided_contracts', None),
('apic_extra_consumed_contracts', None), ('apic_extra_consumed_contracts', None),
('apic_policy_enforcement_pref', None), ('apic_policy_enforcement_pref', None),
('apic_no_nat_cidrs', None),
] ]
create_ext = network_ext.CreateNetworkExtension(self.app) create_ext = network_ext.CreateNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -86,6 +87,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
"--apic-extra-provided-contracts", 'pcontest1', "--apic-extra-provided-contracts", 'pcontest1',
"--apic-extra-consumed-contracts", 'contest1', "--apic-extra-consumed-contracts", 'contest1',
"--apic-policy-enforcement-pref", 'enforced', "--apic-policy-enforcement-pref", 'enforced',
"--apic-no-nat-cidrs", '10.10.10.0/24',
] ]
verifylist = [ verifylist = [
('name', self._network.name), ('name', self._network.name),
@@ -106,6 +108,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_extra_provided_contracts', 'pcontest1'), ('apic_extra_provided_contracts', 'pcontest1'),
('apic_extra_consumed_contracts', 'contest1'), ('apic_extra_consumed_contracts', 'contest1'),
('apic_policy_enforcement_pref', 'enforced'), ('apic_policy_enforcement_pref', 'enforced'),
('apic_no_nat_cidrs', '10.10.10.0/24'),
] ]
create_ext = network_ext.CreateNetworkExtension(self.app) create_ext = network_ext.CreateNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -133,6 +136,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
'apic:nested_domain_node_network_vlan': '4', 'apic:nested_domain_node_network_vlan': '4',
'apic:nested_domain_service_vlan': '3', 'apic:nested_domain_service_vlan': '3',
'apic:policy_enforcement_pref': 'enforced', 'apic:policy_enforcement_pref': 'enforced',
'apic:no_nat_cidrs': ['10.10.10.0/24'],
}) })
def test_create_empty_contracts(self): def test_create_empty_contracts(self):
@@ -165,6 +169,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
"--apic-distinguished-names", 'ExternalNetwork=test1', "--apic-distinguished-names", 'ExternalNetwork=test1',
"--apic-nat-type", "", "--apic-nat-type", "",
"--apic-external-cidrs", '20.20.20.0/8', "--apic-external-cidrs", '20.20.20.0/8',
"--apic-no-nat-cidrs", '10.10.10.0/24',
] ]
verifylist = [ verifylist = [
('name', self._network.name), ('name', self._network.name),
@@ -172,6 +177,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_distinguished_names', [{'ExternalNetwork': 'test1'}]), ('apic_distinguished_names', [{'ExternalNetwork': 'test1'}]),
('apic_nat_type', ""), ('apic_nat_type', ""),
('apic_external_cidrs', '20.20.20.0/8'), ('apic_external_cidrs', '20.20.20.0/8'),
('apic_no_nat_cidrs', '10.10.10.0/24'),
] ]
create_ext = network_ext.CreateNetworkExtension(self.app) create_ext = network_ext.CreateNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -185,6 +191,7 @@ class TestNetworkCreate(test_network.TestNetwork, test_cli20.CLITestV20Base):
'apic:distinguished_names': {"ExternalNetwork": "test1"}, 'apic:distinguished_names': {"ExternalNetwork": "test1"},
'apic:external_cidrs': ['20.20.20.0/8'], 'apic:external_cidrs': ['20.20.20.0/8'],
'apic:nat_type': '', 'apic:nat_type': '',
'apic:no_nat_cidrs': ['10.10.10.0/24'],
}) })
@@ -219,6 +226,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_extra_provided_contracts', None), ('apic_extra_provided_contracts', None),
('apic_extra_consumed_contracts', None), ('apic_extra_consumed_contracts', None),
('apic_policy_enforcement_pref', None), ('apic_policy_enforcement_pref', None),
('apic_no_nat_cidrs', None),
] ]
set_ext = network_ext.SetNetworkExtension(self.app) set_ext = network_ext.SetNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -245,6 +253,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
"--apic-extra-provided-contracts", 'pcontest1,pcontest11', "--apic-extra-provided-contracts", 'pcontest1,pcontest11',
"--apic-extra-consumed-contracts", 'contest1,contest11', "--apic-extra-consumed-contracts", 'contest1,contest11',
"--apic-policy-enforcement-pref", 'enforced', "--apic-policy-enforcement-pref", 'enforced',
"--apic-no-nat-cidrs", '10.10.10.0/24',
] ]
verifylist = [ verifylist = [
('network', self._network.name), ('network', self._network.name),
@@ -262,6 +271,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_extra_provided_contracts', 'pcontest1,pcontest11'), ('apic_extra_provided_contracts', 'pcontest1,pcontest11'),
('apic_extra_consumed_contracts', 'contest1,contest11'), ('apic_extra_consumed_contracts', 'contest1,contest11'),
('apic_policy_enforcement_pref', 'enforced'), ('apic_policy_enforcement_pref', 'enforced'),
('apic_no_nat_cidrs', '10.10.10.0/24'),
] ]
set_ext = network_ext.SetNetworkExtension(self.app) set_ext = network_ext.SetNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -284,6 +294,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
'apic:nested_domain_node_network_vlan': '5', 'apic:nested_domain_node_network_vlan': '5',
'apic:nested_domain_service_vlan': '4', 'apic:nested_domain_service_vlan': '4',
'apic:policy_enforcement_pref': 'enforced', 'apic:policy_enforcement_pref': 'enforced',
'apic:no_nat_cidrs': ['10.10.10.0/24'],
} }
self.network.update_network.assert_called_once_with( self.network.update_network.assert_called_once_with(
@@ -295,6 +306,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
self._network.name, self._network.name,
"--external", "--external",
"--apic-no-external-cidrs", "--apic-no-external-cidrs",
"--no-apic-no-nat-cidrs",
] ]
verifylist = [ verifylist = [
('network', self._network.name), ('network', self._network.name),
@@ -313,6 +325,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
('apic_extra_provided_contracts', None), ('apic_extra_provided_contracts', None),
('apic_extra_consumed_contracts', None), ('apic_extra_consumed_contracts', None),
('apic_policy_enforcement_pref', None), ('apic_policy_enforcement_pref', None),
('no_apic_no_nat_cidrs', True),
] ]
set_ext = network_ext.SetNetworkExtension(self.app) set_ext = network_ext.SetNetworkExtension(self.app)
parsed_args = self.check_parser_ext( parsed_args = self.check_parser_ext(
@@ -322,6 +335,7 @@ class TestNetworkSet(test_network.TestNetwork, test_cli20.CLITestV20Base):
attrs = { attrs = {
'router:external': True, 'router:external': True,
'apic:external_cidrs': [], 'apic:external_cidrs': [],
'apic:no_nat_cidrs': [],
} }
self.network.update_network.assert_called_once_with( self.network.update_network.assert_called_once_with(