Create only one Sec Group per fixture

This patch includes some changes wrt StatelessSecurityGroupFixture: - a task that cleans up the security groups generated with this fixture is added to the tobiko-cleanup role - when TOBIKO_PREVENT_CREATE env variable is set, the security groups are not created (they should have been created before) - the lockutils.synchronized decorator is used to avoid that two security groups with the same name are created concurrently - neutron.get_security_group(self.name) did not work because that method does not work with the security group name; it is replaced by neutron.list_security_groups(name=self.name) instead Change-Id: I3ab84e138049a27db017630b32d81d290aa5f6cd
2023-04-14 17:32:14 +02:00 · 2023-04-14 17:32:14 +02:00 · 109802be5f
commit 109802be5f
parent d95d75eae7
2 changed files with 25 additions and 5 deletions
--- a/roles/tobiko-cleanup/tasks/main.yaml
+++ b/roles/tobiko-cleanup/tasks/main.yaml
@ -27,6 +27,14 @@
        xargs -r openstack subnet pool delete
  ignore_errors: yes

+- name: "cleanup Security Groups created by Tobiko tests"
+  shell: |
+    source {{ stackrc_file }}
+    openstack security group list -f value -c 'Name' | \
+        grep "^tobiko\." | \
+        xargs -r openstack security group delete
+  ignore_errors: yes
+
 - name: "cleanup Glance images created by Tobiko tests"
  shell: |
    source {{ stackrc_file }}
--- a/tobiko/openstack/stacks/_neutron.py
+++ b/tobiko/openstack/stacks/_neutron.py
@ -637,17 +637,28 @@ class StatelessSecurityGroupFixture(tobiko.SharedFixture):
        super(StatelessSecurityGroupFixture, self).__init__()

    def setup_fixture(self):
+        if config.get_bool_env('TOBIKO_PREVENT_CREATE'):
+            LOG.debug("StatelessSecurityGroupFixture should have been already "
+                      "created: %r", self.security_group)
+        else:
+            self.try_create_security_group()
+
+        if self.security_group:
+            tobiko.addme_to_shared_resource(__name__, self.name)
+
+    @lockutils.synchronized(
+        'create_security_group', external=True, lock_path=LOCK_DIR)
+    def try_create_security_group(self):
        if not self.security_group:
            self._security_group = neutron.create_security_group(
                name=self.name, description=self.description,
                add_cleanup=False, stateful=False)
-        if self.security_group:
+            # add rules once the SG was created
            for rule in self.rules:
                neutron.create_security_group_rule(
                    self._security_group['id'],
                    add_cleanup=False,
                    **rule)
-            tobiko.addme_to_shared_resource(__name__, self.name)

    def cleanup_fixture(self):
        n_tests_using_stack = len(tobiko.removeme_from_shared_resource(
@ -676,11 +687,12 @@ class StatelessSecurityGroupFixture(tobiko.SharedFixture):
    @property
    def security_group(self):
        if not self._security_group:
-            try:
-                self._security_group = neutron.get_security_group(self.name)
-            except neutron.NotFound:
+            sgs = neutron.list_security_groups(name=self.name)
+            if len(sgs) == 0:
                LOG.debug("Security group %r not found.", self.name)
                self._security_group = None
+            else:
+                self._security_group = sgs.unique
        return self._security_group