Merge "Enable port security on default tenant network"

This commit is contained in:
Zuul 2021-12-14 15:41:47 +00:00 committed by Gerrit Code Review
commit 35058b22d3
4 changed files with 14 additions and 11 deletions

View File

@ -115,8 +115,8 @@ class NetworkStackFixture(heat.HeatStackFixture):
#: Heat template file
template = _hot.heat_template_file('neutron/network.yaml')
#: Disable port security by default for new network ports
port_security_enabled = False
#: Enable port security by default for new network ports
port_security_enabled = True
@property
def has_ipv4(self):

View File

@ -143,11 +143,15 @@ class ServerStackFixture(heat.HeatStackFixture, abc.ABC):
"""Flavor for Nova server instance"""
return self.flavor_stack.flavor_id
#: Whenever port security on internal network is enable
port_security_enabled = False
@property
def port_security_enabled(self) -> bool:
"""Whenever port security on internal network is enabled"""
return bool(self.security_groups)
#: Security groups to be associated to network ports
security_groups: typing.List[str] = []
@property
def security_groups(self) -> typing.List[str]:
"""Security groups to be associated to network ports"""
return []
@property
def key_name(self) -> str:

View File

@ -34,7 +34,7 @@ parameters:
port_security_enabled:
type: boolean
description: Whenever port security is enabled on server port
default: false
default: true
security_groups:
type: comma_delimited_list

View File

@ -14,6 +14,8 @@
# under the License.
from __future__ import absolute_import
import typing
from oslo_log import log
import testtools
@ -127,11 +129,8 @@ class FloatingIPWithPortSecurityFixture(stacks.CirrosServerStackFixture):
security_groups_stack = tobiko.required_setup_fixture(
stacks.SecurityGroupsFixture)
#: Enable port security on internal network
port_security_enabled = True
@property
def security_groups(self):
def security_groups(self) -> typing.List[str]:
"""List with ICMP security group"""
return [self.security_groups_stack.ssh_security_group_id]