From 5da150fcd2b727c0a4f5ef677944c313b1162f71 Mon Sep 17 00:00:00 2001
From: asarfaty <asarfaty@vmware.com>
Date: Mon, 23 Nov 2020 12:23:45 +0200
Subject: [PATCH] Integrate with neutron DB engine facade migration

integrate with neutron patch Id3f09b78c8d0a8daa7ec4fa6f5bf79f7d5ab8f8b
And also skip new tests added in I99681736d05eefd82bdba72b3866eab9468ef5dd

Change-Id: I8b119bc69cc87185ea77646e70135c5984200038
---
 vmware_nsx/db/extended_security_group.py       | 18 ++++++++++++++----
 vmware_nsx/db/extended_security_group_rule.py  |  4 ++++
 vmware_nsx/plugins/nsx_p/plugin.py             |  1 +
 .../nsx_v/drivers/distributed_router_driver.py |  1 +
 .../nsx_v/drivers/exclusive_router_driver.py   |  1 +
 .../nsx_v/drivers/shared_router_driver.py      |  1 +
 vmware_nsx/plugins/nsx_v/plugin.py             |  1 -
 vmware_nsx/plugins/nsx_v/vshield/edge_utils.py |  6 ++++--
 vmware_nsx/plugins/nsx_v3/plugin.py            |  9 ++++++---
 .../tests/unit/extensions/test_metadata.py     |  2 ++
 .../test_secgroup_rule_local_ip_prefix.py      | 12 ++++++++----
 .../unit/extensions/test_securitygroup.py      |  9 +++++++++
 vmware_nsx/tests/unit/nsx_p/test_plugin.py     |  9 +++++++++
 vmware_nsx/tests/unit/nsx_v/test_plugin.py     |  9 +++++++++
 14 files changed, 69 insertions(+), 14 deletions(-)

diff --git a/vmware_nsx/db/extended_security_group.py b/vmware_nsx/db/extended_security_group.py
index f2913bb4e0..9fb16ffab0 100644
--- a/vmware_nsx/db/extended_security_group.py
+++ b/vmware_nsx/db/extended_security_group.py
@@ -28,6 +28,7 @@ from neutron_lib.callbacks import events
 from neutron_lib.callbacks import registry
 from neutron_lib.callbacks import resources
 from neutron_lib import constants as n_constants
+from neutron_lib import context as n_context
 from neutron_lib.db import api as db_api
 from neutron_lib.db import model_base
 from neutron_lib.db import resource_extend
@@ -139,7 +140,8 @@ class ExtendedSecurityGroupPropertiesMixin(object):
         sg_res[provider_sg.PROVIDER] = sg_req.get(provider_sg.PROVIDER, False)
         sg_res[sg_policy.POLICY] = sg_req.get(sg_policy.POLICY)
 
-    def _get_security_group_properties(self, context, security_group_id):
+    @staticmethod
+    def _get_security_group_properties(context, security_group_id):
         with db_api.CONTEXT_READER.using(context):
             try:
                 prop = context.session.query(
@@ -365,13 +367,21 @@ class ExtendedSecurityGroupPropertiesMixin(object):
     @staticmethod
     @resource_extend.extends([port_def.COLLECTION_NAME])
     def _extend_port_dict_provider_security_group(port_res, port_db):
+        context = n_context.get_admin_context()
         # Add the provider sg list to the port.
         # later we will remove those from the regular sg list
         provider_groups = []
         for sec_group_mapping in port_db.security_groups:
-            if (sec_group_mapping.extended_grp and
-                sec_group_mapping.extended_grp.provider is True):
-                provider_groups.append(sec_group_mapping['security_group_id'])
+            sg_id = sec_group_mapping.security_group_id
+            try:
+                sg_ext = ExtendedSecurityGroupPropertiesMixin.\
+                    _get_security_group_properties(context, sg_id)
+            except ext_sg.SecurityGroupNotFound:
+                pass
+            else:
+                if sg_ext.provider:
+                    provider_groups.append(
+                        sec_group_mapping['security_group_id'])
         port_res[provider_sg.PROVIDER_SECURITYGROUPS] = provider_groups
         return port_res
 
diff --git a/vmware_nsx/db/extended_security_group_rule.py b/vmware_nsx/db/extended_security_group_rule.py
index 60157485fe..0bdf75bac5 100644
--- a/vmware_nsx/db/extended_security_group_rule.py
+++ b/vmware_nsx/db/extended_security_group_rule.py
@@ -66,6 +66,10 @@ class ExtendedSecurityGroupRuleMixin(object):
         if not rule_specify_local_ip_prefix:
             # remove ATTR_NOT_SPECIFIED
             rule[ext_local_ip.LOCAL_IP_PREFIX] = None
+
+        # remote_address_group_id is not yet supported and might be missing
+        if 'remote_address_group_id' not in rule:
+            rule['remote_address_group_id'] = None
         return rule_specify_local_ip_prefix
 
     def _process_security_group_rule_properties(self, context,
diff --git a/vmware_nsx/plugins/nsx_p/plugin.py b/vmware_nsx/plugins/nsx_p/plugin.py
index 6e20992655..c40180296f 100644
--- a/vmware_nsx/plugins/nsx_p/plugin.py
+++ b/vmware_nsx/plugins/nsx_p/plugin.py
@@ -2602,6 +2602,7 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
         # First update the neutron DB
         super(NsxPolicyPlugin, self)._update_router_gw_info(
             context, router_id, info, router=router)
+        router = self._get_router(context, router_id)
 
         # Get the new tier0 of the updated router (or None if GW was removed)
         new_tier0_uuid = self._get_tier0_uuid_by_router(context, router)
diff --git a/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py b/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
index 8042994361..77ff7a63c4 100644
--- a/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
@@ -158,6 +158,7 @@ class RouterDistributedDriver(router_driver.RouterBaseDriver):
 
         super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
             context, router_id, info, router=router)
+        router = self.plugin._get_router(context, router_id)
 
         new_ext_net_id = router.gw_port_id and router.gw_port.network_id
         new_enable_snat = router.enable_snat
diff --git a/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py b/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py
index df8de036e9..3982a622bf 100644
--- a/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py
@@ -165,6 +165,7 @@ class RouterExclusiveDriver(router_driver.RouterBaseDriver):
 
         super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
             context, router_id, info, router=router)
+        router = self.plugin._get_router(context, router_id)
 
         new_ext_net_id = router.gw_port_id and router.gw_port.network_id
         new_enable_snat = router.enable_snat
diff --git a/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py b/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
index 9e2b024c18..aee1bebbb7 100644
--- a/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
@@ -715,6 +715,7 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
                     context, router))
             super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
                 context, router_id, info, router=router)
+            router = self.plugin._get_router(context, router_id)
             new_ext_net_id = (router.gw_port_id and
                               router.gw_port.network_id)
             new_enable_snat = router.enable_snat
diff --git a/vmware_nsx/plugins/nsx_v/plugin.py b/vmware_nsx/plugins/nsx_v/plugin.py
index 874ad7e4ba..122b09e21a 100644
--- a/vmware_nsx/plugins/nsx_v/plugin.py
+++ b/vmware_nsx/plugins/nsx_v/plugin.py
@@ -3773,7 +3773,6 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
                                  'network_id': router.gw_port.network_id,
                                  'updated_port': updated_port
                              }))
-        context.session.expire(router.gw_port)
 
     def _update_router_gw_info(self, context, router_id, info,
                                is_routes_update=False,
diff --git a/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py b/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py
index 3813bd9817..b666207bf0 100644
--- a/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py
+++ b/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py
@@ -24,6 +24,7 @@ from neutron_lib.api.definitions import extra_dhcp_opt as ext_edo
 from neutron_lib.api import validators
 from neutron_lib import constants
 from neutron_lib import context as q_context
+from neutron_lib.db import api as db_api
 from neutron_lib import exceptions as n_exc
 from neutron_lib.exceptions import l3 as l3_exc
 from oslo_config import cfg
@@ -2643,8 +2644,9 @@ class NsxVCallbacks(object):
             if set_errors and context:
                 # Set the router status to ERROR
                 try:
-                    router_db = self.plugin._get_router(context, router_id)
-                    router_db['status'] = constants.ERROR
+                    with db_api.CONTEXT_WRITER.using(context):
+                        router_db = self.plugin._get_router(context, router_id)
+                        router_db['status'] = constants.ERROR
                 except l3_exc.RouterNotFound:
                     # Router might have been deleted before deploy finished
                     LOG.warning("Router %s not found", router_id)
diff --git a/vmware_nsx/plugins/nsx_v3/plugin.py b/vmware_nsx/plugins/nsx_v3/plugin.py
index 670e9a8421..bdd9604f51 100644
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@@ -1552,7 +1552,8 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
                 raise nsx_exc.NsxPluginException(err_msg=msg)
 
         if not cfg.CONF.nsx_v3.native_dhcp_metadata:
-            nsx_rpc.handle_port_metadata_access(self, context, neutron_db)
+            with db_api.CONTEXT_WRITER.using(context):
+                nsx_rpc.handle_port_metadata_access(self, context, neutron_db)
         kwargs = {'context': context, 'port': neutron_db}
         registry.notify(resources.PORT, events.AFTER_CREATE, self, **kwargs)
         return port_data
@@ -1601,8 +1602,9 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
         if cfg.CONF.nsx_v3.native_dhcp_metadata:
             self._delete_port_mp_dhcp_binding(context, port)
         else:
-            nsx_rpc.handle_port_metadata_access(self, context, port,
-                                                is_delete=True)
+            with db_api.CONTEXT_WRITER.using(context):
+                nsx_rpc.handle_port_metadata_access(self, context, port,
+                                                    is_delete=True)
         super(NsxV3Plugin, self).delete_port(context, port_id)
 
     def _get_resource_type_for_device_id(self, device_owner, device_id):
@@ -2002,6 +2004,7 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
         # and we need to make a big change so don't touch it at present.
         super(NsxV3Plugin, self)._update_router_gw_info(
             context, router_id, info, router=router)
+        router = self._get_router(context, router_id)
 
         new_tier0_uuid = self._get_tier0_uuid_by_router(context, router)
         new_enable_snat = router.enable_snat
diff --git a/vmware_nsx/tests/unit/extensions/test_metadata.py b/vmware_nsx/tests/unit/extensions/test_metadata.py
index c77e9458af..cee088088a 100644
--- a/vmware_nsx/tests/unit/extensions/test_metadata.py
+++ b/vmware_nsx/tests/unit/extensions/test_metadata.py
@@ -310,6 +310,7 @@ class MetaDataTestCase(object):
     def test_metadata_dhcp_host_route(self):
         self._metadata_setup(config.MetadataModes.INDIRECT)
         subnets = self._list('subnets')['subnets']
+        self.assertEqual(len(subnets), 0)
         with self.subnet() as s:
             with self.port(subnet=s, device_id='1234',
                            device_owner=constants.DEVICE_OWNER_DHCP) as port:
@@ -324,5 +325,6 @@ class MetaDataTestCase(object):
             self._delete('ports', port['port']['id'])
             subnets = self._list('subnets')['subnets']
             # Test that route is deleted after dhcp port is removed.
+            self.assertEqual(len(subnets), 1)
             self.assertEqual(len(subnets[0]['host_routes']), 0)
         self._metadata_teardown()
diff --git a/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py b/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py
index ef8b3fe196..e7293305b1 100644
--- a/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py
+++ b/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py
@@ -122,12 +122,15 @@ class TestNSXv3ExtendedSGRule(test_nsxv3_plugin.NsxV3PluginTestCaseMixin,
              'project_id': mock.ANY,
              'id': mock.ANY,
              'port_range_min': None,
-             'local_ip_prefix': '239.255.0.0/16',
              'ethertype': 'IPv4',
-             'protocol': u'udp', 'remote_ip_prefix': '10.0.0.0/24',
+             'protocol': u'udp',
              'port_range_max': None,
              'security_group_id': mock.ANY,
-             'remote_group_id': None, 'direction': u'ingress',
+             'remote_group_id': None,
+             'remote_address_group_id': None,
+             'remote_ip_prefix': '10.0.0.0/24',
+             'local_ip_prefix': '239.255.0.0/16',
+             'direction': u'ingress',
              'description': '',
              'standard_attr_id': mock.ANY}]
 
@@ -167,10 +170,11 @@ class TestNSXv3ExtendedSGRule(test_nsxv3_plugin.NsxV3PluginTestCaseMixin,
              'local_ip_prefix': None,
              'ethertype': 'IPv4',
              'protocol': u'udp',
-             'remote_ip_prefix': None,
              'port_range_max': None,
              'security_group_id': mock.ANY,
              'remote_group_id': None,
+             'remote_address_group_id': None,
+             'remote_ip_prefix': None,
              'direction': u'ingress',
              'description': '',
              'standard_attr_id': mock.ANY}]
diff --git a/vmware_nsx/tests/unit/extensions/test_securitygroup.py b/vmware_nsx/tests/unit/extensions/test_securitygroup.py
index 56e3e1fdad..f2d836365d 100644
--- a/vmware_nsx/tests/unit/extensions/test_securitygroup.py
+++ b/vmware_nsx/tests/unit/extensions/test_securitygroup.py
@@ -103,3 +103,12 @@ class TestSecurityGroups(test_nsxv3.NsxV3PluginTestCaseMixin,
 
             except exc.HTTPClientError:
                 pass
+
+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
diff --git a/vmware_nsx/tests/unit/nsx_p/test_plugin.py b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
index ef3321fcea..77952f43c7 100644
--- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
@@ -1502,6 +1502,15 @@ class NsxPTestSecurityGroup(common_v3.FixExternalNetBaseTest,
                 del_rule.assert_called_once_with(
                     mock.ANY, rule["security_group_rule"]["id"])
 
+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
+
 
 class NsxPTestL3ExtensionManager(object):
 
diff --git a/vmware_nsx/tests/unit/nsx_v/test_plugin.py b/vmware_nsx/tests/unit/nsx_v/test_plugin.py
index 8ac5f65cef..d7d206982e 100644
--- a/vmware_nsx/tests/unit/nsx_v/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_v/test_plugin.py
@@ -4211,6 +4211,15 @@ class NsxVTestSecurityGroup(ext_sg.TestSecurityGroups,
                 del_rule.assert_called_once_with(
                     mock.ANY, rule["security_group_rule"]["id"])
 
+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
+
 
 class TestVdrTestCase(L3NatTest, L3NatTestCaseBase,
                       test_l3_plugin.L3NatDBIntTestCase,