Improve security groups management.
- Add create_security_group_rule method to base class
to make easier creating rules for IPv6 test cases.
- Add delete_security_group method.
- Make sure segurity groups are deleted using the
client that has been used to create them.
- Improve security group client handling.
Change-Id: I50858d5198d8a70a2bb9fb278786c433d7cb12ca
diff --git a/neutron_tempest_plugin/scenario/base.py b/neutron_tempest_plugin/scenario/base.py
index 32c5db8..cc1ca4c 100644
--- a/neutron_tempest_plugin/scenario/base.py
+++ b/neutron_tempest_plugin/scenario/base.py
@@ -122,29 +122,24 @@
Setting a group_id would only permit traffic from ports
belonging to the same security group.
"""
-
- rule_list = [{'protocol': 'tcp',
- 'direction': 'ingress',
- 'port_range_min': 22,
- 'port_range_max': 22,
- 'remote_ip_prefix': '0.0.0.0/0'}]
- client = client or cls.os_primary.network_client
- cls.create_secgroup_rules(rule_list, client=client,
- secgroup_id=secgroup_id)
+ return cls.create_security_group_rule(
+ security_group_id=secgroup_id,
+ client=client,
+ protocol=neutron_lib_constants.PROTO_NAME_TCP,
+ direction=neutron_lib_constants.INGRESS_DIRECTION,
+ port_range_min=22,
+ port_range_max=22)
@classmethod
def create_pingable_secgroup_rule(cls, secgroup_id=None,
client=None):
- """This rule is intended to permit inbound ping"""
+ """This rule is intended to permit inbound ping
- rule_list = [{'protocol': 'icmp',
- 'direction': 'ingress',
- 'port_range_min': 8, # type
- 'port_range_max': 0, # code
- 'remote_ip_prefix': '0.0.0.0/0'}]
- client = client or cls.os_primary.network_client
- cls.create_secgroup_rules(rule_list, client=client,
- secgroup_id=secgroup_id)
+ """
+ return cls.create_security_group_rule(
+ security_group_id=secgroup_id, client=client,
+ protocol=neutron_lib_constants.PROTO_NAME_ICMP,
+ direction=neutron_lib_constants.INGRESS_DIRECTION)
@classmethod
def create_router_by_client(cls, is_admin=False, **kwargs):