Using a new security group in scenario tests
Instead of using the default security group - creating and
using a new security group in setup_network_and_server.
This should help when two tests are in the same class and have the
same tenant which can cause problems when one test is changing the
security group, adding rules etc.
Also adding resource cleanup in API tests base for security groups.
Change-Id: I4997bb48edf05402aa8135e3fd70e4c16cafb114
diff --git a/neutron/tests/tempest/api/base.py b/neutron/tests/tempest/api/base.py
index b308a31..3321ad4 100644
--- a/neutron/tests/tempest/api/base.py
+++ b/neutron/tests/tempest/api/base.py
@@ -109,6 +109,7 @@
cls.admin_address_scopes = []
cls.subnetpools = []
cls.admin_subnetpools = []
+ cls.security_groups = []
@classmethod
def resource_cleanup(cls):
@@ -167,6 +168,11 @@
cls._try_delete_resource(cls.admin_client.delete_network,
network['id'])
+ # Clean up security groups
+ for secgroup in cls.security_groups:
+ cls._try_delete_resource(cls.client.delete_security_group,
+ secgroup['id'])
+
for subnetpool in cls.subnetpools:
cls._try_delete_resource(cls.client.delete_subnetpool,
subnetpool['id'])
diff --git a/neutron/tests/tempest/scenario/base.py b/neutron/tests/tempest/scenario/base.py
index 8c45f4b..4072a1f 100644
--- a/neutron/tests/tempest/scenario/base.py
+++ b/neutron/tests/tempest/scenario/base.py
@@ -47,13 +47,37 @@
@classmethod
def create_server(cls, flavor_ref, image_ref, key_name, networks,
- name=None):
+ name=None, security_groups=None):
+ """Create a server using tempest lib
+ All the parameters are the ones used in Compute API
+
+ Args:
+ flavor_ref(str): The flavor of the server to be provisioned.
+ image_ref(str): The image of the server to be provisioned.
+ key_name(str): SSH key to to be used to connect to the
+ provisioned server.
+ networks(list): List of dictionaries where each represent
+ an interface to be attached to the server. For network
+ it should be {'uuid': network_uuid} and for port it should
+ be {'port': port_uuid}
+ name(str): Name of the server to be provisioned.
+ security_groups(list): List of dictionaries where
+ the keys is 'name' and the value is the name of
+ the security group. If it's not passed the default
+ security group will be used.
+ """
+
name = name or data_utils.rand_name('server-test')
+ if not security_groups:
+ security_groups = [{'name': 'default'}]
+
server = cls.manager.servers_client.create_server(
- name=name, flavorRef=flavor_ref,
+ name=name,
+ flavorRef=flavor_ref,
imageRef=image_ref,
key_name=key_name,
- networks=networks)
+ networks=networks,
+ security_groups=security_groups)
cls.servers.append(server['server']['id'])
return server
@@ -123,17 +147,28 @@
@classmethod
def setup_network_and_server(cls):
+ """Creating network resources and a server.
+
+ Creating a network, subnet, router, keypair, security group
+ and a server.
+ """
cls.network = cls.create_network()
cls.subnet = cls.create_subnet(cls.network)
+ secgroup = cls.manager.network_client.create_security_group(
+ name=data_utils.rand_name('secgroup-'))
+ cls.security_groups.append(secgroup['security_group'])
+
cls.create_router_and_interface(cls.subnet['id'])
cls.keypair = cls.create_keypair()
- cls.create_loginable_secgroup_rule()
+ cls.create_loginable_secgroup_rule(
+ secgroup_id=secgroup['security_group']['id'])
cls.server = cls.create_server(
flavor_ref=CONF.compute.flavor_ref,
image_ref=CONF.compute.image_ref,
key_name=cls.keypair['name'],
- networks=[{'uuid': cls.network['id']}])
+ networks=[{'uuid': cls.network['id']}],
+ security_groups=[{'name': secgroup['security_group']['name']}])
waiters.wait_for_server_status(cls.manager.servers_client,
cls.server['server']['id'],
constants.SERVER_STATUS_ACTIVE)
diff --git a/neutron/tests/tempest/scenario/test_qos.py b/neutron/tests/tempest/scenario/test_qos.py
index 89b31a7..a58b6e4 100644
--- a/neutron/tests/tempest/scenario/test_qos.py
+++ b/neutron/tests/tempest/scenario/test_qos.py
@@ -158,7 +158,9 @@
'port_range_min': NC_PORT,
'port_range_max': NC_PORT,
'remote_ip_prefix': '0.0.0.0/0'}]
- self.create_secgroup_rules(rulesets)
+ self.create_secgroup_rules(rulesets,
+ self.security_groups[-1]['id'])
+
ssh_client = ssh.Client(self.fip['floating_ip_address'],
CONF.validation.image_ssh_user,
pkey=self.keypair['private_key'])
diff --git a/neutron/tests/tempest/scenario/test_trunk.py b/neutron/tests/tempest/scenario/test_trunk.py
index 30d6022..b350392 100644
--- a/neutron/tests/tempest/scenario/test_trunk.py
+++ b/neutron/tests/tempest/scenario/test_trunk.py
@@ -14,6 +14,7 @@
from oslo_log import log as logging
from tempest.common import waiters
+from tempest.lib.common.utils import data_utils
from tempest import test
from neutron.common import utils
@@ -38,17 +39,24 @@
cls.subnet = cls.create_subnet(cls.network)
cls.create_router_and_interface(cls.subnet['id'])
cls.keypair = cls.create_keypair()
- cls.create_loginable_secgroup_rule()
+ cls.secgroup = cls.manager.network_client.create_security_group(
+ name=data_utils.rand_name('secgroup-'))
+ cls.security_groups.append(cls.secgroup['security_group'])
+ cls.create_loginable_secgroup_rule(
+ secgroup_id=cls.secgroup['security_group']['id'])
def _create_server_with_trunk_port(self):
- port = self.create_port(self.network)
+ port = self.create_port(self.network, security_groups=[
+ self.secgroup['security_group']['id']])
trunk = self.client.create_trunk(port['id'], subports=[])['trunk']
fip = self.create_and_associate_floatingip(port['id'])
server = self.create_server(
flavor_ref=CONF.compute.flavor_ref,
image_ref=CONF.compute.image_ref,
key_name=self.keypair['name'],
- networks=[{'port': port['id']}])['server']
+ networks=[{'port': port['id']}],
+ security_groups=[{'name': self.secgroup[
+ 'security_group']['name']}])['server']
self.addCleanup(self._detach_and_delete_trunk, server, trunk)
return {'port': port, 'trunk': trunk, 'fip': fip,
'server': server}