Merge "[Stateless SG] Fix usage of the default stateless SG"
diff --git a/neutron_tempest_plugin/api/test_security_groups_negative.py b/neutron_tempest_plugin/api/test_security_groups_negative.py
index 7efa70e..224558c 100644
--- a/neutron_tempest_plugin/api/test_security_groups_negative.py
+++ b/neutron_tempest_plugin/api/test_security_groups_negative.py
@@ -189,3 +189,66 @@
def test_sg_creation_with_insufficient_sg_rules_quota(self):
self._set_sg_rules_quota(0)
self.assertRaises(lib_exc.Conflict, self.create_security_group)
+
+
+class NegativeStatelessSecGroupTest(base.BaseNetworkTest):
+
+ required_extensions = ['security-group', 'stateful-security-group']
+
+ @classmethod
+ def resource_setup(cls):
+ super().resource_setup()
+ cls.network = cls.create_network()
+ cls.stateless_sg = cls.create_security_group(stateful=False)
+ cls.stateful_sg = cls.create_security_group(stateful=True)
+
+ @decorators.idempotent_id('9e85ce0d-37b2-4044-88a8-09ae965069ba')
+ def test_create_port_with_stateful_and_stateless_sg(self):
+ self.assertRaises(
+ lib_exc.Conflict,
+ self.create_port,
+ network=self.network,
+ security_groups=[self.stateful_sg['id'], self.stateless_sg['id']])
+
+ def _test_adding_sg_to_port_with_different_type_of_sg(
+ self, initial_sg, updated_sg):
+ port = self.create_port(
+ network=self.network,
+ security_groups=[initial_sg['id']]
+ )
+ self.assertRaises(
+ lib_exc.Conflict,
+ self.update_port,
+ port,
+ security_groups=[initial_sg['id'], updated_sg['id']]
+ )
+
+ @decorators.idempotent_id('63374580-3154-410b-ab31-e98a136094f8')
+ def test_adding_stateful_sg_to_port_with_stateless_sg(self):
+ self._test_adding_sg_to_port_with_different_type_of_sg(
+ self.stateless_sg, self.stateful_sg)
+
+ @decorators.idempotent_id('3854a4c6-4ace-4133-be83-4a2820ede06f')
+ def test_adding_stateless_sg_to_port_with_stateful_sg(self):
+ self._test_adding_sg_to_port_with_different_type_of_sg(
+ self.stateful_sg, self.stateless_sg)
+
+ def _test_update_used_sg(self, security_group):
+ self.create_port(
+ network=self.network,
+ security_groups=[security_group['id']]
+ )
+ self.assertRaises(
+ lib_exc.Conflict,
+ self.client.update_security_group,
+ security_group['id'],
+ stateful=not security_group['stateful']
+ )
+
+ @decorators.idempotent_id('5e1e3053-16dc-4f0b-a327-ff953f527248')
+ def test_update_used_stateless_sg_to_stateful(self):
+ self._test_update_used_sg(self.stateless_sg)
+
+ @decorators.idempotent_id('afe4d777-7a98-44ed-a1dc-588861f6daba')
+ def test_update_used_stateful_sg_to_stateless(self):
+ self._test_update_used_sg(self.stateful_sg)
diff --git a/zuul.d/base-nested-switch.yaml b/zuul.d/base-nested-switch.yaml
index f92b08b..df40e21 100644
--- a/zuul.d/base-nested-switch.yaml
+++ b/zuul.d/base-nested-switch.yaml
@@ -19,10 +19,11 @@
vars:
devstack_localrc:
LIBVIRT_TYPE: kvm
- LIBVIRT_CPU_MODE: host-passthrough
- CIRROS_VERSION: 0.5.1
- DEFAULT_IMAGE_NAME: cirros-0.5.1-x86_64-disk
- DEFAULT_IMAGE_FILE_NAME: cirros-0.5.1-x86_64-disk.img
+ # cirros 0.6.1 not booting when host-passthrough is used
+ # LIBVIRT_CPU_MODE: host-passthrough
+ CIRROS_VERSION: 0.6.1
+ DEFAULT_IMAGE_NAME: cirros-0.6.1-x86_64-disk
+ DEFAULT_IMAGE_FILE_NAME: cirros-0.6.1-x86_64-disk.img
# Base nested switch job for EM releases
- job:
diff --git a/zuul.d/master_jobs.yaml b/zuul.d/master_jobs.yaml
index 93c8fe2..cedb13b 100644
--- a/zuul.d/master_jobs.yaml
+++ b/zuul.d/master_jobs.yaml
@@ -27,9 +27,9 @@
NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_tempest) | join(',') }}"
PHYSICAL_NETWORK: public
IMAGE_URLS: https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img
- CIRROS_VERSION: 0.5.1
- DEFAULT_IMAGE_NAME: cirros-0.5.1-x86_64-uec
- DEFAULT_IMAGE_FILE_NAME: cirros-0.5.1-x86_64-uec.tar.gz
+ CIRROS_VERSION: 0.6.1
+ DEFAULT_IMAGE_NAME: cirros-0.6.1-x86_64-uec
+ DEFAULT_IMAGE_FILE_NAME: cirros-0.6.1-x86_64-uec.tar.gz
ADVANCED_IMAGE_NAME: ubuntu-20.04-minimal-cloudimg-amd64
ADVANCED_INSTANCE_TYPE: ntp_image_256M
ADVANCED_INSTANCE_USER: ubuntu
@@ -724,9 +724,9 @@
USE_PYTHON3: true
NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_dvr) | join(',') }}"
PHYSICAL_NETWORK: default
- CIRROS_VERSION: 0.5.1
- DEFAULT_IMAGE_NAME: cirros-0.5.1-x86_64-uec
- DEFAULT_IMAGE_FILE_NAME: cirros-0.5.1-x86_64-uec.tar.gz
+ CIRROS_VERSION: 0.6.1
+ DEFAULT_IMAGE_NAME: cirros-0.6.1-x86_64-uec
+ DEFAULT_IMAGE_FILE_NAME: cirros-0.6.1-x86_64-uec.tar.gz
IMAGE_URLS: https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img
ADVANCED_IMAGE_NAME: ubuntu-20.04-minimal-cloudimg-amd64
ADVANCED_INSTANCE_TYPE: ntp_image_256M
@@ -968,6 +968,11 @@
- flow_classifier
- sfc
devstack_localrc:
+ # TODO(slaweq): check why traceroute output is different in Cirros >
+ # 0.6.1 which is causing failures of the networking-sfc jobs
+ CIRROS_VERSION: 0.5.1
+ DEFAULT_IMAGE_NAME: cirros-0.5.1-x86_64-uec
+ DEFAULT_IMAGE_FILE_NAME: cirros-0.5.1-x86_64-uec.tar.gz
Q_AGENT: openvswitch
Q_ML2_TENANT_NETWORK_TYPE: vxlan
Q_ML2_PLUGIN_MECHANISM_DRIVERS: openvswitch
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index bb5fe6d..bc048a1 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -85,7 +85,6 @@
- neutron-tempest-plugin-scenario-linuxbridge-train
- neutron-tempest-plugin-scenario-openvswitch-train
- neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-train
- - neutron-tempest-plugin-designate-scenario-train
gate:
jobs:
- neutron-tempest-plugin-api-train
diff --git a/zuul.d/train_jobs.yaml b/zuul.d/train_jobs.yaml
index b9a9921..159feb2 100644
--- a/zuul.d/train_jobs.yaml
+++ b/zuul.d/train_jobs.yaml
@@ -239,28 +239,6 @@
network_api_extensions_common: *api_extensions
- job:
- name: neutron-tempest-plugin-designate-scenario-train
- parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-bionic
- override-checkout: stable/train
- required-projects:
- - openstack/neutron
- - name: openstack/neutron-tempest-plugin
- override-checkout: 1.5.0
- - openstack/tempest
- - name: openstack/designate-tempest-plugin
- override-checkout: 0.7.0
- vars:
- network_api_extensions_common: *api_extensions
- devstack_localrc:
- # NOTE(bcafarel) guestmount binary not available on host OS
- IMAGE_URLS: https://cloud-images.ubuntu.com/releases/bionic/release/ubuntu-18.04-server-cloudimg-amd64.img
- ADVANCED_IMAGE_NAME: ubuntu-18.04-server-cloudimg-amd64
- ADVANCED_INSTANCE_TYPE: ds512M
- ADVANCED_INSTANCE_USER: ubuntu
- CUSTOMIZE_IMAGE: false
-
-- job:
name: neutron-tempest-plugin-sfc-train
parent: neutron-tempest-plugin-sfc
nodeset: openstack-single-node-bionic
diff --git a/zuul.d/ussuri_jobs.yaml b/zuul.d/ussuri_jobs.yaml
index d918182..9701ec9 100644
--- a/zuul.d/ussuri_jobs.yaml
+++ b/zuul.d/ussuri_jobs.yaml
@@ -145,8 +145,14 @@
(^tempest.api.compute.servers.test_multiple_create)"
network_api_extensions: *api_extensions
network_available_features: *available_features
- devstack_localrc:
+ devstack_localrc: &localrc_scenarios_common
NETWORK_API_EXTENSIONS: "{{ network_api_extensions | join(',') }}"
+ # NOTE(bcafarel) guestmount binary not available on host OS
+ IMAGE_URLS: https://cloud-images.ubuntu.com/releases/bionic/release/ubuntu-18.04-server-cloudimg-amd64.img
+ ADVANCED_IMAGE_NAME: ubuntu-18.04-server-cloudimg-amd64
+ ADVANCED_INSTANCE_TYPE: ds512M
+ ADVANCED_INSTANCE_USER: ubuntu
+ CUSTOMIZE_IMAGE: false
devstack_local_conf:
post-config:
$NEUTRON_L3_CONF:
@@ -174,8 +180,7 @@
(^tempest.api.compute.servers.test_multiple_create)"
network_api_extensions: *api_extensions
network_available_features: *available_features
- devstack_localrc:
- NETWORK_API_EXTENSIONS: "{{ network_api_extensions | join(',') }}"
+ devstack_localrc: *localrc_scenarios_common
devstack_local_conf:
post-config:
$NEUTRON_L3_CONF:
@@ -202,8 +207,7 @@
(^tempest.api.compute.servers.test_multiple_create)"
network_api_extensions: *api_extensions
network_available_features: *available_features
- devstack_localrc:
- NETWORK_API_EXTENSIONS: "{{ network_api_extensions | join(',') }}"
+ devstack_localrc: *localrc_scenarios_common
devstack_local_conf:
post-config:
$NEUTRON_L3_CONF:
diff --git a/zuul.d/victoria_jobs.yaml b/zuul.d/victoria_jobs.yaml
index d585f9e..a79261d 100644
--- a/zuul.d/victoria_jobs.yaml
+++ b/zuul.d/victoria_jobs.yaml
@@ -134,7 +134,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-victoria
parent: neutron-tempest-plugin-openvswitch
- nodeset: openstack-single-node-focal
override-checkout: stable/victoria
required-projects: *required-projects-victoria
vars:
@@ -163,7 +162,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-victoria
parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
- nodeset: openstack-single-node-focal
override-checkout: stable/victoria
required-projects: *required-projects-victoria
vars:
@@ -192,7 +190,6 @@
- job:
name: neutron-tempest-plugin-scenario-linuxbridge-victoria
parent: neutron-tempest-plugin-linuxbridge
- nodeset: openstack-single-node-focal
override-checkout: stable/victoria
required-projects: *required-projects-victoria
vars:
@@ -221,7 +218,6 @@
- job:
name: neutron-tempest-plugin-scenario-ovn-victoria
parent: neutron-tempest-plugin-ovn
- nodeset: openstack-single-node-focal
override-checkout: stable/victoria
required-projects: *required-projects-victoria
vars:
@@ -256,7 +252,6 @@
- job:
name: neutron-tempest-plugin-designate-scenario-victoria
parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-focal
override-checkout: stable/victoria
required-projects:
- openstack/neutron
diff --git a/zuul.d/wallaby_jobs.yaml b/zuul.d/wallaby_jobs.yaml
index 2d73856..6f4648a 100644
--- a/zuul.d/wallaby_jobs.yaml
+++ b/zuul.d/wallaby_jobs.yaml
@@ -98,7 +98,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-wallaby
parent: neutron-tempest-plugin-openvswitch
- nodeset: openstack-single-node-focal
override-checkout: stable/wallaby
required-projects: *required-projects-wallaby
vars:
@@ -119,7 +118,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-wallaby
parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
- nodeset: openstack-single-node-focal
override-checkout: stable/wallaby
required-projects: *required-projects-wallaby
vars:
@@ -140,7 +138,6 @@
- job:
name: neutron-tempest-plugin-scenario-linuxbridge-wallaby
parent: neutron-tempest-plugin-linuxbridge
- nodeset: openstack-single-node-focal
override-checkout: stable/wallaby
required-projects: *required-projects-wallaby
vars:
@@ -161,7 +158,6 @@
- job:
name: neutron-tempest-plugin-scenario-ovn-wallaby
parent: neutron-tempest-plugin-ovn
- nodeset: openstack-single-node-focal
override-checkout: stable/wallaby
required-projects: *required-projects-wallaby
vars:
@@ -190,7 +186,6 @@
- job:
name: neutron-tempest-plugin-designate-scenario-wallaby
parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-focal
override-checkout: stable/wallaby
required-projects:
- openstack/neutron
diff --git a/zuul.d/xena_jobs.yaml b/zuul.d/xena_jobs.yaml
index 4afdd77..595b4d8 100644
--- a/zuul.d/xena_jobs.yaml
+++ b/zuul.d/xena_jobs.yaml
@@ -95,7 +95,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-xena
parent: neutron-tempest-plugin-openvswitch
- nodeset: openstack-single-node-focal
override-checkout: stable/xena
vars:
tempest_test_regex: "\
@@ -115,7 +114,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-xena
parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
- nodeset: openstack-single-node-focal
override-checkout: stable/xena
vars:
tempest_test_regex: "\
@@ -135,7 +133,6 @@
- job:
name: neutron-tempest-plugin-scenario-linuxbridge-xena
parent: neutron-tempest-plugin-linuxbridge
- nodeset: openstack-single-node-focal
override-checkout: stable/xena
vars:
tempest_test_regex: "\
@@ -155,7 +152,6 @@
- job:
name: neutron-tempest-plugin-scenario-ovn-xena
parent: neutron-tempest-plugin-ovn
- nodeset: openstack-single-node-focal
override-checkout: stable/xena
vars:
tempest_test_regex: "\
@@ -182,7 +178,6 @@
- job:
name: neutron-tempest-plugin-designate-scenario-xena
parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-focal
override-checkout: stable/xena
vars:
network_api_extensions_common: *api_extensions
diff --git a/zuul.d/yoga_jobs.yaml b/zuul.d/yoga_jobs.yaml
index 9eaa4c2..d47fc93 100644
--- a/zuul.d/yoga_jobs.yaml
+++ b/zuul.d/yoga_jobs.yaml
@@ -97,7 +97,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-yoga
parent: neutron-tempest-plugin-openvswitch
- nodeset: openstack-single-node-focal
override-checkout: stable/yoga
vars:
tempest_test_regex: "\
@@ -117,7 +116,6 @@
- job:
name: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-yoga
parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
- nodeset: openstack-single-node-focal
override-checkout: stable/yoga
vars:
tempest_test_regex: "\
@@ -137,7 +135,6 @@
- job:
name: neutron-tempest-plugin-scenario-linuxbridge-yoga
parent: neutron-tempest-plugin-linuxbridge
- nodeset: openstack-single-node-focal
override-checkout: stable/yoga
vars:
tempest_test_regex: "\
@@ -157,7 +154,6 @@
- job:
name: neutron-tempest-plugin-scenario-ovn-yoga
parent: neutron-tempest-plugin-ovn
- nodeset: openstack-single-node-focal
override-checkout: stable/yoga
vars:
tempest_test_regex: "\
@@ -186,7 +182,6 @@
- job:
name: neutron-tempest-plugin-designate-scenario-yoga
parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-focal
override-checkout: stable/yoga
vars:
network_api_extensions_common: *api_extensions
diff --git a/zuul.d/zed_jobs.yaml b/zuul.d/zed_jobs.yaml
index 38299d5..a11c2c8 100644
--- a/zuul.d/zed_jobs.yaml
+++ b/zuul.d/zed_jobs.yaml
@@ -1,7 +1,6 @@
- job:
name: neutron-tempest-plugin-openvswitch-zed
parent: neutron-tempest-plugin-openvswitch
- nodeset: openstack-single-node-focal
override-checkout: stable/zed
vars:
network_api_extensions_openvswitch:
@@ -107,7 +106,6 @@
- job:
name: neutron-tempest-plugin-openvswitch-iptables_hybrid-zed
parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
- nodeset: openstack-single-node-focal
override-checkout: stable/zed
vars:
network_api_extensions_openvswitch:
@@ -138,7 +136,6 @@
- job:
name: neutron-tempest-plugin-linuxbridge-zed
parent: neutron-tempest-plugin-linuxbridge
- nodeset: openstack-single-node-focal
override-checkout: stable/zed
vars:
network_api_extensions_linuxbridge:
@@ -165,7 +162,6 @@
- job:
name: neutron-tempest-plugin-ovn-zed
parent: neutron-tempest-plugin-ovn
- nodeset: openstack-single-node-focal
override-checkout: stable/zed
vars:
tempest_test_regex: "\
@@ -197,7 +193,6 @@
- job:
name: neutron-tempest-plugin-designate-scenario-zed
parent: neutron-tempest-plugin-designate-scenario
- nodeset: openstack-single-node-focal
override-checkout: stable/zed
vars:
network_api_extensions_common: *api_extensions