Update test cases after security group menthods improvements.
Change I50858d5198d8a70a2bb9fb278786c433d7cb12ca improved
test case methods for helping reducint test case complexity
when handling with security groups.
This change use those API improvements to reduce the
complexity of existing test cases and to make them easier
to read.
Change-Id: I8589b31db996702c3da2235fa72182badfd84c02
diff --git a/neutron_tempest_plugin/api/admin/test_extension_driver_port_security_admin.py b/neutron_tempest_plugin/api/admin/test_extension_driver_port_security_admin.py
index d449ead..048a1e5 100644
--- a/neutron_tempest_plugin/api/admin/test_extension_driver_port_security_admin.py
+++ b/neutron_tempest_plugin/api/admin/test_extension_driver_port_security_admin.py
@@ -17,11 +17,9 @@
from tempest.lib import exceptions as lib_exc
from neutron_tempest_plugin.api import base
-from neutron_tempest_plugin.api import base_security_groups as base_security
-class PortSecurityAdminTests(base_security.BaseSecGroupTest,
- base.BaseAdminNetworkTest):
+class PortSecurityAdminTests(base.BaseAdminNetworkTest):
required_extensions = ['port-security']
diff --git a/neutron_tempest_plugin/api/admin/test_quotas_negative.py b/neutron_tempest_plugin/api/admin/test_quotas_negative.py
index cd64e5c..9c37d92 100644
--- a/neutron_tempest_plugin/api/admin/test_quotas_negative.py
+++ b/neutron_tempest_plugin/api/admin/test_quotas_negative.py
@@ -10,6 +10,7 @@
# License for the specific language governing permissions and limitations
# under the License.
+from neutron_lib import constants
from tempest.common import utils
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
@@ -110,54 +111,38 @@
@decorators.idempotent_id('5c924ff7-b7a9-474f-92a3-dbe0f976ec13')
@utils.requires_ext(extension="security-group", service="network")
def test_create_security_group_when_quotas_is_full(self):
- tenant_id = self.create_project()['id']
- sg_args = {'tenant_id': tenant_id}
- # avoid a number that is made by default
- sg_list = self.admin_client.list_security_groups(
- tenant_id=tenant_id)['security_groups']
- num = len(sg_list) + 1
+ project = self.create_project()
- new_quotas = {'security_group': num}
- self._setup_quotas(tenant_id, **new_quotas)
+ # Set quotas to allow to create only one more security group
+ security_groups = self.admin_client.list_security_groups(
+ tenant_id=project['id'])['security_groups']
+ self._setup_quotas(project['id'],
+ security_group=len(security_groups) + 1)
- sg = self.admin_client.create_security_group(
- **sg_args)['security_group']
- self.addCleanup(self.admin_client.delete_security_group, sg['id'])
-
- self.assertRaises(lib_exc.Conflict,
- self.admin_client.create_security_group, **sg_args)
+ self.create_security_group(project=project)
+ self.assertRaises(lib_exc.Conflict, self.create_security_group,
+ project=project)
@decorators.attr(type='negative')
@decorators.idempotent_id('b7143480-6118-4ed4-be38-1b6f15f30d05')
@utils.requires_ext(extension="security-group", service="network")
def test_create_security_group_rule_when_quotas_is_full(self):
- tenant_id = self.create_project()['id']
- sg_args = {'tenant_id': tenant_id}
+ project = self.create_project()
+ security_group = self.create_security_group(project=project)
- sg = self.admin_client.create_security_group(
- **sg_args)['security_group']
- self.addCleanup(self.admin_client.delete_security_group, sg['id'])
+ # Set quotas to allow to create only one more security group rule
+ security_group_rules = self.admin_client.list_security_group_rules(
+ tenant_id=project['id'])['security_group_rules']
+ self._setup_quotas(project['id'],
+ security_group_rule=len(security_group_rules) + 1)
- # avoid a number that is made by default
- sg_rule_list = self.admin_client.list_security_group_rules(
- tenant_id=tenant_id)['security_group_rules']
- num = len(sg_rule_list) + 1
-
- new_quotas = {'security_group_rule': num}
- self._setup_quotas(tenant_id, **new_quotas)
-
- sg_rule_args = {'tenant_id': tenant_id,
- 'security_group_id': sg['id'],
- 'direction': 'ingress'}
- sg_rule = self.admin_client.create_security_group_rule(
- **sg_rule_args)['security_group_rule']
- self.addCleanup(
- self.admin_client.delete_security_group_rule, sg_rule['id'])
-
- sg_rule_args['direction'] = 'egress'
+ self.create_security_group_rule(
+ project=project, security_group=security_group,
+ direction=constants.INGRESS_DIRECTION)
self.assertRaises(lib_exc.Conflict,
- self.admin_client.create_security_group_rule,
- **sg_rule_args)
+ self.create_security_group_rule,
+ project=project, security_group=security_group,
+ direction=constants.EGRESS_DIRECTION)
@decorators.attr(type='negative')
@decorators.idempotent_id('d00fe5bb-9db8-4e1a-9c31-490f52897e6f')
diff --git a/neutron_tempest_plugin/api/admin/test_security_groups.py b/neutron_tempest_plugin/api/admin/test_security_groups.py
index de7e7d2..d79b0ee 100644
--- a/neutron_tempest_plugin/api/admin/test_security_groups.py
+++ b/neutron_tempest_plugin/api/admin/test_security_groups.py
@@ -14,10 +14,10 @@
from tempest.lib import decorators
-from neutron_tempest_plugin.api import base_security_groups as base
+from neutron_tempest_plugin.api import base
-class SecGroupAdminTest(base.BaseSecGroupTest):
+class SecGroupAdminTest(base.BaseNetworkTest):
required_extensions = ['security-group']
credentials = ['primary', 'admin']
diff --git a/neutron_tempest_plugin/api/base_security_groups.py b/neutron_tempest_plugin/api/base_security_groups.py
index 127bbd9..ca2c17a 100644
--- a/neutron_tempest_plugin/api/base_security_groups.py
+++ b/neutron_tempest_plugin/api/base_security_groups.py
@@ -14,9 +14,6 @@
# under the License.
from neutron_lib import constants
-from tempest.lib.common.utils import data_utils
-
-from neutron_tempest_plugin.api import base
# NOTE(yamamoto): The list of protocols here is what we had in Ocata.
@@ -45,9 +42,13 @@
'udplite',
'vrrp',
}
-V4_PROTOCOL_INTS = set(v for k, v in constants.IP_PROTOCOL_MAP.items() if
- k in V4_PROTOCOL_NAMES)
-V6_PROTOCOL_LEGACY = set([constants.PROTO_NAME_IPV6_ICMP_LEGACY])
+
+V4_PROTOCOL_INTS = {v
+ for k, v in constants.IP_PROTOCOL_MAP.items()
+ if k in V4_PROTOCOL_NAMES}
+
+V6_PROTOCOL_LEGACY = {constants.PROTO_NAME_IPV6_ICMP_LEGACY}
+
V6_PROTOCOL_NAMES = {
'ipv6-encap',
'ipv6-frag',
@@ -56,66 +57,7 @@
'ipv6-opts',
'ipv6-route',
}
-V6_PROTOCOL_INTS = set(v for k, v in constants.IP_PROTOCOL_MAP.items() if
- k in (V6_PROTOCOL_NAMES | V6_PROTOCOL_LEGACY))
-
-class BaseSecGroupTest(base.BaseNetworkTest):
-
- def _create_security_group(self, **kwargs):
- # Create a security group
- name = data_utils.rand_name('secgroup-')
- group_create_body = self.client.create_security_group(name=name,
- **kwargs)
- self.addCleanup(self._delete_security_group,
- group_create_body['security_group']['id'])
- self.assertEqual(group_create_body['security_group']['name'], name)
- return group_create_body, name
-
- def _delete_security_group(self, secgroup_id):
- self.client.delete_security_group(secgroup_id)
- # Asserting that the security group is not found in the list
- # after deletion
- list_body = self.client.list_security_groups()
- secgroup_list = list()
- for secgroup in list_body['security_groups']:
- secgroup_list.append(secgroup['id'])
- self.assertNotIn(secgroup_id, secgroup_list)
-
- def _create_security_group_rule(self, **kwargs):
- rule_create_body = self.client.create_security_group_rule(**kwargs)
- # List rules and verify created rule is in response
- rule_list_body = (
- self.client.list_security_group_rules())
- rule_list = [rule['id']
- for rule in rule_list_body['security_group_rules']]
- self.assertIn(rule_create_body['security_group_rule']['id'],
- rule_list)
- self.addCleanup(self._delete_security_group_rule,
- rule_create_body['security_group_rule']['id'])
- return rule_create_body
-
- def _show_security_group_rule(self, **kwargs):
- show_rule_body = self.client.show_security_group_rule(kwargs['id'])
- for key, value in kwargs.items():
- self.assertEqual(value,
- show_rule_body['security_group_rule'][key],
- "%s does not match." % key)
-
- def _delete_security_group_rule(self, secgroup_rule_id):
- self.client.delete_security_group_rule(secgroup_rule_id)
- rule_list_body = self.client.list_security_group_rules()
- rule_list = [rule['id']
- for rule in rule_list_body['security_group_rules']]
- self.assertNotIn(secgroup_rule_id, rule_list)
-
- def _test_create_show_delete_security_group_rule(self, **kwargs):
- # The security group rule is deleted by the cleanup call in
- # _create_security_group_rule.
- rule_create_body = (
- self._create_security_group_rule(**kwargs)['security_group_rule'])
- self._show_security_group_rule(
- id=rule_create_body['id'],
- protocol=rule_create_body['protocol'],
- direction=rule_create_body['direction'],
- ethertype=rule_create_body['ethertype'])
+V6_PROTOCOL_INTS = {v
+ for k, v in constants.IP_PROTOCOL_MAP.items()
+ if k in (V6_PROTOCOL_NAMES | V6_PROTOCOL_LEGACY)}
diff --git a/neutron_tempest_plugin/api/test_extension_driver_port_security.py b/neutron_tempest_plugin/api/test_extension_driver_port_security.py
index 8a8c4f2..6b05557 100644
--- a/neutron_tempest_plugin/api/test_extension_driver_port_security.py
+++ b/neutron_tempest_plugin/api/test_extension_driver_port_security.py
@@ -19,15 +19,13 @@
from tempest.lib import exceptions as lib_exc
from neutron_tempest_plugin.api import base
-from neutron_tempest_plugin.api import base_security_groups as base_security
FAKE_IP = '10.0.0.1'
FAKE_MAC = '00:25:64:e8:19:dd'
@ddt.ddt
-class PortSecTest(base_security.BaseSecGroupTest,
- base.BaseNetworkTest):
+class PortSecTest(base.BaseNetworkTest):
@decorators.idempotent_id('7c338ddf-e64e-4118-bd33-e49a1f2f1495')
@utils.requires_ext(extension='port-security', service='network')
@@ -76,7 +74,7 @@
network = self.create_network()
self.create_subnet(network)
- sec_group_body, _ = self._create_security_group()
+ security_group = self.create_security_group()
port = self.create_port(network)
# Exception when set port-sec to False with sec-group defined
@@ -88,7 +86,7 @@
self.assertEmpty(port['security_groups'])
self.assertFalse(port['port_security_enabled'])
port = self.update_port(
- port, security_groups=[sec_group_body['security_group']['id']],
+ port, security_groups=[security_group['id']],
port_security_enabled=True)
self.assertNotEmpty(port['security_groups'])
@@ -102,11 +100,11 @@
def test_port_sec_update_pass(self):
network = self.create_network()
self.create_subnet(network)
- sec_group, _ = self._create_security_group()
- sec_group_id = sec_group['security_group']['id']
- port = self.create_port(network, security_groups=[sec_group_id],
- port_security_enabled=True)
+ security_group = self.create_security_group()
+ port = self.create_port(network,
+ security_groups=[security_group['id']],
+ port_security_enabled=True)
self.assertNotEmpty(port['security_groups'])
self.assertTrue(port['port_security_enabled'])
@@ -114,7 +112,7 @@
self.assertEmpty(port['security_groups'])
self.assertTrue(port['port_security_enabled'])
- port = self.update_port(port, security_groups=[sec_group_id])
+ port = self.update_port(port, security_groups=[security_group['id']])
self.assertNotEmpty(port['security_groups'])
port = self.update_port(port, security_groups=[],
port_security_enabled=False)
diff --git a/neutron_tempest_plugin/api/test_revisions.py b/neutron_tempest_plugin/api/test_revisions.py
index b03285d..0d590f6 100644
--- a/neutron_tempest_plugin/api/test_revisions.py
+++ b/neutron_tempest_plugin/api/test_revisions.py
@@ -12,16 +12,16 @@
import netaddr
+from neutron_lib import constants
from tempest.common import utils
from tempest.lib import decorators
from tempest.lib import exceptions
from neutron_tempest_plugin.api import base
-from neutron_tempest_plugin.api import base_security_groups as bsg
from neutron_tempest_plugin import config
-class TestRevisions(base.BaseAdminNetworkTest, bsg.BaseSecGroupTest):
+class TestRevisions(base.BaseAdminNetworkTest):
required_extensions = ['standard-attr-revisions']
@@ -111,46 +111,51 @@
@decorators.idempotent_id('6c256f71-c929-4200-b3dc-4e1843506be5')
@utils.requires_ext(extension="security-group", service="network")
def test_update_sg_group_bumps_revision(self):
- sg, name = self._create_security_group()
- self.assertIn('revision_number', sg['security_group'])
- update_body = self.client.update_security_group(
- sg['security_group']['id'], name='new_sg_name')
- self.assertGreater(update_body['security_group']['revision_number'],
- sg['security_group']['revision_number'])
+ security_group = self.create_security_group()
+ self.assertIn('revision_number', security_group)
+ updated_security_group = self.client.update_security_group(
+ security_group['id'], name='new_sg_name')['security_group']
+ self.assertGreater(updated_security_group['revision_number'],
+ security_group['revision_number'])
@decorators.idempotent_id('6489632f-8550-4453-a674-c98849742967')
@utils.requires_ext(extension="security-group", service="network")
def test_update_port_sg_binding_bumps_revision(self):
- net = self.create_network()
- self.addCleanup(self.client.delete_network, net['id'])
- port = self.create_port(net)
- self.addCleanup(self.client.delete_port, port['id'])
- sg = self._create_security_group()[0]
- self.client.update_port(
- port['id'], security_groups=[sg['security_group']['id']])
- updated = self.client.show_port(port['id'])
- updated2 = self.client.update_port(port['id'], security_groups=[])
- self.assertGreater(updated['port']['revision_number'],
+ network = self.create_network()
+ port = self.create_port(network)
+
+ security_group = self.create_security_group()
+ updated_port = self.client.update_port(
+ port['id'], security_groups=[security_group['id']])['port']
+ self.assertGreater(updated_port['revision_number'],
port['revision_number'])
- self.assertGreater(updated2['port']['revision_number'],
- updated['port']['revision_number'])
+
+ updated_port2 = self.client.update_port(
+ port['id'], security_groups=[])['port']
+ self.assertGreater(updated_port2['revision_number'],
+ updated_port['revision_number'])
@decorators.idempotent_id('29c7ab2b-d1d8-425d-8cec-fcf632960f22')
@utils.requires_ext(extension="security-group", service="network")
def test_update_sg_rule_bumps_sg_revision(self):
- sg, name = self._create_security_group()
- rule = self.client.create_security_group_rule(
- security_group_id=sg['security_group']['id'],
- protocol='tcp', direction='ingress', ethertype=self.ethertype,
- port_range_min=60, port_range_max=70)
- updated = self.client.show_security_group(sg['security_group']['id'])
- self.assertGreater(updated['security_group']['revision_number'],
- sg['security_group']['revision_number'])
- self.client.delete_security_group_rule(
- rule['security_group_rule']['id'])
- updated2 = self.client.show_security_group(sg['security_group']['id'])
- self.assertGreater(updated2['security_group']['revision_number'],
- updated['security_group']['revision_number'])
+ security_group = self.create_security_group()
+
+ security_group_rule = self.create_security_group_rule(
+ security_group=security_group,
+ protocol=constants.PROTO_NAME_TCP,
+ direction=constants.INGRESS_DIRECTION,
+ port_range_min=60,
+ port_range_max=70)
+ updated_security_group = self.client.show_security_group(
+ security_group['id'])['security_group']
+ self.assertGreater(updated_security_group['revision_number'],
+ security_group['revision_number'])
+
+ self.client.delete_security_group_rule(security_group_rule['id'])
+ updated_security_group2 = self.client.show_security_group(
+ security_group['id'])['security_group']
+ self.assertGreater(updated_security_group2['revision_number'],
+ updated_security_group['revision_number'])
@decorators.idempotent_id('db70c285-0365-4fac-9f55-2a0ad8cf55a8')
@utils.requires_ext(extension="allowed-address-pairs", service="network")
diff --git a/neutron_tempest_plugin/api/test_security_groups.py b/neutron_tempest_plugin/api/test_security_groups.py
index 299a62e..b6d344d 100644
--- a/neutron_tempest_plugin/api/test_security_groups.py
+++ b/neutron_tempest_plugin/api/test_security_groups.py
@@ -17,39 +17,40 @@
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
-from neutron_tempest_plugin.api import base_security_groups as base
+from neutron_tempest_plugin.api import base
+from neutron_tempest_plugin.api import base_security_groups
-class SecGroupTest(base.BaseSecGroupTest):
+class SecGroupTest(base.BaseNetworkTest):
required_extensions = ['security-group']
@decorators.idempotent_id('bfd128e5-3c92-44b6-9d66-7fe29d22c802')
def test_create_list_update_show_delete_security_group(self):
- group_create_body, name = self._create_security_group()
+ security_group = self.create_security_group()
# List security groups and verify if created group is there in response
- list_body = self.client.list_security_groups()
- secgroup_list = list()
- for secgroup in list_body['security_groups']:
- secgroup_list.append(secgroup['id'])
- self.assertIn(group_create_body['security_group']['id'], secgroup_list)
+ security_groups = self.client.list_security_groups()['security_groups']
+ self.assertIn(security_group['id'],
+ {sg['id'] for sg in security_groups})
+
# Update the security group
new_name = data_utils.rand_name('security')
new_description = data_utils.rand_name('security-description')
- update_body = self.client.update_security_group(
- group_create_body['security_group']['id'],
- name=new_name,
- description=new_description)
+ updated_security_group = self.client.update_security_group(
+ security_group['id'], name=new_name,
+ description=new_description)['security_group']
+
# Verify if security group is updated
- self.assertEqual(update_body['security_group']['name'], new_name)
- self.assertEqual(update_body['security_group']['description'],
+ self.assertEqual(updated_security_group['name'], new_name)
+ self.assertEqual(updated_security_group['description'],
new_description)
+
# Show details of the updated security group
- show_body = self.client.show_security_group(
- group_create_body['security_group']['id'])
- self.assertEqual(show_body['security_group']['name'], new_name)
- self.assertEqual(show_body['security_group']['description'],
+ observed_security_group = self.client.show_security_group(
+ security_group['id'])['security_group']
+ self.assertEqual(observed_security_group['name'], new_name)
+ self.assertEqual(observed_security_group['description'],
new_description)
@decorators.idempotent_id('7c0ecb10-b2db-11e6-9b14-000c29248b0d')
@@ -67,58 +68,48 @@
self.assertIsNotNone(secgrp['id'])
-class SecGroupProtocolTest(base.BaseSecGroupTest):
+class SecGroupProtocolTest(base.BaseNetworkTest):
+
+ protocol_names = base_security_groups.V4_PROTOCOL_NAMES
+ protocol_ints = base_security_groups.V4_PROTOCOL_INTS
@decorators.idempotent_id('282e3681-aa6e-42a7-b05c-c341aa1e3cdf')
- def test_create_show_delete_security_group_rule_names(self):
- group_create_body, _ = self._create_security_group()
- for protocol in base.V4_PROTOCOL_NAMES:
- self._test_create_show_delete_security_group_rule(
- security_group_id=group_create_body['security_group']['id'],
- protocol=protocol,
+ def test_security_group_rule_protocol_names(self):
+ self._test_security_group_rule_protocols(protocols=self.protocol_names)
+
+ @decorators.idempotent_id('66e47f1f-20b6-4417-8839-3cc671c7afa3')
+ def test_security_group_rule_protocol_ints(self):
+ self._test_security_group_rule_protocols(protocols=self.protocol_ints)
+
+ def _test_security_group_rule_protocols(self, protocols):
+ security_group = self.create_security_group()
+ for protocol in protocols:
+ self._test_security_group_rule(
+ security_group=security_group,
+ protocol=str(protocol),
direction=constants.INGRESS_DIRECTION,
ethertype=self.ethertype)
- @decorators.idempotent_id('66e47f1f-20b6-4417-8839-3cc671c7afa3')
- def test_create_show_delete_security_group_rule_integers(self):
- group_create_body, _ = self._create_security_group()
- for protocol in base.V4_PROTOCOL_INTS:
- self._test_create_show_delete_security_group_rule(
- security_group_id=group_create_body['security_group']['id'],
- protocol=protocol,
- direction=constants.INGRESS_DIRECTION,
- ethertype=self.ethertype)
+ def _test_security_group_rule(self, security_group, **kwargs):
+ security_group_rule = self.create_security_group_rule(
+ security_group=security_group, **kwargs)
+ observed_security_group_rule = self.client.show_security_group_rule(
+ security_group_rule['id'])['security_group_rule']
+ for key, value in kwargs.items():
+ self.assertEqual(value, security_group_rule[key],
+ "{!r} does not match.".format(key))
+ self.assertEqual(value, observed_security_group_rule[key],
+ "{!r} does not match.".format(key))
class SecGroupProtocolIPv6Test(SecGroupProtocolTest):
- _ip_version = constants.IP_VERSION_6
- @decorators.idempotent_id('1f7cc9f5-e0d5-487c-8384-3d74060ab530')
- def test_create_security_group_rule_with_ipv6_protocol_names(self):
- group_create_body, _ = self._create_security_group()
- for protocol in base.V6_PROTOCOL_NAMES:
- self._test_create_show_delete_security_group_rule(
- security_group_id=group_create_body['security_group']['id'],
- protocol=protocol,
- direction=constants.INGRESS_DIRECTION,
- ethertype=self.ethertype)
+ _ip_version = constants.IP_VERSION_6
+ protocol_names = base_security_groups.V6_PROTOCOL_NAMES
+ protocol_ints = base_security_groups.V6_PROTOCOL_INTS
+ protocol_legacy_names = base_security_groups.V6_PROTOCOL_LEGACY
@decorators.idempotent_id('c7d17b41-3b4e-4add-bb3b-6af59baaaffa')
- def test_create_security_group_rule_with_ipv6_protocol_legacy_names(self):
- group_create_body, _ = self._create_security_group()
- for protocol in base.V6_PROTOCOL_LEGACY:
- self._test_create_show_delete_security_group_rule(
- security_group_id=group_create_body['security_group']['id'],
- protocol=protocol,
- direction=constants.INGRESS_DIRECTION,
- ethertype=self.ethertype)
-
- @decorators.idempotent_id('bcfce0b7-bc96-40ae-9b08-3f6774ee0260')
- def test_create_security_group_rule_with_ipv6_protocol_integers(self):
- group_create_body, _ = self._create_security_group()
- for protocol in base.V6_PROTOCOL_INTS:
- self._test_create_show_delete_security_group_rule(
- security_group_id=group_create_body['security_group']['id'],
- protocol=protocol,
- direction=constants.INGRESS_DIRECTION,
- ethertype=self.ethertype)
+ def test_security_group_rule_protocol_legacy_names(self):
+ self._test_security_group_rule_protocols(
+ protocols=self.protocol_legacy_names)
diff --git a/neutron_tempest_plugin/api/test_security_groups_negative.py b/neutron_tempest_plugin/api/test_security_groups_negative.py
index c427691..1fcbd18 100644
--- a/neutron_tempest_plugin/api/test_security_groups_negative.py
+++ b/neutron_tempest_plugin/api/test_security_groups_negative.py
@@ -18,12 +18,14 @@
from tempest.lib import decorators
from tempest.lib import exceptions as lib_exc
-from neutron_tempest_plugin.api import base_security_groups as base
+from neutron_tempest_plugin.api import base
+from neutron_tempest_plugin.api import base_security_groups
+
LONG_NAME_NG = 'x' * (db_const.NAME_FIELD_SIZE + 1)
-class NegativeSecGroupTest(base.BaseSecGroupTest):
+class NegativeSecGroupTest(base.BaseNetworkTest):
required_extensions = ['security-group']
@@ -36,72 +38,68 @@
@decorators.idempotent_id('594edfa8-9a5b-438e-9344-49aece337d49')
def test_create_security_group_with_too_long_name(self):
self.assertRaises(lib_exc.BadRequest,
- self.client.create_security_group,
+ self.create_security_group,
name=LONG_NAME_NG)
@decorators.attr(type='negative')
@decorators.idempotent_id('b6b79838-7430-4d3f-8e07-51dfb61802c2')
def test_create_security_group_with_boolean_type_name(self):
self.assertRaises(lib_exc.BadRequest,
- self.client.create_security_group,
+ self.create_security_group,
name=True)
@decorators.attr(type='negative')
@decorators.idempotent_id('55100aa8-b24f-333c-0bef-64eefd85f15c')
def test_update_default_security_group_name(self):
- sg_list = self.client.list_security_groups(name='default')
- sg = sg_list['security_groups'][0]
+ security_group = self.client.list_security_groups(name='default')[
+ 'security_groups'][0]
self.assertRaises(lib_exc.Conflict, self.client.update_security_group,
- sg['id'], name='test')
+ security_group['id'], name='test')
@decorators.attr(type='negative')
@decorators.idempotent_id('c8510dd8-c3a8-4df9-ae44-24354db50960')
def test_update_security_group_with_too_long_name(self):
- sg_list = self.client.list_security_groups(name='default')
- sg = sg_list['security_groups'][0]
+ security_group = self.client.list_security_groups(name='default')[
+ 'security_groups'][0]
self.assertRaises(lib_exc.BadRequest,
self.client.update_security_group,
- sg['id'], name=LONG_NAME_NG)
+ security_group['id'], name=LONG_NAME_NG)
@decorators.attr(type='negative')
@decorators.idempotent_id('d9a14917-f66f-4eca-ab72-018563917f1b')
def test_update_security_group_with_boolean_type_name(self):
- sg_list = self.client.list_security_groups(name='default')
- sg = sg_list['security_groups'][0]
+ security_group = self.client.list_security_groups(name='default')[
+ 'security_groups'][0]
self.assertRaises(lib_exc.BadRequest,
self.client.update_security_group,
- sg['id'], name=True)
+ security_group['id'], name=True)
@decorators.attr(type='negative')
@decorators.idempotent_id('3200b1a8-d73b-48e9-b03f-e891a4abe2d3')
def test_delete_in_use_sec_group(self):
- sgroup = self.os_primary.network_client.create_security_group(
- name='sgroup')
- self.security_groups.append(sgroup['security_group'])
- port = self.client.create_port(
- network_id=self.network['id'],
- security_groups=[sgroup['security_group']['id']])
- self.ports.append(port['port'])
+ security_group = self.create_security_group()
+ self.create_port(network=self.network,
+ security_groups=[security_group['id']])
self.assertRaises(lib_exc.Conflict,
self.os_primary.network_client.delete_security_group,
- security_group_id=sgroup['security_group']['id'])
+ security_group_id=security_group['id'])
class NegativeSecGroupIPv6Test(NegativeSecGroupTest):
_ip_version = constants.IP_VERSION_6
-class NegativeSecGroupProtocolTest(base.BaseSecGroupTest):
+class NegativeSecGroupProtocolTest(base.BaseNetworkTest):
def _test_create_security_group_rule_with_bad_protocols(self, protocols):
- group_create_body, _ = self._create_security_group()
+ security_group = self.create_security_group()
# bad protocols can include v6 protocols because self.ethertype is v4
for protocol in protocols:
self.assertRaises(
lib_exc.BadRequest,
self.client.create_security_group_rule,
- security_group_id=group_create_body['security_group']['id'],
+ security_group_id=security_group['id'],
protocol=protocol, direction=constants.INGRESS_DIRECTION,
ethertype=self.ethertype)
@@ -109,10 +107,10 @@
@decorators.idempotent_id('cccbb0f3-c273-43ed-b3fc-1efc48833810')
def test_create_security_group_rule_with_ipv6_protocol_names(self):
self._test_create_security_group_rule_with_bad_protocols(
- base.V6_PROTOCOL_NAMES)
+ base_security_groups.V6_PROTOCOL_NAMES)
@decorators.attr(type=['negative'])
@decorators.idempotent_id('8aa636bd-7060-4fdf-b722-cdae28e2f1ef')
def test_create_security_group_rule_with_ipv6_protocol_integers(self):
self._test_create_security_group_rule_with_bad_protocols(
- base.V6_PROTOCOL_INTS)
+ base_security_groups.V6_PROTOCOL_INTS)
diff --git a/neutron_tempest_plugin/api/test_timestamp.py b/neutron_tempest_plugin/api/test_timestamp.py
index f5888f9..9ec982d 100644
--- a/neutron_tempest_plugin/api/test_timestamp.py
+++ b/neutron_tempest_plugin/api/test_timestamp.py
@@ -11,14 +11,15 @@
# under the License.
import copy
+import time
+from neutron_lib import constants
from tempest.common import utils
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
from neutron_tempest_plugin.api import base
from neutron_tempest_plugin.api import base_routers
-from neutron_tempest_plugin.api import base_security_groups
from neutron_tempest_plugin import config
CONF = config.CONF
@@ -276,7 +277,7 @@
show_fip['updated_at'])
-class TestTimeStampWithSecurityGroup(base_security_groups.BaseSecGroupTest):
+class TestTimeStampWithSecurityGroup(base.BaseNetworkTest):
required_extensions = ['standard-attr-timestamp']
@@ -287,66 +288,66 @@
@decorators.idempotent_id('a3150a7b-d31a-423a-abf3-45e71c97cbac')
def test_create_sg_with_timestamp(self):
- sg, _ = self._create_security_group()
+ security_group = self.create_security_group()
# Verifies body contains timestamp fields
- self.assertIsNotNone(sg['security_group']['created_at'])
- self.assertIsNotNone(sg['security_group']['updated_at'])
+ self.assertIsNotNone(security_group['created_at'])
+ self.assertIsNotNone(security_group['updated_at'])
@decorators.idempotent_id('432ae0d3-32b4-413e-a9b3-091ac76da31b')
def test_update_sg_with_timestamp(self):
- sgc, _ = self._create_security_group()
- sg = sgc['security_group']
- origin_updated_at = sg['updated_at']
- update_body = {'name': sg['name'] + 'new'}
- body = self.client.update_security_group(sg['id'], **update_body)
- updated_sg = body['security_group']
- new_updated_at = updated_sg['updated_at']
- self.assertEqual(sg['created_at'], updated_sg['created_at'])
- # Verify that origin_updated_at is not same with new_updated_at
- self.assertIsNot(origin_updated_at, new_updated_at)
+ security_group = self.create_security_group()
+
+ # Make sure update time will be different
+ time.sleep(2.)
+ updated_security_group = self.client.update_security_group(
+ security_group['id'], name=security_group['name'] + 'new')[
+ 'security_group']
+
+ # Verify that created_at hasn't changed
+ self.assertEqual(security_group['created_at'],
+ updated_security_group['created_at'])
+ # Verify that updated_at has changed
+ self.assertNotEqual(security_group['updated_at'],
+ updated_security_group['updated_at'])
@decorators.idempotent_id('521e6723-43d6-12a6-8c3d-f5042ad9fc32')
def test_show_sg_attribute_with_timestamp(self):
- sg, _ = self._create_security_group()
- body = self.client.show_security_group(sg['security_group']['id'])
- show_sg = body['security_group']
- # verify the timestamp from creation and showed is same
- self.assertEqual(sg['security_group']['created_at'],
- show_sg['created_at'])
- self.assertEqual(sg['security_group']['updated_at'],
- show_sg['updated_at'])
+ security_group = self.create_security_group()
+ observed_security_group = self.client.show_security_group(
+ security_group['id'])['security_group']
- def _prepare_sgrule_test(self):
- sg, _ = self._create_security_group()
- sg_id = sg['security_group']['id']
- direction = 'ingress'
- protocol = 'tcp'
- port_range_min = 77
- port_range_max = 77
- rule_create_body = self.client.create_security_group_rule(
- security_group_id=sg_id,
- direction=direction,
- ethertype=self.ethertype,
- protocol=protocol,
- port_range_min=port_range_min,
- port_range_max=port_range_max,
- remote_group_id=None,
- remote_ip_prefix=None
- )
- return rule_create_body['security_group_rule']
+ # Verify that created_at hasn't changed
+ self.assertEqual(security_group['created_at'],
+ observed_security_group['created_at'])
+ # Verify that updated_at hasn't changed
+ self.assertEqual(security_group['updated_at'],
+ observed_security_group['updated_at'])
+
+ def _create_security_group_rule(self):
+ security_group = self.create_security_group()
+ return self.create_security_group_rule(
+ security_group=security_group,
+ direction=constants.INGRESS_DIRECTION,
+ protocol=constants.PROTO_NAME_TCP,
+ port_range_min=77,
+ port_range_max=77)
@decorators.idempotent_id('83e8bd32-43e0-a3f0-1af3-12a5733c653e')
def test_create_sgrule_with_timestamp(self):
- sgrule = self._prepare_sgrule_test()
+ security_group_rule = self._create_security_group_rule()
# Verifies body contains timestamp fields
- self.assertIsNotNone(sgrule['created_at'])
- self.assertIsNotNone(sgrule['updated_at'])
+ self.assertIn('created_at', security_group_rule)
+ self.assertIn('updated_at', security_group_rule)
@decorators.idempotent_id('143da0e6-ba17-43ad-b3d7-03aa759c3cb4')
def test_show_sgrule_attribute_with_timestamp(self):
- sgrule = self._prepare_sgrule_test()
- body = self.client.show_security_group_rule(sgrule['id'])
- show_sgrule = body['security_group_rule']
- # verify the timestamp from creation and showed is same
- self.assertEqual(sgrule['created_at'], show_sgrule['created_at'])
- self.assertEqual(sgrule['updated_at'], show_sgrule['updated_at'])
+ security_group_rule = self._create_security_group_rule()
+
+ observed_security_group_rule = self.client.show_security_group_rule(
+ security_group_rule['id'])['security_group_rule']
+
+ # Verify the time stamp from creation and showed are equal
+ self.assertEqual(security_group_rule['created_at'],
+ observed_security_group_rule['created_at'])
+ self.assertEqual(security_group_rule['updated_at'],
+ observed_security_group_rule['updated_at'])
diff --git a/neutron_tempest_plugin/scenario/admin/test_floatingip.py b/neutron_tempest_plugin/scenario/admin/test_floatingip.py
index 1af5502..511452c 100644
--- a/neutron_tempest_plugin/scenario/admin/test_floatingip.py
+++ b/neutron_tempest_plugin/scenario/admin/test_floatingip.py
@@ -14,7 +14,6 @@
# under the License.
from tempest.common import utils
from tempest.common import waiters
-from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
from neutron_tempest_plugin.common import ssh
@@ -38,22 +37,17 @@
cls.create_router_interface(router['id'], cls.subnets[0]['id'])
# Create keypair with admin privileges
cls.keypair = cls.create_keypair(client=cls.os_admin.keypairs_client)
- # Create security group with admin privileges
- cls.secgroup = cls.os_admin.network_client.create_security_group(
- name=data_utils.rand_name('secgroup'))['security_group']
- # Execute funcs to achieve ssh and ICMP capabilities
- funcs = [cls.create_loginable_secgroup_rule,
- cls.create_pingable_secgroup_rule]
- for func in funcs:
- func(secgroup_id=cls.secgroup['id'],
- client=cls.os_admin.network_client)
- @classmethod
- def resource_cleanup(cls):
- # Cleanup for security group
- cls.os_admin.network_client.delete_security_group(
- security_group_id=cls.secgroup['id'])
- super(FloatingIpTestCasesAdmin, cls).resource_cleanup()
+ # Create security group with admin privileges
+ network_client = cls.os_admin.network_client
+ cls.secgroup = cls.create_security_group(
+ client=cls.os_admin.network_client)
+ cls.create_loginable_secgroup_rule(
+ secgroup_id=cls.secgroup['id'],
+ client=network_client)
+ cls.create_pingable_secgroup_rule(
+ secgroup_id=cls.secgroup['id'],
+ client=network_client),
def _list_hypervisors(self):
# List of hypervisors