Merge "Remove test duplications between tempest and n-t-p plugin"
diff --git a/.gitignore b/.gitignore
index 228b0a8..1ce41cd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,6 +43,7 @@
# Sphinx
doc/build
+doc/source/tests
# pbr generates these
AUTHORS
@@ -54,4 +55,4 @@
.*sw?
# Files created by releasenotes build
-releasenotes/build
\ No newline at end of file
+releasenotes/build
diff --git a/doc/source/conf.py b/doc/source/conf.py
index 2349713..88b9718 100755
--- a/doc/source/conf.py
+++ b/doc/source/conf.py
@@ -15,7 +15,14 @@
import os
import sys
-sys.path.insert(0, os.path.abspath('../..'))
+def autodoc_skip_member_handler(app, what, name, obj, skip, options):
+ return skip or (what == "class" and not name.startswith("test"))
+
+def setup(app):
+ app.connect('autodoc-skip-member', autodoc_skip_member_handler)
+
+sys.path.insert(0, os.path.abspath('../../neutron_tempest_plugin'))
+
# -- General configuration ----------------------------------------------------
# Add any Sphinx extension module names here, as strings. They can be
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 91388a9..e69a4ec 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -15,6 +15,7 @@
readme
installation
contributing
+ test_descriptions
Indices and tables
==================
diff --git a/doc/source/test_descriptions.rst b/doc/source/test_descriptions.rst
new file mode 100644
index 0000000..240e448
--- /dev/null
+++ b/doc/source/test_descriptions.rst
@@ -0,0 +1,7 @@
+Description of Tests
+====================
+
+.. toctree::
+ :maxdepth: 2
+
+ tests/modules
diff --git a/neutron_tempest_plugin/api/admin/test_default_security_group_rules.py b/neutron_tempest_plugin/api/admin/test_default_security_group_rules.py
new file mode 100644
index 0000000..604dbea
--- /dev/null
+++ b/neutron_tempest_plugin/api/admin/test_default_security_group_rules.py
@@ -0,0 +1,313 @@
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import copy
+import random
+
+from neutron_lib import constants
+from tempest.lib import decorators
+from tempest.lib import exceptions as lib_exc
+
+from neutron_tempest_plugin.api import base
+
+RULE_KEYWORDS_TO_CHECK = [
+ 'direction', 'remote_group_id', 'remote_address_group_id', 'description',
+ 'protocol', 'port_range_min', 'port_range_max', 'ethertype',
+ 'remote_ip_prefix', 'used_in_default_sg', 'used_in_non_default_sg'
+]
+
+
+class DefaultSecurityGroupRuleTest(base.BaseAdminNetworkTest):
+ required_extensions = ['security-groups-default-rules']
+
+ credentials = ['primary', 'admin']
+
+ @classmethod
+ def setup_clients(cls):
+ super(DefaultSecurityGroupRuleTest, cls).setup_clients()
+ cls.admin_client = cls.os_admin.network_client
+
+ def _filter_not_relevant_rule_keys(self, rule, expected_keys=None):
+ expected_keys = expected_keys or RULE_KEYWORDS_TO_CHECK
+ new_rule = {}
+ for k in rule.keys():
+ if k in expected_keys:
+ new_rule[k] = rule[k]
+ return new_rule
+
+ def _filter_not_relevant_rules_keys(self, rules, keys=None):
+ keys = keys or RULE_KEYWORDS_TO_CHECK
+ return [self._filter_not_relevant_rule_keys(r, keys) for r in rules]
+
+ def _assert_rules_exists(self, expected_rules, actual_rules):
+ for expected_rule in expected_rules:
+ self.assertIn(expected_rule, actual_rules)
+
+ @decorators.idempotent_id('2f3d3070-e9fa-4127-a33f-f1532fd89108')
+ def test_legacy_default_sg_rules_created_by_default(self):
+ expected_legacy_template_rules = [
+ {
+ 'direction': 'egress',
+ 'ethertype': 'IPv4',
+ 'remote_group_id': None,
+ 'protocol': None,
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': None,
+ 'port_range_min': None,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': True,
+ 'description': 'Legacy default SG rule for egress traffic'
+ }, {
+ 'remote_group_id': 'PARENT',
+ 'direction': 'ingress',
+ 'ethertype': 'IPv6',
+ 'protocol': None,
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': None,
+ 'port_range_min': None,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': False,
+ 'description': 'Legacy default SG rule for ingress traffic'
+ }, {
+ 'remote_group_id': 'PARENT',
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': None,
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': None,
+ 'port_range_min': None,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': False,
+ 'description': 'Legacy default SG rule for ingress traffic'
+ }, {
+ 'direction': 'egress',
+ 'ethertype': 'IPv6',
+ 'remote_group_id': None,
+ 'protocol': None,
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': None,
+ 'port_range_min': None,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': True,
+ 'description': 'Legacy default SG rule for egress traffic'
+ }
+ ]
+ sg_rules_template = (
+ self.admin_client.list_default_security_group_rules()[
+ 'default_security_group_rules'
+ ])
+ self._assert_rules_exists(
+ expected_legacy_template_rules,
+ self._filter_not_relevant_rules_keys(sg_rules_template))
+
+ @decorators.idempotent_id('df98f969-ff2d-4597-9765-f5d4f81f775f')
+ def test_default_security_group_rule_lifecycle(self):
+ tcp_port = random.randint(constants.PORT_RANGE_MIN,
+ constants.PORT_RANGE_MAX)
+ rule_args = {
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': False,
+ 'used_in_non_default_sg': True,
+ 'description': (
+ 'Allow tcp connections over IPv4 on port %s' % tcp_port)
+ }
+ expected_rule = {
+ 'remote_group_id': None,
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'port_range_min': tcp_port,
+ 'port_range_max': tcp_port,
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'used_in_default_sg': False,
+ 'used_in_non_default_sg': True,
+ 'description': (
+ 'Allow tcp connections over IPv4 on port %s' % tcp_port)
+ }
+ created_rule_template = self.create_default_security_group_rule(
+ **rule_args)
+ self.assertDictEqual(
+ expected_rule,
+ self._filter_not_relevant_rule_keys(created_rule_template)
+ )
+ observed_rule_template = (
+ self.admin_client.get_default_security_group_rule(
+ created_rule_template['id'])
+ )['default_security_group_rule']
+ self.assertDictEqual(
+ expected_rule,
+ self._filter_not_relevant_rule_keys(observed_rule_template)
+ )
+
+ self.admin_client.delete_default_security_group_rule(
+ created_rule_template['id']
+ )
+ self.assertRaises(
+ lib_exc.NotFound,
+ self.admin_client.get_default_security_group_rule,
+ created_rule_template['id']
+ )
+
+ @decorators.idempotent_id('6c5a2f41-5899-47f4-9daf-4f8ddbbd3ad5')
+ def test_create_duplicate_default_security_group_rule_different_templates(
+ self):
+ tcp_port = random.randint(constants.PORT_RANGE_MIN,
+ constants.PORT_RANGE_MAX)
+ rule_args = {
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': True}
+ self.create_default_security_group_rule(**rule_args)
+
+ # Now, even if 'used_in_non_default_sg' will be different error should
+ # be returned as 'used_in_default_sg' is the same
+ new_rule_args = copy.copy(rule_args)
+ new_rule_args['used_in_non_default_sg'] = False
+ self.assertRaises(
+ lib_exc.Conflict,
+ self.admin_client.create_default_security_group_rule,
+ **new_rule_args)
+
+ # Same in the opposite way: even if 'used_in_default_sg' will be
+ # different error should be returned as 'used_in_non_default_sg'
+ # is the same
+ new_rule_args = copy.copy(rule_args)
+ new_rule_args['used_in_default_sg'] = False
+ self.assertRaises(
+ lib_exc.Conflict,
+ self.admin_client.create_default_security_group_rule,
+ **new_rule_args)
+
+ @decorators.idempotent_id('e4696607-1a13-48eb-8912-ee1e742d9471')
+ def test_create_same_default_security_group_rule_for_different_templates(
+ self):
+ tcp_port = random.randint(constants.PORT_RANGE_MIN,
+ constants.PORT_RANGE_MAX)
+ expected_rules = [{
+ 'remote_group_id': None,
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': False,
+ 'description': ''
+ }, {
+ 'remote_group_id': None,
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'remote_ip_prefix': None,
+ 'remote_address_group_id': None,
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': False,
+ 'used_in_non_default_sg': True,
+ 'description': ''
+ }]
+
+ default_sg_rule_args = {
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': True,
+ 'used_in_non_default_sg': False}
+ self.create_default_security_group_rule(**default_sg_rule_args)
+
+ custom_sg_rule_args = {
+ 'direction': 'ingress',
+ 'ethertype': 'IPv4',
+ 'protocol': 'tcp',
+ 'port_range_max': tcp_port,
+ 'port_range_min': tcp_port,
+ 'used_in_default_sg': False,
+ 'used_in_non_default_sg': True}
+ self.create_default_security_group_rule(**custom_sg_rule_args)
+
+ sg_rules_template = (
+ self.admin_client.list_default_security_group_rules()[
+ 'default_security_group_rules'
+ ])
+ self._assert_rules_exists(
+ expected_rules,
+ self._filter_not_relevant_rules_keys(sg_rules_template))
+
+ def _validate_security_group_rules(self, sg, is_default_sg):
+ keys_to_check = [
+ 'remote_group_id', 'direction', 'ethertype', 'protocol',
+ 'remote_ip_prefix', 'remote_address_group_id', 'port_range_min',
+ 'port_range_max']
+
+ if is_default_sg:
+ sg_rules_template = (
+ self.admin_client.list_default_security_group_rules(
+ used_in_default_sg=True)['default_security_group_rules'])
+ else:
+ sg_rules_template = (
+ self.admin_client.list_default_security_group_rules(
+ used_in_non_default_sg=True
+ )['default_security_group_rules'])
+ # NOTE(slaweq): We need to replace "PARENT" keyword in
+ # the "remote_group_id" attribute of every default sg rule template
+ # with actual SG ID
+ for rule in sg_rules_template:
+ if rule['remote_group_id'] == 'PARENT':
+ rule['remote_group_id'] = sg['id']
+
+ self._assert_rules_exists(
+ self._filter_not_relevant_rules_keys(
+ sg_rules_template, keys_to_check),
+ self._filter_not_relevant_rules_keys(
+ sg['security_group_rules'], keys_to_check))
+
+ @decorators.idempotent_id('29feedb1-6f04-4a1f-a778-2fae2c7b7dc8')
+ def test_security_group_rules_created_from_default_sg_rules_template(
+ self):
+ """Test if default SG and custom new SG have got proper SG rules.
+
+ This test creates new project and checks if its default SG has SG
+ rules matching default SG rules for that kind of SG.
+ Next it creates new SG for the same project and checks if that SG also
+ have proper SG rules based on the default SG rules template.
+ """
+
+ project = self.create_project()
+ # First check rules for default SG created automatically for each
+ # project
+ default_sg = self.admin_client.list_security_groups(
+ tenant_id=project['id'], name='default')['security_groups'][0]
+ self._validate_security_group_rules(default_sg, is_default_sg=True)
+
+ # And now create different SG for same project and check SG rules for
+ # such additional SG
+ sg = self.create_security_group(project=project)
+ self._validate_security_group_rules(sg, is_default_sg=False)
diff --git a/neutron_tempest_plugin/api/base.py b/neutron_tempest_plugin/api/base.py
index b66fe0d..e3c9aad 100644
--- a/neutron_tempest_plugin/api/base.py
+++ b/neutron_tempest_plugin/api/base.py
@@ -135,6 +135,7 @@
cls.admin_subnetpools = []
cls.security_groups = []
cls.admin_security_groups = []
+ cls.sg_rule_templates = []
cls.projects = []
cls.log_objects = []
cls.reserved_subnet_cidrs = set()
@@ -243,6 +244,12 @@
security_group,
client=cls.admin_client)
+ # Clean up security group rule templates
+ for sg_rule_template in cls.sg_rule_templates:
+ cls._try_delete_resource(
+ cls.admin_client.delete_default_security_group_rule,
+ sg_rule_template['id'])
+
for subnetpool in cls.subnetpools:
cls._try_delete_resource(cls.client.delete_subnetpool,
subnetpool['id'])
@@ -971,6 +978,15 @@
client.delete_security_group(security_group['id'])
@classmethod
+ def get_security_group(cls, name='default', client=None):
+ client = client or cls.client
+ security_groups = client.list_security_groups()['security_groups']
+ for security_group in security_groups:
+ if security_group['name'] == name:
+ return security_group
+ raise ValueError("No such security group named {!r}".format(name))
+
+ @classmethod
def create_security_group_rule(cls, security_group=None, project=None,
client=None, ip_version=None, **kwargs):
if project:
@@ -1006,13 +1022,11 @@
'security_group_rule']
@classmethod
- def get_security_group(cls, name='default', client=None):
- client = client or cls.client
- security_groups = client.list_security_groups()['security_groups']
- for security_group in security_groups:
- if security_group['name'] == name:
- return security_group
- raise ValueError("No such security group named {!r}".format(name))
+ def create_default_security_group_rule(cls, **kwargs):
+ body = cls.admin_client.create_default_security_group_rule(**kwargs)
+ default_sg_rule = body['default_security_group_rule']
+ cls.sg_rule_templates.append(default_sg_rule)
+ return default_sg_rule
@classmethod
def create_keypair(cls, client=None, name=None, **kwargs):
diff --git a/neutron_tempest_plugin/api/test_security_groups.py b/neutron_tempest_plugin/api/test_security_groups.py
index 14e0c66..85e4763 100644
--- a/neutron_tempest_plugin/api/test_security_groups.py
+++ b/neutron_tempest_plugin/api/test_security_groups.py
@@ -245,6 +245,14 @@
class BaseSecGroupQuota(base.BaseAdminNetworkTest):
+ def setUp(self):
+ super().setUp()
+ # NOTE(slaweq): we don't know exactly how many rule templates may be
+ # created in the neutron db and used for every SG so, as in this test
+ # class we are checking quotas of SG, not SG rules, lets set quota for
+ # SG rules to -1
+ self._set_sg_rules_quota(-1)
+
def _create_max_allowed_sg_amount(self):
sg_amount = self._get_sg_amount()
sg_quota = self._get_sg_quota()
@@ -270,17 +278,23 @@
self.assertEqual(self._get_sg_quota(), new_sg_quota,
"Security group quota wasn't changed correctly")
- def _set_sg_quota(self, val):
- sg_quota = self._get_sg_quota()
+ def _set_quota(self, val, resource):
+ res_quota = self._get_quota(resource)
project_id = self.client.project_id
- self.admin_client.update_quotas(project_id, **{'security_group': val})
+ self.admin_client.update_quotas(project_id, **{resource: val})
self.addCleanup(self.admin_client.update_quotas,
- project_id, **{'security_group': sg_quota})
+ project_id, **{resource: res_quota})
- def _get_sg_quota(self):
+ def _get_quota(self, resource):
project_id = self.client.project_id
quotas = self.admin_client.show_quotas(project_id)
- return quotas['quota']['security_group']
+ return quotas['quota'][resource]
+
+ def _set_sg_quota(self, val):
+ return self._set_quota(val, 'security_group')
+
+ def _get_sg_quota(self):
+ return self._get_quota('security_group')
def _get_sg_amount(self):
project_id = self.client.project_id
@@ -288,6 +302,9 @@
security_groups = self.client.list_security_groups(**filter_query)
return len(security_groups['security_groups'])
+ def _set_sg_rules_quota(self, val):
+ return self._set_quota(val, 'security_group_rule')
+
class SecGroupQuotaTest(BaseSecGroupQuota):
diff --git a/neutron_tempest_plugin/common/shell.py b/neutron_tempest_plugin/common/shell.py
index eebb07d..073bf55 100644
--- a/neutron_tempest_plugin/common/shell.py
+++ b/neutron_tempest_plugin/common/shell.py
@@ -47,18 +47,18 @@
:param timeout: command execution timeout in seconds
:param check: when False it doesn't raises ShellCommandFailed when
- exit status is not zero. True by default
+ exit status is not zero. True by default
:returns: STDOUT text when command execution terminates with zero exit
- status.
+ status.
:raises ShellTimeoutExpired: when timeout expires before command execution
- terminates. In such case it kills the process, then it eventually would
- try to read STDOUT and STDERR buffers (not fully implemented) before
- raising the exception.
+ terminates. In such case it kills the process, then it eventually would
+ try to read STDOUT and STDERR buffers (not fully implemented) before
+ raising the exception.
:raises ShellCommandFailed: when command execution terminates with non-zero
- exit status.
+ exit status.
"""
ssh_client = ssh_client or SSH_PROXY_CLIENT
if timeout:
diff --git a/neutron_tempest_plugin/common/ssh.py b/neutron_tempest_plugin/common/ssh.py
index 4cb1474..700d21b 100644
--- a/neutron_tempest_plugin/common/ssh.py
+++ b/neutron_tempest_plugin/common/ssh.py
@@ -133,7 +133,7 @@
:returns: paramiko.Client connected to remote server.
:raises tempest.lib.exceptions.SSHTimeout: in case it fails to connect
- to remote server.
+ to remote server.
"""
return super(Client, self)._get_ssh_connection(*args, **kwargs)
diff --git a/neutron_tempest_plugin/common/utils.py b/neutron_tempest_plugin/common/utils.py
index ab99db9..c62aa78 100644
--- a/neutron_tempest_plugin/common/utils.py
+++ b/neutron_tempest_plugin/common/utils.py
@@ -73,7 +73,7 @@
"""Wait until callable predicate is evaluated as True
:param predicate: Callable deciding whether waiting should continue.
- Best practice is to instantiate predicate with functools.partial()
+ Best practice is to instantiate predicate with functools.partial()
:param timeout: Timeout in seconds how long should function wait.
:param sleep: Polling interval for results in seconds.
:param exception: Exception instance to raise on timeout. If None is passed
diff --git a/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py b/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
index fe0f3fc..a7bc12a 100644
--- a/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
+++ b/neutron_tempest_plugin/neutron_dynamic_routing/scenario/test_simple_bgp.py
@@ -68,24 +68,26 @@
class Bgp(BgpClientMixin, base.BaseTempestTestCase):
"""Test the following topology
- +-------------------+
- | public |
- | network |
- | |
- +-+---------------+-+
- | |
- | |
- +-------+-+ +-+-------+
- | LEFT | | RIGHT |
- | router | <--BGP--> | router |
- | | | |
- +----+----+ +----+----+
- | |
- +----+----+ +----+----+
- | LEFT | | RIGHT |
- | network | | network |
- | | | |
- +---------+ +---------+
+ .. code-block:: HTML
+
+ +-------------------+
+ | public |
+ | network |
+ | |
+ +-+---------------+-+
+ | |
+ | |
+ +-------+-+ +-+-------+
+ | LEFT | | RIGHT |
+ | router | <--BGP--> | router |
+ | | | |
+ +----+----+ +----+----+
+ | |
+ +----+----+ +----+----+
+ | LEFT | | RIGHT |
+ | network | | network |
+ | | | |
+ +---------+ +---------+
"""
credentials = ['primary', 'admin']
diff --git a/neutron_tempest_plugin/scenario/test_connectivity.py b/neutron_tempest_plugin/scenario/test_connectivity.py
index 5608dae..a6fc893 100644
--- a/neutron_tempest_plugin/scenario/test_connectivity.py
+++ b/neutron_tempest_plugin/scenario/test_connectivity.py
@@ -173,18 +173,21 @@
ensures that connectivity from VM to both routers is working.
Test scenario: (NOTE: 10.1.0.0/24 private CIDR is used as an example)
- +----------------+ +------------+
- | Non-dvr router | | DVR router |
- | | | |
- | 10.1.0.1 | | 10.1.0.x |
- +-------+--------+ +-----+------+
- | |
- | 10.1.0.0/24 |
- +----------------+----------------+
- |
- +-+-+
- |VM |
- +---+
+
+ .. code-block:: HTML
+
+ +----------------+ +------------+
+ | Non-dvr router | | DVR router |
+ | | | |
+ | 10.1.0.1 | | 10.1.0.x |
+ +-------+--------+ +-----+------+
+ | |
+ | 10.1.0.0/24 |
+ +----------------+----------------+
+ |
+ +-+-+
+ |VM |
+ +---+
where:
10.1.0.1 - is subnet's gateway IP address,
diff --git a/neutron_tempest_plugin/scenario/test_floatingip.py b/neutron_tempest_plugin/scenario/test_floatingip.py
index a5f6486..804683d 100644
--- a/neutron_tempest_plugin/scenario/test_floatingip.py
+++ b/neutron_tempest_plugin/scenario/test_floatingip.py
@@ -607,7 +607,7 @@
deleted just before the creation of the new IP to "reserve" the
IP address associated (see LP#1880976).
10. Create a FIP for the VM3 in the external network with
- the same IP address that was used for VM2.
+ the same IP address that was used for VM2.
11. Make sure that now VM1 is able to reach VM3 using the FIP.
Note, the scenario passes only in case corresponding
diff --git a/neutron_tempest_plugin/scenario/test_internal_dns.py b/neutron_tempest_plugin/scenario/test_internal_dns.py
index e705241..9ffb05d 100644
--- a/neutron_tempest_plugin/scenario/test_internal_dns.py
+++ b/neutron_tempest_plugin/scenario/test_internal_dns.py
@@ -89,8 +89,8 @@
1) Create two VMs on the same network, giving each a name
2) SSH in to the first VM:
- 2.1) ping the other VM's internal IP
- 2.2) ping the other VM's hostname
+ - ping the other VM's internal IP
+ - ping the other VM's hostname
"""
network = self.create_network(dns_domain='starwars.')
self.setup_network_and_server(network=network, server_name='luke')
diff --git a/neutron_tempest_plugin/scenario/test_security_groups.py b/neutron_tempest_plugin/scenario/test_security_groups.py
index 3d075b4..03156c7 100644
--- a/neutron_tempest_plugin/scenario/test_security_groups.py
+++ b/neutron_tempest_plugin/scenario/test_security_groups.py
@@ -1141,14 +1141,9 @@
should_succeed=True)
-@testtools.skipIf(
- CONF.neutron_plugin_options.firewall_driver in ['openvswitch', 'None'],
- "Firewall driver other than 'openvswitch' is required to use "
- "stateless security groups.")
-class StatelessSecGroupDualStackSlaacTest(BaseNetworkSecGroupTest):
+class StatelessSecGroupDualStackBase(BaseNetworkSecGroupTest):
required_extensions = ['security-group', 'stateful-security-group']
stateless_sg = True
- ipv6_mode = 'slaac'
def _get_port_cidrs(self, port):
ips = []
@@ -1183,6 +1178,14 @@
for port_cidr in self._get_port_cidrs(port):
self.assertIn(port_cidr, configured_cidrs)
+
+@testtools.skipIf(
+ CONF.neutron_plugin_options.firewall_driver in ['openvswitch', 'None'],
+ "Firewall driver other than 'openvswitch' is required to use "
+ "stateless security groups.")
+class StatelessSecGroupDualStackSlaacTest(StatelessSecGroupDualStackBase):
+ ipv6_mode = 'slaac'
+
@decorators.idempotent_id('e7d64384-ea6a-40aa-b454-854f0990153c')
def test_default_sec_grp_scenarios(self):
self._test_default_sec_grp_scenarios()
@@ -1193,9 +1196,7 @@
"Firewall driver other than 'openvswitch' is required to use "
"stateless security groups.")
class StatelessSecGroupDualStackDHCPv6StatelessTest(
- StatelessSecGroupDualStackSlaacTest):
- required_extensions = ['security-group', 'stateful-security-group']
- stateless_sg = True
+ StatelessSecGroupDualStackBase):
ipv6_mode = 'dhcpv6-stateless'
@decorators.idempotent_id('c61c127c-e08f-4ddf-87a3-58b3c86e5476')
diff --git a/neutron_tempest_plugin/services/network/json/network_client.py b/neutron_tempest_plugin/services/network/json/network_client.py
index 0666297..d5a827e 100644
--- a/neutron_tempest_plugin/services/network/json/network_client.py
+++ b/neutron_tempest_plugin/services/network/json/network_client.py
@@ -846,6 +846,38 @@
self.expected_success(204, resp.status)
return service_client.ResponseBody(resp, body)
+ def list_default_security_group_rules(self, **kwargs):
+ uri = '%s/default-security-group-rules' % self.uri_prefix
+ if kwargs:
+ uri += '?' + urlparse.urlencode(kwargs, doseq=1)
+ resp, body = self.get(uri)
+ self.expected_success(200, resp.status)
+ body = jsonutils.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def get_default_security_group_rule(self, rule_id):
+ uri = '%s/default-security-group-rules/%s' % (self.uri_prefix,
+ rule_id)
+ get_resp, get_resp_body = self.get(uri)
+ self.expected_success(200, get_resp.status)
+ body = jsonutils.loads(get_resp_body)
+ return service_client.ResponseBody(get_resp, body)
+
+ def create_default_security_group_rule(self, **kwargs):
+ post_body = {'default_security_group_rule': kwargs}
+ body = jsonutils.dumps(post_body)
+ uri = '%s/default-security-group-rules' % self.uri_prefix
+ resp, body = self.post(uri, body)
+ self.expected_success(201, resp.status)
+ body = jsonutils.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def delete_default_security_group_rule(self, rule_id):
+ uri = '%s/default-security-group-rules/%s' % (self.uri_prefix, rule_id)
+ resp, body = self.delete(uri)
+ self.expected_success(204, resp.status)
+ return service_client.ResponseBody(resp, body)
+
def list_ports(self, **kwargs):
uri = '%s/ports' % self.uri_prefix
if kwargs:
diff --git a/neutron_tempest_plugin/vpnaas/api/test_vpnaas.py b/neutron_tempest_plugin/vpnaas/api/test_vpnaas.py
index 953360e..b61fb1b 100644
--- a/neutron_tempest_plugin/vpnaas/api/test_vpnaas.py
+++ b/neutron_tempest_plugin/vpnaas/api/test_vpnaas.py
@@ -34,9 +34,10 @@
Tests the following operations in the Neutron API using the REST client for
Neutron:
- List, Show, Create, Delete, and Update VPN Service
- List, Show, Create, Delete, and Update IKE policy
- List, Show, Create, Delete, and Update IPSec policy
+
+ * List, Show, Create, Delete, and Update VPN Service
+ * List, Show, Create, Delete, and Update IKE policy
+ * List, Show, Create, Delete, and Update IPSec policy
"""
@classmethod
diff --git a/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py b/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
index 92eed9e..c7b64d5 100644
--- a/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
+++ b/neutron_tempest_plugin/vpnaas/scenario/test_vpnaas.py
@@ -52,24 +52,26 @@
class Vpnaas(base.BaseTempestTestCase):
"""Test the following topology
- +-------------------+
- | public |
- | network |
- | |
- +-+---------------+-+
- | |
- | |
- +-------+-+ +-+-------+
- | LEFT | | RIGHT |
- | router | <--VPN--> | router |
- | | | |
- +----+----+ +----+----+
- | |
- +----+----+ +----+----+
- | LEFT | | RIGHT |
- | network | | network |
- | | | |
- +---------+ +---------+
+ .. code-block:: HTML
+
+ +-------------------+
+ | public |
+ | network |
+ | |
+ +-+---------------+-+
+ | |
+ | |
+ +-------+-+ +-+-------+
+ | LEFT | | RIGHT |
+ | router | <--VPN--> | router |
+ | | | |
+ +----+----+ +----+----+
+ | |
+ +----+----+ +----+----+
+ | LEFT | | RIGHT |
+ | network | | network |
+ | | | |
+ +---------+ +---------+
"""
credentials = ['primary', 'admin']
diff --git a/playbooks/linuxbridge-scenario-pre-run.yaml b/playbooks/linuxbridge-scenario-pre-run.yaml
index 26586f6..bc80e76 100644
--- a/playbooks/linuxbridge-scenario-pre-run.yaml
+++ b/playbooks/linuxbridge-scenario-pre-run.yaml
@@ -4,4 +4,4 @@
# destination IP addresses in arp tables:
- include_role:
name: legacy_ebtables
- when: ansible_distribution_release | lower == 'focal'
+ when: ansible_distribution_release | lower in ['focal', 'jammy']
diff --git a/tox.ini b/tox.ini
index c2fc078..2f7da5c 100644
--- a/tox.ini
+++ b/tox.ini
@@ -40,8 +40,15 @@
[testenv:docs]
deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+ -r{toxinidir}/requirements.txt
-r{toxinidir}/doc/requirements.txt
-commands = sphinx-build -W -b html doc/source doc/build/html
+commands =
+ rm -rf doc/source/tests
+ sphinx-apidoc -f -o doc/source/tests neutron_tempest_plugin
+ rm -rf doc/build
+ sphinx-build -W -b html doc/source doc/build/html
+allowlist_externals =
+ rm
[testenv:releasenotes]
deps = {[testenv:docs]deps}
diff --git a/zuul.d/2023_2_jobs.yaml b/zuul.d/2023_2_jobs.yaml
new file mode 100644
index 0000000..f5ece3d
--- /dev/null
+++ b/zuul.d/2023_2_jobs.yaml
@@ -0,0 +1,269 @@
+- job:
+ name: neutron-tempest-plugin-openvswitch-2023-2
+ parent: neutron-tempest-plugin-openvswitch
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_openvswitch: &api_extensions_openvswitch
+ - dhcp_agent_scheduler
+ - local_ip
+ - qos-bw-minimum-ingress
+ tempest_test_regex: "\
+ (^neutron_tempest_plugin.api)|\
+ (^neutron_tempest_plugin.scenario)|\
+ (^tempest.api.compute.servers.test_attach_interfaces)|\
+ (^tempest.api.compute.servers.test_multiple_create)"
+ network_available_features: &available_features
+ - ipv6_metadata
+ network_api_extensions_common: &api_extensions
+ - address-group
+ - address-scope
+ - agent
+ - allowed-address-pairs
+ - auto-allocated-topology
+ - availability_zone
+ - binding
+ - default-subnetpools
+ - dns-domain-ports
+ - dns-integration
+ - dns-integration-domain-keywords
+ - empty-string-filtering
+ - expose-port-forwarding-in-fip
+ - expose-l3-conntrack-helper
+ - ext-gw-mode
+ - external-net
+ - extra_dhcp_opt
+ - extraroute
+ - extraroute-atomic
+ - filter-validation
+ - fip-port-details
+ - flavors
+ - floating-ip-port-forwarding
+ - floating-ip-port-forwarding-detail
+ - floatingip-pools
+ - ip-substring-filtering
+ - l3-conntrack-helper
+ - l3-ext-ndp-proxy
+ - l3-flavors
+ - l3-ha
+ - l3-ndp-proxy
+ - l3_agent_scheduler
+ - metering
+ - multi-provider
+ - net-mtu
+ - net-mtu-writable
+ - network-ip-availability
+ - network_availability_zone
+ - network-segment-range
+ - pagination
+ - port-device-profile
+ - port-mac-address-regenerate
+ - port-resource-request
+ - port-resource-request-groups
+ - port-security
+ - port-security-groups-filtering
+ - project-id
+ - provider
+ - qos
+ - qos-fip
+ - quotas
+ - quota_details
+ - rbac-address-group
+ - rbac-address-scope
+ - rbac-policies
+ - rbac-security-groups
+ - rbac-subnetpool
+ - router
+ - router_availability_zone
+ - security-group
+ - security-groups-remote-address-group
+ - segment
+ - service-type
+ - sorting
+ - standard-attr-description
+ - standard-attr-revisions
+ - standard-attr-segment
+ - standard-attr-tag
+ - standard-attr-timestamp
+ - stateful-security-group
+ - subnet_allocation
+ - subnet-dns-publish-fixed-ip
+ - subnet-service-types
+ - subnetpool-prefix-ops
+ - tag-ports-during-bulk-creation
+ - trunk
+ - trunk-details
+ - uplink-status-propagation
+ devstack_localrc:
+ NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_openvswitch) | join(',') }}"
+ devstack_local_conf:
+ test-config:
+ $TEMPEST_CONFIG:
+ network-feature-enabled:
+ available_features: "{{ network_available_features | join(',') }}"
+
+- job:
+ name: neutron-tempest-plugin-openvswitch-iptables_hybrid-2023-2
+ parent: neutron-tempest-plugin-openvswitch-iptables_hybrid
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_common: *api_extensions
+ network_api_extensions_openvswitch: *api_extensions_openvswitch
+ network_available_features: *available_features
+ tempest_test_regex: "\
+ (^neutron_tempest_plugin.api)|\
+ (^neutron_tempest_plugin.scenario)|\
+ (^tempest.api.compute.servers.test_attach_interfaces)|\
+ (^tempest.api.compute.servers.test_multiple_create)"
+ # TODO(slaweq): remove trunks subport_connectivity test from blacklist
+ # when bug https://bugs.launchpad.net/neutron/+bug/1838760 will be fixed
+ # TODO(akatz): remove established tcp session verification test when the
+ # bug https://bugzilla.redhat.com/show_bug.cgi?id=1965036 will be fixed
+ tempest_exclude_regex: "\
+ (^neutron_tempest_plugin.scenario.test_trunk.TrunkTest.test_subport_connectivity)|\
+ (^neutron_tempest_plugin.scenario.test_security_groups.StatefulNetworkSecGroupTest.test_established_tcp_session_after_re_attachinging_sg)|\
+ (^neutron_tempest_plugin.scenario.test_security_groups.StatelessNetworkSecGroupTest.test_established_tcp_session_after_re_attachinging_sg)"
+ devstack_localrc:
+ NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_openvswitch) | join(',') }}"
+ devstack_local_conf:
+ test-config:
+ $TEMPEST_CONFIG:
+ network-feature-enabled:
+ available_features: "{{ network_available_features | join(',') }}"
+ neutron_plugin_options:
+ available_type_drivers: flat,vlan,local,vxlan
+ firewall_driver: iptables_hybrid
+
+- job:
+ name: neutron-tempest-plugin-openvswitch-enforce-scope-new-defaults-2023-2
+ parent: neutron-tempest-plugin-openvswitch-2023-2
+ override-checkout: stable/2023.2
+ vars:
+ devstack_localrc:
+ # Enabeling the scope and new defaults for services.
+ # NOTE: (gmann) We need to keep keystone scope check disable as
+ # services (except ironic) does not support the system scope and
+ # they need keystone to continue working with project scope. Until
+ # Keystone policies are changed to work for both system as well as
+ # for project scoped, we need to keep scope check disable for
+ # keystone.
+ NOVA_ENFORCE_SCOPE: true
+ GLANCE_ENFORCE_SCOPE: true
+ NEUTRON_ENFORCE_SCOPE: true
+
+- job:
+ name: neutron-tempest-plugin-linuxbridge-2023-2
+ parent: neutron-tempest-plugin-linuxbridge
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_common: *api_extensions
+ network_api_extensions_linuxbridge:
+ - dhcp_agent_scheduler
+ - vlan-transparent
+ network_available_features: *available_features
+ tempest_test_regex: "\
+ (^neutron_tempest_plugin.api)|\
+ (^neutron_tempest_plugin.scenario)|\
+ (^tempest.api.compute.servers.test_attach_interfaces)|\
+ (^tempest.api.compute.servers.test_multiple_create)"
+ # TODO(eolivare): remove VLAN Transparency tests from blacklist
+ # when bug https://bugs.launchpad.net/neutron/+bug/1907548 will be fixed
+ # TODO(slaweq): remove
+ # test_established_tcp_session_after_re_attachinging_sg from the
+ # exclude regex when bug https://bugs.launchpad.net/neutron/+bug/1936911
+ # will be fixed
+ # TODO(slaweq) remove test_floatingip_port_details from the exclude
+ # regex when bug https://bugs.launchpad.net/neutron/+bug/1799790 will be
+ # fixed
+ tempest_exclude_regex: "\
+ (^neutron_tempest_plugin.scenario.test_vlan_transparency.VlanTransparencyTest)|\
+ (^neutron_tempest_plugin.scenario.test_security_groups.StatefulNetworkSecGroupTest.test_established_tcp_session_after_re_attachinging_sg)|\
+ (^neutron_tempest_plugin.scenario.test_security_groups.StatelessNetworkSecGroupTest.test_established_tcp_session_after_re_attachinging_sg)|\
+ (^neutron_tempest_plugin.scenario.test_floatingip.FloatingIPPortDetailsTest.test_floatingip_port_details)"
+ devstack_localrc:
+ NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_linuxbridge) | join(',') }}"
+ devstack_local_conf:
+ test-config:
+ $TEMPEST_CONFIG:
+ network-feature-enabled:
+ available_features: "{{ network_available_features | join(',') }}"
+ neutron_plugin_options:
+ available_type_drivers: flat,vlan,local,vxlan
+ q_agent: linuxbridge
+ firewall_driver: iptables
+
+- job:
+ name: neutron-tempest-plugin-ovn-2023-2
+ parent: neutron-tempest-plugin-ovn
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_ovn:
+ - vlan-transparent
+ tempest_test_regex: "\
+ (^neutron_tempest_plugin.api)|\
+ (^neutron_tempest_plugin.scenario)|\
+ (^tempest.api.compute.servers.test_attach_interfaces)|\
+ (^tempest.api.compute.servers.test_multiple_create)"
+ # TODO(jlibosva): Remove the NetworkWritableMtuTest test from the list
+ # once east/west fragmentation is supported in core OVN
+ tempest_exclude_regex: "\
+ (^neutron_tempest_plugin.scenario.test_mtu.NetworkWritableMtuTest)"
+ devstack_localrc:
+ NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_ovn) | join(',') }}"
+ devstack_local_conf:
+ test-config:
+ $TEMPEST_CONFIG:
+ network-feature-enabled:
+ available_features: ""
+ neutron_plugin_options:
+ available_type_drivers: local,flat,vlan,geneve
+ is_igmp_snooping_enabled: True
+ firewall_driver: ovn
+
+- job:
+ name: neutron-tempest-plugin-dvr-multinode-scenario-2023-2
+ parent: neutron-tempest-plugin-dvr-multinode-scenario
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_common: *api_extensions
+ network_api_extensions_dvr:
+ - dhcp_agent_scheduler
+ - dvr
+ devstack_localrc:
+ NETWORK_API_EXTENSIONS: "{{ (network_api_extensions_common + network_api_extensions_dvr) | join(',') }}"
+
+- job:
+ name: neutron-tempest-plugin-designate-scenario-2023-2
+ parent: neutron-tempest-plugin-designate-scenario
+ override-checkout: stable/2023.2
+ vars:
+ network_api_extensions_common: *api_extensions
+
+- job:
+ name: neutron-tempest-plugin-sfc-2023-2
+ parent: neutron-tempest-plugin-sfc
+ override-checkout: stable/2023.2
+
+- job:
+ name: neutron-tempest-plugin-bgpvpn-bagpipe-2023-2
+ parent: neutron-tempest-plugin-bgpvpn-bagpipe
+ override-checkout: stable/2023.2
+
+- job:
+ name: neutron-tempest-plugin-dynamic-routing-2023-2
+ parent: neutron-tempest-plugin-dynamic-routing
+ override-checkout: stable/2023.2
+
+- job:
+ name: neutron-tempest-plugin-fwaas-2023-2
+ parent: neutron-tempest-plugin-fwaas
+ override-checkout: stable/2023.2
+
+- job:
+ name: neutron-tempest-plugin-vpnaas-2023-2
+ parent: neutron-tempest-plugin-vpnaas
+ override-checkout: stable/2023.2
+
+- job:
+ name: neutron-tempest-plugin-tap-as-a-service-2023-2
+ parent: neutron-tempest-plugin-tap-as-a-service
+ override-checkout: stable/2023.2
diff --git a/zuul.d/base-nested-switch.yaml b/zuul.d/base-nested-switch.yaml
index f407d8f..b4570fe 100644
--- a/zuul.d/base-nested-switch.yaml
+++ b/zuul.d/base-nested-switch.yaml
@@ -23,13 +23,17 @@
name: neutron-tempest-plugin-base-nested-switch
parent: neutron-tempest-plugin-base
abstract: true
- branches: ^(?!stable/(train|ussuri|victoria|wallaby|xena|yoga|zed)).*$
+ branches:
+ regex: ^(stable/(train|ussuri|victoria|wallaby|xena|yoga|zed)).*$
+ negate: true
# Comment nodeset and vars to switch back to non nested nodes
nodeset: neutron-nested-virt-ubuntu-jammy
vars: &nested_virt_vars
devstack_localrc:
LIBVIRT_TYPE: kvm
- LIBVIRT_CPU_MODE: host-passthrough
+ # NOTE(ykarel): seeing issues with host-passthrough mode
+ # https://bugs.launchpad.net/neutron/+bug/2036603
+ # LIBVIRT_CPU_MODE: host-passthrough
CIRROS_VERSION: 0.6.2
DEFAULT_IMAGE_NAME: cirros-0.6.2-x86_64-disk
DEFAULT_IMAGE_FILE_NAME: cirros-0.6.2-x86_64-disk.img
diff --git a/zuul.d/master_jobs.yaml b/zuul.d/master_jobs.yaml
index 97b5759..938e431 100644
--- a/zuul.d/master_jobs.yaml
+++ b/zuul.d/master_jobs.yaml
@@ -114,6 +114,7 @@
- router
- router_availability_zone
- security-group
+ - security-groups-default-rules
- security-groups-remote-address-group
- segment
- service-type
@@ -270,7 +271,7 @@
neutron_plugin_options:
available_type_drivers: flat,vlan,local,vxlan
firewall_driver: openvswitch
- irrelevant-files: &openvswitch-scenario-irrelevant-files
+ irrelevant-files:
- ^\.pylintrc$
- ^(test-|)requirements.txt$
- lower-constraints.txt
@@ -305,7 +306,10 @@
- ^neutron_tempest_plugin/services/bgp/.*$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -406,25 +410,19 @@
- ^neutron_tempest_plugin/services/bgp/.*$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
- job:
- name: neutron-tempest-plugin-openvswitch-enforce-scope-new-defaults
+ name: neutron-tempest-plugin-openvswitch-enforce-scope-old-defaults
parent: neutron-tempest-plugin-openvswitch
vars:
devstack_localrc:
- # Enabeling the scope and new defaults for services.
- # NOTE: (gmann) We need to keep keystone scope check disable as
- # services (except ironic) does not support the system scope and
- # they need keystone to continue working with project scope. Until
- # Keystone policies are changed to work for both system as well as
- # for project scoped, we need to keep scope check disable for
- # keystone.
- NOVA_ENFORCE_SCOPE: true
- GLANCE_ENFORCE_SCOPE: true
- NEUTRON_ENFORCE_SCOPE: true
+ NEUTRON_ENFORCE_SCOPE: false
# TODO(slaweq): remove that job's definition as soon as new job
@@ -578,6 +576,8 @@
- ^neutron_tempest_plugin/services/bgp/.*$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -710,7 +710,10 @@
- ^neutron_tempest_plugin/services/bgp/.*$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -903,7 +906,46 @@
agent_mode: dvr_snat
agent:
availability_zone: nova
- irrelevant-files: *openvswitch-scenario-irrelevant-files
+ irrelevant-files:
+ - ^\.pylintrc$
+ - ^(test-|)requirements.txt$
+ - lower-constraints.txt
+ - ^releasenotes/.*$
+ - ^doc/.*$
+ - ^setup.cfg$
+ - ^.*\.rst$
+ - ^.*\.conf\.sample$
+ - ^neutron/locale/.*$
+ - ^neutron/tests/unit/.*$
+ - ^neutron/tests/fullstack/.*
+ - ^neutron/tests/functional/.*
+ - ^tools/.*$
+ - ^tox.ini$
+ - ^plugin.spec$
+ - ^neutron/agent/ovn/.*$
+ - ^neutron/agent/windows/.*$
+ - ^neutron/plugins/ml2/drivers/linuxbridge/.*$
+ - ^neutron/plugins/ml2/drivers/macvtap/.*$
+ - ^neutron/plugins/ml2/drivers/mech_sriov/.*$
+ - ^neutron/plugins/ml2/drivers/ovn/.*$
+ - ^neutron/services/ovn_l3/.*$
+ - ^neutron/services/logapi/drivers/ovn/.*$
+ - ^neutron/services/portforwarding/drivers/ovn/.*$
+ - ^neutron/services/qos/drivers/linuxbridge/.*$
+ - ^neutron/services/qos/drivers/ovn/.*$
+ - ^neutron/services/trunk/drivers/linuxbridge/.*$
+ - ^neutron/services/trunk/drivers/ovn/.*$
+ - ^neutron/cmd/ovn/.*$
+ - ^neutron/common/ovn/.*$
+ - ^neutron_tempest_plugin/(bgpvpn|fwaas|neutron_dynamic_routing|sfc|tap_as_a_service|vpnaas).*$
+ - ^neutron_tempest_plugin/services/bgp/.*$
+ - ^rally-jobs/.*$
+ - ^roles/.*functional.*$
+ - ^playbooks/.*dynamic-routing.*$
+ - ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
+ - ^vagrant/.*$
+ - ^zuul.d/(?!(project)).*\.yaml
- job:
name: neutron-tempest-plugin-designate-scenario
@@ -958,7 +1000,10 @@
- ^neutron_tempest_plugin/services/bgp/.*$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -997,9 +1042,9 @@
devstack_localrc:
# TODO(slaweq): check why traceroute output is different in Cirros >
# 0.6.1 which is causing failures of the networking-sfc jobs
- CIRROS_VERSION: 0.5.1
- DEFAULT_IMAGE_NAME: cirros-0.5.1-x86_64-uec
- DEFAULT_IMAGE_FILE_NAME: cirros-0.5.1-x86_64-uec.tar.gz
+ CIRROS_VERSION: 0.5.2
+ DEFAULT_IMAGE_NAME: cirros-0.5.2-x86_64-uec
+ DEFAULT_IMAGE_FILE_NAME: cirros-0.5.2-x86_64-uec.tar.gz
Q_AGENT: openvswitch
Q_ML2_TENANT_NETWORK_TYPE: vxlan
Q_ML2_PLUGIN_MECHANISM_DRIVERS: openvswitch
@@ -1031,7 +1076,10 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -1096,7 +1144,10 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -1148,7 +1199,9 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -1211,7 +1264,10 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -1277,7 +1333,10 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
@@ -1385,6 +1444,9 @@
- ^plugin.spec$
- ^rally-jobs/.*$
- ^roles/.*functional.*$
+ - ^playbooks/.*dvr-multinode.*$
+ - ^playbooks/.*dynamic-routing.*$
- ^playbooks/.*functional.*$
+ - ^playbooks/.*linuxbridge.*$
- ^vagrant/.*$
- ^zuul.d/(?!(project)).*\.yaml
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index 9ce0212..5d3f973 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -4,7 +4,7 @@
jobs:
- neutron-tempest-plugin-openvswitch
- neutron-tempest-plugin-openvswitch-iptables_hybrid
- - neutron-tempest-plugin-openvswitch-enforce-scope-new-defaults
+ - neutron-tempest-plugin-openvswitch-enforce-scope-old-defaults
- neutron-tempest-plugin-ovn
- neutron-tempest-plugin-designate-scenario
gate:
@@ -12,7 +12,7 @@
- neutron-tempest-plugin-openvswitch
- neutron-tempest-plugin-ovn
- neutron-tempest-plugin-openvswitch-iptables_hybrid
- - neutron-tempest-plugin-openvswitch-enforce-scope-new-defaults
+ - neutron-tempest-plugin-openvswitch-enforce-scope-old-defaults
#TODO(slaweq): Move neutron-tempest-plugin-dvr-multinode-scenario out of
# the experimental queue when it will be more stable
experimental:
@@ -175,6 +175,24 @@
jobs:
- neutron-tempest-plugin-dvr-multinode-scenario-2023-1
+- project-template:
+ name: neutron-tempest-plugin-jobs-2023-2
+ check:
+ jobs:
+ - neutron-tempest-plugin-openvswitch-2023-2
+ - neutron-tempest-plugin-openvswitch-iptables_hybrid-2023-2
+ - neutron-tempest-plugin-ovn-2023-2
+ - neutron-tempest-plugin-designate-scenario-2023-2
+ gate:
+ jobs:
+ - neutron-tempest-plugin-ovn-2023-2
+ #TODO(slaweq): Move neutron-tempest-plugin-dvr-multinode-scenario out of
+ # the experimental queue when it will be more stable
+ experimental:
+ jobs:
+ - neutron-tempest-plugin-linuxbridge-2023-2
+ - neutron-tempest-plugin-dvr-multinode-scenario-2023-2
+
- project:
templates:
- build-openstack-docs-pti
@@ -182,6 +200,7 @@
- neutron-tempest-plugin-jobs-yoga
- neutron-tempest-plugin-jobs-zed
- neutron-tempest-plugin-jobs-2023-1
+ - neutron-tempest-plugin-jobs-2023-2
- check-requirements
- tempest-plugin-jobs
- release-notes-jobs-python3
@@ -191,25 +210,31 @@
- neutron-tempest-plugin-sfc-yoga
- neutron-tempest-plugin-sfc-zed
- neutron-tempest-plugin-sfc-2023-1
+ - neutron-tempest-plugin-sfc-2023-2
- neutron-tempest-plugin-bgpvpn-bagpipe
- neutron-tempest-plugin-bgpvpn-bagpipe-yoga
- neutron-tempest-plugin-bgpvpn-bagpipe-zed
- neutron-tempest-plugin-bgpvpn-bagpipe-2023-1
+ - neutron-tempest-plugin-bgpvpn-bagpipe-2023-2
- neutron-tempest-plugin-dynamic-routing
- neutron-tempest-plugin-dynamic-routing-yoga
- neutron-tempest-plugin-dynamic-routing-zed
- neutron-tempest-plugin-dynamic-routing-2023-1
+ - neutron-tempest-plugin-dynamic-routing-2023-2
- neutron-tempest-plugin-fwaas
- neutron-tempest-plugin-fwaas-zed
- neutron-tempest-plugin-fwaas-2023-1
+ - neutron-tempest-plugin-fwaas-2023-2
- neutron-tempest-plugin-vpnaas
- neutron-tempest-plugin-vpnaas-yoga
- neutron-tempest-plugin-vpnaas-zed
- neutron-tempest-plugin-vpnaas-2023-1
+ - neutron-tempest-plugin-vpnaas-2023-2
- neutron-tempest-plugin-tap-as-a-service
- neutron-tempest-plugin-tap-as-a-service-yoga
- neutron-tempest-plugin-tap-as-a-service-zed
- neutron-tempest-plugin-tap-as-a-service-2023-1
+ - neutron-tempest-plugin-tap-as-a-service-2023-2
gate:
jobs: