Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / 156b5dac14a27d10313668f397e18f4612c79141^! / . / tempest / scenario / manager.py
commit156b5dac14a27d10313668f397e18f4612c79141[log] [tgz]
authorMarkus Zoeller <mzoeller@de.ibm.com>Mon Jul 11 18:10:31 2016 +0200
committerMatt Riedemann <mriedem@us.ibm.com>Thu Aug 04 10:18:27 2016 -0400
tree581bc152604940e8c50e2d8ca892eca468cc48bf
parentd519cb71952e3b12273c7e396cbee5c84ab643f9 [diff] [blame]
boot into a network that has "port_security_enabled=False"

If the tenant has a Neutron network with disabled port security and
no security group gets specified when booting an instance, the ports
attached to the instance should not be associated to the 'default'
security group.

NOTE: Commit ee7a0198261 documented this known issue with a release note
"known-issue-on-api-1efca45440136f3e.yaml" and cleaned the "default"
security group from the Nova API.

This adds a feature toggle config option for making the test run where
the bug is fixed, which is mitaka and newton. This allows us to run
the test in mitaka and newton but not on liberty where it still fails
and we won't be backporting the fix. There will be devstack patches to
enable the test in newton and mitaka.

Depends-On: I630008a9733624a9d9b59b7aa3b8b2a3f8985d61

Co-Authored-By: Matt Riedemann <mriedem@us.ibm.com>

Change-Id: I20b8d5d2a300c83a59bdb33374fc20447ce2ede3
Related-bug: 1175464

diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index f889c44..9bd437e 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py

@@ -696,7 +696,8 @@
 
     def _create_network(self, networks_client=None,
                         routers_client=None, tenant_id=None,
-                        namestart='network-smoke-'):
+                        namestart='network-smoke-',
+                        port_security_enabled=True):
         if not networks_client:
             networks_client = self.networks_client
         if not routers_client:
@@ -704,7 +705,9 @@
         if not tenant_id:
             tenant_id = networks_client.tenant_id
         name = data_utils.rand_name(namestart)
-        result = networks_client.create_network(name=name, tenant_id=tenant_id)
+        network_kwargs = dict(name=name, tenant_id=tenant_id,
+                              port_security_enabled=port_security_enabled)
+        result = networks_client.create_network(**network_kwargs)
         network = result['network']
 
         self.assertEqual(network['name'], name)
@@ -1193,7 +1196,8 @@
 
     def create_networks(self, networks_client=None,
                         routers_client=None, subnets_client=None,
-                        tenant_id=None, dns_nameservers=None):
+                        tenant_id=None, dns_nameservers=None,
+                        port_security_enabled=True):
         """Create a network with a subnet connected to a router.
 
         The baremetal driver is a special case since all nodes are
@@ -1219,7 +1223,8 @@
         else:
             network = self._create_network(
                 networks_client=networks_client,
-                tenant_id=tenant_id)
+                tenant_id=tenant_id,
+                port_security_enabled=port_security_enabled)
             router = self._get_router(client=routers_client,
                                       tenant_id=tenant_id)
             subnet_kwargs = dict(network=network,