Merge "Make security_group_rules_client use **kwargs"
diff --git a/tempest/api/compute/admin/test_quotas_negative.py b/tempest/api/compute/admin/test_quotas_negative.py
index 9acf23b..8dcd0b2 100644
--- a/tempest/api/compute/admin/test_quotas_negative.py
+++ b/tempest/api/compute/admin/test_quotas_negative.py
@@ -170,4 +170,5 @@
# will be raised when out of quota
self.assertRaises((lib_exc.OverLimit, lib_exc.Forbidden),
self.sgr_client.create_security_group_rule,
- secgroup_id, ip_protocol, 1025, 1025)
+ parent_group_id=secgroup_id, ip_protocol=ip_protocol,
+ from_port=1025, to_port=1025)
diff --git a/tempest/api/compute/security_groups/test_security_group_rules.py b/tempest/api/compute/security_groups/test_security_group_rules.py
index 4596e1f..b5eff70 100644
--- a/tempest/api/compute/security_groups/test_security_group_rules.py
+++ b/tempest/api/compute/security_groups/test_security_group_rules.py
@@ -69,11 +69,11 @@
security_group = self.create_security_group()
securitygroup_id = security_group['id']
# Adding rules to the created Security Group
- rule = \
- self.client.create_security_group_rule(securitygroup_id,
- self.ip_protocol,
- self.from_port,
- self.to_port)
+ rule = self.client.create_security_group_rule(
+ parent_group_id=securitygroup_id,
+ ip_protocol=self.ip_protocol,
+ from_port=self.from_port,
+ to_port=self.to_port)
self.expected['parent_group_id'] = securitygroup_id
self.expected['ip_range'] = {'cidr': '0.0.0.0/0'}
self._check_expected_response(rule)
@@ -91,12 +91,12 @@
# Adding rules to the created Security Group with optional cidr
cidr = '10.2.3.124/24'
- rule = \
- self.client.create_security_group_rule(parent_group_id,
- self.ip_protocol,
- self.from_port,
- self.to_port,
- cidr=cidr)
+ rule = self.client.create_security_group_rule(
+ parent_group_id=parent_group_id,
+ ip_protocol=self.ip_protocol,
+ from_port=self.from_port,
+ to_port=self.to_port,
+ cidr=cidr)
self.expected['parent_group_id'] = parent_group_id
self.expected['ip_range'] = {'cidr': cidr}
self._check_expected_response(rule)
@@ -118,12 +118,12 @@
group_name = security_group['name']
# Adding rules to the created Security Group with optional group_id
- rule = \
- self.client.create_security_group_rule(parent_group_id,
- self.ip_protocol,
- self.from_port,
- self.to_port,
- group_id=group_id)
+ rule = self.client.create_security_group_rule(
+ parent_group_id=parent_group_id,
+ ip_protocol=self.ip_protocol,
+ from_port=self.from_port,
+ to_port=self.to_port,
+ group_id=group_id)
self.expected['parent_group_id'] = parent_group_id
self.expected['group'] = {'tenant_id': self.client.tenant_id,
'name': group_name}
@@ -140,21 +140,22 @@
securitygroup_id = security_group['id']
# Add a first rule to the created Security Group
- rule = \
- self.client.create_security_group_rule(securitygroup_id,
- self.ip_protocol,
- self.from_port,
- self.to_port)
+ rule = self.client.create_security_group_rule(
+ parent_group_id=securitygroup_id,
+ ip_protocol=self.ip_protocol,
+ from_port=self.from_port,
+ to_port=self.to_port)
rule1_id = rule['id']
# Add a second rule to the created Security Group
ip_protocol2 = 'icmp'
from_port2 = -1
to_port2 = -1
- rule = \
- self.client.create_security_group_rule(securitygroup_id,
- ip_protocol2,
- from_port2, to_port2)
+ rule = self.client.create_security_group_rule(
+ parent_group_id=securitygroup_id,
+ ip_protocol=ip_protocol2,
+ from_port=from_port2,
+ to_port=to_port2)
rule2_id = rule['id']
# Delete the Security Group rule2 at the end of this method
self.addCleanup(self.client.delete_security_group_rule, rule2_id)
@@ -176,11 +177,12 @@
security_group = self.create_security_group()
sg2_id = security_group['id']
# Adding rules to the Group1
- self.client.create_security_group_rule(sg1_id,
- self.ip_protocol,
- self.from_port,
- self.to_port,
- group_id=sg2_id)
+ self.client.create_security_group_rule(
+ parent_group_id=sg1_id,
+ ip_protocol=self.ip_protocol,
+ from_port=self.from_port,
+ to_port=self.to_port,
+ group_id=sg2_id)
# Delete group2
self.security_groups_client.delete_security_group(sg2_id)
diff --git a/tempest/api/compute/security_groups/test_security_group_rules_negative.py b/tempest/api/compute/security_groups/test_security_group_rules_negative.py
index e2a1034..d12306a 100644
--- a/tempest/api/compute/security_groups/test_security_group_rules_negative.py
+++ b/tempest/api/compute/security_groups/test_security_group_rules_negative.py
@@ -51,7 +51,9 @@
to_port = 22
self.assertRaises(lib_exc.NotFound,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('2244d7e4-adb7-4ecb-9930-2d77e123ce4f')
@@ -66,7 +68,9 @@
to_port = 22
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('8bd56d02-3ffa-4d67-9933-b6b9a01d6089')
@@ -81,17 +85,17 @@
from_port = 22
to_port = 22
- rule = \
- self.rules_client.create_security_group_rule(parent_group_id,
- ip_protocol,
- from_port,
- to_port)
+ rule = self.rules_client.create_security_group_rule(
+ parent_group_id=parent_group_id, ip_protocol=ip_protocol,
+ from_port=from_port, to_port=to_port)
self.addCleanup(self.rules_client.delete_security_group_rule,
rule['id'])
# Add the same rule to the group should fail
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('84c81249-9f6e-439c-9bbf-cbb0d2cddbdf')
@@ -109,7 +113,9 @@
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('12bbc875-1045-4f7a-be46-751277baedb9')
@@ -126,7 +132,9 @@
to_port = 22
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('ff88804d-144f-45d1-bf59-dd155838a43a')
@@ -143,7 +151,9 @@
to_port = data_utils.rand_int_id(start=65536)
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('00296fa9-0576-496a-ae15-fbab843189e0')
@@ -160,7 +170,9 @@
to_port = 21
self.assertRaises(lib_exc.BadRequest,
self.rules_client.create_security_group_rule,
- secgroup_id, ip_protocol, from_port, to_port)
+ parent_group_id=secgroup_id,
+ ip_protocol=ip_protocol, from_port=from_port,
+ to_port=to_port)
@test.attr(type=['negative'])
@test.idempotent_id('56fddcca-dbb8-4494-a0db-96e9f869527c')
diff --git a/tempest/api/compute/test_authorization.py b/tempest/api/compute/test_authorization.py
index 981bdee..e7111b0 100644
--- a/tempest/api/compute/test_authorization.py
+++ b/tempest/api/compute/test_authorization.py
@@ -90,7 +90,8 @@
from_port = 22
to_port = 22
cls.rule = cls.rule_client.create_security_group_rule(
- parent_group_id, ip_protocol, from_port, to_port)
+ parent_group_id=parent_group_id, ip_protocol=ip_protocol,
+ from_port=from_port, to_port=to_port)
@classmethod
def resource_cleanup(cls):
@@ -304,8 +305,9 @@
self.assertRaises(lib_exc.BadRequest,
self.alt_rule_client.
create_security_group_rule,
- parent_group_id, ip_protocol, from_port,
- to_port)
+ parent_group_id=parent_group_id,
+ ip_protocol=ip_protocol,
+ from_port=from_port, to_port=to_port)
finally:
# Next request the base_url is back to normal
if resp['status'] is not None:
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index 9402154..30fb38c 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -921,7 +921,8 @@
for rule in secgroup['rules']:
ip_proto, from_port, to_port, cidr = rule.split()
client.secrules.create_security_group_rule(
- secgroup_id, ip_proto, from_port, to_port, cidr=cidr)
+ parent_group_id=secgroup_id, ip_protocol=ip_proto,
+ from_port=from_port, to_port=to_port, cidr=cidr)
def destroy_secgroups(secgroups):
diff --git a/tempest/common/validation_resources.py b/tempest/common/validation_resources.py
index 15c452f..402638d 100644
--- a/tempest/common/validation_resources.py
+++ b/tempest/common/validation_resources.py
@@ -30,10 +30,12 @@
security_group_client.create_security_group(name=sg_name,
description=sg_description)
if add_rule:
- security_group_client.create_security_group_rule(security_group['id'],
- 'tcp', 22, 22)
- security_group_client.create_security_group_rule(security_group['id'],
- 'icmp', -1, -1)
+ security_group_client.create_security_group_rule(
+ parent_group_id=security_group['id'], ip_protocol='tcp',
+ from_port=22, to_port=22)
+ security_group_client.create_security_group_rule(
+ parent_group_id=security_group['id'], ip_protocol='icmp',
+ from_port=-1, to_port=-1)
LOG.debug("SSH Validation resource security group with tcp and icmp "
"rules %s created"
% sg_name)
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index f3134bb..60bf7cb 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -233,14 +233,14 @@
rulesets = [
{
# ssh
- 'ip_proto': 'tcp',
+ 'ip_protocol': 'tcp',
'from_port': 22,
'to_port': 22,
'cidr': '0.0.0.0/0',
},
{
# ping
- 'ip_proto': 'icmp',
+ 'ip_protocol': 'icmp',
'from_port': -1,
'to_port': -1,
'cidr': '0.0.0.0/0',
@@ -248,8 +248,8 @@
]
rules = list()
for ruleset in rulesets:
- sg_rule = _client_rules.create_security_group_rule(secgroup_id,
- **ruleset)
+ sg_rule = _client_rules.create_security_group_rule(
+ parent_group_id=secgroup_id, **ruleset)
self.addCleanup(self.delete_wrapper,
_client_rules.delete_security_group_rule,
sg_rule['id'])
diff --git a/tempest/services/compute/json/security_group_rules_client.py b/tempest/services/compute/json/security_group_rules_client.py
index f570eb7..9a7c881 100644
--- a/tempest/services/compute/json/security_group_rules_client.py
+++ b/tempest/services/compute/json/security_group_rules_client.py
@@ -23,8 +23,7 @@
class SecurityGroupRulesClient(service_client.ServiceClient):
- def create_security_group_rule(self, parent_group_id, ip_proto, from_port,
- to_port, **kwargs):
+ def create_security_group_rule(self, **kwargs):
"""
Creating a new security group rules.
parent_group_id :ID of Security group
@@ -35,15 +34,7 @@
cidr : CIDR for address range.
group_id : ID of the Source group
"""
- post_body = {
- 'parent_group_id': parent_group_id,
- 'ip_protocol': ip_proto,
- 'from_port': from_port,
- 'to_port': to_port,
- 'cidr': kwargs.get('cidr'),
- 'group_id': kwargs.get('group_id'),
- }
- post_body = json.dumps({'security_group_rule': post_body})
+ post_body = json.dumps({'security_group_rule': kwargs})
url = 'os-security-group-rules'
resp, body = self.post(url, post_body)
body = json.loads(body)
diff --git a/tempest/stress/actions/ssh_floating.py b/tempest/stress/actions/ssh_floating.py
index 03a2d27..09e6d88 100644
--- a/tempest/stress/actions/ssh_floating.py
+++ b/tempest/stress/actions/ssh_floating.py
@@ -96,8 +96,10 @@
self.sec_grp = sec_grp_cli.create_security_group(
name=s_name, description=s_description)
create_rule = sec_grp_cli.create_security_group_rule
- create_rule(self.sec_grp['id'], 'tcp', 22, 22)
- create_rule(self.sec_grp['id'], 'icmp', -1, -1)
+ create_rule(parent_group_id=self.sec_grp['id'], ip_protocol='tcp',
+ from_port=22, to_port=22)
+ create_rule(parent_group_id=self.sec_grp['id'], ip_protocol='icmp',
+ from_port=-1, to_port=-1)
def _destroy_sec_grp(self):
sec_grp_cli = self.manager.security_groups_client
diff --git a/tempest/stress/actions/volume_attach_verify.py b/tempest/stress/actions/volume_attach_verify.py
index 93a443e..0e0141f 100644
--- a/tempest/stress/actions/volume_attach_verify.py
+++ b/tempest/stress/actions/volume_attach_verify.py
@@ -58,8 +58,10 @@
self.sec_grp = sec_grp_cli.create_security_group(
name=s_name, description=s_description)
create_rule = sec_grp_cli.create_security_group_rule
- create_rule(self.sec_grp['id'], 'tcp', 22, 22)
- create_rule(self.sec_grp['id'], 'icmp', -1, -1)
+ create_rule(parent_group_id=self.sec_grp['id'], ip_protocol='tcp',
+ from_port=22, to_port=22)
+ create_rule(parent_group_id=self.sec_grp['id'], ip_protocol='icmp',
+ from_port=-1, to_port=-1)
def _destroy_sec_grp(self):
sec_grp_cli = self.manager.security_groups_client