Merge "clean up security groups tests"
diff --git a/tempest/api/compute/base.py b/tempest/api/compute/base.py
index e6ddf1c..72bb723 100644
--- a/tempest/api/compute/base.py
+++ b/tempest/api/compute/base.py
@@ -51,6 +51,7 @@
cls.servers = []
cls.images = []
cls.multi_user = cls.get_multi_user()
+ cls.security_groups = []
@classmethod
def get_multi_user(cls):
@@ -102,9 +103,25 @@
pass
@classmethod
+ def clear_security_groups(cls):
+ for sg in cls.security_groups:
+ try:
+ resp, body =\
+ cls.security_groups_client.delete_security_group(sg['id'])
+ except exceptions.NotFound:
+ # The security group may have already been deleted which is OK.
+ pass
+ except Exception as exc:
+ LOG.info('Exception raised deleting security group %s',
+ sg['id'])
+ LOG.exception(exc)
+ pass
+
+ @classmethod
def tearDownClass(cls):
cls.clear_images()
cls.clear_servers()
+ cls.clear_security_groups()
cls.clear_isolated_creds()
super(BaseComputeTest, cls).tearDownClass()
@@ -146,6 +163,19 @@
return resp, body
+ @classmethod
+ def create_security_group(cls, name=None, description=None):
+ if name is None:
+ name = data_utils.rand_name(cls.__name__ + "-securitygroup")
+ if description is None:
+ description = data_utils.rand_name('description-')
+ resp, body = \
+ cls.security_groups_client.create_security_group(name,
+ description)
+ cls.security_groups.append(body)
+
+ return resp, body
+
def wait_for(self, condition):
"""Repeatedly calls condition() until a timeout."""
start_time = int(time.time())
diff --git a/tempest/api/compute/security_groups/test_security_group_rules.py b/tempest/api/compute/security_groups/test_security_group_rules.py
index 375105e..17bb489 100644
--- a/tempest/api/compute/security_groups/test_security_group_rules.py
+++ b/tempest/api/compute/security_groups/test_security_group_rules.py
@@ -14,9 +14,8 @@
# under the License.
from tempest.api.compute.security_groups import base
-from tempest.common.utils import data_utils
from tempest import config
-from tempest.test import attr
+from tempest import test
CONF = config.CONF
@@ -30,17 +29,13 @@
cls.client = cls.security_groups_client
cls.neutron_available = CONF.service_available.neutron
- @attr(type='smoke')
+ @test.attr(type='smoke')
def test_security_group_rules_create(self):
# Positive test: Creation of Security Group rule
# should be successful
# Creating a Security Group to add rules to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
- securitygroup_id = securitygroup['id']
- self.addCleanup(self.client.delete_security_group, securitygroup_id)
+ resp, security_group = self.create_security_group()
+ securitygroup_id = security_group['id']
# Adding rules to the created Security Group
ip_protocol = 'tcp'
from_port = 22
@@ -53,7 +48,7 @@
self.addCleanup(self.client.delete_security_group_rule, rule['id'])
self.assertEqual(200, resp.status)
- @attr(type='smoke')
+ @test.attr(type='smoke')
def test_security_group_rules_create_with_optional_arguments(self):
# Positive test: Creation of Security Group rule
# with optional arguments
@@ -62,19 +57,11 @@
secgroup1 = None
secgroup2 = None
# Creating a Security Group to add rules to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
- secgroup1 = securitygroup['id']
- self.addCleanup(self.client.delete_security_group, secgroup1)
+ resp, security_group = self.create_security_group()
+ secgroup1 = security_group['id']
# Creating a Security Group so as to assign group_id to the rule
- s_name2 = data_utils.rand_name('securitygroup-')
- s_description2 = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name2, s_description2)
- secgroup2 = securitygroup['id']
- self.addCleanup(self.client.delete_security_group, secgroup2)
+ resp, security_group = self.create_security_group()
+ secgroup2 = security_group['id']
# Adding rules to the created Security Group with optional arguments
parent_group_id = secgroup1
ip_protocol = 'tcp'
@@ -92,18 +79,13 @@
self.addCleanup(self.client.delete_security_group_rule, rule['id'])
self.assertEqual(200, resp.status)
- @attr(type='smoke')
+ @test.attr(type='smoke')
def test_security_group_rules_list(self):
# Positive test: Created Security Group rules should be
# in the list of all rules
# Creating a Security Group to add rules to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
- securitygroup_id = securitygroup['id']
- # Delete the Security Group at the end of this method
- self.addCleanup(self.client.delete_security_group, securitygroup_id)
+ resp, security_group = self.create_security_group()
+ securitygroup_id = security_group['id']
# Add a first rule to the created Security Group
ip_protocol1 = 'tcp'
@@ -135,29 +117,21 @@
self.assertTrue(any([i for i in rules if i['id'] == rule1_id]))
self.assertTrue(any([i for i in rules if i['id'] == rule2_id]))
- @attr(type='smoke')
+ @test.attr(type='smoke')
def test_security_group_rules_delete_when_peer_group_deleted(self):
# Positive test:rule will delete when peer group deleting
# Creating a Security Group to add rules to it
- s1_name = data_utils.rand_name('securitygroup1-')
- s1_description = data_utils.rand_name('description1-')
- resp, sg1 = \
- self.client.create_security_group(s1_name, s1_description)
- self.addCleanup(self.client.delete_security_group, sg1['id'])
- self.assertEqual(200, resp.status)
+ resp, security_group = self.create_security_group()
+ sg1_id = security_group['id']
# Creating other Security Group to access to group1
- s2_name = data_utils.rand_name('securitygroup2-')
- s2_description = data_utils.rand_name('description2-')
- resp, sg2 = \
- self.client.create_security_group(s2_name, s2_description)
- self.assertEqual(200, resp.status)
- sg2_id = sg2['id']
+ resp, security_group = self.create_security_group()
+ sg2_id = security_group['id']
# Adding rules to the Group1
ip_protocol = 'tcp'
from_port = 22
to_port = 22
resp, rule = \
- self.client.create_security_group_rule(sg1['id'],
+ self.client.create_security_group_rule(sg1_id,
ip_protocol,
from_port,
to_port,
@@ -169,7 +143,7 @@
self.assertEqual(202, resp.status)
# Get rules of the Group1
resp, rules = \
- self.client.list_security_group_rules(sg1['id'])
+ self.client.list_security_group_rules(sg1_id)
# The group1 has no rules because group2 has deleted
self.assertEqual(0, len(rules))
diff --git a/tempest/api/compute/security_groups/test_security_group_rules_negative.py b/tempest/api/compute/security_groups/test_security_group_rules_negative.py
index 4831939..680bc2f 100644
--- a/tempest/api/compute/security_groups/test_security_group_rules_negative.py
+++ b/tempest/api/compute/security_groups/test_security_group_rules_negative.py
@@ -19,8 +19,7 @@
from tempest.common.utils import data_utils
from tempest import config
from tempest import exceptions
-from tempest.test import attr
-from tempest.test import skip_because
+from tempest import test
CONF = config.CONF
@@ -33,9 +32,9 @@
super(SecurityGroupRulesNegativeTestJSON, cls).setUpClass()
cls.client = cls.security_groups_client
- @skip_because(bug="1182384",
- condition=CONF.service_available.neutron)
- @attr(type=['negative', 'smoke'])
+ @test.skip_because(bug="1182384",
+ condition=CONF.service_available.neutron)
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_non_existent_id(self):
# Negative test: Creation of Security Group rule should FAIL
# with non existent Parent group id
@@ -50,7 +49,7 @@
@testtools.skipIf(CONF.service_available.neutron,
"Neutron not check the security_group_id")
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_invalid_id(self):
# Negative test: Creation of Security Group rule should FAIL
# with Parent group id which is not integer
@@ -63,21 +62,17 @@
self.client.create_security_group_rule,
parent_group_id, ip_protocol, from_port, to_port)
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_duplicate(self):
# Negative test: Create Security Group rule duplicate should fail
# Creating a Security Group to add rule to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, sg = self.client.create_security_group(s_name, s_description)
- self.assertEqual(200, resp.status)
+ resp, sg = self.create_security_group()
# Adding rules to the created Security Group
parent_group_id = sg['id']
ip_protocol = 'tcp'
from_port = 22
to_port = 22
- self.addCleanup(self.client.delete_security_group, sg['id'])
resp, rule = \
self.client.create_security_group_rule(parent_group_id,
ip_protocol,
@@ -90,86 +85,70 @@
self.client.create_security_group_rule,
parent_group_id, ip_protocol, from_port, to_port)
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_invalid_ip_protocol(self):
# Negative test: Creation of Security Group rule should FAIL
# with invalid ip_protocol
# Creating a Security Group to add rule to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = self.client.create_security_group(s_name,
- s_description)
+ resp, sg = self.create_security_group()
# Adding rules to the created Security Group
- parent_group_id = securitygroup['id']
+ parent_group_id = sg['id']
ip_protocol = data_utils.rand_name('999')
from_port = 22
to_port = 22
- self.addCleanup(self.client.delete_security_group, securitygroup['id'])
self.assertRaises(exceptions.BadRequest,
self.client.create_security_group_rule,
parent_group_id, ip_protocol, from_port, to_port)
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_invalid_from_port(self):
# Negative test: Creation of Security Group rule should FAIL
# with invalid from_port
# Creating a Security Group to add rule to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = self.client.create_security_group(s_name,
- s_description)
+ resp, sg = self.create_security_group()
# Adding rules to the created Security Group
- parent_group_id = securitygroup['id']
+ parent_group_id = sg['id']
ip_protocol = 'tcp'
from_port = data_utils.rand_int_id(start=65536)
to_port = 22
- self.addCleanup(self.client.delete_security_group, securitygroup['id'])
self.assertRaises(exceptions.BadRequest,
self.client.create_security_group_rule,
parent_group_id, ip_protocol, from_port, to_port)
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_invalid_to_port(self):
# Negative test: Creation of Security Group rule should FAIL
# with invalid to_port
# Creating a Security Group to add rule to it
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = self.client.create_security_group(s_name,
- s_description)
+ resp, sg = self.create_security_group()
# Adding rules to the created Security Group
- parent_group_id = securitygroup['id']
+ parent_group_id = sg['id']
ip_protocol = 'tcp'
from_port = 22
to_port = data_utils.rand_int_id(start=65536)
- self.addCleanup(self.client.delete_security_group, securitygroup['id'])
self.assertRaises(exceptions.BadRequest,
self.client.create_security_group_rule,
parent_group_id, ip_protocol, from_port, to_port)
- @attr(type=['negative', 'smoke'])
+ @test.attr(type=['negative', 'smoke'])
def test_create_security_group_rule_with_invalid_port_range(self):
# Negative test: Creation of Security Group rule should FAIL
# with invalid port range.
# Creating a Security Group to add rule to it.
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = self.client.create_security_group(s_name,
- s_description)
+ resp, sg = self.create_security_group()
# Adding a rule to the created Security Group
- secgroup_id = securitygroup['id']
+ secgroup_id = sg['id']
ip_protocol = 'tcp'
from_port = 22
to_port = 21
- self.addCleanup(self.client.delete_security_group, securitygroup['id'])
self.assertRaises(exceptions.BadRequest,
self.client.create_security_group_rule,
secgroup_id, ip_protocol, from_port, to_port)
- @skip_because(bug="1182384",
- condition=CONF.service_available.neutron)
- @attr(type=['negative', 'smoke'])
+ @test.skip_because(bug="1182384",
+ condition=CONF.service_available.neutron)
+ @test.attr(type=['negative', 'smoke'])
def test_delete_security_group_rule_with_non_existent_id(self):
# Negative test: Deletion of Security Group rule should be FAIL
# with non existent id
diff --git a/tempest/api/compute/security_groups/test_security_groups.py b/tempest/api/compute/security_groups/test_security_groups.py
index 2c67581..b376edc 100644
--- a/tempest/api/compute/security_groups/test_security_groups.py
+++ b/tempest/api/compute/security_groups/test_security_groups.py
@@ -27,68 +27,43 @@
super(SecurityGroupsTestJSON, cls).setUpClass()
cls.client = cls.security_groups_client
- def _delete_security_group(self, securitygroup_id):
- resp, _ = self.client.delete_security_group(securitygroup_id)
- self.assertEqual(202, resp.status)
-
@test.attr(type='gate')
def test_security_groups_create_list_delete(self):
# Positive test:Should return the list of Security Groups
# Create 3 Security Groups
- security_group_list = list()
for i in range(3):
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
+ resp, securitygroup = self.create_security_group()
self.assertEqual(200, resp.status)
- self.addCleanup(self._delete_security_group,
- securitygroup['id'])
- security_group_list.append(securitygroup)
# Fetch all Security Groups and verify the list
# has all created Security Groups
resp, fetched_list = self.client.list_security_groups()
self.assertEqual(200, resp.status)
# Now check if all the created Security Groups are in fetched list
missing_sgs = \
- [sg for sg in security_group_list if sg not in fetched_list]
+ [sg for sg in self.security_groups if sg not in fetched_list]
self.assertFalse(missing_sgs,
"Failed to find Security Group %s in fetched "
"list" % ', '.join(m_group['name']
for m_group in missing_sgs))
-
- # TODO(afazekas): scheduled for delete,
- # test_security_group_create_get_delete covers it
- @test.attr(type='gate')
- def test_security_group_create_delete(self):
- # Security Group should be created, verified and deleted
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
- self.assertIn('id', securitygroup)
- securitygroup_id = securitygroup['id']
- self.addCleanup(self._delete_security_group,
- securitygroup_id)
- self.assertEqual(200, resp.status)
- self.assertFalse(securitygroup_id is None)
- self.assertIn('name', securitygroup)
- securitygroup_name = securitygroup['name']
- self.assertEqual(securitygroup_name, s_name,
- "The created Security Group name is "
- "not equal to the requested name")
+ # Delete all security groups
+ for sg in self.security_groups:
+ resp, _ = self.client.delete_security_group(sg['id'])
+ self.assertEqual(202, resp.status)
+ self.client.wait_for_resource_deletion(sg['id'])
+ # Now check if all the created Security Groups are deleted
+ resp, fetched_list = self.client.list_security_groups()
+ deleted_sgs = \
+ [sg for sg in self.security_groups if sg in fetched_list]
+ self.assertFalse(deleted_sgs,
+ "Failed to delete Security Group %s "
+ "list" % ', '.join(m_group['name']
+ for m_group in deleted_sgs))
@test.attr(type='gate')
def test_security_group_create_get_delete(self):
# Security Group should be created, fetched and deleted
s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
- self.addCleanup(self._delete_security_group,
- securitygroup['id'])
-
- self.assertEqual(200, resp.status)
+ resp, securitygroup = self.create_security_group(name=s_name)
self.assertIn('name', securitygroup)
securitygroup_name = securitygroup['name']
self.assertEqual(securitygroup_name, s_name,
@@ -108,15 +83,8 @@
# and not deleted if the server is active.
# Create a couple security groups that we will use
# for the server resource this test creates
- sg_name = data_utils.rand_name('sg')
- sg_desc = data_utils.rand_name('sg-desc')
- resp, sg = self.client.create_security_group(sg_name, sg_desc)
- sg_id = sg['id']
-
- sg2_name = data_utils.rand_name('sg')
- sg2_desc = data_utils.rand_name('sg-desc')
- resp, sg2 = self.client.create_security_group(sg2_name, sg2_desc)
- sg2_id = sg2['id']
+ resp, sg = self.create_security_group()
+ resp, sg2 = self.create_security_group()
# Create server and add the security group created
# above to the server we just created
@@ -125,50 +93,44 @@
server_id = server['id']
self.servers_client.wait_for_server_status(server_id, 'ACTIVE')
resp, body = self.servers_client.add_security_group(server_id,
- sg_name)
+ sg['name'])
# Check that we are not able to delete the security
# group since it is in use by an active server
self.assertRaises(exceptions.BadRequest,
self.client.delete_security_group,
- sg_id)
+ sg['id'])
# Reboot and add the other security group
resp, body = self.servers_client.reboot(server_id, 'HARD')
self.servers_client.wait_for_server_status(server_id, 'ACTIVE')
resp, body = self.servers_client.add_security_group(server_id,
- sg2_name)
+ sg2['name'])
# Check that we are not able to delete the other security
# group since it is in use by an active server
self.assertRaises(exceptions.BadRequest,
self.client.delete_security_group,
- sg2_id)
+ sg2['id'])
# Shutdown the server and then verify we can destroy the
# security groups, since no active server instance is using them
self.servers_client.delete_server(server_id)
self.servers_client.wait_for_server_termination(server_id)
- self.client.delete_security_group(sg_id)
+ self.client.delete_security_group(sg['id'])
self.assertEqual(202, resp.status)
-
- self.client.delete_security_group(sg2_id)
+ self.client.delete_security_group(sg2['id'])
self.assertEqual(202, resp.status)
@test.attr(type='gate')
def test_update_security_groups(self):
# Update security group name and description
# Create a security group
- s_name = data_utils.rand_name('sg-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
+ resp, securitygroup = self.create_security_group()
self.assertEqual(200, resp.status)
self.assertIn('id', securitygroup)
securitygroup_id = securitygroup['id']
- self.addCleanup(self._delete_security_group,
- securitygroup_id)
# Update the name and description
s_new_name = data_utils.rand_name('sg-hth-')
s_new_des = data_utils.rand_name('description-hth-')
diff --git a/tempest/api/compute/security_groups/test_security_groups_negative.py b/tempest/api/compute/security_groups/test_security_groups_negative.py
index ce1eada..edf38e9 100644
--- a/tempest/api/compute/security_groups/test_security_groups_negative.py
+++ b/tempest/api/compute/security_groups/test_security_groups_negative.py
@@ -33,10 +33,6 @@
cls.client = cls.security_groups_client
cls.neutron_available = CONF.service_available.neutron
- def _delete_security_group(self, securitygroup_id):
- resp, _ = self.client.delete_security_group(securitygroup_id)
- self.assertEqual(202, resp.status)
-
def _generate_a_non_existent_security_group_id(self):
security_group_id = []
resp, body = self.client.list_security_groups()
@@ -107,11 +103,8 @@
s_name = data_utils.rand_name('securitygroup-')
s_description = data_utils.rand_name('description-')
resp, security_group =\
- self.client.create_security_group(s_name, s_description)
+ self.create_security_group(s_name, s_description)
self.assertEqual(200, resp.status)
-
- self.addCleanup(self.client.delete_security_group,
- security_group['id'])
# Now try the Security Group with the same 'Name'
self.assertRaises(exceptions.BadRequest,
self.client.create_security_group, s_name,
@@ -163,15 +156,10 @@
@test.attr(type=['negative', 'gate'])
def test_update_security_group_with_invalid_sg_name(self):
# Update security_group with invalid sg_name should fail
- s_name = data_utils.rand_name('sg-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
+ resp, securitygroup = self.create_security_group()
self.assertEqual(200, resp.status)
self.assertIn('id', securitygroup)
securitygroup_id = securitygroup['id']
- self.addCleanup(self._delete_security_group,
- securitygroup_id)
# Update Security Group with group name longer than 255 chars
s_new_name = 'securitygroup-'.ljust(260, '0')
self.assertRaises(exceptions.BadRequest,
@@ -183,15 +171,10 @@
@test.attr(type=['negative', 'gate'])
def test_update_security_group_with_invalid_sg_des(self):
# Update security_group with invalid sg_des should fail
- s_name = data_utils.rand_name('sg-')
- s_description = data_utils.rand_name('description-')
- resp, securitygroup = \
- self.client.create_security_group(s_name, s_description)
+ resp, securitygroup = self.create_security_group()
self.assertEqual(200, resp.status)
self.assertIn('id', securitygroup)
securitygroup_id = securitygroup['id']
- self.addCleanup(self._delete_security_group,
- securitygroup_id)
# Update Security Group with group description longer than 255 chars
s_new_des = 'des-'.ljust(260, '0')
self.assertRaises(exceptions.BadRequest,
diff --git a/tempest/services/compute/json/security_groups_client.py b/tempest/services/compute/json/security_groups_client.py
index 89906f3..2cd2d2e 100644
--- a/tempest/services/compute/json/security_groups_client.py
+++ b/tempest/services/compute/json/security_groups_client.py
@@ -123,3 +123,10 @@
if sg['id'] == security_group_id:
return resp, sg['rules']
raise exceptions.NotFound('No such Security Group')
+
+ def is_resource_deleted(self, id):
+ try:
+ self.get_security_group(id)
+ except exceptions.NotFound:
+ return True
+ return False
diff --git a/tempest/services/compute/xml/security_groups_client.py b/tempest/services/compute/xml/security_groups_client.py
index 324e165..947f6da 100644
--- a/tempest/services/compute/xml/security_groups_client.py
+++ b/tempest/services/compute/xml/security_groups_client.py
@@ -154,3 +154,10 @@
rules = [xml_to_json(x) for x in node.getchildren()]
return resp, rules
raise exceptions.NotFound('No such Security Group')
+
+ def is_resource_deleted(self, id):
+ try:
+ self.get_security_group(id)
+ except exceptions.NotFound:
+ return True
+ return False