Allow rulesets modification in secgroups
As part of tempest-scenario-manager-cleanup[1] effort it would be good
to allow plugins to define their own security group rulesets
as they're not always the same as tempest's (f.e. manila tempest plugin[2])
[1]https://etherpad.opendev.org/p/tempest-scenario-manager-cleanup
[2]https://opendev.org/openstack/manila-tempest-plugin/src/branch/master/manila_tempest_tests/tests/scenario/manager.py#L1001
Change-Id: I3cb3a6f67ea507d9e721a31fcba78f8344c630ca
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index 7aa96b2..1d24bc1 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -641,7 +641,8 @@
def create_loginable_secgroup_rule(self, security_group_rules_client=None,
secgroup=None,
- security_groups_client=None):
+ security_groups_client=None,
+ rulesets=None):
"""Create loginable security group rule by neutron clients by default.
This function will create:
@@ -655,24 +656,26 @@
security_group_rules_client = self.security_group_rules_client
if security_groups_client is None:
security_groups_client = self.security_groups_client
+ if rulesets is None:
+ rulesets = [
+ dict(
+ # ssh
+ protocol='tcp',
+ port_range_min=22,
+ port_range_max=22,
+ ),
+ dict(
+ # ping
+ protocol='icmp',
+ ),
+ dict(
+ # ipv6-icmp for ping6
+ protocol='icmp',
+ ethertype='IPv6',
+ )
+ ]
+
rules = []
- rulesets = [
- dict(
- # ssh
- protocol='tcp',
- port_range_min=22,
- port_range_max=22,
- ),
- dict(
- # ping
- protocol='icmp',
- ),
- dict(
- # ipv6-icmp for ping6
- protocol='icmp',
- ethertype='IPv6',
- )
- ]
sec_group_rules_client = security_group_rules_client
for ruleset in rulesets:
for r_direction in ['ingress', 'egress']: