Check attributes of create/delete sec groups rule
This patch adds the JSON schema for Nova V2 create/delete security
groups rule APIs response and validate the response with added
JSON schema to block the backward incompatibility change in the future.
The response body of v2 create security groups rule API is the below:
{
"security_group_rule": {
"from_port": 80,
"to_port": 80,
"group": {},
"ip_protocol": "TCP",
"parent_group_id": 5,
"id": 1,
"ip_range":{
"cidr": "10.10.10.0/24"
}
}
}
Partially implements blueprint nova-api-attribute-test
Change-Id: I8e85b3da74a2a5d4b16c3e33429c0b4d0da0c1c9
diff --git a/tempest/api_schema/compute/v2/security_groups.py b/tempest/api_schema/compute/v2/security_groups.py
index 68b65b4..6dd44cd 100644
--- a/tempest/api_schema/compute/v2/security_groups.py
+++ b/tempest/api_schema/compute/v2/security_groups.py
@@ -36,3 +36,41 @@
'required': ['security_groups']
}
}
+
+create_security_group_rule = {
+ 'status_code': [200],
+ 'response_body': {
+ 'type': 'object',
+ 'properties': {
+ 'security_group_rule': {
+ 'type': 'object',
+ 'properties': {
+ 'from_port': {'type': 'integer'},
+ 'to_port': {'type': 'integer'},
+ 'group': {'type': 'object'},
+ 'ip_protocol': {'type': 'string'},
+ # 'parent_group_id' can be UUID so defining it
+ # as 'string' also.
+ 'parent_group_id': {'type': ['integer', 'string']},
+ 'id': {'type': ['integer', 'string']},
+ 'ip_range': {
+ 'type': 'object',
+ 'properties': {
+ 'cidr': {'type': 'string'}
+ }
+ # When optional argument is provided in request body
+ # like 'group_id' then, attribute 'cidr' does not
+ # comes in response body. So it is not 'required'.
+ }
+ },
+ 'required': ['from_port', 'to_port', 'group', 'ip_protocol',
+ 'parent_group_id', 'id', 'ip_range']
+ }
+ },
+ 'required': ['security_group_rule']
+ }
+}
+
+delete_security_group_rule = {
+ 'status_code': [202]
+}
diff --git a/tempest/services/compute/json/security_groups_client.py b/tempest/services/compute/json/security_groups_client.py
index 9267be7..7411fb7 100644
--- a/tempest/services/compute/json/security_groups_client.py
+++ b/tempest/services/compute/json/security_groups_client.py
@@ -111,11 +111,15 @@
url = 'os-security-group-rules'
resp, body = self.post(url, post_body)
body = json.loads(body)
+ self.validate_response(schema.create_security_group_rule, resp, body)
return resp, body['security_group_rule']
def delete_security_group_rule(self, group_rule_id):
"""Deletes the provided Security Group rule."""
- return self.delete('os-security-group-rules/%s' % str(group_rule_id))
+ resp, body = self.delete('os-security-group-rules/%s' %
+ str(group_rule_id))
+ self.validate_response(schema.delete_security_group_rule, resp, body)
+ return resp, body
def list_security_group_rules(self, security_group_id):
"""List all rules for a security group."""