diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-09-10 22:34:27 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-09-10 22:34:27 +0000 |
commit | 325688ef8e9bd9bfc3e874e129490bdb7947b928 (patch) | |
tree | 2ccde6dc00e5e6b875dc18a28378a1fc521e5a8c | |
parent | 188b4dd632a9e63ade6d01fcb7777da93bdc61c0 (diff) | |
parent | 6da5e15d3b6ab51c3466517e7b63e1c25d67fce4 (diff) | |
download | nova-325688ef8e9bd9bfc3e874e129490bdb7947b928.tar.gz |
Merge "Fix security group list when not defined for an instance" into stable/havana
5 files changed, 46 insertions, 2 deletions
diff --git a/nova/compute/api.py b/nova/compute/api.py index 567a8729a1..d5fa676067 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -3700,6 +3700,7 @@ class SecurityGroupAPI(base.Base, security_group_base.SecurityGroupBase): groups = instance.get('security_groups') if groups: return [{'name': group['name']} for group in groups] + return [] def populate_security_groups(self, instance, security_groups): if not security_groups: diff --git a/nova/network/security_group/neutron_driver.py b/nova/network/security_group/neutron_driver.py index d83684d2a0..705f7f68bd 100644 --- a/nova/network/security_group/neutron_driver.py +++ b/nova/network/security_group/neutron_driver.py @@ -381,7 +381,7 @@ class SecurityGroupAPI(security_group_base.SecurityGroupBase): servers = [{'id': instance_uuid}] sg_bindings = self.get_instances_security_groups_bindings( context, servers, detailed) - return sg_bindings.get(instance_uuid) + return sg_bindings.get(instance_uuid, []) def _has_security_group_requirements(self, port): port_security_enabled = port.get('port_security_enabled', True) diff --git a/nova/tests/api/openstack/compute/contrib/test_neutron_security_groups.py b/nova/tests/api/openstack/compute/contrib/test_neutron_security_groups.py index 6b20c377d3..4f9b2f36a2 100644 --- a/nova/tests/api/openstack/compute/contrib/test_neutron_security_groups.py +++ b/nova/tests/api/openstack/compute/contrib/test_neutron_security_groups.py @@ -16,10 +16,10 @@ # under the License. # # @author: Aaron Rosen, Nicira Networks, Inc. - import uuid from lxml import etree +import mock from neutronclient.common import exceptions as n_exc from oslo.config import cfg import webob @@ -315,6 +315,20 @@ class TestNeutronSecurityGroups( context.get_admin_context(), test_security_groups.FAKE_UUID1) self.assertEquals(sgs, expected) + @mock.patch('nova.network.security_group.neutron_driver.SecurityGroupAPI.' + 'get_instances_security_groups_bindings') + def test_get_security_group_empty_for_instance(self, neutron_sg_bind_mock): + servers = [{'id': test_security_groups.FAKE_UUID1}] + neutron_sg_bind_mock.return_value = {} + + security_group_api = self.controller.security_group_api + ctx = context.get_admin_context() + sgs = security_group_api.get_instance_security_groups(ctx, + test_security_groups.FAKE_UUID1) + + neutron_sg_bind_mock.assert_called_once_with(ctx, servers, False) + self.assertEqual([], sgs) + def test_create_port_with_sg_and_port_security_enabled_true(self): sg1 = self._create_sg_template(name='test1').get('security_group') net = self._create_network() diff --git a/nova/tests/api/openstack/compute/contrib/test_security_groups.py b/nova/tests/api/openstack/compute/contrib/test_security_groups.py index 9a2c9eb86f..be91f4b5a3 100644 --- a/nova/tests/api/openstack/compute/contrib/test_security_groups.py +++ b/nova/tests/api/openstack/compute/contrib/test_security_groups.py @@ -16,6 +16,7 @@ # under the License. from lxml import etree +import mock import mox from oslo.config import cfg import webob @@ -372,6 +373,24 @@ class TestSecurityGroups(test.TestCase): self.assertEquals(res_dict, expected) + @mock.patch('nova.db.instance_get_by_uuid') + @mock.patch('nova.db.security_group_get_by_instance', return_value=[]) + def test_get_security_group_empty_for_instance(self, mock_sec_group, + mock_db_get_ins): + expected = {'security_groups': []} + + def return_instance(context, server_id, + columns_to_join=None, use_slave=False): + self.assertEqual(server_id, FAKE_UUID1) + return return_server_by_uuid(context, server_id) + mock_db_get_ins.side_effect = return_instance + req = fakes.HTTPRequest.blank('/v2/%s/servers/%s/os-security-groups' % + ('fake', FAKE_UUID1)) + res_dict = self.server_controller.index(req, FAKE_UUID1) + self.assertEqual(expected, res_dict) + mock_sec_group.assert_called_once_with(req.environ['nova.context'], + FAKE_UUID1) + def test_get_security_group_by_instance_non_existing(self): self.stubs.Set(nova.db, 'instance_get', return_server_nonexistent) self.stubs.Set(nova.db, 'instance_get_by_uuid', diff --git a/nova/tests/network/security_group/test_neutron_driver.py b/nova/tests/network/security_group/test_neutron_driver.py index 83fa406d1d..2819bccb76 100644 --- a/nova/tests/network/security_group/test_neutron_driver.py +++ b/nova/tests/network/security_group/test_neutron_driver.py @@ -212,3 +212,13 @@ class TestNeutronDriver(test.NoDBTestCase): result = sg_api.get_instances_security_groups_bindings( self.context, servers) self.assertEquals(result, sg_bindings) + + def test_instance_empty_security_groups(self): + + port_list = {'ports': [{'id': 1, 'device_id': '1', + 'security_groups': []}]} + self.moxed_client.list_ports(device_id=['1']).AndReturn(port_list) + self.mox.ReplayAll() + sg_api = neutron_driver.SecurityGroupAPI() + result = sg_api.get_instance_security_groups(self.context, '1') + self.assertEqual([], result) |