NSX-V3: Fix security-group unittests
Since the nsxlib does not support all icmp code/type combinations, overriding some unit tests to use valid numbers. Change-Id: I4dd57a656740aadd27e5ecd2226d17b0cd9645bb
This commit is contained in:
parent
e13fe0e562
commit
86eb67dfca
@ -57,7 +57,32 @@ def _mock_create_and_list_nsgroups(test_method):
|
||||
|
||||
class TestSecurityGroups(test_nsxv3.NsxV3PluginTestCaseMixin,
|
||||
test_ext_sg.TestSecurityGroups):
|
||||
pass
|
||||
|
||||
def test_create_security_group_rule_icmp_with_type_and_code(self):
|
||||
name = 'webservers'
|
||||
description = 'my webservers'
|
||||
with self.security_group(name, description) as sg:
|
||||
security_group_id = sg['security_group']['id']
|
||||
direction = "ingress"
|
||||
remote_ip_prefix = "10.0.0.0/24"
|
||||
protocol = "icmp"
|
||||
# port_range_min (ICMP type) is greater than port_range_max
|
||||
# (ICMP code) in order to confirm min <= max port check is
|
||||
# not called for ICMP.
|
||||
port_range_min = 5
|
||||
port_range_max = 1
|
||||
keys = [('remote_ip_prefix', remote_ip_prefix),
|
||||
('security_group_id', security_group_id),
|
||||
('direction', direction),
|
||||
('protocol', protocol),
|
||||
('port_range_min', port_range_min),
|
||||
('port_range_max', port_range_max)]
|
||||
with self.security_group_rule(security_group_id, direction,
|
||||
protocol, port_range_min,
|
||||
port_range_max,
|
||||
remote_ip_prefix) as rule:
|
||||
for k, v, in keys:
|
||||
self.assertEqual(rule['security_group_rule'][k], v)
|
||||
|
||||
|
||||
class TestSecurityGroupsNoDynamicCriteria(test_nsxv3.NsxV3PluginTestCaseMixin,
|
||||
@ -70,6 +95,32 @@ class TestSecurityGroupsNoDynamicCriteria(test_nsxv3.NsxV3PluginTestCaseMixin,
|
||||
mock_nsx_version.start()
|
||||
self._patchers.append(mock_nsx_version)
|
||||
|
||||
def test_create_security_group_rule_icmp_with_type_and_code(self):
|
||||
name = 'webservers'
|
||||
description = 'my webservers'
|
||||
with self.security_group(name, description) as sg:
|
||||
security_group_id = sg['security_group']['id']
|
||||
direction = "ingress"
|
||||
remote_ip_prefix = "10.0.0.0/24"
|
||||
protocol = "icmp"
|
||||
# port_range_min (ICMP type) is greater than port_range_max
|
||||
# (ICMP code) in order to confirm min <= max port check is
|
||||
# not called for ICMP.
|
||||
port_range_min = 5
|
||||
port_range_max = 1
|
||||
keys = [('remote_ip_prefix', remote_ip_prefix),
|
||||
('security_group_id', security_group_id),
|
||||
('direction', direction),
|
||||
('protocol', protocol),
|
||||
('port_range_min', port_range_min),
|
||||
('port_range_max', port_range_max)]
|
||||
with self.security_group_rule(security_group_id, direction,
|
||||
protocol, port_range_min,
|
||||
port_range_max,
|
||||
remote_ip_prefix) as rule:
|
||||
for k, v, in keys:
|
||||
self.assertEqual(rule['security_group_rule'][k], v)
|
||||
|
||||
@_mock_create_and_list_nsgroups
|
||||
@mock.patch('vmware_nsxlib.v3.security.NsxLibNsGroup.remove_member')
|
||||
@mock.patch('vmware_nsxlib.v3.security.NsxLibNsGroup.add_members')
|
||||
|
Loading…
x
Reference in New Issue
Block a user