Merge "AdminUtils NSX-v: Fix SG migration to policy"

vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py

@@ -330,7 +330,8 @@ def fix_security_groups(resource, event, trigger, **kwargs):
             neutron_sg.delete_security_group_backend_mapping(sg_id)
             plugin._process_security_group_create_backend_resources(context_,
                                                                     secgroup)
-            nsx_id = nsx_db.get_nsx_security_group_id(context_.session, sg_id)
+            nsx_id = nsx_db.get_nsx_security_group_id(context_.session, sg_id,
+                                                      moref=False)
             for vnic_id in neutron_sg.get_vnics_in_security_group(sg_id):
                 plugin._add_member_to_security_group(nsx_id, vnic_id)
 
@@ -371,6 +372,13 @@ def migrate_sg_to_policy(resource, event, trigger, **kwargs):
             LOG.error("NSX policy %s was not found", policy_id)
             return
 
+        # get the nsx id from the backend
+        nsx_sg_id = nsx_db.get_nsx_security_group_id(context_.session, sg_id,
+                                                     moref=True)
+        if not nsx_sg_id:
+            LOG.error("Did not find security groups %s neutron ID", sg_id)
+            return
+
         # Delete the rules from the security group
         LOG.info("Deleting the rules of security group: %s", sg_id)
         for rule in secgroup.get('security_group_rules', []):
@@ -396,7 +404,6 @@ def migrate_sg_to_policy(resource, event, trigger, **kwargs):
             # continue anyway
 
         # bind this security group to the policy in the backend and DB
-        nsx_sg_id = nsx_db.get_nsx_security_group_id(context_.session, sg_id)
         LOG.info("Binding the NSX security group %(nsx)s to policy "
                  "%(pol)s",
                  {'nsx': nsx_sg_id, 'pol': policy_id})