From 32f101bf3a3e2a17b834f2e17f9976eb7fd03960 Mon Sep 17 00:00:00 2001
From: Tomas Cechvala <tcechval@cisco.com>
Date: Fri, 10 Feb 2017 15:48:05 +0100
Subject: Security groups smoke test in FDS

Security group rules are applied to L2 traffic.

 - creates infrastructure
 - applies policy rules
 - makes MM send icmp and http traffic
 - changes policy rules
 - rechecks the traffic
 - clears infrastructure

Change-Id: I7b73f7ff22bb3fc59c5e873818bdb5d5ad88c12d
Signed-off-by: Tomas Cechvala <tcechval@cisco.com>
---
 testing/robot/lib/FDSLibrary.py | 38 ++++++++++++++++++++++++++++++++++----
 1 file changed, 34 insertions(+), 4 deletions(-)

(limited to 'testing/robot/lib/FDSLibrary.py')

diff --git a/testing/robot/lib/FDSLibrary.py b/testing/robot/lib/FDSLibrary.py
index 786cee6..32c18eb 100644
--- a/testing/robot/lib/FDSLibrary.py
+++ b/testing/robot/lib/FDSLibrary.py
@@ -124,11 +124,33 @@ class FDSLibrary():
             time.sleep(5)
         return False
 
-    def create_security_group(self):
-        pass
+    def create_security_group(self, name):
+        body = {'security_group': {
+            'name': name
+        }}
+        response = self.neutron_client.create_security_group(body=body)
+        return response
 
-    def create_security_rule(self):
-        pass
+    def create_security_rule(self, sg_id, dir, eth, desc=None, proto=None, port_min=None, port_max=None, r_sg_id=None, r_prefix=None):
+        body = {'security_group_rule': {
+            'security_group_id': sg_id,
+            'ethertype': eth,
+            'direction': dir
+        }}
+        if desc is not None:
+            body['security_group_rule']['description'] = desc
+        if proto is not None:
+            body['security_group_rule']['protocol'] = proto
+        if port_min is not None:
+            body['security_group_rule']['port_range_min'] = port_min
+        if port_max is not None:
+            body['security_group_rule']['port_range_max'] = port_max
+        if r_sg_id is not None:
+            body['security_group_rule']['remote_group_id'] = r_sg_id
+        if r_prefix is not None:
+            body['security_group_rule']['remote_ip_prefix'] = r_prefix
+        response = self.neutron_client.create_security_group_rule(body=body)
+        return response
 
     def poll_server(self, vm_id, status, timeout=300):
         try:
@@ -167,6 +189,14 @@ class FDSLibrary():
         response = self.neutron_client.delete_network(net_id)
         return response
 
+    def delete_security_group(self, sg_id):
+        response = self.neutron_client.delete_security_group(sg_id)
+        return response
+
+    def delete_security_rule(self, rule_id):
+        response = self.neutron_client.delete_security_group_rule(rule_id)
+        return response
+
     def ping_vm(self, ip_address):
         try:
             output = subprocess.check_output(['ping', '-c', '4', ip_address])
-- 
cgit 1.2.3-korg