diff options
| author |   Cédric Ollivier <cedric.ollivier@orange.com> | 2019-08-18 16:12:37 +0200 |
|---|---|---|
| committer | Cédric Ollivier <cedric.ollivier@orange.com> | 2019-08-18 17:12:51 +0200 |
| commit | 929cc63e66b8c33a85d57653b4c4b9aa5a9fbe6a (patch) | |
| tree | 6d9cc5396e8671262c9178272457fffec7d920e0 | |
| parent | 99ff405fc6bfc4cc79f7a7e3da7c7779b2f13f1e (diff) | |
Clean orphan security groups
It removes all security groups which are not owned by a project.
This approach seems suitable as it works even if dynamic accounts
(tempest and rally). All other OpenStack resources are still
removed by the underlying framework.
It lists all orphan security groups in use as debug to avoid
misunderstanding the testcase results (it could happen if cloud admin
removes accounts without cleaning the virtual machines).
Change-Id: I033d96e077b4277d59233a3de4ca6d41ed91f743
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
(cherry picked from commit 1e36927d4f17775c3f3ca3201b36e153ff9fd0da)
| -rw-r--r-- | functest/core/singlevm.py | 21 | ||||
| -rw-r--r-- | functest/utils/env.py | 3 |
2 files changed, 23 insertions, 1 deletions
diff --git a/functest/core/singlevm.py b/functest/core/singlevm.py index 521eb1484..1da30de34 100644 --- a/functest/core/singlevm.py +++ b/functest/core/singlevm.py @@ -238,6 +238,25 @@ class VmReady1(tenantnetwork.TenantNetwork1): self.__logger.error("cannot find regex '%s' in console", regex) return False + def clean_orphan_security_groups(self): + """Clean all security groups which are not owned by an existing tenant + + It lists all orphan security groups in use as debug to avoid + misunderstanding the testcase results (it could happen if cloud admin + removes accounts without cleaning the virtual machines) + """ + sec_groups = self.orig_cloud.list_security_groups() + for sec_group in sec_groups: + if not sec_group.tenant_id: + continue + if not self.orig_cloud.get_project(sec_group.tenant_id): + self.__logger.debug("Cleaning security group %s", sec_group.id) + try: + self.orig_cloud.delete_security_group(sec_group.id) + except Exception: # pylint: disable=broad-except + self.__logger.debug( + "Orphan security group %s in use", sec_group.id) + def run(self, **kwargs): """Boot the new VM @@ -274,6 +293,8 @@ class VmReady1(tenantnetwork.TenantNetwork1): self.cloud.delete_image(self.image.id) if self.flavor: self.orig_cloud.delete_flavor(self.flavor.id) + if env.get('CLEAN_ORPHAN_SECURITY_GROUPS').lower() == 'true': + self.clean_orphan_security_groups() except Exception: # pylint: disable=broad-except self.__logger.exception("Cannot clean all resources") diff --git a/functest/utils/env.py b/functest/utils/env.py index 58140204d..892d1749d 100644 --- a/functest/utils/env.py +++ b/functest/utils/env.py @@ -38,7 +38,8 @@ INPUTS = { 'NAMESERVER': '8.8.8.8', 'NEW_USER_ROLE': 'Member', 'USE_DYNAMIC_CREDENTIALS': 'True', - 'BLOCK_MIGRATION': 'True' + 'BLOCK_MIGRATION': 'True', + 'CLEAN_ORPHAN_SECURITY_GROUPS': 'True' } |