diff options
author | spisarski <s.pisarski@cablelabs.com> | 2017-08-03 09:14:20 -0600 |
---|---|---|
committer | spisarski <s.pisarski@cablelabs.com> | 2017-08-03 09:41:17 -0600 |
commit | be88521949fd488dd0a3b1eff214f82511f2a6d5 (patch) | |
tree | be7c8d3f53fcdd55f464a88a0a07cfb753c8b265 | |
parent | 3688eb42266a2a96a16eb140eebf6f86a7bc126b (diff) |
Delete 'default' security group associated to new projects.
OpenStack can create a security group named 'default' each time a
new project/tenant has been created but is not cleaned up when the
project has been deleted. This patch adds this functionality into
OpenStackProject#clean() method.
Also added similar routine to KeystoneUtilsTests#tearDown() method.
JIRA: SNAPS-169
Change-Id: I29492ae2ddd82e7d59d09b9c4eb759be4835532a
Signed-off-by: spisarski <s.pisarski@cablelabs.com>
-rw-r--r-- | snaps/openstack/create_project.py | 15 | ||||
-rw-r--r-- | snaps/openstack/utils/neutron_utils.py | 7 | ||||
-rw-r--r-- | snaps/openstack/utils/tests/keystone_utils_tests.py | 15 |
3 files changed, 32 insertions, 5 deletions
diff --git a/snaps/openstack/create_project.py b/snaps/openstack/create_project.py index bc80789..6b06db4 100644 --- a/snaps/openstack/create_project.py +++ b/snaps/openstack/create_project.py @@ -15,7 +15,7 @@ import logging from keystoneclient.exceptions import NotFound -from snaps.openstack.utils import keystone_utils +from snaps.openstack.utils import keystone_utils, neutron_utils __author__ = 'spisarski' @@ -66,6 +66,19 @@ class OpenStackProject: :return: void """ if self.__project: + # Delete security group 'default' if exists + neutron = neutron_utils.neutron_client(self.__os_creds) + default_sec_grp = neutron_utils.get_security_group( + neutron, 'default', + tenant_id=self.__project.id) + if default_sec_grp: + try: + neutron_utils.delete_security_group( + neutron, default_sec_grp) + except: + pass + + # Delete Project try: keystone_utils.delete_project(self.__keystone, self.__project) except NotFound: diff --git a/snaps/openstack/utils/neutron_utils.py b/snaps/openstack/utils/neutron_utils.py index 061bc56..2de3586 100644 --- a/snaps/openstack/utils/neutron_utils.py +++ b/snaps/openstack/utils/neutron_utils.py @@ -347,7 +347,7 @@ def delete_security_group(neutron, sec_grp): neutron.delete_security_group(sec_grp.id) -def get_security_group(neutron, name): +def get_security_group(neutron, name, tenant_id=None): """ Returns the first security group object of the given name else None :param neutron: the client @@ -356,7 +356,10 @@ def get_security_group(neutron, name): """ logger.info('Retrieving security group with name - ' + name) - groups = neutron.list_security_groups(**{'name': name}) + filter = {'name': name} + if tenant_id: + filter['tenant_id'] = tenant_id + groups = neutron.list_security_groups(**filter) for group in groups['security_groups']: if group['name'] == name: return SecurityGroup(**group) diff --git a/snaps/openstack/utils/tests/keystone_utils_tests.py b/snaps/openstack/utils/tests/keystone_utils_tests.py index a46cbd1..29cd8af 100644 --- a/snaps/openstack/utils/tests/keystone_utils_tests.py +++ b/snaps/openstack/utils/tests/keystone_utils_tests.py @@ -17,7 +17,7 @@ import uuid from snaps.openstack.create_project import ProjectSettings from snaps.openstack.create_user import UserSettings from snaps.openstack.tests.os_source_file_test import OSComponentTestCase -from snaps.openstack.utils import keystone_utils +from snaps.openstack.utils import keystone_utils, neutron_utils __author__ = 'spisarski' @@ -73,7 +73,18 @@ class KeystoneUtilsTests(OSComponentTestCase): Cleans the remote OpenStack objects """ if self.project: - keystone_utils.delete_project(self.keystone, self.project) + neutron = neutron_utils.neutron_client(self.os_creds) + default_sec_grp = neutron_utils.get_security_group( + neutron, 'default', + tenant_id=self.project.id) + if default_sec_grp: + try: + neutron_utils.delete_security_group( + neutron, default_sec_grp) + except: + pass + + keystone_utils.delete_project(self.keystone, self.project) if self.user: keystone_utils.delete_user(self.keystone, self.user) |