Makes security_group_info compatible with new openstacksdk

Updated documentation of return values and added test to verify return values Function self.conn.search_security_groups() cannot be used here. Arguments for filtering such as 'description' would have to be passed to self.conn.search_security_groups() in its 'filters' argument [1]. The latter is passed to both as query arguments to OpenStack API and later to _utils._filter_list() [2] for filtering the results. Some arguments such as 'any_tags' are only used as query arguments by openstacksdk [3] when querying OpenStack API. They are no valid attributes in security_group.py [4]. Whenever those non-attribute arguments are passed to self.conn.search_security_groups(), _utils._filter_list() [2] would drop all results because no result would have a matching attributes. [1] 0898398415/openstack/cloud/_security_group.py (L31) [2] 0898398415/openstack/cloud/_utils.py (L63) [3] 0898398415/openstack/common/tag.py (L19) [4] 0898398415/openstack/network/v2/security_group.py Change-Id: Ie7fe9d2e973d38751c48e71e6bd55e56a591ac1f
2026-05-07 22:03:09 +00:00 · 2022-05-05 14:49:54 +02:00
parent 0e675a9129
commit d600284645
3 changed files with 84 additions and 35 deletions
--- a/ci/roles/security_group/defaults/main.yml
+++ b/ci/roles/security_group/defaults/main.yml
@@ -1 +1,13 @@
+expected_fields:
+- created_at
+- description
+- name
+- project_id
+- security_group_rules
+- stateful
+- tenant_id
+- updated_at
+- revision_number
+- id
+- tags
 secgroup_name: shade_secgroup
--- a/ci/roles/security_group/tasks/main.yml
+++ b/ci/roles/security_group/tasks/main.yml
@@ -4,7 +4,6 @@
     cloud: "{{ cloud }}"
     name: "{{ secgroup_name }}"
     state: absent
-     description: Created from Ansible playbook

 - name: Create security group
  openstack.cloud.security_group:
@@ -12,30 +11,62 @@
     name: "{{ secgroup_name }}"
     state: present
     description: Created from Ansible playbook
+  register: security_group

 - name: List all security groups of a project
  openstack.cloud.security_group_info:
     cloud: "{{ cloud }}"
  register: test_sec_groups

- name: Check - List all security groups of a project
+- name: Check list all security groups of a project
  assert:
    that:
      - test_sec_groups.security_groups | length > 0

+- name: Assert fields returned by security_group_info
+  assert:
+    that:
+      - item in test_sec_groups.security_groups[0]
+  loop: "{{ expected_fields }}"
+
 - name: Filter security group by name
  openstack.cloud.security_group_info:
     cloud: "{{ cloud }}"
     name: "{{ secgroup_name }}"
  register: test_sec_group

- name: Check - List all security groups of a project
+- name: Check filter security group by name
  assert:
    that:
      - test_sec_group.security_groups | length  == 1
-      - test_sec_group.security_groups[0]['name'] == secgroup_name
-  # This fails on Stein only
-  when: sdk_version is version("0.36.5", '>=')
+      - test_sec_group.security_groups[0]['id'] == security_group.id
+
+- name: Filter security group by description
+  openstack.cloud.security_group_info:
+     cloud: "{{ cloud }}"
+     description: Created from Ansible playbook
+  register: test_sec_group
+
+- name: Check filter security group by description
+  assert:
+    that:
+      - test_sec_group.security_groups | length  == 1
+      - test_sec_group.security_groups[0]['id'] == security_group.id
+
+- name: Filter security group by not_tags
+  openstack.cloud.security_group_info:
+     cloud: "{{ cloud }}"
+     name: "{{ secgroup_name }}"
+     not_tags:
+     - ansibletag1
+     - ansibletag2
+  register: test_sec_group
+
+- name: Check filter security group by not_tags
+  assert:
+    that:
+      - test_sec_group.security_groups | length  == 1
+      - test_sec_group.security_groups[0]['id'] == security_group.id

 - name: Delete security group
  openstack.cloud.security_group: