2 Documentation Test Suite for Neutron Security Group
3 Suite Setup BuiltIn.Run Keywords SetupUtils.Setup_Utils_For_Setup_And_Teardown
4 ... AND DevstackUtils.Devstack Suite Setup
5 Suite Teardown Neutron Security Group Suite Teardown
6 Test Setup SetupUtils.Setup_Test_With_Logging_And_Without_Fast_Failing
7 Test Teardown Get Test Teardown Debugs
9 Library OperatingSystem
10 Library RequestsLibrary
12 Resource ../../../libraries/DevstackUtils.robot
13 Resource ../../../libraries/SetupUtils.robot
14 Resource ../../../variables/Variables.robot
18 ${DESCRIPTION} --description "new security group 1"
19 ${VERIFY_DESCRIPTION} new security group 1
20 ${VERIFY_NAME} SSH_UPDATED
21 ${NAME_UPDATE} --name SSH_UPDATED
22 ${SECURITY_FALSE} --port-security-enabled false
23 ${SECURITY_TRUE} --port-security-enabled true
24 ${SEC_GROUP_API} /restconf/config/neutron:neutron/security-groups/
25 ${SEC_RULE_API} /restconf/config/neutron:neutron/security-rules/
26 ${ADD_ARG_SSH} --direction ingress --ethertype IPv4 --port_range_max 22 --port_range_min 22 --protocol tcp
29 @{IP_SUBNET} 20.2.1.0/24
30 @{PORTS} port01 port02
31 ${SECURITY_GROUPS} --security-group
32 @{SGS} SSH1 SSH2 SSH3 SSH4
33 ${ADD_ARG_SSH5} --direction ingress --ethertype IPv4 --port_range_max 20 --port_range_min 25 --protocol tcp
34 @{ADD_PARAMS} ingression IPv4 20 25 tcp
35 ${ADD_ARG_SSH6} --direction ingress --ethertype IPv4 --port_range_max 25 --port_range_min -1 --protocol tcp
36 ${ADD_ARG_SSH7} --direction ingress --ethertype IPv4 --port_range_max -1 --port_range_min 20 --protocol tcp
37 ${PORT_RANGE_ERROR} For TCP/UDP protocols, port_range_min must be <= port_range_max
38 ${INVALID_PORT_RANGE_MIN} Invalid value for port
41 TC01_Update Security Group description and Name
42 [Documentation] This test case validates the security group creation with optional parameter description, Update Security Group description and name
44 ${sg_id} = BuiltIn.Run Keyword Create Security Group and Validate ${SGS[0]}
45 Create Security Rule and Validate ${SGS[0]} direction=${ADD_PARAMS[0]} ethertype=${ADD_PARAMS[1]} port_range_max=${ADD_PARAMS[3]} port_range_min=${ADD_PARAMS[2]} protocol=${ADD_PARAMS[4]}
46 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
47 Neutron Setup Creation ${NETWORKS[0]} ${SUBNET[0]} ${IP_SUBNET[0]} ${PORTS[0]} ${PORTS[1]} ${SECURITY_GROUPS}
49 Security group verification on Neutron port ${PORTS[0]} ${sg_id}
50 Security group verification on Neutron port ${PORTS[1]} ${sg_id}
51 Update Security Group Description and Verification ${sg_id} ${DESCRIPTION} ${VERIFY_DESCRIPTION}
52 Update Security Group Name and Verification ${sg_id} ${NAME_UPDATE} ${VERIFY_NAME}
54 TC02_Create Security Rule with port_range_min > port_range_max
55 [Documentation] This test case validates the security group and rule creation with optional parameters Create Security Rule with port_range_min greater than port_range_max
57 Create Security Group and Validate ${SGS[1]}
58 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
59 Neutron Rule Creation With Invalid Parameters ${SGS[1]} ${ADD_ARG_SSH5} ${PORT_RANGE_ERROR}
61 TC03_Create Security Rule with port_range_min = -1
62 [Documentation] This test case validates the security group and rule creation with optional parameters, Create Security Rule with port_range_min = -1
64 Create Security Group and Validate ${SGS[2]}
65 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
66 Neutron Rule Creation With Invalid Parameters ${SGS[2]} ${ADD_ARG_SSH6} ${INVALID_PORT_RANGE_MIN}
68 TC04_Create Security Rule with port_range_max = -1
69 [Documentation] This test case validates the security group and rule creation with optional parameters, Create Security Rule with port_range_max = -1
71 Create Security Group and Validate ${SGS[3]}
72 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
73 Neutron Rule Creation With Invalid Parameters ${SGS[3]} ${ADD_ARG_SSH7} ${INVALID_PORT_RANGE_MIN}
77 [Arguments] ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
78 [Documentation] Get the Flows from DPN1 and DPN2
79 ${resp} = Utils.Run Command On Remote System And Log ${OS_COMPUTE_1_IP} sudo ovs-ofctl dump-flows br-int -O OpenFlow13
80 ${resp} = Utils.Run Command On Remote System And Log ${OS_COMPUTE_1_IP} sudo ovs-ofctl dump-groups br-int -OOpenflow13
81 ${resp} = Utils.Run Command On Remote System And Log ${OS_COMPUTE_2_IP} sudo ovs-ofctl dump-flows br-int -O OpenFlow13
82 ${resp} = Utils.Run Command On Remote System And Log ${OS_COMPUTE_2_IP} sudo ovs-ofctl dump-groups br-int -OOpenflow13
84 Create Security Group and Validate
86 ${output} ${sg_id} = OpenStackOperations.Neutron Security Group Create ${sg_ssh}
87 ${sec_groups} = BuiltIn.Create List ${sg_ssh}
88 BuiltIn.Wait Until Keyword Succeeds 10s 2s Utils.Check For Elements At URI ${SEC_GROUP_API} ${sec_groups}
91 Create Security Rule and Validate
92 [Arguments] ${sg_ssh} &{Kwargs}
93 ${output} ${rule_id} = OpenStackOperations.Neutron Security Group Rule Create ${sg_ssh}
94 ${rule_ids} = BuiltIn.Create List ${rule_id}
95 BuiltIn.Wait Until Keyword Succeeds 10s 2s Utils.Check For Elements At URI ${SEC_RULE_API} ${rule_ids}
97 Neutron Setup Creation
98 [Arguments] ${network} ${subnet} ${ip_subnet} ${port1} ${port2} ${sg_groups}
100 ${net_id} = OpenStackOperations.Create Network ${network}
101 ${subnet_id} = OpenStackOperations.Create SubNet ${network} ${subnet} ${ip_subnet}
102 ${add_args} = BuiltIn.Set Variable ${sg_groups} ${sg_id}
103 ${port_id} OpenStackOperations.Create Neutron Port With Additional Params ${network} ${port1} ${add_args}
104 ${port_id} OpenStackOperations.Create Neutron Port With Additional Params ${network} ${port2} ${add_args}
106 Neutron Security Group Suite Teardown
107 : FOR ${port} IN @{PORTS}
108 \ Run Keyword And Ignore Error OpenStackOperations.Delete Port ${port}
109 : FOR ${subnet} IN @{SUBNETS}
110 \ Run Keyword And Ignore Error OpenStackOperations.Delete SubNet ${subnet}
111 : FOR ${network} IN @{NETWORKS}
112 \ Run Keyword And Ignore Error OpenStackOperations.Delete Network ${network}
113 : FOR ${sg} IN @{SGS}
114 \ Run Keyword And Ignore Error OpenStackOperations.Delete SecurityGroup ${sg}
115 Close All Connections
117 Security group verification on Neutron port
118 [Arguments] ${port} ${sg_id}
119 ${port_show} = OpenStackOperations.Neutron Port Show ${port}
120 BuiltIn.Should Contain ${port_show} ${sg_id}
122 Update Security Group Description and Verification
123 [Arguments] ${sg_id} ${description} ${verify_description}
124 OpenStackOperations.Neutron Security Group Update ${sg_id} ${description}
125 ${output} = OpenStackOperations.Neutron Security Group Show ${sg_id}
126 BuiltIn.Should Contain ${output} ${verify_description}
128 Update Security Group Name and Verification
129 [Arguments] ${sg_id} ${name_update} ${verify_name}
130 OpenStackOperations.Neutron Security Group Update ${sg_id} ${name_update}
131 ${output} = OpenStackOperations.Neutron Security Group Show ${sg_id}
132 Should Contain ${output} ${verify_name}
133 ${resp} RequestsLibrary.Get Request session ${SEC_GROUP_API}
134 BuiltIn.Log ${resp.content}
135 BuiltIn.Should Be Equal As Strings ${resp.status_code} ${RESP_CODE_200}
136 BuiltIn.Should Contain ${resp.content} ${verify_name}
138 Neutron Rule Creation With Invalid Parameters
139 [Arguments] ${sg_name} ${additional_args} ${expected_error}
140 ${rc} ${output} = OperatingSystem.Run And Return Rc And Output neutron security-group-rule-create ${sg_name} ${additional_args}
141 BuiltIn.Log ${output}
142 BuiltIn.Should Contain ${output} ${expected_error}
143 SSHLibrary.Close Connection