aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorstark, steven <steven.stark@att.com>2019-11-12 17:18:22 -0800
committerstark, steven <steven.stark@att.com>2019-11-12 17:30:54 -0800
commit9c7ab065e6477c035ffc6addf384abcef2e9588a (patch)
tree4cd8acab9da9c9911ad2c15e1246de69b83d522a
parentdd0d480978570b4222206bc04edd271c39b88b44 (diff)
[VVP] updating ports.py to check str_replace params
allowed_address_pairs/ip_address can use CIDR format, and is often done by using the intrinsic function str_replace. This update will naively go through each param in a str_replace to check if one is a valid allowed_address_pair/ip_address parameter. Issue-ID: VVP-341 Signed-off-by: stark, steven <steven.stark@att.com> Change-Id: I24e7ad6b74e5795b577d99468517287be46cd2b7
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/fail.yaml65
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/vmi_fail.yaml61
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/fail.yaml (renamed from ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/neutron/fail.yaml)76
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/pass.yaml65
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass.yaml61
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass_exemption.yaml83
-rw-r--r--ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/pass.yaml (renamed from ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/neutron/valid_template.yaml)137
-rw-r--r--ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_base.yaml12
-rw-r--r--ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_module.yaml14
-rw-r--r--ice_validator/tests/utils/ports.py234
10 files changed, 317 insertions, 491 deletions
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/fail.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/fail.yaml
deleted file mode 100644
index 248f9ec..0000000
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/fail.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: fdsafsfsa
-
-parameters:
-
- TESTDB_priv_floating_ips:
- type: comma_delimited_list
- description: asnfjl
-
- TESTDB_int_priav_floating_ip:
- type: string
- description: asnfjl
-
-resources:
-
- TESTDB_0_priv_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_properties:
- virtual_machine_interface_properties_service_interface_type: {
- "priv_interface_type"
- }
- virtual_network_refs:
- - get_param: priv_net_fqdn
- virtual_machine_interface_allowed_address_pairs:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: [TESTDB_priv_floating_ip, 0] },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
- },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
- }],
- }
-
-
- TESTDB_0_int_private_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_properties:
- virtual_machine_interface_properties_service_interface_type: {
- "priv_interface_type"
- }
- virtual_network_refs:
- - get_param: priv_net_fqdn
- virtual_machine_interface_allowed_address_pairs:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: TESTDB_int_priav_floating_ip },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
- },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
- }],
- }
-
- #testnlksadf:
- # type: http://www.google.com
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/vmi_fail.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/vmi_fail.yaml
deleted file mode 100644
index 5113bd4..0000000
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/contrail/vmi_fail.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-# -*- coding: utf8 -*-
-# ============LICENSE_START=======================================================
-# org.onap.vvp/validation-scripts
-# ===================================================================
-# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
-# ===================================================================
-#
-# Unless otherwise specified, all software contained herein is licensed
-# under the Apache License, Version 2.0 (the "License");
-# you may not use this software except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the "License");
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# ============LICENSE_END============================================
-#
-#
-
-heat_template_version: 2015-04-30
-
-description: fdsafsfsa
-
-parameters:
-
- invalid_format:
- type: string
-
-resources:
-
- fw_0_oam_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_allowed_address_pairs:
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: invalid_format },
- },
- }]
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/neutron/fail.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/fail.yaml
index 4a3093b..81f0c00 100644
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/neutron/fail.yaml
+++ b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/fail/fail.yaml
@@ -95,6 +95,22 @@ parameters:
type: string
description: lb_extanet_floating_ip
+ cidr:
+ type: string
+ description: naslfnsakl
+
+ badparameter:
+ type: string
+ description: naslfnsakl
+
+ TESTDB_int_priav_floating_ip:
+ type: string
+ description: asnfjl
+
+ TESTDB_priav_floating_ip:
+ type: string
+ description: asnfjl
+
resources:
lb_server_0:
@@ -137,3 +153,63 @@ resources:
network: { get_param: extnet_net_name }
allowed_address_pairs:
- ip_address: { get_param: lb_extanet_floating_ip }
+
+ lb_0_extnet_port_0:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_name }
+ allowed_address_pairs:
+ - ip_address:
+ str_replace:
+ template: $IPADDR$CIDR
+ params:
+ $IPADDR: { get_param: lb_extanet_floating_ip }
+ $CIDR: { get_param: cidr}
+
+ TESTDB_0_int_private_vmi_0:
+ type: OS::ContrailV2::VirtualMachineInterface
+ properties:
+ virtual_machine_interface_properties:
+ virtual_machine_interface_properties_service_interface_type: {
+ "priv_interface_type"
+ }
+ virtual_network_refs:
+ - get_param: priv_net_fqdn
+ virtual_machine_interface_allowed_address_pairs:
+ {
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
+ [{
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
+ {
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: TESTDB_int_priav_floating_ip },
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
+ },
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
+ }],
+ }
+
+
+ TESTDB_0_private_vmi_0:
+ type: OS::ContrailV2::VirtualMachineInterface
+ properties:
+ virtual_machine_interface_properties:
+ virtual_machine_interface_properties_service_interface_type: {
+ "priv_interface_type"
+ }
+ virtual_network_refs:
+ - get_param: priv_net_fqdn
+ virtual_machine_interface_allowed_address_pairs:
+ {
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
+ [{
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
+ {
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: TESTDB_priav_floating_ip },
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
+ },
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
+ virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
+ }],
+ }
+
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/pass.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/pass.yaml
deleted file mode 100644
index df4ca00..0000000
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/pass.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: fdsafsfsa
-
-parameters:
-
- TESTDB_priv_floating_ip:
- type: string
- description: asnfjl
-
- TESTDB_int_private_floating_ips:
- type: comma_delimited_list
- description: asnfjl
-
-resources:
-
- TESTDB_0_priv_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_properties:
- virtual_machine_interface_properties_service_interface_type: {
- "priv_interface_type"
- }
- virtual_network_refs:
- - get_param: priv_net_fqdn
- virtual_machine_interface_allowed_address_pairs:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: TESTDB_priv_floating_ip },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
- },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
- }],
- }
-
-
- TESTDB_0_int_private_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_properties:
- virtual_machine_interface_properties_service_interface_type: {
- "priv_interface_type"
- }
- virtual_network_refs:
- - get_param: priv_net_fqdn
- virtual_machine_interface_allowed_address_pairs:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: [TESTDB_int_private_floating_ips, 0] },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix_len: "dsafasdF",
- },
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_mac: "sdnfjkas",
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_address_mode: "sadfnjasdfknj",
- }],
- }
-
- #testnlksadf:
- # type: http://www.google.com
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass.yaml
deleted file mode 100644
index 959c846..0000000
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-# -*- coding: utf8 -*-
-# ============LICENSE_START=======================================================
-# org.onap.vvp/validation-scripts
-# ===================================================================
-# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
-# ===================================================================
-#
-# Unless otherwise specified, all software contained herein is licensed
-# under the Apache License, Version 2.0 (the "License");
-# you may not use this software except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the "License");
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# ============LICENSE_END============================================
-#
-#
-
-heat_template_version: 2015-04-30
-
-description: fdsafsfsa
-
-parameters:
-
- fw_oam_floating_ip:
- type: string
-
-resources:
-
- fw_0_oam_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- properties:
- virtual_machine_interface_allowed_address_pairs:
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: fw_oam_floating_ip },
- },
- }]
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass_exemption.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass_exemption.yaml
deleted file mode 100644
index 2d9ca4a..0000000
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/contrail/vmi_pass_exemption.yaml
+++ /dev/null
@@ -1,83 +0,0 @@
-# -*- coding: utf8 -*-
-# ============LICENSE_START=======================================================
-# org.onap.vvp/validation-scripts
-# ===================================================================
-# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
-# ===================================================================
-#
-# Unless otherwise specified, all software contained herein is licensed
-# under the Apache License, Version 2.0 (the "License");
-# you may not use this software except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the "License");
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# ============LICENSE_END============================================
-#
-#
-
-heat_template_version: 2015-04-30
-
-description: fdsafsfsa
-
-parameters:
-
- other_format:
- type: string
-
- other_ips:
- type: comma_delimited_list
-
-resources:
-
- fw_0_oam_vmi_0:
- type: OS::ContrailV2::VirtualMachineInterface
- metadata:
- aap_exempt:
- - other_format
- properties:
- virtual_machine_interface_allowed_address_pairs:
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: other_format },
- },
- }]
-
- fw_0_oam_vmi_1:
- type: OS::ContrailV2::VirtualMachineInterface
- metadata:
- aap_exempt:
- - other_format
- - other_ips
- properties:
- virtual_machine_interface_allowed_address_pairs:
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair:
- [{
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip:
- {
- virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix: { get_param: [other_ips, 1] },
- },
- }] \ No newline at end of file
diff --git a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/neutron/valid_template.yaml b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/pass.yaml
index 58444b3..d7cbd54 100644
--- a/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/neutron/valid_template.yaml
+++ b/ice_validator/tests/fixtures/test_allowed_address_pairs_include_vm_type_network_role/pass/pass.yaml
@@ -87,37 +87,33 @@ parameters:
type: string
description: network id for the internal network intranet
- db_int_intranet_ip_0:
+ db_int_intranet_floating_ip:
type: string
- description: db_int_intranet_ip_0
+ description: db_int_intranet_floating_ip
- db_int_intranet_v6_ip_0:
+ db_int_intranet_floating_v6_ip:
type: string
- description: db_int_intranet_v6_ip_0
+ description: db_int_intranet_floating_v6_ip
- db_int_intranet_ips:
+ db_int_intranet_floating_ips:
type: comma_delimited_list
- description: db_int_intranet_ips
+ description: db_int_intranet_floating_ips
- db_int_intranet_v6_ips:
+ db_int_intranet_floating_v6_ips:
type: comma_delimited_list
- description: db_int_intranet_v6_ips
+ description: db_int_intranet_floating_v6_ips
db_int_intranet_floating_ip:
type: string
description: db_int_intranet_floating_ip
- db_int_intranet_floating_v6_ip:
- type: string
- description: db_int_intranet_floating_v6_ip
-
- lb_extnet_ip_0:
+ lb_extnet_floating_ip:
type: string
- description: lb_extnet_ip_0
+ description: lb_extnet_floating_ip
- lb_extnet_v6_ip_0:
+ lb_extnet_floating_v6_ip:
type: string
- description: lb_extnet_v6_ip_0
+ description: lb_extnet_floating_v6_ip
lb_extnet_ips:
type: comma_delimited_list
@@ -131,9 +127,9 @@ parameters:
type: string
description: lb_extnet_floating_ip
- lb_extnet_floating_v6_ip:
+ cidr:
type: string
- description: lb_extnet_floating_v6_ip
+ description: nafskldnaklsdf
resources:
@@ -150,6 +146,7 @@ resources:
- port: { get_resource: lb_3_extnet_0_port }
- port: { get_resource: lb_4_extnet_0_port }
- port: { get_resource: lb_5_extnet_0_port }
+ - port: { get_resource: lb_6_extnet_0_port }
metadata:
vnf_name: { get_param: vnf_name }
vnf_id: { get_param: vnf_id }
@@ -173,86 +170,104 @@ resources:
vnf_id: { get_param: vnf_id }
vf_module_id: { get_param: vf_module_id }
- db_0_int_intranet_0_port:
+ db_0_int_intranet_port_0:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- - ip_address: { get_param: db_int_intranet_ip_0 }
+ - ip_address: { get_param: db_int_intranet_floating_ip }
- db_1_int_intranet_0_port:
+ db_0_int_intranet_port_1:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- - ip_address: { get_param: db_int_intranet_v6_ip_0 }
+ - ip_address: { get_param: db_int_intranet_floating_v6_ip }
- db_2_int_intranet_0_port:
+ db_0_int_intranet_port_2:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- - ip_address: { get_param: [db_int_intranet_ips, 0] }
+ - ip_address: { get_param: [db_int_intranet_floating_ips, 0] }
- db_3_int_intranet_0_port:
+ db_0_int_intranet_port_3:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- - ip_address: { get_param: [db_int_intranet_v6_ips, 0] }
+ - ip_address: { get_param: [db_int_intranet_floating_v6_ips, 0] }
- db_4_int_intranet_0_port:
+ db_0_int_intranet_port_4:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- ip_address: { get_param: db_int_intranet_floating_ip }
- db_5_int_intranet_0_port:
+ db_0_int_intranet_port_5:
type: OS::Neutron::Port
properties:
network: { get_param: int_intranet_net_id }
allowed_address_pairs:
- ip_address: { get_param: db_int_intranet_floating_v6_ip }
- lb_0_extnet_0_port:
+ lb_0_extnet_port_0:
type: OS::Neutron::Port
properties:
network: { get_param: extnet_net_name }
allowed_address_pairs:
- - ip_address: { get_param: lb_extnet_ip_0 }
-
- lb_1_extnet_0_port:
- type: OS::Neutron::Port
- properties:
- network: { get_param: extnet_net_id }
- allowed_address_pairs:
- - ip_address: { get_param: lb_extnet_v6_ip_0 }
+ - ip_address: { get_param: lb_extnet_floating_ip }
- lb_2_extnet_0_port:
- type: OS::Neutron::Port
- properties:
- network: { get_param: extnet_net_name }
- allowed_address_pairs:
- - ip_address: { get_param: [lb_extnet_ips, 0] }
+ lb_0_extnet_port_1:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_id }
+ allowed_address_pairs:
+ - ip_address: { get_param: lb_extnet_floating_v6_ip }
- lb_3_extnet_0_port:
- type: OS::Neutron::Port
- properties:
- network: { get_param: extnet_net_id }
- allowed_address_pairs:
- - ip_address: { get_param: [lb_extnet_v6_ips, 0] }
+ lb_0_extnet_port_2:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_name }
+ allowed_address_pairs:
+ - ip_address: { get_param: [lb_extnet_ips, 0] }
+ metadata:
+ aap_exempt:
+ - lb_extnet_ips
+
+ lb_0_extnet_port_3:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_id }
+ allowed_address_pairs:
+ - ip_address: { get_param: [lb_extnet_v6_ips, 0] }
+ metadata:
+ aap_exempt:
+ - lb_extnet_v6_ips
+
+ lb_0_extnet_port_4:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_name }
+ allowed_address_pairs:
+ - ip_address: { get_param: lb_extnet_floating_ip }
- lb_4_extnet_0_port:
- type: OS::Neutron::Port
- properties:
- network: { get_param: extnet_net_name }
- allowed_address_pairs:
- - ip_address: { get_param: lb_extnet_floating_ip }
+ lb_0_extnet_port_5:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_id }
+ allowed_address_pairs:
+ - ip_address: { get_param: lb_extnet_floating_v6_ip }
- lb_5_extnet_0_port:
- type: OS::Neutron::Port
- properties:
- network: { get_param: extnet_net_id }
- allowed_address_pairs:
- - ip_address: { get_param: lb_extnet_floating_v6_ip }
+ lb_0_extnet_port_6:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_param: extnet_net_id }
+ allowed_address_pairs:
+ ip_address:
+ str_replace:
+ template: $IPADDR$CIDR
+ params:
+ $CIDR: { get_param: cidr }
+ $IPADDR: { get_param: lb_extnet_floating_v6_ip }
diff --git a/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_base.yaml b/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_base.yaml
index 7043cda..93924f2 100644
--- a/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_base.yaml
+++ b/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_base.yaml
@@ -41,6 +41,10 @@ description: fdsafsfsa
parameters:
+ TESTDB_praivate_ips:
+ type: comma_delimited_list
+ description: asnfjl
+
TESTDB_int_priav_ips:
type: comma_delimited_list
description: asnfjl
@@ -75,5 +79,13 @@ resources:
instance_ip_address: { get_param: [TESTDB_private_ips, 1] }
subnet_uuid: { get_param: privte_v6_subnet_id }
+ TESTDB_0_private_vmi_2_IP_0:
+ type: OS::ContrailV2::InstanceIp
+ properties:
+ virtual_machine_interface_refs: { get_resource: TESTDB_1_priv_vmi_0 }
+ virtual_network_refs: [{ get_param: priv_net_fqdn }]
+ instance_ip_address: { get_param: [TESTDB_praivate_ips, 1] }
+ subnet_uuid: { get_param: privte_v6_subnet_id }
+
#testnlksadf:
# type: http://www.google.com
diff --git a/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_module.yaml b/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_module.yaml
index 66dd13d..def7b3d 100644
--- a/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_module.yaml
+++ b/ice_validator/tests/fixtures/test_contrail_instance_ip_parameters/fail/fail_module.yaml
@@ -49,6 +49,10 @@ parameters:
type: string
description: asnfjl
+ TESTDB_praivate_ips:
+ type: string
+ description: asnfjl
+
priv_subnet_id:
type: string
description: asnfjl
@@ -75,8 +79,16 @@ resources:
instance_ip_address: { get_param: [TESTDB_private_ips, 1] }
subnet_uuid: { get_param: privte_v6_subnet_id }
+ TESTDB_0_private_vmi_1_IP_1:
+ type: OS::ContrailV2::InstanceIp
+ properties:
+ virtual_machine_interface_refs: { get_resource: TESTDB_1_priv_vmi_0 }
+ virtual_network_refs: [{ get_param: priv_net_fqdn }]
+ instance_ip_address: { get_param: [TESTDB_praivate_ips, 1] }
+ subnet_uuid: { get_param: privte_v6_subnet_id }
+
other_0_int_priv_vmi_0_IP_0:
type: OS::ContrailV2::InstanceIp
properties:
instance_ip_address: { get_param: [other_int_priv_ips, 0] }
- subnet_uuid: { get_param: int_priv_subnet_id } \ No newline at end of file
+ subnet_uuid: { get_param: int_priv_subnet_id }
diff --git a/ice_validator/tests/utils/ports.py b/ice_validator/tests/utils/ports.py
index d65202c..1f5f658 100644
--- a/ice_validator/tests/utils/ports.py
+++ b/ice_validator/tests/utils/ports.py
@@ -78,7 +78,6 @@ def check_parameter_format(
heat = Heat(filepath=yaml_file)
resource_type = resource_processor.resource_type
resources = heat.get_resource_by_type(resource_type)
- heat_parameters = heat.parameters
for rid, resource in resources.items():
resource_intext, port_match = resource_processor.get_rid_match_tuple(rid)
if not port_match:
@@ -88,7 +87,6 @@ def check_parameter_format(
resource_intext != intext
): # skipping if type (internal/external) doesn't match
continue
-
for param in prop_iterator(resource, *properties):
if (
param
@@ -96,108 +94,156 @@ def check_parameter_format(
and "get_resource" not in param
and "get_attr" not in param
):
- # checking parameter uses get_param
- parameter = param.get("get_param")
- if not parameter:
- msg = (
- "Unexpected parameter format for {} {} property {}: {}. "
- "Please consult the heat guidelines documentation for details."
- ).format(resource_type, rid, properties, param)
- invalid_parameters.append(msg) # should this be a failure?
- continue
-
- # getting parameter if the get_param uses list, and getting official
- # HEAT parameter type
- parameter_type = parameter_type_to_heat_type(parameter)
- if parameter_type == "comma_delimited_list":
- parameter = parameter[0]
- elif parameter_type != "string":
- continue
-
- # checking parameter format = parameter type defined in parameters
- # section
- heat_parameter_type = nested_dict.get(
- heat_parameters, parameter, "type"
- )
- if not heat_parameter_type or heat_parameter_type != parameter_type:
- msg = (
- "{} {} parameter {} defined as type {} "
- + "is being used as type {} in the heat template"
- ).format(
- resource_type,
- properties,
- parameter,
- heat_parameter_type,
- parameter_type,
+ template_parameters = []
+ if "str_replace" in param:
+ # print(param)
+ template_parameters.extend(
+ v
+ for k, v in nested_dict.get(
+ param, "str_replace", "params", default={}
+ ).items()
)
- invalid_parameters.append(msg) # should this actually be an error?
- continue
-
- if exemptions_allowed and parameter in get_aap_exemptions(resource):
- continue
-
- # if parameter type is not in regx dict, then it is not supported
- # by automation
- regx_dict = regx[resource_intext].get(parameter_type)
- if not regx_dict:
- msg = (
- "{} {} {} parameter {} defined as type {} "
- "which is required by platform data model for proper "
- "assignment and inventory."
- ).format(resource_type, rid, properties, parameter, parameter_type)
- if exemptions_allowed:
- msg = "WARNING: {} {}".format(msg, AAP_EXEMPT_CAVEAT)
- invalid_parameters.append(msg)
- continue
-
- # checking if param adheres to guidelines format
- regexp = regx[resource_intext][parameter_type]["machine"]
- readable_format = regx[resource_intext][parameter_type]["readable"]
- match = regexp.match(parameter)
- if not match:
- msg = (
- "{} {} property {} parameter {} does not follow {} "
- "format {} which is required by platform data model for proper "
- "assignment and inventory."
- ).format(
+ else:
+ template_parameters.append(param)
+
+ invalid_template_parameters = []
+ for template_parameter in template_parameters:
+ # Looping through each parameter to check
+ # the only case where there can be more than 1 is
+ # if using str_replace
+ msg = validate_port_parameter(
resource_type,
rid,
properties,
- parameter,
+ template_parameter,
resource_intext,
- readable_format,
+ resource,
+ regx,
+ port_match,
+ exemptions_allowed,
)
- if exemptions_allowed:
- msg = "WARNING: {} {}".format(msg, AAP_EXEMPT_CAVEAT)
- invalid_parameters.append(msg)
- continue
-
- # checking that parameter includes correct vm_type/network_role
- parameter_checks = regx.get("parameter_to_resource_comparisons", [])
- for check in parameter_checks:
- resource_match = port_match.group(check)
- if (
- resource_match
- and not parameter.startswith(resource_match)
- and parameter.find("_{}_".format(resource_match)) == -1
- ):
- msg = (
- "{0} {1} property {2} parameter "
- "{3} {4} does match resource {4} {5}"
- ).format(
- resource_type,
- rid,
- properties,
- parameter,
- check,
- resource_match,
- )
- invalid_parameters.append(msg)
- continue
+
+ if not msg:
+ # if we found a valid parameter then
+ # reset invalide_template_parameters
+ # and break out of loop
+ invalid_template_parameters = []
+ break
+ else:
+ # haven't found a valid parameter yet
+ invalid_template_parameters.append(msg)
+
+ invalid_parameters.extend(x for x in invalid_template_parameters)
assert not invalid_parameters, "%s" % "\n".join(invalid_parameters)
+def validate_port_parameter(
+ resource_type,
+ rid,
+ properties,
+ param,
+ resource_intext,
+ resource,
+ regx,
+ port_match,
+ exemptions_allowed,
+):
+ """
+ Performs 4 validations
+
+ 1) param actually uses get_param
+ 2) parameter_type + network_type (internal/external) is a valid combination
+ 3) parameter format matches expected format from input dictionary
+ 4) the vm_type or network role from resource matches parameter
+
+ If the parameter is present in the resource metadata
+ and exemptions are allowed, then the validation will be skipped.
+ """
+ parameter = param.get("get_param")
+ if not parameter:
+ return (
+ "Unexpected parameter format for {} {} property {}: {}. "
+ "Please consult the heat guidelines documentation for details."
+ ).format(resource_type, rid, properties, param)
+
+ # getting parameter if the get_param uses list, and getting official
+ # HEAT parameter type
+ parameter_type = parameter_type_to_heat_type(parameter)
+ if parameter_type == "comma_delimited_list":
+ parameter = parameter[0]
+ elif parameter_type != "string":
+ return None
+
+ if exemptions_allowed and parameter in get_aap_exemptions(resource):
+ return None
+
+ # if parameter type is not in regx dict, then it is not supported
+ # by automation
+ regx_dict = regx[resource_intext].get(parameter_type)
+ if not regx_dict:
+ msg = (
+ "{} {} {} parameter {} defined as type {} "
+ "which is required by platform data model for proper "
+ "assignment and inventory."
+ ).format(resource_type, rid, properties, parameter, parameter_type)
+ if exemptions_allowed:
+ msg = "WARNING: {} {}".format(msg, AAP_EXEMPT_CAVEAT)
+ return msg
+
+ msg = validate_parameter_format(
+ regx, parameter_type, resource_intext, parameter, rid, exemptions_allowed
+ )
+ if msg:
+ return msg
+
+ # checking that parameter includes correct vm_type/network_role
+ parameter_checks = regx.get("parameter_to_resource_comparisons", [])
+ for check in parameter_checks:
+ msg = mismatch_resource_and_parameter_attribute(
+ check, port_match, parameter, rid
+ )
+ if msg:
+ return msg
+
+ return None
+
+
+def validate_parameter_format(
+ regx, parameter_type, resource_intext, parameter, rid, exemptions_allowed
+):
+ """Checks if a parameter format matches the expected format
+ from input format dictionary"""
+ msg = None
+ regexp = regx[resource_intext][parameter_type]["machine"]
+ readable_format = regx[resource_intext][parameter_type]["readable"]
+ match = regexp.match(parameter)
+ if not match:
+ msg = (
+ "{} property parameter {} does not follow {} "
+ "format {} which is required by platform data model for proper "
+ "assignment and inventory."
+ ).format(rid, parameter, resource_intext, readable_format)
+ if exemptions_allowed:
+ msg = "WARNING: {} {}".format(msg, AAP_EXEMPT_CAVEAT)
+
+ return msg
+
+
+def mismatch_resource_and_parameter_attribute(check, resource_re_match, parameter, rid):
+ """Compares vm_type or network_role from resource
+ is the same as found in parameter"""
+ resource_match = resource_re_match.group(check)
+ if (
+ resource_match
+ and not parameter.startswith(resource_match)
+ and parameter.find("_{}_".format(resource_match)) == -1
+ ):
+ return ("{0} {1} does not match parameter {2} {1}").format(
+ rid, check, parameter
+ )
+
+
def get_list_of_ports_attached_to_nova_server(nova_server):
networks_list = nova_server.get("properties", {}).get("networks")