python-openstackclient 7.2.1__py3-none-any.whl → 7.3.0__py3-none-any.whl

openstackclient/network/v2/port.py

@@ -38,6 +38,20 @@ class AdminStateColumn(cliff_columns.FormattableColumn):
         return 'UP' if self._value else 'DOWN'
 
 
+class SubPortColumn(format_columns.ListDictColumn):
+    def _retrieve_subports(self):
+        if isinstance(self._value, dict):
+            self._value = self._value['sub_ports']
+
+    def human_readable(self):
+        self._retrieve_subports()
+        return super().human_readable()
+
+    def machine_readable(self):
+        self._retrieve_subports()
+        return super().machine_readable()
+
+
 _formatters = {
     'admin_state_up': AdminStateColumn,
     'is_admin_state_up': AdminStateColumn,
@@ -51,6 +65,7 @@ _formatters = {
     'fixed_ips': format_columns.ListDictColumn,
     'security_group_ids': format_columns.ListColumn,
     'tags': format_columns.ListColumn,
+    'trunk_details': SubPortColumn,
 }
 
 
@@ -93,6 +108,7 @@ def _get_columns(item):
         'status': 'status',
         'tags': 'tags',
         'trunk_details': 'trunk_details',
+        'trusted': 'trusted',
         'updated_at': 'updated_at',
     }
     return (
@@ -222,6 +238,10 @@ def _get_attrs(client_manager, parsed_args):
         and parsed_args.hardware_offload_type
     ):
         attrs['hardware_offload_type'] = parsed_args.hardware_offload_type
+    if parsed_args.not_trusted:
+        attrs['trusted'] = False
+    if parsed_args.trusted:
+        attrs['trusted'] = True
 
     return attrs
 
@@ -388,6 +408,25 @@ def _add_updatable_args(parser, create=False):
             '(repeat option to set multiple hints)'
         ),
     )
+    port_trusted = parser.add_mutually_exclusive_group()
+    port_trusted.add_argument(
+        '--trusted',
+        action='store_true',
+        help=_(
+            "Set port to be trusted. This will be populated into the "
+            "'binding:profile' dictionary and passed to the services "
+            "which expect it in this dictionary (for example, Nova)"
+        ),
+    )
+    port_trusted.add_argument(
+        '--not-trusted',
+        action='store_true',
+        help=_(
+            "Set port to be not trusted. This will be populated into the "
+            "'binding:profile' dictionary and passed to the services "
+            "which expect it in this dictionary (for example, Nova)"
+        ),
+    )
 
 
 # TODO(abhiraut): Use the SDK resource mapped attribute names once the
@@ -534,7 +573,7 @@ class CreatePort(command.ShowOne, common.NeutronCommandWithExtraArgs):
             '--security-group',
             metavar='<security-group>',
             action='append',
-            dest='security_group',
+            dest='security_groups',
             help=_(
                 "Security group to associate with this port (name or ID) "
                 "(repeat option to set multiple security groups)"
@@ -542,8 +581,9 @@ class CreatePort(command.ShowOne, common.NeutronCommandWithExtraArgs):
         )
         secgroups.add_argument(
             '--no-security-group',
-            dest='no_security_group',
-            action='store_true',
+            action='store_const',
+            const=[],
+            dest='security_groups',
             help=_("Associate no security groups with this port"),
         )
         parser.add_argument(
@@ -609,13 +649,11 @@ class CreatePort(command.ShowOne, common.NeutronCommandWithExtraArgs):
         elif parsed_args.no_fixed_ip:
             attrs['fixed_ips'] = []
 
-        if parsed_args.security_group:
+        if parsed_args.security_groups is not None:
             attrs['security_group_ids'] = [
                 client.find_security_group(sg, ignore_missing=False).id
-                for sg in parsed_args.security_group
+                for sg in parsed_args.security_groups
             ]
-        elif parsed_args.no_security_group:
-            attrs['security_group_ids'] = []
 
         if parsed_args.allowed_address_pairs:
             attrs['allowed_address_pairs'] = _convert_address_pairs(
@@ -828,25 +866,30 @@ class ListPort(command.Lister):
         network_client = self.app.client_manager.network
         identity_client = self.app.client_manager.identity
 
-        columns = (
+        columns = [
             'id',
             'name',
             'mac_address',
             'fixed_ips',
             'status',
-        )
-        column_headers = (
+        ]
+        column_headers = [
             'ID',
             'Name',
             'MAC Address',
             'Fixed IP Addresses',
             'Status',
-        )
+        ]
 
         filters = {}
         if parsed_args.long:
-            columns += ('security_group_ids', 'device_owner', 'tags')
-            column_headers += ('Security Groups', 'Device Owner', 'Tags')
+            columns.extend(
+                ['security_groups', 'device_owner', 'tags', 'trunk_details']
+            )
+            column_headers.extend(
+                ['Security Groups', 'Device Owner', 'Tags', 'Trunk subports']
+            )
+
         if parsed_args.device_owner is not None:
             filters['device_owner'] = parsed_args.device_owner
         if parsed_args.device_id is not None:
@@ -894,6 +937,12 @@ class ListPort(command.Lister):
 
         data = network_client.ports(fields=columns, **filters)
 
+        if parsed_args.long:
+            columns = [
+                'security_group_ids' if item == 'security_groups' else item
+                for item in columns
+            ]
+
         headers, attrs = utils.calculate_header_and_attrs(
             column_headers, columns, parsed_args
         )
@@ -982,7 +1031,7 @@ class SetPort(common.NeutronCommandWithExtraArgs):
             '--security-group',
             metavar='<security-group>',
             action='append',
-            dest='security_group',
+            dest='security_groups',
             help=_(
                 "Security group to associate with this port (name or ID) "
                 "(repeat option to set multiple security groups)"
@@ -1083,7 +1132,7 @@ class SetPort(common.NeutronCommandWithExtraArgs):
 
         if parsed_args.no_security_group:
             attrs['security_group_ids'] = []
-        if parsed_args.security_group:
+        if parsed_args.security_groups:
             if 'security_group_ids' not in attrs:
                 # NOTE(dtroyer): Get existing security groups, iterate the
                 #                list to force a new list object to be
@@ -1094,7 +1143,7 @@ class SetPort(common.NeutronCommandWithExtraArgs):
                 ]
             attrs['security_group_ids'].extend(
                 client.find_security_group(sg, ignore_missing=False).id
-                for sg in parsed_args.security_group
+                for sg in parsed_args.security_groups
             )
 
         if parsed_args.no_allowed_address_pair:
@@ -1137,6 +1186,11 @@ class SetPort(common.NeutronCommandWithExtraArgs):
                     raise exceptions.CommandError(msg)
             attrs['hints'] = expanded_hints
 
+        if parsed_args.not_trusted:
+            attrs['trusted'] = False
+        if parsed_args.trusted:
+            attrs['trusted'] = True
+
         attrs.update(
             self._parse_extra_properties(parsed_args.extra_properties)
         )
@@ -1202,7 +1256,7 @@ class UnsetPort(common.NeutronUnsetCommandWithExtraArgs):
             '--security-group',
             metavar='<security-group>',
             action='append',
-            dest='security_group_ids',
+            dest='security_groups',
             help=_(
                 "Security group which should be removed this port (name "
                 "or ID) (repeat option to unset multiple security groups)"
@@ -1287,9 +1341,9 @@ class UnsetPort(common.NeutronUnsetCommandWithExtraArgs):
                 msg = _("Port does not contain binding-profile %s") % key
                 raise exceptions.CommandError(msg)
             attrs['binding:profile'] = tmp_binding_profile
-        if parsed_args.security_group_ids:
+        if parsed_args.security_groups:
             try:
-                for sg in parsed_args.security_group_ids:
+                for sg in parsed_args.security_groups:
                     sg_id = client.find_security_group(
                         sg, ignore_missing=False
                     ).id

openstackclient/tests/functional/compute/v2/test_server.py

@@ -1295,7 +1295,7 @@ class ServerTests(common.ComputeTestCase):
             )
             if ip_address in cmd_output['addresses']['private']:
                 # Hang out for a bit and try again
-                print('retrying add port check')
+                print('retrying remove port check')
                 wait_time += 10
                 time.sleep(10)
             else:
@@ -1367,6 +1367,92 @@ class ServerTests(common.ComputeTestCase):
         addresses = cmd_output['addresses']['private']
         self.assertIn(ip_address, addresses)
 
+    def test_server_add_remove_security_group(self):
+        name = uuid.uuid4().hex
+        cmd_output = self.openstack(
+            'server create '
+            + '--network private '
+            + '--flavor '
+            + self.flavor_name
+            + ' '
+            + '--image '
+            + self.image_name
+            + ' '
+            + '--wait '
+            + name,
+            parse_output=True,
+        )
+
+        self.assertIsNotNone(cmd_output['id'])
+        self.assertEqual(name, cmd_output['name'])
+        self.addCleanup(self.openstack, 'server delete --wait ' + name)
+
+        # create security group
+        security_group_name = uuid.uuid4().hex
+
+        cmd_output = self.openstack(
+            'security group list',
+            parse_output=True,
+        )
+        self.assertNotIn(security_group_name, cmd_output)
+
+        cmd_output = self.openstack(
+            'security group create ' + security_group_name,
+            parse_output=True,
+        )
+        self.assertIsNotNone(cmd_output['id'])
+        self.addCleanup(
+            self.openstack, 'security group delete ' + security_group_name
+        )
+
+        # add security group to server, assert the name of the security group
+        # appears
+        self.openstack(
+            'server add security group ' + name + ' ' + security_group_name
+        )
+
+        wait_time = 0
+        while wait_time < 60:
+            cmd_output = self.openstack(
+                'server show ' + name,
+                parse_output=True,
+            )
+            if security_group_name not in [
+                x['name'] for x in cmd_output['security_groups']
+            ]:
+                # Hang out for a bit and try again
+                print('retrying add security group check')
+                wait_time += 10
+                time.sleep(10)
+            else:
+                break
+        security_groups = [x['name'] for x in cmd_output['security_groups']]
+        self.assertIn(security_group_name, security_groups)
+
+        # remove security group, assert the name of the security group doesn't
+        # appear
+        self.openstack(
+            'server remove security group ' + name + ' ' + security_group_name
+        )
+
+        wait_time = 0
+        while wait_time < 60:
+            cmd_output = self.openstack(
+                'server show ' + name,
+                parse_output=True,
+            )
+            if security_group_name not in [
+                x['name'] for x in cmd_output['security_groups']
+            ]:
+                # Hang out for a bit and try again
+                print('retrying remove security group check')
+                wait_time += 10
+                time.sleep(10)
+            else:
+                break
+        security_groups = [x['name'] for x in cmd_output['security_groups']]
+        self.assertNotIn(security_group_name, security_groups)
+
     def test_server_add_remove_volume(self):
         volume_wait_for = volume_common.BaseVolumeTests.wait_for_status
 

openstackclient/tests/functional/identity/v3/common.py

@@ -49,7 +49,7 @@ class IdentityTests(base.TestCase):
     ]
     ROLE_FIELDS = ['id', 'name', 'domain_id', 'description']
     SERVICE_FIELDS = ['id', 'enabled', 'name', 'type', 'description']
-    REGION_FIELDS = ['description', 'enabled', 'parent_region', 'region']
+    REGION_FIELDS = ['description', 'parent_region', 'region']
     ENDPOINT_FIELDS = [
         'id',
         'region',

openstackclient/tests/functional/identity/v3/test_application_credential.py

@@ -107,7 +107,8 @@ class ApplicationCredentialTests(common.IdentityTests):
         secret = data_utils.rand_name('secret')
         description = data_utils.rand_name('description')
         tomorrow = (
-            datetime.datetime.utcnow() + datetime.timedelta(days=1)
+            datetime.datetime.now(datetime.timezone.utc).replace(tzinfo=None)
+            + datetime.timedelta(days=1)
         ).strftime('%Y-%m-%dT%H:%M:%S%z')
         role1, role2 = self._create_role_assignments()
         raw_output = self.openstack(

openstackclient/tests/functional/identity/v3/test_role.py

@@ -93,6 +93,30 @@ class RoleTests(common.IdentityTests):
         )
         self.assertEqual(0, len(raw_output))
 
+    def test_role_add_inherited(self):
+        role_name = self._create_dummy_role()
+        username = self._create_dummy_user()
+        raw_output = self.openstack(
+            'role add '
+            f'--project {self.project_name} '
+            f'--project-domain {self.domain_name} '
+            f'--user {username} '
+            f'--user-domain {self.domain_name} '
+            '--inherited '
+            f'{role_name}'
+        )
+        self.addCleanup(
+            self.openstack,
+            'role remove '
+            f'--project {self.project_name} '
+            f'--project-domain {self.domain_name} '
+            f'--user {username} '
+            f'--user-domain {self.domain_name} '
+            '--inherited '
+            f'{role_name}',
+        )
+        self.assertEqual(0, len(raw_output))
+
     def test_role_remove(self):
         role_name = self._create_dummy_role()
         username = self._create_dummy_user()

openstackclient/tests/functional/identity/v3/test_role_assignment.py

@@ -151,6 +151,14 @@ class RoleAssignmentTests(common.IdentityTests):
             '--inherited '
             f'{role_name}'
         )
+        self.addCleanup(
+            self.openstack,
+            'role remove '
+            f'--project {self.project_name} '
+            f'--user {username} '
+            '--inherited '
+            f'{role_name}',
+        )
         self.assertEqual(0, len(raw_output))
 
         raw_output = self.openstack('role assignment list --inherited')

openstackclient/tests/functional/identity/v3/test_service_provider.py

@@ -60,9 +60,5 @@ class ServiceProviderTests(common.IdentityTests):
                 'description': new_description,
             }
         )
-        self.assertEqual(0, len(raw_output))
-        raw_output = self.openstack(
-            f'service provider show {service_provider}'
-        )
         updated_value = self.parse_show_as_object(raw_output)
-        self.assertIn(new_description, updated_value['description'])
+        self.assertEqual(new_description, updated_value.get('description'))

openstackclient/tests/functional/network/v2/test_port.py

@@ -81,10 +81,20 @@ class PortTests(common.NetworkTagTests):
         self.addCleanup(self.openstack, f'port delete {id1}')
         self.assertEqual(self.NAME, json_output.get('name'))
 
+        # sg for port2
+        sg_name1 = uuid.uuid4().hex
         json_output = self.openstack(
-            f'port create --network {self.NETWORK_NAME} {self.NAME}x',
+            f'security group create {sg_name1}',
             parse_output=True,
         )
+        sg_id1 = json_output.get('id')
+        self.addCleanup(self.openstack, f'security group delete {sg_id1}')
+        json_output = self.openstack(
+            f'port create --network {self.NETWORK_NAME} '
+            f'--security-group {sg_name1} {self.NAME}x',
+            parse_output=True,
+        )
+
         id2 = json_output.get('id')
         self.assertIsNotNone(id2)
         mac2 = json_output.get('mac_address')
@@ -113,6 +123,12 @@ class PortTests(common.NetworkTagTests):
         id_list = [item.get('ID') for item in json_output]
         self.assertIn(id1, id_list)
         self.assertIn(id2, id_list)
+        item_sg_map = {
+            item.get('ID'): item.get('Security Groups') for item in json_output
+        }
+        self.assertIn(id1, item_sg_map.keys())
+        self.assertIn(id2, item_sg_map.keys())
+        self.assertIn([sg_id1], item_sg_map.values())
 
         # Test list --mac-address
         json_output = self.openstack(
@@ -127,6 +143,17 @@ class PortTests(common.NetworkTagTests):
         self.assertNotIn(mac1, item_map.values())
         self.assertIn(mac2, item_map.values())
 
+        # Test list --security-group
+        json_output = self.openstack(
+            f'port list --security-group {sg_id1}',
+            parse_output=True,
+        )
+        item_map = {
+            item.get('ID'): item.get('Security Groups') for item in json_output
+        }
+        self.assertNotIn(id1, item_map.keys())
+        self.assertIn(id2, item_map.keys())
+
         # Test list with unknown fields
         json_output = self.openstack(
             'port list -c ID -c Name -c device_id',