Merge pull request #1354 from grycap/devel

Fix 1338
grycap · Mar 28, 2022 · 6f1b4f2 · 6f1b4f2
2 parents 52b7efd + bb24749
commit 6f1b4f2
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 19 deletions.
diff --git a/IM/connectors/Azure.py b/IM/connectors/Azure.py
@@ -388,7 +388,7 @@ def create_nsg(self, location, group_name, nsg_name, outports, network_client, i
                                               outport.get_port_end())
                 sr['destination_port_range'] = "%d-%d" % (outport.get_port_init(), outport.get_port_end())
                 security_rules.append(sr)
-            elif outport.get_local_port() != 22:
+            else:
                 sr['name'] = 'sr-%s-%d-%d' % (outport.get_protocol(),
                                               outport.get_remote_port(),
                                               outport.get_local_port())

diff --git a/IM/connectors/OpenStack.py b/IM/connectors/OpenStack.py
@@ -1543,17 +1543,18 @@ def create_security_groups(self, driver, inf, radl):
                                                              outport.get_remote_cidr())
                     except Exception as ex:
                         self.log_warn("Exception adding SG rules: %s" % get_ex_error(ex))
+                        self.error_messages += ("Exception adding port range: %s-%s to SG rules.\n" %
+                                                outport.get_port_init(), outport.get_port_end())
                 else:
-                    if outport.get_remote_port() != 22 or not network.isPublic():
-                        try:
-                            driver.ex_create_security_group_rule(sg, outport.get_protocol(),
-                                                                 outport.get_remote_port(),
-                                                                 outport.get_remote_port(),
-                                                                 outport.get_remote_cidr())
-                        except Exception as ex:
-                            self.log_warn("Exception adding SG rules: %s" % get_ex_error(ex))
-                            self.error_messages += ("Exception adding port %s to SG rules.\n" %
-                                                    outport.get_remote_port())
+                    try:
+                        driver.ex_create_security_group_rule(sg, outport.get_protocol(),
+                                                             outport.get_remote_port(),
+                                                             outport.get_remote_port(),
+                                                             outport.get_remote_cidr())
+                    except Exception as ex:
+                        self.log_warn("Exception adding SG rules: %s" % get_ex_error(ex))
+                        self.error_messages += ("Exception adding port %s to SG rules.\n" %
+                                                outport.get_remote_port())
 
         return res
 

diff --git a/IM/tosca/Tosca.py b/IM/tosca/Tosca.py
@@ -347,11 +347,11 @@ def _format_outports(ports_dict):
         for port in ports_dict.values():
             protocol = "tcp"
             source_range = None
-            remote_cidr = None
+            remote_cidr = ""
             if "protocol" in port:
                 protocol = port["protocol"]
             if "remote_cidr" in port:
-                remote_cidr = port["remote_cidr"]
+                remote_cidr = "%s-" % port["remote_cidr"]
             if "source_range" in port:
                 source_range = port["source_range"]
             else:
@@ -368,14 +368,11 @@ def _format_outports(ports_dict):
             if source_range:
                 if res:
                     res += ","
-                res += "%s:%s/%s" % (source_range[0], source_range[1], protocol)
+                res += "%s%s:%s/%s" % (remote_cidr, source_range[0], source_range[1], protocol)
             else:
                 if res:
                     res += ","
-                res += "%s/%s-%s/%s" % (remote_port, protocol, local_port, protocol)
-
-            if remote_cidr:
-                res = "%s-%s" % (remote_cidr, res)
+                res += "%s%s/%s-%s/%s" % (remote_cidr, remote_port, protocol, local_port, protocol)
 
         return res
 

diff --git a/test/files/tosca_long.yml b/test/files/tosca_long.yml
@@ -158,6 +158,11 @@ topology_template:
               http_port:
                 protocol: tcp
                 source: 10000
+                remote_cidr: 0.0.0.0/0 
+              other_port:
+                protocol: tcp
+                source: 80
+                remote_cidr: 8.0.0.0/24
         scalable:
           properties:
             count: 1

diff --git a/test/unit/Tosca.py b/test/unit/Tosca.py
@@ -70,7 +70,8 @@ def test_tosca_to_radl(self):
             self.assertIn('80/tcp-80/tcp', net1.getValue("outports"))
             self.assertIn('8080/tcp-8080/tcp', net1.getValue("outports"))
 
-        self.assertIn('10000/tcp-10000/tcp', net2.getValue("outports"))
+        self.assertIn('0.0.0.0/0-10000/tcp-10000/tcp', net2.getValue("outports"))
+        self.assertIn('8.0.0.0/24-80/tcp-80/tcp', net2.getValue("outports"))
 
         lrms_wn = radl.get_system_by_name('lrms_wn')
         self.assertEqual(lrms_wn.getValue('memory.size'), 2000000000)

diff --git a/test/unit/connectors/OpenStack.py b/test/unit/connectors/OpenStack.py
@@ -270,6 +270,7 @@ def test_20_launch(self, get_image_data, save_data, get_driver):
         ]
         self.assertEqual(driver.create_node.call_args_list[0][1]['ex_blockdevicemappings'], mappings)
         self.assertEqual(driver.ex_create_subnet.call_args_list[0][0][2], "10.0.1.0/24")
+        self.assertEqual(driver.ex_create_security_group_rule.call_args_list[8][0][1:], ('tcp', 22, 22, '0.0.0.0/0'))
 
         # test with proxy auth data
         auth = Authentication([{'id': 'ost', 'type': 'OpenStack', 'proxy': 'proxy',