2 # ============LICENSE_START=======================================================
3 # org.onap.vvp/validation-scripts
4 # ===================================================================
5 # Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 # ===================================================================
8 # Unless otherwise specified, all software contained herein is licensed
9 # under the Apache License, Version 2.0 (the “License”);
10 # you may not use this software except in compliance with the License.
11 # You may obtain a copy of the License at
13 # http://www.apache.org/licenses/LICENSE-2.0
15 # Unless required by applicable law or agreed to in writing, software
16 # distributed under the License is distributed on an "AS IS" BASIS,
17 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 # See the License for the specific language governing permissions and
19 # limitations under the License.
23 # Unless otherwise specified, all documentation contained herein is licensed
24 # under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
25 # you may not use this documentation except in compliance with the License.
26 # You may obtain a copy of the License at
28 # https://creativecommons.org/licenses/by/4.0/
30 # Unless required by applicable law or agreed to in writing, documentation
31 # distributed under the License is distributed on an "AS IS" BASIS,
32 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 # See the License for the specific language governing permissions and
34 # limitations under the License.
36 # ============LICENSE_END============================================
38 # ECOMP is a trademark and service mark of AT&T Intellectual Property.
43 from .utils.network_roles import get_network_role_from_port,\
44 property_uses_get_resource
48 def test_allowed_address_pairs_format(heat_template):
50 Make sure all allowed_address_pairs properties follow the allowed
54 ["allowed_address_pairs", "string", "internal",
55 re.compile(r'(.+?)_int_(.+?)_floating_v6_ip')],
56 ["allowed_address_pairs", "string", "internal",
57 re.compile(r'(.+?)_int_(.+?)_floating_ip')],
58 ["allowed_address_pairs", "string", "external",
59 re.compile(r'(.+?)_floating_v6_ip')],
60 ["allowed_address_pairs", "string", "external",
61 re.compile(r'(.+?)_floating_ip')],
62 ["allowed_address_pairs", "string", "internal",
63 re.compile(r'(.+?)_int_(.+?)_v6_ip_\d+')],
64 ["allowed_address_pairs", "string", "internal",
65 re.compile(r'(.+?)_int_(.+?)_ip_\d+')],
66 ["allowed_address_pairs", "string", "external",
67 re.compile(r'(.+?)_v6_ip_\d+')],
68 ["allowed_address_pairs", "string", "external",
69 re.compile(r'(.+?)_ip_\d+')],
70 ["allowed_address_pairs", "comma_delimited_list",
71 "internal", re.compile(r'(.+?)_int_(.+?)_v6_ips')],
72 ["allowed_address_pairs", "comma_delimited_list",
73 "internal", re.compile(r'(.+?)_int_(.+?)_ips')],
74 ["allowed_address_pairs", "comma_delimited_list",
75 "external", re.compile(r'(.+?)_v6_ips')],
76 ["allowed_address_pairs", "comma_delimited_list",
77 "external", re.compile(r'(.+?)_ips')],
80 with open(heat_template) as fh:
83 # skip if resources are not defined
84 if "resources" not in yml:
85 pytest.skip("No resources specified in the heat template")
87 # check both valid and invalid patterns to catch edge cases
88 invalid_allowed_address_pairs = []
90 for v1 in yml["resources"].values():
91 if not isinstance(v1, dict):
93 if "properties" not in v1:
95 if v1.get("type") != "OS::Neutron::Port":
97 if property_uses_get_resource(v1, "network"):
99 network_role = get_network_role_from_port(v1)
101 for k2, v2 in v1["properties"].items():
102 if k2 != "allowed_address_pairs":
105 if "ip_address" not in v3:
107 if "get_param" not in v3["ip_address"]:
110 valid_allowed_address_pair = False
111 for v4 in allowed_formats:
112 param = v3["ip_address"]["get_param"]
113 if isinstance(param, list):
116 # check if pattern matches
117 m = v4[3].match(param)
119 if v4[2] == "internal" and\
120 len(m.groups()) > 1 and\
121 m.group(2) == network_role:
122 valid_allowed_address_pair = True
124 elif v4[2] == "external" and\
125 len(m.groups()) > 0 and\
126 m.group(1).endswith("_" + network_role):
127 valid_allowed_address_pair = True
130 if not valid_allowed_address_pair:
131 invalid_allowed_address_pairs.append(param)
133 assert not set(invalid_allowed_address_pairs)