Skip to content

Commit 2bd498d

Browse files
fraugabelfraugabel
committed
refracturing
Signed-off-by: Katharina Trentau <[email protected]>
1 parent 5276cab commit 2bd498d

File tree

1 file changed

+5
-110
lines changed

1 file changed

+5
-110
lines changed

Tests/iaas/security-groups/default-security-group-rules.py

Lines changed: 5 additions & 110 deletions
Original file line numberDiff line numberDiff line change
@@ -31,25 +31,23 @@ def count_ingress_egress(rules, short=False):
3131
# count all overall ingress rules and egress rules.
3232
ingress_rules = 0
3333
egress_rules = 0
34-
if short:
35-
print("short")
36-
egress_ipv4 = 0
37-
egress_ipv6 = 0
38-
else:
34+
if not short:
3935
print("not short")
4036
ingress_from_same_sg = 0
4137
egress_ipv4_default_sg = 0
4238
egress_ipv4_custom_sg = 0
4339
egress_ipv6_default_sg = 0
4440
egress_ipv6_custom_sg = 0
45-
print("43_success")
41+
else:
42+
print("short")
43+
egress_ipv4 = 0
44+
egress_ipv6 = 0
4645
if not rules:
4746
print("No default security group rules defined.")
4847
else:
4948
for rule in rules:
5049
direction = rule["direction"]
5150
ethertype = rule["ethertype"]
52-
print("50_success")
5351
if not short:
5452
r_custom_sg = rule["used_in_non_default_sg"]
5553
r_default_sg = rule["used_in_default_sg"]
@@ -125,7 +123,6 @@ def count_ingress_egress(rules, short=False):
125123
"Expected rules for egress for IPv4 and IPv6 "
126124
"both for default and custom security groups."
127125
)
128-
print("done")
129126
return ingress_rules, egress_rules
130127

131128

@@ -141,69 +138,6 @@ def test_rules(cloud_name: str):
141138
f"Please check your cloud connection and authorization."
142139
)
143140

144-
# # count all overall ingress rules and egress rules.
145-
# ingress_rules = 0
146-
# ingress_from_same_sg = 0
147-
# egress_rules = 0
148-
# egress_ipv4_default_sg = 0
149-
# egress_ipv4_custom_sg = 0
150-
# egress_ipv6_default_sg = 0
151-
# egress_ipv6_custom_sg = 0
152-
# if not rules:
153-
# print("No default security group rules defined.")
154-
# else:
155-
# for rule in rules:
156-
# direction = rule["direction"]
157-
# ethertype = rule["ethertype"]
158-
# r_custom_sg = rule["used_in_non_default_sg"]
159-
# r_default_sg = rule["used_in_default_sg"]
160-
# if direction == "ingress":
161-
# ingress_rules += 1
162-
# # we allow ingress from the same security group
163-
# # but only for the default security group
164-
# r_group_id = rule.remote_group_id
165-
# if r_group_id == "PARENT" and not r_custom_sg:
166-
# ingress_from_same_sg += 1
167-
# elif direction == "egress" and ethertype == "IPv4":
168-
# egress_rules += 1
169-
# if rule.remote_ip_prefix:
170-
# # this rule does not allow traffic to all external ips
171-
# continue
172-
# if r_custom_sg:
173-
# egress_ipv4_custom_sg += 1
174-
# if r_default_sg:
175-
# egress_ipv4_default_sg += 1
176-
# elif direction == "egress" and ethertype == "IPv6":
177-
# egress_rules += 1
178-
# if rule.remote_ip_prefix:
179-
# # this rule does not allow traffic to all external ips
180-
# continue
181-
# if r_custom_sg:
182-
# egress_ipv6_custom_sg += 1
183-
# if r_default_sg:
184-
# egress_ipv6_default_sg += 1
185-
186-
# test whether there are no other than the allowed ingress rules
187-
# assert ingress_rules == ingress_from_same_sg, (
188-
# f"Expected only ingress rules for default security groups, "
189-
# f"that allow ingress traffic from the same group. "
190-
# f"But there are more - in total {ingress_rules} ingress rules. "
191-
# f"There should be only {ingress_from_same_sg} ingress rules."
192-
# )
193-
# assert (
194-
# egress_rules > 0
195-
# ), f"Expected to have more than {egress_rules} egress rules present."
196-
# var_list = [
197-
# egress_ipv4_default_sg,
198-
# egress_ipv4_custom_sg,
199-
# egress_ipv6_default_sg,
200-
# egress_ipv6_custom_sg,
201-
# ]
202-
# assert all([var > 0 for var in var_list]), (
203-
# "Not all expected egress rules are present. "
204-
# "Expected rules for egress for IPv4 and IPv6 "
205-
# "both for default and custom security groups."
206-
# )
207141
ingress_rules, egress_rules = count_ingress_egress(rules)
208142
result_dict = {"Ingress Rules": ingress_rules, "Egress Rules": egress_rules}
209143
return result_dict
@@ -250,45 +184,6 @@ def altern_test_rules(cloud_name: str):
250184
except Exception:
251185
print("Security group was not created successfully.")
252186

253-
# # count all overall ingress rules and egress rules.
254-
# ingress_rules = 0
255-
# egress_rules = 0
256-
# egress_ipv4 = 0
257-
# egress_ipv6 = 0
258-
# if not rules:
259-
# print("No default security group rules defined.")
260-
# else:
261-
# for rule in rules.security_group_rules:
262-
# direction = rule["direction"]
263-
# ethertype = rule["ethertype"]
264-
# if direction == "ingress":
265-
# ingress_rules += 1
266-
# elif direction == "egress" and ethertype == "IPv4":
267-
# egress_rules += 1
268-
# egress_ipv4 += 1
269-
# elif direction == "egress" and ethertype == "IPv6":
270-
# egress_rules += 1
271-
# egress_ipv6 += 1
272-
273-
# # test whether there are no ingress rules
274-
# assert ingress_rules == 0, (
275-
# f"Expected no default ingress rules for security groups, "
276-
# f"But there are {ingress_rules} ingress rules. "
277-
# f"There should be only none."
278-
# )
279-
# assert (
280-
# egress_rules > 0
281-
# ), f"Expected to have more than {egress_rules} egress rules present."
282-
# var_list = [
283-
# egress_ipv4,
284-
# egress_ipv6,
285-
# ]
286-
# assert all([var > 0 for var in var_list]), (
287-
# "Not all expected egress rules are present. "
288-
# "Expected rules for egress for IPv4 and IPv6 "
289-
# "both for default and custom security groups."
290-
# )
291-
292187
ingress_rules, egress_rules = count_ingress_egress(rules.security_group_rules, True)
293188
delete_security_group(connection, sg_id)
294189

0 commit comments

Comments
 (0)