commit 85f47edbcf66aaf3a289dc3ae76191adce91018f
author Rico Lin <rlin@vexxhost.com> Tue Aug 20 22:14:52 2024 +0800
committer GitHub <noreply@github.com> Tue Aug 20 14:14:52 2024 +0000
tree dbd940651b20bb4a3bee75b243bea0e8b64cfbc9
parent 4a86b140d5510823a8fb8a59137feddf5b111b26

fix: fix update port process (#2)

fix format for get objects call
pass check when port not found
Add info. logs.

Reviewed-by: Rico Lin <ricolin@ricolky.com>

neutron_policy_server/tests/test_neutron_address_pair.py

diff --git a/neutron_policy_server/tests/test_neutron_address_pair.py b/neutron_policy_server/tests/test_neutron_address_pair.py
index 80c734c..99f49c0 100644
--- a/neutron_policy_server/tests/test_neutron_address_pair.py
+++ b/neutron_policy_server/tests/test_neutron_address_pair.py
@@ -137,7 +137,14 @@
             "/port-delete", json=self.delete_port_json
         )  # pylint: disable=E1101
         self.assertEqual(
-            b"Address pairs dependency found for this port.", response.data
+            bytes(
+                (
+                    "Address pairs dependency found for port: "
+                    f"{self.port['port']['id']}"
+                ),
+                "utf-8",
+            ),
+            response.data,
         )
         self.assertEqual(403, response.status_code)
 
@@ -159,15 +166,22 @@
         response = self.client.post(
             "/port-update", json=self.update_port_not_exist
         )  # pylint: disable=E1101
-        self.assertEqual(b"No match port found.", response.data)
-        self.assertEqual(403, response.status_code)
+        self.assertEqual(b"True", response.data)
+        self.assertEqual(200, response.status_code)
 
     def test_port_update_fail(self):
         response = self.client.post(
             "/port-update", json=self.update_port
         )  # pylint: disable=E1101
         self.assertEqual(
-            b"Address pairs dependency found for this port.", response.data
+            bytes(
+                (
+                    "Address pairs dependency found for port: "
+                    f"{self.port['port']['id']}"
+                ),
+                "utf-8",
+            ),
+            response.data,
         )
         self.assertEqual(403, response.status_code)
 

neutron_policy_server/wsgi.py

diff --git a/neutron_policy_server/wsgi.py b/neutron_policy_server/wsgi.py
index 4ac5256..0e2561c 100644
--- a/neutron_policy_server/wsgi.py
+++ b/neutron_policy_server/wsgi.py
@@ -11,11 +11,14 @@
 from neutron.objects.port.extensions import allowedaddresspairs as aap_obj
 from neutron_lib import context
 from neutron_lib.db import api as db_api
+from oslo_log import log as logging
 
 config.register_common_config_options()
 config.init(sys.argv[1:])
 config.setup_logging()
 
+LOG = logging.getLogger(__name__)
+
 app = Flask(__name__)
 
 
@@ -80,12 +83,24 @@
         and ("mac_address" not in g.target["attributes_to_update"])
         and ("fixed_ips" not in g.target["attributes_to_update"])
     ):
+        LOG.info(
+            "No mac_address or fixed_ips in update targets for port "
+            f"{g.target['id']}, skip check."
+        )
         return Response("True", status=200, mimetype="text/plain")
 
     with db_api.CONTEXT_READER.using(g.ctx):
-        ports = port_obj.Port.get_objects(g.ctx, id=g.target["id"])
+        ports = port_obj.Port.get_objects(g.ctx, id=[g.target["id"]])
         if len(ports) == 0:
-            return Response("No match port found.", status=403, mimetype="text/plain")
+            # Note(ricolin): This happens with ports that are not well defined
+            # and missing context factors like project_id.
+            # Which port usually created by services and design for internal
+            # uses. We can skip this check and avoid blocking services.
+            LOG.info(
+                f"Can't fetch port {g.target['id']} with current "
+                "context, skip this check."
+            )
+            return Response("True", status=200, mimetype="text/plain")
 
         fixed_ips = [str(fixed_ip["ip_address"]) for fixed_ip in ports[0].fixed_ips]
 
@@ -102,11 +117,11 @@
         for db_obj in query.all()
     ]
     if len(pairs) > 0:
-        return Response(
-            "Address pairs dependency found for this port.",
-            status=403,
-            mimetype="text/plain",
-        )
+        msg = f"Address pairs dependency found for port: {g.target['id']}"
+        LOG.info(msg)
+        return Response(msg, status=403, mimetype="text/plain")
+
+    LOG.info(f"Update check passed for port: {g.target['id']}")
     return Response("True", status=200, mimetype="text/plain")
 
 
@@ -130,18 +145,18 @@
         for db_obj in query.all()
     ]
     if len(pairs) > 0:
-        return Response(
-            "Address pairs dependency found for this port.",
-            status=403,
-            mimetype="text/plain",
-        )
+        msg = f"Address pairs dependency found for port: {g.target['id']}"
+        LOG.info(msg)
+        return Response(msg, status=403, mimetype="text/plain")
+
+    LOG.info(f"Delete check passed for port: {g.target['id']}")
     return Response("True", status=200, mimetype="text/plain")
 
 
 @app.route("/health", methods=["GET"])
 def health_check():
     with db_api.CONTEXT_READER.using(g.ctx):
-        port_obj.Port.get_objects(g.ctx, id="neutron_policy_server_health_check")
+        port_obj.Port.get_objects(g.ctx, id=["neutron_policy_server_health_check"])
         return Response(status=200)