Not appropriate name sg rule attribute

For ingress rules set ip-prefix means src-ip- prefix, but for egress rules set ip-prefix means dst-ip-prefix. It is not appropriate to name src-ip directly. So as to src-group. Change-Id: I03fd0e14e470e7272930ac2651e73263b83bd4e1 Closes-bug: #1637365
author: judy-yu <yujie@cmss.chinamobile.com> 2016-11-04 17:23:46 +0800
committer: judy-yu <yujie@cmss.chinamobile.com> 2016-11-04 17:23:46 +0800
commit: 3a915b5b5fc8f7f5dc2618eeedbef7517f1557c3 (patch)
tree: fb6a168aaa279b56ea0568e17615ad1c5cb286bf /openstackclient/network
parent: 970b0e00053f81a313c18cc9b50bf964aa86fc20 (diff)
download: python-openstackclient-3a915b5b5fc8f7f5dc2618eeedbef7517f1557c3.tar.gz
1 files changed, 38 insertions, 16 deletions
diff --git a/openstackclient/network/v2/security_group_rule.py b/openstackclient/network/v2/security_group_rule.py
index e3be44ec..49435db6 100644
--- a/openstackclient/network/v2/security_group_rule.py
+++ b/openstackclient/network/v2/security_group_rule.py
@@ -94,14 +94,31 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
             metavar='<group>',
             help=_("Create rule in this security group (name or ID)")
         )
-        source_group = parser.add_mutually_exclusive_group()
-        source_group.add_argument(
+        # NOTE(yujie): Support either remote-ip option name for now.
+        # However, consider deprecating and then removing --src-ip in
+        # a future release.
+        remote_group = parser.add_mutually_exclusive_group()
+        remote_group.add_argument(
+            "--remote-ip",
+            metavar="<ip-address>",
+            help=_("Remote IP address block (may use CIDR notation; "
+                   "default for IPv4 rule: 0.0.0.0/0)")
+        )
+        remote_group.add_argument(
             "--src-ip",
             metavar="<ip-address>",
             help=_("Source IP address block (may use CIDR notation; "
                    "default for IPv4 rule: 0.0.0.0/0)")
         )
-        source_group.add_argument(
+        # NOTE(yujie): Support either remote-group option name for now.
+        # However, consider deprecating and then removing --src-group in
+        # a future release.
+        remote_group.add_argument(
+            "--remote-group",
+            metavar="<group>",
+            help=_("Remote security group (name or ID)")
+        )
+        remote_group.add_argument(
             "--src-group",
             metavar="<group>",
             help=_("Source security group (name or ID)")
@@ -277,13 +294,16 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
         if parsed_args.icmp_code:
             attrs['port_range_max'] = parsed_args.icmp_code
 
-        if parsed_args.src_group is not None:
+        if not (parsed_args.remote_group is None and
+                parsed_args.src_group is None):
             attrs['remote_group_id'] = client.find_security_group(
-                parsed_args.src_group,
+                parsed_args.remote_group or parsed_args.src_group,
                 ignore_missing=False
             ).id
-        elif parsed_args.src_ip is not None:
-            attrs['remote_ip_prefix'] = parsed_args.src_ip
+        elif not (parsed_args.remote_ip is None and
+                  parsed_args.src_ip is None):
+            attrs['remote_ip_prefix'] = (parsed_args.remote_ip or
+                                         parsed_args.src_ip)
         elif attrs['ethertype'] == 'IPv4':
             attrs['remote_ip_prefix'] = '0.0.0.0/0'
         attrs['security_group_id'] = security_group_id
@@ -312,23 +332,25 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
             from_port, to_port = -1, -1
         else:
             from_port, to_port = parsed_args.dst_port
-        src_ip = None
-        if parsed_args.src_group is not None:
-            parsed_args.src_group = utils.find_resource(
+        remote_ip = None
+        if not (parsed_args.remote_group is None and
+                parsed_args.src_group is None):
+            parsed_args.remote_group = utils.find_resource(
                 client.security_groups,
-                parsed_args.src_group,
+                parsed_args.remote_group or parsed_args.src_group,
             ).id
-        if parsed_args.src_ip is not None:
-            src_ip = parsed_args.src_ip
+        if not (parsed_args.remote_ip is None and
+                parsed_args.src_ip is None):
+            remote_ip = parsed_args.remote_ip or parsed_args.src_ip
         else:
-            src_ip = '0.0.0.0/0'
+            remote_ip = '0.0.0.0/0'
         obj = client.security_group_rules.create(
             group.id,
             protocol,
             from_port,
             to_port,
-            src_ip,
-            parsed_args.src_group,
+            remote_ip,
+            parsed_args.remote_group,
         )
         return _format_security_group_rule_show(obj._info)
author	judy-yu <yujie@cmss.chinamobile.com>	2016-11-04 17:23:46 +0800
committer	judy-yu <yujie@cmss.chinamobile.com>	2016-11-04 17:23:46 +0800
commit	3a915b5b5fc8f7f5dc2618eeedbef7517f1557c3 (patch)
tree	fb6a168aaa279b56ea0568e17615ad1c5cb286bf /openstackclient/network
parent	970b0e00053f81a313c18cc9b50bf964aa86fc20 (diff)
download	python-openstackclient-3a915b5b5fc8f7f5dc2618eeedbef7517f1557c3.tar.gz