Support remote-address-group in SG rules

Add support for using remote-address-group in security group rules. Change-Id: Ib1972244d484839943bc3cda07519a6c6d4b945a Implements: blueprint address-groups-in-sg-rules Depends-On: https://review.opendev.org/755644
author: Hang Yang <hangyang@verizonmedia.com> 2020-10-14 11:35:22 -0500
committer: Hang Yang <hangyang@verizonmedia.com> 2021-01-12 10:55:24 -0600
commit: e01e59caeb56cb7bf4f38403b82d0a265b163098 (patch)
tree: 515555cca02a4fa22a10e50be9e445145238e66c /openstackclient/network
parent: d6646d714b959d350b976defef00547c4da8d320 (diff)
download: python-openstackclient-e01e59caeb56cb7bf4f38403b82d0a265b163098.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/openstackclient/network/v2/security_group_rule.py b/openstackclient/network/v2/security_group_rule.py
index a7703933..17241ed2 100644
--- a/openstackclient/network/v2/security_group_rule.py
+++ b/openstackclient/network/v2/security_group_rule.py
@@ -126,6 +126,12 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
             metavar="<group>",
             help=_("Remote security group (name or ID)"),
         )
+        if self.is_neutron:
+            remote_group.add_argument(
+                "--remote-address-group",
+                metavar="<group>",
+                help=_("Remote address group (name or ID)"),
+            )
 
         # NOTE(efried): The --dst-port, --protocol, and --proto options exist
         # for both nova-network and neutron, but differ slightly. For the sake
@@ -328,6 +334,11 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
                 parsed_args.remote_group,
                 ignore_missing=False
             ).id
+        elif parsed_args.remote_address_group is not None:
+            attrs['remote_address_group_id'] = client.find_address_group(
+                parsed_args.remote_address_group,
+                ignore_missing=False
+            ).id
         elif parsed_args.remote_ip is not None:
             attrs['remote_ip_prefix'] = parsed_args.remote_ip
         elif attrs['ethertype'] == 'IPv4':
@@ -507,6 +518,8 @@ class ListSecurityGroupRule(common.NetworkAndComputeLister):
             'Direction',
             'Remote Security Group',
         )
+        if self.is_neutron:
+            column_headers = column_headers + ('Remote Address Group',)
         if parsed_args.group is None:
             column_headers = column_headers + ('Security Group',)
         return column_headers
@@ -526,6 +539,7 @@ class ListSecurityGroupRule(common.NetworkAndComputeLister):
             'port_range',
             'direction',
             'remote_group_id',
+            'remote_address_group_id',
         )
 
         # Get the security group rules using the requested query.
author	Hang Yang <hangyang@verizonmedia.com>	2020-10-14 11:35:22 -0500
committer	Hang Yang <hangyang@verizonmedia.com>	2021-01-12 10:55:24 -0600
commit	e01e59caeb56cb7bf4f38403b82d0a265b163098 (patch)
tree	515555cca02a4fa22a10e50be9e445145238e66c /openstackclient/network
parent	d6646d714b959d350b976defef00547c4da8d320 (diff)
download	python-openstackclient-e01e59caeb56cb7bf4f38403b82d0a265b163098.tar.gz