From 82f45d9bd203aee77914c1f9e300f7dbedf673c8 Mon Sep 17 00:00:00 2001
From: Daniel Speichert <daniel@speichert.pl>
Date: Sun, 15 Oct 2017 16:35:37 -0400
Subject: Allow creating security rules without protocol

In order to create a rule for any protocol, the client
must not specify the protocol in the API call. This
is currently impossible because protocol defaults to TCP.

In order not to change the default behavior, a "new" protocol
name is added: "any", which makes this CLI skip sending the
protocol field altogether.

Change-Id: I58853d3745f3631007e5e9780c0c5c2526b730a3
Closes-Bug: 1712242
---
 openstackclient/network/v2/security_group_rule.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'openstackclient/network')

diff --git a/openstackclient/network/v2/security_group_rule.py b/openstackclient/network/v2/security_group_rule.py
index 06d46725..ca0e00b9 100644
--- a/openstackclient/network/v2/security_group_rule.py
+++ b/openstackclient/network/v2/security_group_rule.py
@@ -159,8 +159,8 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
             help=_("IP protocol (ah, dccp, egp, esp, gre, icmp, igmp, "
                    "ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, "
                    "ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, "
-                   "udp, udplite, vrrp and integer representations [0-255]; "
-                   "default: tcp)")
+                   "udp, udplite, vrrp and integer representations [0-255] "
+                   "or any; default: tcp)")
         )
         protocol_group.add_argument(
             '--proto',
@@ -230,6 +230,8 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
             protocol = parsed_args.protocol
         if parsed_args.proto is not None:
             protocol = parsed_args.proto
+        if protocol == 'any':
+            protocol = None
         return protocol
 
     def _is_ipv6_protocol(self, protocol):
@@ -237,7 +239,7 @@ class CreateSecurityGroupRule(common.NetworkAndComputeShowOne):
         # However, while the OSC CLI doesn't document the protocol,
         # the code must still handle it. In addition, handle both
         # protocol names and numbers.
-        if (protocol.startswith('ipv6-') or
+        if (protocol is not None and protocol.startswith('ipv6-') or
                 protocol in ['icmpv6', '41', '43', '44', '58', '59', '60']):
             return True
         else:
-- 
cgit v1.2.1