GET security group rule is missing description attribute

Bug #1945747 reported by Salvatore Orlando
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
New
Low
Unassigned

Bug Description

The description attribute is missed attribute in _make_security_group_rule_dict

Create sec group rule with desc

stack@bionic-template:~/devstack$ openstack security group rule create --description "test rule" --remote-ip 0.0.0.0/0 --ingress ff57f76f-93a0-4bf3-b538-c88df40fdc40
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2021-10-01T06:35:50Z |
| description | test rule |
| direction | ingress |
| ether_type | IPv4 |
| id | 389eb45e-58ac-471c-b966-a3c8784009f7 |
| location | cloud='', project.domain_id='default', project.domain_name=, project.id='f2527eb734c745eca32b1dfbd9107563', project.name='admin', region_name='RegionOne', zone= |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | f2527eb734c745eca32b1dfbd9107563 |
| protocol | None |
| remote_group_id | None |
| remote_ip_prefix | None |
| revision_number | 0 |
| security_group_id | ff57f76f-93a0-4bf3-b538-c88df40fdc40 |
| tags | [] |
| updated_at | 2021-10-01T06:35:50Z |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Example get (no description)

RESP BODY: {"security_group_rule": {"id": "389eb45e-58ac-471c-b966-a3c8784009f7", "tenant_id": "f2527eb734c745eca32b1dfbd9107563", "security_group_id": "ff57f76f-93a0-4bf3-b538-c88df40fdc40", "ethertype": "IPv4", "direction": "ingress", "protocol": null, "port_range_min": null, "port_range_max": null, "remote_ip_prefix": "0.0.0.0/0", "remote_group_id": null, "local_ip_prefix": null, "created_at": "2021-10-01T06:35:50Z", "updated_at": "2021-10-01T06:35:50Z", "revision_number": 0, "project_id": "f2527eb734c745eca32b1dfbd9107563"}}

Potential fix (patch applies to stable/ussuri, not master)

diff --git a/neutron/db/securitygroups_db.py b/neutron/db/securitygroups_db.py
index 28238358ae..0c848bbe38 100644
--- a/neutron/db/securitygroups_db.py
+++ b/neutron/db/securitygroups_db.py
@@ -655,6 +655,7 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase,

     def _make_security_group_rule_dict(self, security_group_rule, fields=None):
         res = {'id': security_group_rule['id'],
+ 'description': security_group_rule['description'],
                'tenant_id': security_group_rule['tenant_id'],
                'security_group_id': security_group_rule['security_group_id'],
                'ethertype': security_group_rule['ethertype'],

After patch description attribute is present

RESP BODY: {"security_group_rule": {"id": "389eb45e-58ac-471c-b966-a3c8784009f7", "description": "test rule", "tenant_id": "f2527eb734c745eca32b1dfbd9107563", "security_group_id": "ff57f76f-93a0-4bf3-b538-c88df40fdc40", "ethertype": "IPv4", "direction": "ingress", "protocol": null, "port_range_min": null, "port_range_max": null, "remote_ip_prefix": "0.0.0.0/0", "remote_group_id": null, "local_ip_prefix": null, "created_at": "2021-10-01T06:35:50Z", "updated_at": "2021-10-01T06:35:50Z", "revision_number": 0, "project_id": "f2527eb734c745eca32b1dfbd9107563"}}

Revision history for this message
Bence Romsics (bence-romsics) wrote :
Download full text (3.7 KiB)

Thank you for the bug report!

I believe on master this is fixed already:

$ project_id="$( openstack project show "$OS_PROJECT_NAME" | awk '/ id / { print $4 }' )"
$ default_sg_id="$( neutron security-group-list --tenant-id "$project_id" | awk '/ default / { print $2 }' )"
neutron CLI is deprecated and will be removed in the Z cycle. Use openstack CLI instead.
$ openstack security group rule create --description "test rule" --remote-ip 0.0.0.0/0 --ingress $default_sg_id +-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2021-10-01T12:44:31Z |
| description | test rule |
| direction | ingress |
| ether_type | IPv4 |
| id | 2025c3ff-7e5c-45df-9570-79c6a975d2fc |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 60ff14d073834c05b8f02d1d219977a0 |
| protocol | None |
| remote_address_group_id | None |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 1dc8dd93-9809-411d-882b-3577f68a52a1 |
| tags | [] |
| updated_at | 2021-10-01T12:44:31Z |
+-------------------------+--------------------------------------+
$ openstack security group rule show 2025c3ff-7e5c-45df-9570-79c6a975d2fc
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| created_at | 2021-10-01T12:44:31Z |
| description | test rule |
| direction | ingress |
| ether_type | IPv4 |
| id | 2025c3ff-7e5c-45df-9570-79c6a975d2fc |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 60ff14d073834c05b8f02d1d219977a0 |
| protocol | None |
| remote_address_group_id | None |
| remote_group_id | None ...

Read more...

Revision history for this message
Bence Romsics (bence-romsics) wrote :

I am marking this as duplicate. Let me know if you think differently. Also don't hesitate to propose a backport to stable/ussuri.

Revision history for this message
Salvatore Orlando (salvatore-orlando) wrote :

Many thanks for promptly looking at my bug report. This may be indeed a duplicate of https://bugs.launchpad.net/bugs/1904188.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.