openstack security group rule create --protocol None test fails

Bug #1712540 reported by Valery Tschopp
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
python-openstackclient
In Progress
High
jython

Bug Description

It is not possible to create a security group rule for any protocol.

The command 'openstack security group rule create --protocol None test' fails:

  $ openstack security group rule create --protocol None test
  Error while executing command: Bad Request (HTTP 400) (Request-ID: req-02d41256-c224-4e0b-9ed2-be35c3c3054a)

openstack --version: 3.11.0

Debug output is attached.

Revision history for this message
Valery Tschopp (valery-tschopp) wrote :
Revision history for this message
Simon Leinen (simon-leinen) wrote :

Yes, this seems to be a regression. In the old client you could say "neutron security-group-rule-create" without a "--protocol" option, and you'd get a protocol-agnostic rule. But in the new client ("openstack security group rule create"), "--protocol" defaults to "TCP".

It is important to be able to easily restore a protocol-agnostic security group rule, for example when users remove rules from their instance of the "default" Security Group and later want to restore them (or have the operator restore them).

Revision history for this message
Akihiro Motoki (amotoki) wrote :

"openstack security group rule create" is provided by not python-neutronclient but python-openstackclient, so I changed the affected project.

affects: python-neutronclient → python-openstackclient
Revision history for this message
Akihiro Motoki (amotoki) wrote :

Yeah, this is completely a regression and misimpletation of neutron security group.

--no-protocol option looks like the way to follow OSC command option convention to allow users to leave *protocol* unspecified.

Changed in python-openstackclient:
status: New → Confirmed
importance: Undecided → High
assignee: nobody → Akihiro Motoki (amotoki)
jython (jython)
Changed in python-openstackclient:
assignee: Akihiro Motoki (amotoki) → jython (jython)
status: Confirmed → In Progress
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.