Move FWAAS object prefixes into const module

This prevents cyclic imports as the prefix is needed in the orphan check, but also needed when creating the object through one of the higher level l3 classes.
sapcc · Jan 30, 2024 · 4feb9f1 · 4feb9f1
1 parent 9afd175
commit 4feb9f1
Show file tree

Hide file tree

Showing 6 changed files with 35 additions and 22 deletions.
diff --git a/asr1k_neutron_l3/common/asr1k_constants.py b/asr1k_neutron_l3/common/asr1k_constants.py
@@ -37,3 +37,14 @@
 
 TAG_DEFAULT_ROUTE_OVERWRITE = 'custom-default-route'
 TAG_SKIP_MONITORING = 'skip-monitoring'
+
+
+FWAAS_ACL_PREFIX = "ACL-FWAAS-"
+FWAAS_CLASS_MAP_PREFIX = "CM-FWAAS-"
+FWAAS_SERVICE_POLICY_PREFIX = "SP-FWAAS-"
+FWAAS_ZONE_PREFIX = 'ZN-FWAAS-'
+FWAAS_ZONE_PAIR_PREFIX = 'ZP-FWAAS-'
+FWAAS_ZONE_PAIR_EXT_EGRESS_PREFIX = FWAAS_ZONE_PAIR_PREFIX + 'EXT-EGRESS-'
+FWAAS_ZONE_PAIR_EXT_INGRESS_PREFIX = FWAAS_ZONE_PAIR_PREFIX + 'EXT-INGRESS-'
+FWAAS_DEFAULT_PARAMETER_MAP = "PAM-FWAAS-POLICE-VRF"
+FWAAS_DEFAULT_ALLOW_INSPECT_POLICY = FWAAS_SERVICE_POLICY_PREFIX + "ALLOW-INSPECT"
diff --git a/asr1k_neutron_l3/models/netconf_yang/class_map.py b/asr1k_neutron_l3/models/netconf_yang/class_map.py
@@ -17,7 +17,7 @@
 from collections import OrderedDict
 
 from asr1k_neutron_l3.common import utils
-import asr1k_neutron_l3.models.neutron.l3.firewall as fw
+from asr1k_neutron_l3.common.asr1k_constants import FWAAS_CLASS_MAP_PREFIX
 from asr1k_neutron_l3.models.netconf_yang import xml_utils
 from asr1k_neutron_l3.models.netconf_yang.ny_base import NyBase
 
@@ -69,8 +69,8 @@ def __parameters__(cls):
 
     @property
     def policy_id(self):
-        if self.id.startswith(fw.ClassMap.PREFIX):
-            uuid = self.id.lstrip(fw.ClassMap.PREFIX)
+        if self.id.startswith(FWAAS_CLASS_MAP_PREFIX):
+            uuid = self.id.lstrip(FWAAS_CLASS_MAP_PREFIX)
             if utils.is_valid_uuid(uuid):
                 return uuid
 

diff --git a/asr1k_neutron_l3/models/netconf_yang/service_policy.py b/asr1k_neutron_l3/models/netconf_yang/service_policy.py
@@ -16,8 +16,8 @@
 
 from collections import OrderedDict
 
+from asr1k_neutron_l3.common.asr1k_constants import FWAAS_SERVICE_POLICY_PREFIX
 from asr1k_neutron_l3.common import utils
-import asr1k_neutron_l3.models.neutron.l3.firewall as fw
 from asr1k_neutron_l3.models.netconf_yang import xml_utils
 from asr1k_neutron_l3.models.netconf_yang.ny_base import NyBase, YANG_TYPE, NC_OPERATION
 
@@ -64,8 +64,8 @@ def __parameters__(cls):
 
     @property
     def policy_id(self):
-        if self.id.startswith(fw.ServicePolicy.PREFIX):
-            uuid = self.id.lstrip(fw.ServicePolicy.PREFIX)
+        if self.id.startswith(FWAAS_SERVICE_POLICY_PREFIX):
+            uuid = self.id.lstrip(FWAAS_SERVICE_POLICY_PREFIX)
             if utils.is_valid_uuid(uuid):
                 return uuid
 

diff --git a/asr1k_neutron_l3/models/netconf_yang/zone.py b/asr1k_neutron_l3/models/netconf_yang/zone.py
@@ -16,7 +16,7 @@
 
 from collections import OrderedDict
 
-import asr1k_neutron_l3.models.neutron.l3.firewall as fw
+from asr1k_neutron_l3.common.asr1k_constants import FWAAS_ZONE_PREFIX
 from asr1k_neutron_l3.models.netconf_yang.ny_base import NyBase
 from asr1k_neutron_l3.common import utils
 from asr1k_neutron_l3.models.netconf_yang import xml_utils
@@ -59,8 +59,8 @@ def __parameters__(cls):
 
     @property
     def neutron_router_id(self):
-        if self.id is not None and self.id.startswith(fw.Zone.PREFIX):
-            return utils.vrf_id_to_uuid(self.id.lstrip(fw.Zone.PREFIX))
+        if self.id is not None and self.id.startswith(FWAAS_ZONE_PREFIX):
+            return utils.vrf_id_to_uuid(self.id.lstrip(FWAAS_ZONE_PREFIX))
 
     def is_orphan(self, all_fwaas_router_ids, *args, **kwargs):
         if self.neutron_router_id:

diff --git a/asr1k_neutron_l3/models/netconf_yang/zone_pair.py b/asr1k_neutron_l3/models/netconf_yang/zone_pair.py
@@ -16,7 +16,8 @@
 
 from collections import OrderedDict
 
-import asr1k_neutron_l3.models.neutron.l3.firewall as fw
+from asr1k_neutron_l3.common.asr1k_constants import \
+    FWAAS_ZONE_PAIR_EXT_INGRESS_PREFIX, FWAAS_ZONE_PAIR_EXT_EGRESS_PREFIX
 from asr1k_neutron_l3.models.netconf_yang.ny_base import NyBase
 from asr1k_neutron_l3.common import utils
 from asr1k_neutron_l3.models.netconf_yang import xml_utils
@@ -70,7 +71,7 @@ def __parameters__(cls):
     @property
     def neutron_router_id(self):
         if self.id is not None:
-            for prefix in (fw.ZonePairExtEgress.PREFIX, fw.ZonePairExtIngress.PREFIX):
+            for prefix in (FWAAS_ZONE_PAIR_EXT_EGRESS_PREFIX, FWAAS_ZONE_PAIR_EXT_EGRESS_PREFIX):
                 if self.id.startswith(prefix):
                     return utils.vrf_id_to_uuid(self.id.lstrip(prefix))
 

diff --git a/asr1k_neutron_l3/models/neutron/l3/firewall.py b/asr1k_neutron_l3/models/neutron/l3/firewall.py
@@ -1,4 +1,4 @@
-# Copyright 2021 SAP SE
+2# Copyright 2021 SAP SE
 #
 # All Rights Reserved.
 #
@@ -20,6 +20,7 @@
 from oslo_log import log as logging
 
 from asr1k_neutron_l3.common import utils
+from asr1k_neutron_l3.common import asr1k_constants as const
 from asr1k_neutron_l3.models.neutron.l3 import base
 from asr1k_neutron_l3.models.neutron.l3 import access_list
 from asr1k_neutron_l3.models.netconf_yang.class_map import ClassMap as ncClassMap
@@ -51,7 +52,7 @@ def __init__(self, policy_id: str):
 
 class AccessList(access_list.AccessList, FirewallPolicyObject):
 
-    PREFIX = "ACL-FWAAS-"
+    PREFIX = const.FWAAS_ACL_PREFIX
     ACTIONS = {
             'allow': 'permit',
             'deny': 'deny',
@@ -97,7 +98,7 @@ def __init__(self, policy_id: str, rules: List[dict]):
 
 
 class ClassMap(FirewallPolicyObject):
-    PREFIX = "CM-FWAAS-"
+    PREFIX = const.FWAAS_CLASS_MAP_PREFIX
 
     @property
     def _rest_definition(self):
@@ -112,7 +113,7 @@ def update(self):
 
 
 class ServicePolicy(FirewallPolicyObject):
-    PREFIX = "SP-FWAAS-"
+    PREFIX = const.FWAAS_SERVICE_POLICY_PREFIX
 
     @property
     def _rest_definition(self):
@@ -132,7 +133,7 @@ def update(self):
 
 class FirewallZoneObject(base.Base):
 
-    PREFIX = 'OBJ-FWAAS-'
+    PREFIX = const.FWAAS_ZONE_PREFIX
 
     @classmethod
     def get_id_by_router_id(cls, router_id: str) -> str:
@@ -155,7 +156,7 @@ def __init__(self, router_id: str):
 
 class Zone(FirewallZoneObject):
 
-    PREFIX = 'ZN-FWAAS-'
+    PREFIX = const.FWAAS_ZONE_PREFIX
 
     @property
     def _rest_definition(self):
@@ -170,8 +171,8 @@ def update(self):
 
 class ZonePair(FirewallZoneObject):
 
-    PREFIX = 'ZP-FWAAS-'
-    DEFAULT_ALLOW_INSPECT_POLICY = ServicePolicy.PREFIX + "ALLOW-INSPECT"
+    PREFIX = const.FWAAS_ZONE_PAIR_PREFIX
+    DEFAULT_ALLOW_INSPECT_POLICY = const.FWAAS_DEFAULT_ALLOW_INSPECT_POLICY
 
     def __init__(self, router_id: str, source: str, destination: str, policy_id: Optional[str]):
         super().__init__(router_id)
@@ -191,7 +192,7 @@ def _rest_definition(self):
 
 class ZonePairExtEgress(ZonePair):
 
-    PREFIX = ZonePair.PREFIX + 'EXT-EGRESS-'
+    PREFIX = const.FWAAS_ZONE_PAIR_EXT_EGRESS_PREFIX
 
     def __init__(self, router_id: str, policy_id: Optional[str] = None):
         self.source = 'default'
@@ -211,7 +212,7 @@ def update(self):
 
 class ZonePairExtIngress(ZonePair):
 
-    PREFIX = ZonePair.PREFIX + 'EXT-INGRESS-'
+    PREFIX = const.FWAAS_ZONE_PAIR_EXT_INGRESS_PREFIX
 
     def __init__(self, router_id: str, policy_id: Optional[str] = None):
         self.source = Zone.get_id_by_router_id(router_id)
@@ -231,7 +232,7 @@ def update(self):
 
 class FirewallVrfPolicer(base.Base):
 
-    DEFAULT_PARAMETER_MAP = "PAM-FWAAS-POLICE-VRF"
+    DEFAULT_PARAMETER_MAP = const.FWAAS_DEFAULT_PARAMETER_MAP
 
     def __init__(self, router_id: str, parameter_map=None) -> None:
         if parameter_map is None: