soreana opened a new issue, #6999: URL: https://github.com/apache/cloudstack/issues/6999
<!-- Verify first that your issue/request is not already reported on GitHub. Also test if the latest release and main branch are affected too. Always add information AFTER of these HTML comments, but no need to delete the comments. --> In listVirtualMachines' response, we have a security group field. After further investigation, we noticed that this field doesn't change at all even if I add the ingress rule to the VM. ``` (local) > list virtualmachines id="152ee2cf-d9fb-4281-b222-1a9b1b73ef57" filter=id,name,displayname,securitygroup listall=true { "count": 1, "virtualmachine": [ { "displayname": "Sina-test-security-groups", "id": "152ee2cf-d9fb-4281-b222-1a9b1b73ef57", "name": "Sina-test-security-groups", "securitygroup": [ { "account": "admin", "description": "", "egressrule": [], "id": "a2a75240-a7f2-42a4-9812-a9954b2d5ab2", "ingressrule": [], "name": "Sina-test", "tags": [], "virtualmachineids": [] } ] } ] } (local) > list securitygroups virtualmachineid=152ee2cf-d9fb-4281-b222-1a9b1b73ef57 { "count": 1, "securitygroup": [ { "account": "admin", "description": "", "domain": "ROOT", "domainid": "84c14489-6263-11e3-aa07-d89d6717918c", "egressrule": [], "id": "a2a75240-a7f2-42a4-9812-a9954b2d5ab2", "ingressrule": [ { "cidr": "10.0.0.0/8", "endport": 20, "protocol": "tcp", "ruleid": "506815f8-1586-4353-ac70-8009cff65be8", "startport": 20, "tags": [] } ], "name": "Sina-test", "tags": [], "virtualmachinecount": 1, "virtualmachineids": [ "152ee2cf-d9fb-4281-b222-1a9b1b73ef57" ] } ] } ``` ##### ISSUE TYPE <!-- Pick one below and delete the rest --> * Bug Report ##### COMPONENT NAME <!-- Categorize the issue, e.g. API, VR, VPN, UI, etc. --> ~~~ API ~~~ ##### CLOUDSTACK VERSION <!-- New line separated list of affected versions, commit ID for issues on main branch. --> ~~~ 4.17.2 ~~~ ##### CONFIGURATION <!-- Information about the configuration if relevant, e.g. basic network, advanced networking, etc. N/A otherwise --> ~~~ Basic network with security group ~~~ ##### SUMMARY <!-- Explain the problem/feature briefly --> When I was testing a firewall rules, I noticed that adding an ingress rules to a VM's security group doesn't have any affect on the `listVirtualmachines` api call output. The ingress rule is always empty. As a result our automation tools should call two APIs rather than one to get correct informations. One to get the informations about the VM and another one to get security groups. ##### STEPS TO REPRODUCE <!-- For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate. For new features, show how the feature would be used. --> <!-- Paste example playbooks or commands between quotes below --> ~~~ 1. Call list virtual machine api call using cmk and check `securitygroup` field, it is empty. 2. Add some ingress rules to the security group. 3. Call list virtual machine api call using cmk and check `securitygroup` field again, it is empty. ~~~ <!-- You can also paste gist.github.com links for larger files --> ##### EXPECTED RESULTS <!-- What did you expect to happen when running the steps above? --> ~~~ The ingress rule added to the `securitygroup` field of the virtual machine API call. ~~~ ##### ACTUAL RESULTS <!-- What actually happened? --> <!-- Paste verbatim command output between quotes below --> ~~~ The ingress rule in `securitygroup` is empty. ~~~ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org