BUG: find security group related to project when creating rule

limit find_security_group to project we're creating before creating rules

lib/openstack_api/openstack_security_groups.py

@@ -396,9 +396,6 @@ def _create_security_group_rule(
     details.security_group_identifier = details.security_group_identifier.strip()
     if not details.security_group_identifier:
         raise MissingMandatoryParamError("A security group name or ID is required")
-    security_group = conn.network.find_security_group(
-        details.security_group_identifier, ignore_missing=False
-    )
 
     details.project_identifier = details.project_identifier.strip()
     if not details.project_identifier:
@@ -407,6 +404,10 @@ def _create_security_group_rule(
         details.project_identifier, ignore_missing=False
     )
 
+    security_group = conn.network.find_security_group(
+        details.security_group_identifier, ignore_missing=False, project_id=project.id
+    )
+
     start_port = str(details.port_range[0]).strip()
     end_port = str(details.port_range[1]).strip()
     _validate_rule_ports(start_port, end_port)

tests/lib/openstack_api/test_openstack_security_groups.py

@@ -25,6 +25,16 @@ def test_case(mock_conn, mock_details: SecurityGroupRuleDetails):
         if mock_details.port_range == ("*", "*"):
             start_port, end_port = (None, None)
 
+        mock_conn.identity.find_project.assert_any_call(
+            mock_details.project_identifier.strip(), ignore_missing=False
+        )
+
+        mock_conn.network.find_security_group.assert_any_call(
+            mock_details.security_group_identifier.strip(),
+            ignore_missing=False,
+            project_id=mock_conn.identity.find_project.return_value.id,
+        )
+
         mock_conn.network.create_security_group_rule.assert_any_call(
             project_id=mock_conn.identity.find_project.return_value.id,
             security_group_id=mock_conn.network.find_security_group.return_value.id,