github.com/GoogleCloudPlatform/terraformer@v0.8.18/providers/ibm/ibm_is_security_group.go

github.com/GoogleCloudPlatform/terraformer@v0.8.18/providers/ibm/ibm_is_security_group.go (about)

     1  // Copyright 2019 The Terraformer Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package ibm
    16  
    17  import (
    18  	"fmt"
    19  	"os"
    20  	"reflect"
    21  
    22  	"github.com/GoogleCloudPlatform/terraformer/terraformutils"
    23  	"github.com/IBM/go-sdk-core/v4/core"
    24  	"github.com/IBM/vpc-go-sdk/vpcv1"
    25  )
    26  
    27  // SecurityGroupGenerator ...
    28  type SecurityGroupGenerator struct {
    29  	IBMService
    30  }
    31  
    32  func (g SecurityGroupGenerator) createSecurityGroupResources(sgID, sgName string) terraformutils.Resource {
    33  	resources := terraformutils.NewSimpleResource(
    34  		sgID,
    35  		normalizeResourceName(sgName, false),
    36  		"ibm_is_security_group",
    37  		"ibm",
    38  		[]string{})
    39  	return resources
    40  }
    41  
    42  func (g SecurityGroupGenerator) createSecurityGroupRuleResources(sgID, sgRuleID string, dependsOn []string) terraformutils.Resource {
    43  	resources := terraformutils.NewResource(
    44  		fmt.Sprintf("%s.%s", sgID, sgRuleID),
    45  		normalizeResourceName("ibm_is_security_group_rule", true),
    46  		"ibm_is_security_group_rule",
    47  		"ibm",
    48  		map[string]string{},
    49  		[]string{},
    50  		map[string]interface{}{
    51  			"depends_on": dependsOn,
    52  		})
    53  	return resources
    54  }
    55  
    56  // InitResources ...
    57  func (g *SecurityGroupGenerator) InitResources() error {
    58  	region := g.Args["region"].(string)
    59  	apiKey := os.Getenv("IC_API_KEY")
    60  	if apiKey == "" {
    61  		return fmt.Errorf("No API key set")
    62  	}
    63  
    64  	vpcurl := fmt.Sprintf("https://%s.iaas.cloud.ibm.com/v1", region)
    65  	vpcoptions := &vpcv1.VpcV1Options{
    66  		URL: envFallBack([]string{"IBMCLOUD_IS_API_ENDPOINT"}, vpcurl),
    67  		Authenticator: &core.IamAuthenticator{
    68  			ApiKey: apiKey,
    69  		},
    70  	}
    71  	vpcclient, err := vpcv1.NewVpcV1(vpcoptions)
    72  	if err != nil {
    73  		return err
    74  	}
    75  	start := ""
    76  	var allrecs []vpcv1.SecurityGroup
    77  	for {
    78  		options := &vpcv1.ListSecurityGroupsOptions{}
    79  		if start != "" {
    80  			options.Start = &start
    81  		}
    82  		if rg := g.Args["resource_group"].(string); rg != "" {
    83  			rg, err = GetResourceGroupID(apiKey, rg, region)
    84  			if err != nil {
    85  				return fmt.Errorf("Error Fetching Resource Group Id %s", err)
    86  			}
    87  			options.ResourceGroupID = &rg
    88  		}
    89  		sgs, response, err := vpcclient.ListSecurityGroups(options)
    90  		if err != nil {
    91  			return fmt.Errorf("Error Fetching security Groups %s\n%s", err, response)
    92  		}
    93  		start = GetNext(sgs.Next)
    94  		allrecs = append(allrecs, sgs.SecurityGroups...)
    95  		if start == "" {
    96  			break
    97  		}
    98  	}
    99  
   100  	for _, group := range allrecs {
   101  		var dependsOn []string
   102  
   103  		g.Resources = append(g.Resources, g.createSecurityGroupResources(*group.ID, *group.Name))
   104  		sgResourceName := g.Resources[len(g.Resources)-1:][0].ResourceName
   105  		dependsOn = append(dependsOn,
   106  			"ibm_is_security_group."+sgResourceName)
   107  		listSecurityGroupRulesOptions := &vpcv1.ListSecurityGroupRulesOptions{
   108  			SecurityGroupID: group.ID,
   109  		}
   110  		rules, response, err := vpcclient.ListSecurityGroupRules(listSecurityGroupRulesOptions)
   111  		if err != nil {
   112  			return fmt.Errorf("Error Fetching security group rules %s\n%s", err, response)
   113  		}
   114  		for _, sgrule := range rules.Rules {
   115  			switch reflect.TypeOf(sgrule).String() {
   116  			case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp":
   117  				{
   118  					rule := sgrule.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp)
   119  					g.Resources = append(g.Resources, g.createSecurityGroupRuleResources(*group.ID, *rule.ID, dependsOn))
   120  				}
   121  
   122  			case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolAll":
   123  				{
   124  					rule := sgrule.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolAll)
   125  					g.Resources = append(g.Resources, g.createSecurityGroupRuleResources(*group.ID, *rule.ID, dependsOn))
   126  				}
   127  
   128  			case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp":
   129  				{
   130  					rule := sgrule.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp)
   131  					g.Resources = append(g.Resources, g.createSecurityGroupRuleResources(*group.ID, *rule.ID, dependsOn))
   132  				}
   133  			}
   134  		}
   135  	}
   136  	return nil
   137  }