github.com/chalford/terraform@v0.3.7-0.20150113080010-a78c69a8c81f/builtin/providers/cloudstack/resource_cloudstack_network_acl_rule_test.go (about) 1 package cloudstack 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 "github.com/xanzy/go-cloudstack/cloudstack" 11 ) 12 13 func TestAccCloudStackNetworkACLRule_basic(t *testing.T) { 14 resource.Test(t, resource.TestCase{ 15 PreCheck: func() { testAccPreCheck(t) }, 16 Providers: testAccProviders, 17 CheckDestroy: testAccCheckCloudStackNetworkACLRuleDestroy, 18 Steps: []resource.TestStep{ 19 resource.TestStep{ 20 Config: testAccCloudStackNetworkACLRule_basic, 21 Check: resource.ComposeTestCheckFunc( 22 testAccCheckCloudStackNetworkACLRulesExist("cloudstack_network_acl.foo"), 23 resource.TestCheckResourceAttr( 24 "cloudstack_network_acl_rule.foo", "rule.#", "1"), 25 resource.TestCheckResourceAttr( 26 "cloudstack_network_acl_rule.foo", "rule.3247834462.action", "allow"), 27 resource.TestCheckResourceAttr( 28 "cloudstack_network_acl_rule.foo", "rule.3247834462.source_cidr", "172.16.100.0/24"), 29 resource.TestCheckResourceAttr( 30 "cloudstack_network_acl_rule.foo", "rule.3247834462.protocol", "tcp"), 31 resource.TestCheckResourceAttr( 32 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.#", "2"), 33 resource.TestCheckResourceAttr( 34 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.1889509032", "80"), 35 resource.TestCheckResourceAttr( 36 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.3638101695", "443"), 37 resource.TestCheckResourceAttr( 38 "cloudstack_network_acl_rule.foo", "rule.3247834462.traffic_type", "ingress"), 39 ), 40 }, 41 }, 42 }) 43 } 44 45 func TestAccCloudStackNetworkACLRule_update(t *testing.T) { 46 resource.Test(t, resource.TestCase{ 47 PreCheck: func() { testAccPreCheck(t) }, 48 Providers: testAccProviders, 49 CheckDestroy: testAccCheckCloudStackNetworkACLRuleDestroy, 50 Steps: []resource.TestStep{ 51 resource.TestStep{ 52 Config: testAccCloudStackNetworkACLRule_basic, 53 Check: resource.ComposeTestCheckFunc( 54 testAccCheckCloudStackNetworkACLRulesExist("cloudstack_network_acl.foo"), 55 resource.TestCheckResourceAttr( 56 "cloudstack_network_acl_rule.foo", "rule.#", "1"), 57 resource.TestCheckResourceAttr( 58 "cloudstack_network_acl_rule.foo", "rule.3247834462.action", "allow"), 59 resource.TestCheckResourceAttr( 60 "cloudstack_network_acl_rule.foo", "rule.3247834462.source_cidr", "172.16.100.0/24"), 61 resource.TestCheckResourceAttr( 62 "cloudstack_network_acl_rule.foo", "rule.3247834462.protocol", "tcp"), 63 resource.TestCheckResourceAttr( 64 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.#", "2"), 65 resource.TestCheckResourceAttr( 66 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.1889509032", "80"), 67 resource.TestCheckResourceAttr( 68 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.3638101695", "443"), 69 resource.TestCheckResourceAttr( 70 "cloudstack_network_acl_rule.foo", "rule.3247834462.traffic_type", "ingress"), 71 ), 72 }, 73 74 resource.TestStep{ 75 Config: testAccCloudStackNetworkACLRule_update, 76 Check: resource.ComposeTestCheckFunc( 77 testAccCheckCloudStackNetworkACLRulesExist("cloudstack_network_acl.foo"), 78 resource.TestCheckResourceAttr( 79 "cloudstack_network_acl_rule.foo", "rule.#", "2"), 80 resource.TestCheckResourceAttr( 81 "cloudstack_network_acl_rule.foo", "rule.3247834462.action", "allow"), 82 resource.TestCheckResourceAttr( 83 "cloudstack_network_acl_rule.foo", "rule.3247834462.source_cidr", "172.16.100.0/24"), 84 resource.TestCheckResourceAttr( 85 "cloudstack_network_acl_rule.foo", "rule.3247834462.protocol", "tcp"), 86 resource.TestCheckResourceAttr( 87 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.#", "2"), 88 resource.TestCheckResourceAttr( 89 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.1889509032", "80"), 90 resource.TestCheckResourceAttr( 91 "cloudstack_network_acl_rule.foo", "rule.3247834462.ports.3638101695", "443"), 92 resource.TestCheckResourceAttr( 93 "cloudstack_network_acl_rule.foo", "rule.3247834462.traffic_type", "ingress"), 94 resource.TestCheckResourceAttr( 95 "cloudstack_network_acl_rule.foo", "rule.4267872693.action", "deny"), 96 resource.TestCheckResourceAttr( 97 "cloudstack_network_acl_rule.foo", "rule.4267872693.source_cidr", "10.0.0.0/24"), 98 resource.TestCheckResourceAttr( 99 "cloudstack_network_acl_rule.foo", "rule.4267872693.protocol", "tcp"), 100 resource.TestCheckResourceAttr( 101 "cloudstack_network_acl_rule.foo", "rule.4267872693.ports.#", "2"), 102 resource.TestCheckResourceAttr( 103 "cloudstack_network_acl_rule.foo", "rule.4267872693.ports.1209010669", "1000-2000"), 104 resource.TestCheckResourceAttr( 105 "cloudstack_network_acl_rule.foo", "rule.4267872693.ports.1889509032", "80"), 106 resource.TestCheckResourceAttr( 107 "cloudstack_network_acl_rule.foo", "rule.4267872693.traffic_type", "engress"), 108 ), 109 }, 110 }, 111 }) 112 } 113 114 func testAccCheckCloudStackNetworkACLRulesExist(n string) resource.TestCheckFunc { 115 return func(s *terraform.State) error { 116 rs, ok := s.RootModule().Resources[n] 117 if !ok { 118 return fmt.Errorf("Not found: %s", n) 119 } 120 121 if rs.Primary.ID == "" { 122 return fmt.Errorf("No network ACL rule ID is set") 123 } 124 125 for k, uuid := range rs.Primary.Attributes { 126 if !strings.Contains(k, "uuids") { 127 continue 128 } 129 130 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 131 _, count, err := cs.NetworkACL.GetNetworkACLByID(uuid) 132 133 if err != nil { 134 return err 135 } 136 137 if count == 0 { 138 return fmt.Errorf("Network ACL rule %s not found", k) 139 } 140 } 141 142 return nil 143 } 144 } 145 146 func testAccCheckCloudStackNetworkACLRuleDestroy(s *terraform.State) error { 147 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 148 149 for _, rs := range s.RootModule().Resources { 150 if rs.Type != "cloudstack_network_acl_rule" { 151 continue 152 } 153 154 if rs.Primary.ID == "" { 155 return fmt.Errorf("No network ACL rule ID is set") 156 } 157 158 for k, uuid := range rs.Primary.Attributes { 159 if !strings.Contains(k, "uuids") { 160 continue 161 } 162 163 p := cs.NetworkACL.NewDeleteNetworkACLParams(uuid) 164 _, err := cs.NetworkACL.DeleteNetworkACL(p) 165 166 if err != nil { 167 return err 168 } 169 } 170 } 171 172 return nil 173 } 174 175 var testAccCloudStackNetworkACLRule_basic = fmt.Sprintf(` 176 resource "cloudstack_vpc" "foobar" { 177 name = "terraform-vpc" 178 cidr = "%s" 179 vpc_offering = "%s" 180 zone = "%s" 181 } 182 183 resource "cloudstack_network_acl" "foo" { 184 name = "terraform-acl" 185 description = "terraform-acl-text" 186 vpc = "${cloudstack_vpc.foobar.name}" 187 } 188 189 resource "cloudstack_network_acl_rule" "foo" { 190 aclid = "${cloudstack_network_acl.foo.id}" 191 192 rule { 193 action = "allow" 194 source_cidr = "172.16.100.0/24" 195 protocol = "tcp" 196 ports = ["80", "443"] 197 traffic_type = "ingress" 198 } 199 }`, 200 CLOUDSTACK_VPC_CIDR, 201 CLOUDSTACK_VPC_OFFERING, 202 CLOUDSTACK_ZONE) 203 204 var testAccCloudStackNetworkACLRule_update = fmt.Sprintf(` 205 resource "cloudstack_vpc" "foobar" { 206 name = "terraform-vpc" 207 cidr = "%s" 208 vpc_offering = "%s" 209 zone = "%s" 210 } 211 212 resource "cloudstack_network_acl" "foo" { 213 name = "terraform-acl" 214 description = "terraform-acl-text" 215 vpc = "${cloudstack_vpc.foobar.name}" 216 } 217 218 resource "cloudstack_network_acl_rule" "foo" { 219 aclid = "${cloudstack_network_acl.foo.id}" 220 221 rule { 222 action = "allow" 223 source_cidr = "172.16.100.0/24" 224 protocol = "tcp" 225 ports = ["80", "443"] 226 traffic_type = "ingress" 227 } 228 229 rule { 230 action = "deny" 231 source_cidr = "10.0.0.0/24" 232 protocol = "tcp" 233 ports = ["80", "1000-2000"] 234 traffic_type = "egress" 235 } 236 }`, 237 CLOUDSTACK_VPC_CIDR, 238 CLOUDSTACK_VPC_OFFERING, 239 CLOUDSTACK_ZONE)