github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/cloudstack/resource_cloudstack_egress_firewall_test.go (about)

     1  package cloudstack
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  	"testing"
     7  
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/terraform"
    10  	"github.com/xanzy/go-cloudstack/cloudstack"
    11  )
    12  
    13  func TestAccCloudStackEgressFirewall_basic(t *testing.T) {
    14  	resource.Test(t, resource.TestCase{
    15  		PreCheck:     func() { testAccPreCheck(t) },
    16  		Providers:    testAccProviders,
    17  		CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy,
    18  		Steps: []resource.TestStep{
    19  			resource.TestStep{
    20  				Config: testAccCloudStackEgressFirewall_basic,
    21  				Check: resource.ComposeTestCheckFunc(
    22  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    23  					resource.TestCheckResourceAttr(
    24  						"cloudstack_egress_firewall.foo", "network_id", CLOUDSTACK_NETWORK_1),
    25  					resource.TestCheckResourceAttr(
    26  						"cloudstack_egress_firewall.foo", "rule.#", "1"),
    27  					resource.TestCheckResourceAttr(
    28  						"cloudstack_egress_firewall.foo",
    29  						"rule.2905891128.cidr_list.3378711023",
    30  						CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"),
    31  					resource.TestCheckResourceAttr(
    32  						"cloudstack_egress_firewall.foo", "rule.2905891128.protocol", "tcp"),
    33  					resource.TestCheckResourceAttr(
    34  						"cloudstack_egress_firewall.foo", "rule.2905891128.ports.32925333", "8080"),
    35  				),
    36  			},
    37  		},
    38  	})
    39  }
    40  
    41  func TestAccCloudStackEgressFirewall_update(t *testing.T) {
    42  	resource.Test(t, resource.TestCase{
    43  		PreCheck:     func() { testAccPreCheck(t) },
    44  		Providers:    testAccProviders,
    45  		CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy,
    46  		Steps: []resource.TestStep{
    47  			resource.TestStep{
    48  				Config: testAccCloudStackEgressFirewall_basic,
    49  				Check: resource.ComposeTestCheckFunc(
    50  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    51  					resource.TestCheckResourceAttr(
    52  						"cloudstack_egress_firewall.foo", "network_id", CLOUDSTACK_NETWORK_1),
    53  					resource.TestCheckResourceAttr(
    54  						"cloudstack_egress_firewall.foo", "rule.#", "1"),
    55  					resource.TestCheckResourceAttr(
    56  						"cloudstack_egress_firewall.foo",
    57  						"rule.2905891128.cidr_list.3378711023",
    58  						CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"),
    59  					resource.TestCheckResourceAttr(
    60  						"cloudstack_egress_firewall.foo", "rule.2905891128.protocol", "tcp"),
    61  					resource.TestCheckResourceAttr(
    62  						"cloudstack_egress_firewall.foo", "rule.2905891128.ports.32925333", "8080"),
    63  				),
    64  			},
    65  
    66  			resource.TestStep{
    67  				Config: testAccCloudStackEgressFirewall_update,
    68  				Check: resource.ComposeTestCheckFunc(
    69  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    70  					resource.TestCheckResourceAttr(
    71  						"cloudstack_egress_firewall.foo", "network_id", CLOUDSTACK_NETWORK_1),
    72  					resource.TestCheckResourceAttr(
    73  						"cloudstack_egress_firewall.foo", "rule.#", "2"),
    74  					resource.TestCheckResourceAttr(
    75  						"cloudstack_egress_firewall.foo",
    76  						"rule.3593527682.cidr_list.1910468234",
    77  						CLOUDSTACK_NETWORK_1_IPADDRESS2+"/32"),
    78  					resource.TestCheckResourceAttr(
    79  						"cloudstack_egress_firewall.foo",
    80  						"rule.3593527682.cidr_list.3378711023",
    81  						CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"),
    82  					resource.TestCheckResourceAttr(
    83  						"cloudstack_egress_firewall.foo", "rule.3593527682.protocol", "tcp"),
    84  					resource.TestCheckResourceAttr(
    85  						"cloudstack_egress_firewall.foo", "rule.3593527682.ports.32925333", "8080"),
    86  					resource.TestCheckResourceAttr(
    87  						"cloudstack_egress_firewall.foo",
    88  						"rule.739924765.cidr_list.3378711023",
    89  						CLOUDSTACK_NETWORK_1_IPADDRESS1+"/32"),
    90  					resource.TestCheckResourceAttr(
    91  						"cloudstack_egress_firewall.foo", "rule.739924765.protocol", "tcp"),
    92  					resource.TestCheckResourceAttr(
    93  						"cloudstack_egress_firewall.foo", "rule.739924765.ports.1889509032", "80"),
    94  				),
    95  			},
    96  		},
    97  	})
    98  }
    99  
   100  func testAccCheckCloudStackEgressFirewallRulesExist(n string) resource.TestCheckFunc {
   101  	return func(s *terraform.State) error {
   102  		rs, ok := s.RootModule().Resources[n]
   103  		if !ok {
   104  			return fmt.Errorf("Not found: %s", n)
   105  		}
   106  
   107  		if rs.Primary.ID == "" {
   108  			return fmt.Errorf("No firewall ID is set")
   109  		}
   110  
   111  		for k, id := range rs.Primary.Attributes {
   112  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.%") {
   113  				continue
   114  			}
   115  
   116  			cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   117  			_, count, err := cs.Firewall.GetEgressFirewallRuleByID(id)
   118  
   119  			if err != nil {
   120  				return err
   121  			}
   122  
   123  			if count == 0 {
   124  				return fmt.Errorf("Firewall rule for %s not found", k)
   125  			}
   126  		}
   127  
   128  		return nil
   129  	}
   130  }
   131  
   132  func testAccCheckCloudStackEgressFirewallDestroy(s *terraform.State) error {
   133  	cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   134  
   135  	for _, rs := range s.RootModule().Resources {
   136  		if rs.Type != "cloudstack_egress_firewall" {
   137  			continue
   138  		}
   139  
   140  		if rs.Primary.ID == "" {
   141  			return fmt.Errorf("No instance ID is set")
   142  		}
   143  
   144  		for k, id := range rs.Primary.Attributes {
   145  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.%") {
   146  				continue
   147  			}
   148  
   149  			_, _, err := cs.Firewall.GetEgressFirewallRuleByID(id)
   150  			if err == nil {
   151  				return fmt.Errorf("Egress rule %s still exists", rs.Primary.ID)
   152  			}
   153  		}
   154  	}
   155  
   156  	return nil
   157  }
   158  
   159  var testAccCloudStackEgressFirewall_basic = fmt.Sprintf(`
   160  resource "cloudstack_egress_firewall" "foo" {
   161    network_id = "%s"
   162  
   163    rule {
   164      cidr_list = ["%s/32"]
   165      protocol = "tcp"
   166      ports = ["8080"]
   167    }
   168  }`,
   169  	CLOUDSTACK_NETWORK_1,
   170  	CLOUDSTACK_NETWORK_1_IPADDRESS1)
   171  
   172  var testAccCloudStackEgressFirewall_update = fmt.Sprintf(`
   173  resource "cloudstack_egress_firewall" "foo" {
   174    network_id = "%s"
   175  
   176    rule {
   177      cidr_list = ["%s/32", "%s/32"]
   178      protocol = "tcp"
   179      ports = ["8080"]
   180    }
   181  
   182    rule {
   183      cidr_list = ["%s/32"]
   184      protocol = "tcp"
   185      ports = ["80", "1000-2000"]
   186    }
   187  }`,
   188  	CLOUDSTACK_NETWORK_1,
   189  	CLOUDSTACK_NETWORK_1_IPADDRESS1,
   190  	CLOUDSTACK_NETWORK_1_IPADDRESS2,
   191  	CLOUDSTACK_NETWORK_1_IPADDRESS1)