github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/cloudstack/resource_cloudstack_firewall_test.go (about)

     1  package cloudstack
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  	"testing"
     7  
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/terraform"
    10  	"github.com/xanzy/go-cloudstack/cloudstack"
    11  )
    12  
    13  func TestAccCloudStackFirewall_basic(t *testing.T) {
    14  	resource.Test(t, resource.TestCase{
    15  		PreCheck:     func() { testAccPreCheck(t) },
    16  		Providers:    testAccProviders,
    17  		CheckDestroy: testAccCheckCloudStackFirewallDestroy,
    18  		Steps: []resource.TestStep{
    19  			resource.TestStep{
    20  				Config: testAccCloudStackFirewall_basic,
    21  				Check: resource.ComposeTestCheckFunc(
    22  					testAccCheckCloudStackFirewallRulesExist("cloudstack_firewall.foo"),
    23  					resource.TestCheckResourceAttr(
    24  						"cloudstack_firewall.foo", "ip_address_id", CLOUDSTACK_PUBLIC_IPADDRESS),
    25  					resource.TestCheckResourceAttr(
    26  						"cloudstack_firewall.foo", "rule.#", "2"),
    27  					resource.TestCheckResourceAttr(
    28  						"cloudstack_firewall.foo", "rule.2263505090.cidr_list.3482919157", "10.0.0.0/24"),
    29  					resource.TestCheckResourceAttr(
    30  						"cloudstack_firewall.foo", "rule.2263505090.protocol", "tcp"),
    31  					resource.TestCheckResourceAttr(
    32  						"cloudstack_firewall.foo", "rule.2263505090.ports.32925333", "8080"),
    33  					resource.TestCheckResourceAttr(
    34  						"cloudstack_firewall.foo", "rule.3782201428.cidr_list.3482919157", "10.0.0.0/24"),
    35  					resource.TestCheckResourceAttr(
    36  						"cloudstack_firewall.foo", "rule.3782201428.protocol", "tcp"),
    37  					resource.TestCheckResourceAttr(
    38  						"cloudstack_firewall.foo", "rule.3782201428.ports.1209010669", "1000-2000"),
    39  					resource.TestCheckResourceAttr(
    40  						"cloudstack_firewall.foo", "rule.3782201428.ports.1889509032", "80"),
    41  				),
    42  			},
    43  		},
    44  	})
    45  }
    46  
    47  func TestAccCloudStackFirewall_update(t *testing.T) {
    48  	resource.Test(t, resource.TestCase{
    49  		PreCheck:     func() { testAccPreCheck(t) },
    50  		Providers:    testAccProviders,
    51  		CheckDestroy: testAccCheckCloudStackFirewallDestroy,
    52  		Steps: []resource.TestStep{
    53  			resource.TestStep{
    54  				Config: testAccCloudStackFirewall_basic,
    55  				Check: resource.ComposeTestCheckFunc(
    56  					testAccCheckCloudStackFirewallRulesExist("cloudstack_firewall.foo"),
    57  					resource.TestCheckResourceAttr(
    58  						"cloudstack_firewall.foo", "ip_address_id", CLOUDSTACK_PUBLIC_IPADDRESS),
    59  					resource.TestCheckResourceAttr(
    60  						"cloudstack_firewall.foo", "rule.#", "2"),
    61  					resource.TestCheckResourceAttr(
    62  						"cloudstack_firewall.foo", "rule.2263505090.cidr_list.3482919157", "10.0.0.0/24"),
    63  					resource.TestCheckResourceAttr(
    64  						"cloudstack_firewall.foo", "rule.2263505090.protocol", "tcp"),
    65  					resource.TestCheckResourceAttr(
    66  						"cloudstack_firewall.foo", "rule.2263505090.ports.32925333", "8080"),
    67  					resource.TestCheckResourceAttr(
    68  						"cloudstack_firewall.foo", "rule.3782201428.cidr_list.3482919157", "10.0.0.0/24"),
    69  					resource.TestCheckResourceAttr(
    70  						"cloudstack_firewall.foo", "rule.3782201428.protocol", "tcp"),
    71  					resource.TestCheckResourceAttr(
    72  						"cloudstack_firewall.foo", "rule.3782201428.ports.1209010669", "1000-2000"),
    73  					resource.TestCheckResourceAttr(
    74  						"cloudstack_firewall.foo", "rule.3782201428.ports.1889509032", "80"),
    75  				),
    76  			},
    77  
    78  			resource.TestStep{
    79  				Config: testAccCloudStackFirewall_update,
    80  				Check: resource.ComposeTestCheckFunc(
    81  					testAccCheckCloudStackFirewallRulesExist("cloudstack_firewall.foo"),
    82  					resource.TestCheckResourceAttr(
    83  						"cloudstack_firewall.foo", "ip_address_id", CLOUDSTACK_PUBLIC_IPADDRESS),
    84  					resource.TestCheckResourceAttr(
    85  						"cloudstack_firewall.foo", "rule.#", "3"),
    86  					resource.TestCheckResourceAttr(
    87  						"cloudstack_firewall.foo", "rule.3529885171.cidr_list.80081744", "10.0.1.0/24"),
    88  					resource.TestCheckResourceAttr(
    89  						"cloudstack_firewall.foo", "rule.3529885171.cidr_list.3482919157", "10.0.0.0/24"),
    90  					resource.TestCheckResourceAttr(
    91  						"cloudstack_firewall.foo", "rule.3529885171.protocol", "tcp"),
    92  					resource.TestCheckResourceAttr(
    93  						"cloudstack_firewall.foo", "rule.3529885171.ports.32925333", "8080"),
    94  					resource.TestCheckResourceAttr(
    95  						"cloudstack_firewall.foo", "rule.3782201428.cidr_list.3482919157", "10.0.0.0/24"),
    96  					resource.TestCheckResourceAttr(
    97  						"cloudstack_firewall.foo", "rule.3782201428.protocol", "tcp"),
    98  					resource.TestCheckResourceAttr(
    99  						"cloudstack_firewall.foo", "rule.3782201428.ports.1209010669", "1000-2000"),
   100  					resource.TestCheckResourceAttr(
   101  						"cloudstack_firewall.foo", "rule.3782201428.ports.1889509032", "80"),
   102  					resource.TestCheckResourceAttr(
   103  						"cloudstack_firewall.foo", "rule.4160426500.cidr_list.2835005819", "172.16.100.0/24"),
   104  					resource.TestCheckResourceAttr(
   105  						"cloudstack_firewall.foo", "rule.4160426500.protocol", "tcp"),
   106  					resource.TestCheckResourceAttr(
   107  						"cloudstack_firewall.foo", "rule.4160426500.ports.1889509032", "80"),
   108  					resource.TestCheckResourceAttr(
   109  						"cloudstack_firewall.foo", "rule.4160426500.ports.3638101695", "443"),
   110  				),
   111  			},
   112  		},
   113  	})
   114  }
   115  
   116  func testAccCheckCloudStackFirewallRulesExist(n string) resource.TestCheckFunc {
   117  	return func(s *terraform.State) error {
   118  		rs, ok := s.RootModule().Resources[n]
   119  		if !ok {
   120  			return fmt.Errorf("Not found: %s", n)
   121  		}
   122  
   123  		if rs.Primary.ID == "" {
   124  			return fmt.Errorf("No firewall ID is set")
   125  		}
   126  
   127  		for k, id := range rs.Primary.Attributes {
   128  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.%") {
   129  				continue
   130  			}
   131  
   132  			cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   133  			_, count, err := cs.Firewall.GetFirewallRuleByID(id)
   134  
   135  			if err != nil {
   136  				return err
   137  			}
   138  
   139  			if count == 0 {
   140  				return fmt.Errorf("Firewall rule for %s not found", k)
   141  			}
   142  		}
   143  
   144  		return nil
   145  	}
   146  }
   147  
   148  func testAccCheckCloudStackFirewallDestroy(s *terraform.State) error {
   149  	cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   150  
   151  	for _, rs := range s.RootModule().Resources {
   152  		if rs.Type != "cloudstack_firewall" {
   153  			continue
   154  		}
   155  
   156  		if rs.Primary.ID == "" {
   157  			return fmt.Errorf("No instance ID is set")
   158  		}
   159  
   160  		for k, id := range rs.Primary.Attributes {
   161  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.%") {
   162  				continue
   163  			}
   164  
   165  			_, _, err := cs.Firewall.GetFirewallRuleByID(id)
   166  			if err == nil {
   167  				return fmt.Errorf("Firewall rule %s still exists", rs.Primary.ID)
   168  			}
   169  		}
   170  	}
   171  
   172  	return nil
   173  }
   174  
   175  var testAccCloudStackFirewall_basic = fmt.Sprintf(`
   176  resource "cloudstack_firewall" "foo" {
   177    ip_address_id = "%s"
   178  
   179    rule {
   180      cidr_list = ["10.0.0.0/24"]
   181      protocol = "tcp"
   182      ports = ["8080"]
   183    }
   184  
   185    rule {
   186      cidr_list = ["10.0.0.0/24"]
   187      protocol = "tcp"
   188      ports = ["80", "1000-2000"]
   189    }
   190  }`, CLOUDSTACK_PUBLIC_IPADDRESS)
   191  
   192  var testAccCloudStackFirewall_update = fmt.Sprintf(`
   193  resource "cloudstack_firewall" "foo" {
   194    ip_address_id = "%s"
   195  
   196    rule {
   197      cidr_list = ["10.0.0.0/24", "10.0.1.0/24"]
   198      protocol = "tcp"
   199      ports = ["8080"]
   200    }
   201  
   202    rule {
   203      cidr_list = ["10.0.0.0/24"]
   204      protocol = "tcp"
   205      ports = ["80", "1000-2000"]
   206    }
   207  
   208    rule {
   209      cidr_list = ["172.16.100.0/24"]
   210      protocol = "tcp"
   211      ports = ["80", "443"]
   212    }
   213  }`, CLOUDSTACK_PUBLIC_IPADDRESS)