github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 10 "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/secgroups" 11 ) 12 13 func TestAccComputeV2SecGroup_basic(t *testing.T) { 14 var secgroup secgroups.SecurityGroup 15 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testAccComputeV2SecGroup_basic_orig, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 25 ), 26 }, 27 }, 28 }) 29 } 30 31 func TestAccComputeV2SecGroup_update(t *testing.T) { 32 var secgroup secgroups.SecurityGroup 33 34 resource.Test(t, resource.TestCase{ 35 PreCheck: func() { testAccPreCheck(t) }, 36 Providers: testAccProviders, 37 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 38 Steps: []resource.TestStep{ 39 resource.TestStep{ 40 Config: testAccComputeV2SecGroup_basic_orig, 41 Check: resource.ComposeTestCheckFunc( 42 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 43 ), 44 }, 45 resource.TestStep{ 46 Config: testAccComputeV2SecGroup_basic_update, 47 Check: resource.ComposeTestCheckFunc( 48 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 49 testAccCheckComputeV2SecGroupRuleCount(&secgroup, 2), 50 ), 51 }, 52 }, 53 }) 54 } 55 56 func TestAccComputeV2SecGroup_groupID(t *testing.T) { 57 var secgroup1, secgroup2, secgroup3 secgroups.SecurityGroup 58 59 resource.Test(t, resource.TestCase{ 60 PreCheck: func() { testAccPreCheck(t) }, 61 Providers: testAccProviders, 62 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 63 Steps: []resource.TestStep{ 64 resource.TestStep{ 65 Config: testAccComputeV2SecGroup_groupID_orig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup1), 68 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_2", &secgroup2), 69 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_3", &secgroup3), 70 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup1, &secgroup3), 71 ), 72 }, 73 resource.TestStep{ 74 Config: testAccComputeV2SecGroup_groupID_update, 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup1), 77 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_2", &secgroup2), 78 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_3", &secgroup3), 79 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup2, &secgroup3), 80 ), 81 }, 82 }, 83 }) 84 } 85 86 func TestAccComputeV2SecGroup_self(t *testing.T) { 87 var secgroup secgroups.SecurityGroup 88 89 resource.Test(t, resource.TestCase{ 90 PreCheck: func() { testAccPreCheck(t) }, 91 Providers: testAccProviders, 92 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 93 Steps: []resource.TestStep{ 94 resource.TestStep{ 95 Config: testAccComputeV2SecGroup_self, 96 Check: resource.ComposeTestCheckFunc( 97 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 98 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup, &secgroup), 99 resource.TestCheckResourceAttr( 100 "openstack_compute_secgroup_v2.sg_1", "rule.3170486100.self", "true"), 101 resource.TestCheckResourceAttr( 102 "openstack_compute_secgroup_v2.sg_1", "rule.3170486100.from_group_id", ""), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccComputeV2SecGroup_icmpZero(t *testing.T) { 110 var secgroup secgroups.SecurityGroup 111 112 resource.Test(t, resource.TestCase{ 113 PreCheck: func() { testAccPreCheck(t) }, 114 Providers: testAccProviders, 115 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 116 Steps: []resource.TestStep{ 117 resource.TestStep{ 118 Config: testAccComputeV2SecGroup_icmpZero, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 121 ), 122 }, 123 }, 124 }) 125 } 126 127 func TestAccComputeV2SecGroup_lowerCaseCIDR(t *testing.T) { 128 var secgroup secgroups.SecurityGroup 129 130 resource.Test(t, resource.TestCase{ 131 PreCheck: func() { testAccPreCheck(t) }, 132 Providers: testAccProviders, 133 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 134 Steps: []resource.TestStep{ 135 resource.TestStep{ 136 Config: testAccComputeV2SecGroup_lowerCaseCIDR, 137 Check: resource.ComposeTestCheckFunc( 138 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 139 resource.TestCheckResourceAttr( 140 "openstack_compute_secgroup_v2.sg_1", "rule.3862435458.cidr", "2001:558:fc00::/39"), 141 ), 142 }, 143 }, 144 }) 145 } 146 147 func TestAccComputeV2SecGroup_timeout(t *testing.T) { 148 var secgroup secgroups.SecurityGroup 149 150 resource.Test(t, resource.TestCase{ 151 PreCheck: func() { testAccPreCheck(t) }, 152 Providers: testAccProviders, 153 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 154 Steps: []resource.TestStep{ 155 resource.TestStep{ 156 Config: testAccComputeV2SecGroup_timeout, 157 Check: resource.ComposeTestCheckFunc( 158 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 159 ), 160 }, 161 }, 162 }) 163 } 164 165 func testAccCheckComputeV2SecGroupDestroy(s *terraform.State) error { 166 config := testAccProvider.Meta().(*Config) 167 computeClient, err := config.computeV2Client(OS_REGION_NAME) 168 if err != nil { 169 return fmt.Errorf("Error creating OpenStack compute client: %s", err) 170 } 171 172 for _, rs := range s.RootModule().Resources { 173 if rs.Type != "openstack_compute_secgroup_v2" { 174 continue 175 } 176 177 _, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 178 if err == nil { 179 return fmt.Errorf("Security group still exists") 180 } 181 } 182 183 return nil 184 } 185 186 func testAccCheckComputeV2SecGroupExists(n string, secgroup *secgroups.SecurityGroup) resource.TestCheckFunc { 187 return func(s *terraform.State) error { 188 rs, ok := s.RootModule().Resources[n] 189 if !ok { 190 return fmt.Errorf("Not found: %s", n) 191 } 192 193 if rs.Primary.ID == "" { 194 return fmt.Errorf("No ID is set") 195 } 196 197 config := testAccProvider.Meta().(*Config) 198 computeClient, err := config.computeV2Client(OS_REGION_NAME) 199 if err != nil { 200 return fmt.Errorf("Error creating OpenStack compute client: %s", err) 201 } 202 203 found, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 204 if err != nil { 205 return err 206 } 207 208 if found.ID != rs.Primary.ID { 209 return fmt.Errorf("Security group not found") 210 } 211 212 *secgroup = *found 213 214 return nil 215 } 216 } 217 218 func testAccCheckComputeV2SecGroupRuleCount(secgroup *secgroups.SecurityGroup, count int) resource.TestCheckFunc { 219 return func(s *terraform.State) error { 220 if len(secgroup.Rules) != count { 221 return fmt.Errorf("Security group rule count does not match. Expected %d, got %d", count, len(secgroup.Rules)) 222 } 223 224 return nil 225 } 226 } 227 228 func testAccCheckComputeV2SecGroupGroupIDMatch(sg1, sg2 *secgroups.SecurityGroup) resource.TestCheckFunc { 229 return func(s *terraform.State) error { 230 if len(sg2.Rules) == 1 { 231 if sg1.Name != sg2.Rules[0].Group.Name || sg1.TenantID != sg2.Rules[0].Group.TenantID { 232 return fmt.Errorf("%s was not correctly applied to %s", sg1.Name, sg2.Name) 233 } 234 } else { 235 return fmt.Errorf("%s rule count is incorrect", sg2.Name) 236 } 237 238 return nil 239 } 240 } 241 242 const testAccComputeV2SecGroup_basic_orig = ` 243 resource "openstack_compute_secgroup_v2" "sg_1" { 244 name = "sg_1" 245 description = "first test security group" 246 rule { 247 from_port = 22 248 to_port = 22 249 ip_protocol = "tcp" 250 cidr = "0.0.0.0/0" 251 } 252 rule { 253 from_port = 1 254 to_port = 65535 255 ip_protocol = "udp" 256 cidr = "0.0.0.0/0" 257 } 258 rule { 259 from_port = -1 260 to_port = -1 261 ip_protocol = "icmp" 262 cidr = "0.0.0.0/0" 263 } 264 } 265 ` 266 267 const testAccComputeV2SecGroup_basic_update = ` 268 resource "openstack_compute_secgroup_v2" "sg_1" { 269 name = "sg_1" 270 description = "first test security group" 271 rule { 272 from_port = 2200 273 to_port = 2200 274 ip_protocol = "tcp" 275 cidr = "0.0.0.0/0" 276 } 277 rule { 278 from_port = -1 279 to_port = -1 280 ip_protocol = "icmp" 281 cidr = "0.0.0.0/0" 282 } 283 } 284 ` 285 286 const testAccComputeV2SecGroup_groupID_orig = ` 287 resource "openstack_compute_secgroup_v2" "sg_1" { 288 name = "sg_1" 289 description = "first test security group" 290 rule { 291 from_port = 22 292 to_port = 22 293 ip_protocol = "tcp" 294 cidr = "0.0.0.0/0" 295 } 296 } 297 298 resource "openstack_compute_secgroup_v2" "sg_2" { 299 name = "sg_2" 300 description = "second test security group" 301 rule { 302 from_port = -1 303 to_port = -1 304 ip_protocol = "icmp" 305 cidr = "0.0.0.0/0" 306 } 307 } 308 309 resource "openstack_compute_secgroup_v2" "sg_3" { 310 name = "sg_3" 311 description = "third test security group" 312 rule { 313 from_port = 80 314 to_port = 80 315 ip_protocol = "tcp" 316 from_group_id = "${openstack_compute_secgroup_v2.sg_1.id}" 317 } 318 } 319 ` 320 321 const testAccComputeV2SecGroup_groupID_update = ` 322 resource "openstack_compute_secgroup_v2" "sg_1" { 323 name = "sg_1" 324 description = "first test security group" 325 rule { 326 from_port = 22 327 to_port = 22 328 ip_protocol = "tcp" 329 cidr = "0.0.0.0/0" 330 } 331 } 332 333 resource "openstack_compute_secgroup_v2" "sg_2" { 334 name = "sg_2" 335 description = "second test security group" 336 rule { 337 from_port = -1 338 to_port = -1 339 ip_protocol = "icmp" 340 cidr = "0.0.0.0/0" 341 } 342 } 343 344 resource "openstack_compute_secgroup_v2" "sg_3" { 345 name = "sg_3" 346 description = "third test security group" 347 rule { 348 from_port = 80 349 to_port = 80 350 ip_protocol = "tcp" 351 from_group_id = "${openstack_compute_secgroup_v2.sg_2.id}" 352 } 353 } 354 ` 355 356 const testAccComputeV2SecGroup_self = ` 357 resource "openstack_compute_secgroup_v2" "sg_1" { 358 name = "sg_1" 359 description = "first test security group" 360 rule { 361 from_port = 22 362 to_port = 22 363 ip_protocol = "tcp" 364 self = true 365 } 366 } 367 ` 368 369 const testAccComputeV2SecGroup_icmpZero = ` 370 resource "openstack_compute_secgroup_v2" "sg_1" { 371 name = "sg_1" 372 description = "first test security group" 373 rule { 374 from_port = 0 375 to_port = 0 376 ip_protocol = "icmp" 377 cidr = "0.0.0.0/0" 378 } 379 } 380 ` 381 382 const testAccComputeV2SecGroup_lowerCaseCIDR = ` 383 resource "openstack_compute_secgroup_v2" "sg_1" { 384 name = "sg_1" 385 description = "first test security group" 386 rule { 387 from_port = 0 388 to_port = 0 389 ip_protocol = "icmp" 390 cidr = "2001:558:FC00::/39" 391 } 392 } 393 ` 394 395 const testAccComputeV2SecGroup_timeout = ` 396 resource "openstack_compute_secgroup_v2" "sg_1" { 397 name = "sg_1" 398 description = "first test security group" 399 rule { 400 from_port = 0 401 to_port = 0 402 ip_protocol = "icmp" 403 cidr = "0.0.0.0/0" 404 } 405 406 timeouts { 407 delete = "5m" 408 } 409 } 410 `