github.com/ezbercih/terraform@v0.1.1-0.20140729011846-3c33865e0839/builtin/providers/aws/resource_aws_security_group_test.go

github.com/ezbercih/terraform@v0.1.1-0.20140729011846-3c33865e0839/builtin/providers/aws/resource_aws_security_group_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"reflect"
     6  	"testing"
     7  
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/terraform"
    10  	"github.com/mitchellh/goamz/ec2"
    11  )
    12  
    13  func TestAccAWSSecurityGroup_normal(t *testing.T) {
    14  	var group ec2.SecurityGroupInfo
    15  
    16  	resource.Test(t, resource.TestCase{
    17  		PreCheck:     func() { testAccPreCheck(t) },
    18  		Providers:    testAccProviders,
    19  		CheckDestroy: testAccCheckAWSSecurityGroupDestroy,
    20  		Steps: []resource.TestStep{
    21  			resource.TestStep{
    22  				Config: testAccAWSSecurityGroupConfig,
    23  				Check: resource.ComposeTestCheckFunc(
    24  					testAccCheckAWSSecurityGroupExists("aws_security_group.web", &group),
    25  					testAccCheckAWSSecurityGroupAttributes(&group),
    26  					resource.TestCheckResourceAttr(
    27  						"aws_security_group.web", "name", "terraform_acceptance_test_example"),
    28  					resource.TestCheckResourceAttr(
    29  						"aws_security_group.web", "description", "Used in the terraform acceptance tests"),
    30  					resource.TestCheckResourceAttr(
    31  						"aws_security_group.web", "ingress.0.protocol", "tcp"),
    32  					resource.TestCheckResourceAttr(
    33  						"aws_security_group.web", "ingress.0.from_port", "80"),
    34  					resource.TestCheckResourceAttr(
    35  						"aws_security_group.web", "ingress.0.to_port", "8000"),
    36  					resource.TestCheckResourceAttr(
    37  						"aws_security_group.web", "ingress.0.cidr_blocks.#", "1"),
    38  					resource.TestCheckResourceAttr(
    39  						"aws_security_group.web", "ingress.0.cidr_blocks.0", "10.0.0.0/8"),
    40  				),
    41  			},
    42  		},
    43  	})
    44  }
    45  
    46  func TestAccAWSSecurityGroup_vpc(t *testing.T) {
    47  	var group ec2.SecurityGroupInfo
    48  
    49  	testCheck := func(*terraform.State) error {
    50  		if group.VpcId == "" {
    51  			return fmt.Errorf("should have vpc ID")
    52  		}
    53  
    54  		return nil
    55  	}
    56  
    57  	resource.Test(t, resource.TestCase{
    58  		PreCheck:     func() { testAccPreCheck(t) },
    59  		Providers:    testAccProviders,
    60  		CheckDestroy: testAccCheckAWSSecurityGroupDestroy,
    61  		Steps: []resource.TestStep{
    62  			resource.TestStep{
    63  				Config: testAccAWSSecurityGroupConfigVpc,
    64  				Check: resource.ComposeTestCheckFunc(
    65  					testAccCheckAWSSecurityGroupExists("aws_security_group.web", &group),
    66  					testAccCheckAWSSecurityGroupAttributes(&group),
    67  					resource.TestCheckResourceAttr(
    68  						"aws_security_group.web", "name", "terraform_acceptance_test_example"),
    69  					resource.TestCheckResourceAttr(
    70  						"aws_security_group.web", "description", "Used in the terraform acceptance tests"),
    71  					resource.TestCheckResourceAttr(
    72  						"aws_security_group.web", "ingress.0.protocol", "tcp"),
    73  					resource.TestCheckResourceAttr(
    74  						"aws_security_group.web", "ingress.0.from_port", "80"),
    75  					resource.TestCheckResourceAttr(
    76  						"aws_security_group.web", "ingress.0.to_port", "8000"),
    77  					resource.TestCheckResourceAttr(
    78  						"aws_security_group.web", "ingress.0.cidr_blocks.#", "1"),
    79  					resource.TestCheckResourceAttr(
    80  						"aws_security_group.web", "ingress.0.cidr_blocks.0", "10.0.0.0/8"),
    81  					testCheck,
    82  				),
    83  			},
    84  		},
    85  	})
    86  }
    87  
    88  func testAccCheckAWSSecurityGroupDestroy(s *terraform.State) error {
    89  	conn := testAccProvider.ec2conn
    90  
    91  	for _, rs := range s.Resources {
    92  		if rs.Type != "aws_security_group" {
    93  			continue
    94  		}
    95  
    96  		sgs := []ec2.SecurityGroup{
    97  			ec2.SecurityGroup{
    98  				Id: rs.ID,
    99  			},
   100  		}
   101  
   102  		// Retrieve our group
   103  		resp, err := conn.SecurityGroups(sgs, nil)
   104  		if err == nil {
   105  			if len(resp.Groups) > 0 && resp.Groups[0].Id == rs.ID {
   106  				return fmt.Errorf("Security Group (%s) still exists.", rs.ID)
   107  			}
   108  
   109  			return nil
   110  		}
   111  
   112  		ec2err, ok := err.(*ec2.Error)
   113  		if !ok {
   114  			return err
   115  		}
   116  		// Confirm error code is what we want
   117  		if ec2err.Code != "InvalidGroup.NotFound" {
   118  			return err
   119  		}
   120  	}
   121  
   122  	return nil
   123  }
   124  
   125  func testAccCheckAWSSecurityGroupExists(n string, group *ec2.SecurityGroupInfo) resource.TestCheckFunc {
   126  	return func(s *terraform.State) error {
   127  		rs, ok := s.Resources[n]
   128  		if !ok {
   129  			return fmt.Errorf("Not found: %s", n)
   130  		}
   131  
   132  		if rs.ID == "" {
   133  			return fmt.Errorf("No Security Group is set")
   134  		}
   135  
   136  		conn := testAccProvider.ec2conn
   137  		sgs := []ec2.SecurityGroup{
   138  			ec2.SecurityGroup{
   139  				Id: rs.ID,
   140  			},
   141  		}
   142  		resp, err := conn.SecurityGroups(sgs, nil)
   143  		if err != nil {
   144  			return err
   145  		}
   146  
   147  		if len(resp.Groups) > 0 && resp.Groups[0].Id == rs.ID {
   148  
   149  			*group = resp.Groups[0]
   150  
   151  			return nil
   152  		} else {
   153  			return fmt.Errorf("Security Group not found")
   154  		}
   155  
   156  		return nil
   157  	}
   158  }
   159  
   160  func testAccCheckAWSSecurityGroupAttributes(group *ec2.SecurityGroupInfo) resource.TestCheckFunc {
   161  	return func(s *terraform.State) error {
   162  		p := ec2.IPPerm{
   163  			FromPort:  80,
   164  			ToPort:    8000,
   165  			Protocol:  "tcp",
   166  			SourceIPs: []string{"10.0.0.0/8"},
   167  		}
   168  
   169  		if group.Name != "terraform_acceptance_test_example" {
   170  			return fmt.Errorf("Bad name: %s", group.Name)
   171  		}
   172  
   173  		if group.Description != "Used in the terraform acceptance tests" {
   174  			return fmt.Errorf("Bad description: %s", group.Description)
   175  		}
   176  
   177  		// Compare our ingress
   178  		if !reflect.DeepEqual(group.IPPerms[0], p) {
   179  			return fmt.Errorf(
   180  				"Got:\n\n%#v\n\nExpected:\n\n%#v\n",
   181  				group.IPPerms[0],
   182  				p)
   183  		}
   184  
   185  		return nil
   186  	}
   187  }
   188  
   189  const testAccAWSSecurityGroupConfig = `
   190  resource "aws_security_group" "web" {
   191      name = "terraform_acceptance_test_example"
   192      description = "Used in the terraform acceptance tests"
   193  
   194      ingress {
   195          protocol = "tcp"
   196          from_port = 80
   197          to_port = 8000
   198          cidr_blocks = ["10.0.0.0/8"]
   199      }
   200  }
   201  `
   202  
   203  const testAccAWSSecurityGroupConfigVpc = `
   204  resource "aws_vpc" "foo" {
   205  	cidr_block = "10.1.0.0/16"
   206  }
   207  
   208  resource "aws_security_group" "web" {
   209      name = "terraform_acceptance_test_example"
   210      description = "Used in the terraform acceptance tests"
   211  	vpc_id = "${aws_vpc.foo.id}"
   212  
   213      ingress {
   214          protocol = "tcp"
   215          from_port = 80
   216          to_port = 8000
   217          cidr_blocks = ["10.0.0.0/8"]
   218      }
   219  }
   220  `