github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/openstack/resource_openstack_fw_firewall_v1_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "testing" 6 "time" 7 8 "github.com/gophercloud/gophercloud" 9 "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/firewalls" 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 ) 13 14 func TestAccFWFirewallV1_basic(t *testing.T) { 15 var policyID *string 16 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 Providers: testAccProviders, 20 CheckDestroy: testAccCheckFWFirewallV1Destroy, 21 Steps: []resource.TestStep{ 22 resource.TestStep{ 23 Config: testAccFWFirewallV1_basic_1, 24 Check: resource.ComposeTestCheckFunc( 25 testAccCheckFWFirewallV1("openstack_fw_firewall_v1.fw_1", "", "", policyID), 26 ), 27 }, 28 resource.TestStep{ 29 Config: testAccFWFirewallV1_basic_2, 30 Check: resource.ComposeTestCheckFunc( 31 testAccCheckFWFirewallV1( 32 "openstack_fw_firewall_v1.fw_1", "fw_1", "terraform acceptance test", policyID), 33 ), 34 }, 35 }, 36 }) 37 } 38 39 func TestAccFWFirewallV1_timeout(t *testing.T) { 40 var policyID *string 41 42 resource.Test(t, resource.TestCase{ 43 PreCheck: func() { testAccPreCheck(t) }, 44 Providers: testAccProviders, 45 CheckDestroy: testAccCheckFWFirewallV1Destroy, 46 Steps: []resource.TestStep{ 47 resource.TestStep{ 48 Config: testAccFWFirewallV1_timeout, 49 Check: resource.ComposeTestCheckFunc( 50 testAccCheckFWFirewallV1("openstack_fw_firewall_v1.fw_1", "", "", policyID), 51 ), 52 }, 53 }, 54 }) 55 } 56 57 func TestAccFWFirewallV1_router(t *testing.T) { 58 var firewall Firewall 59 60 resource.Test(t, resource.TestCase{ 61 PreCheck: func() { testAccPreCheck(t) }, 62 Providers: testAccProviders, 63 CheckDestroy: testAccCheckFWFirewallV1Destroy, 64 Steps: []resource.TestStep{ 65 resource.TestStep{ 66 Config: testAccFWFirewallV1_router, 67 Check: resource.ComposeTestCheckFunc( 68 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 69 testAccCheckFWFirewallRouterCount(&firewall, 1), 70 ), 71 }, 72 }, 73 }) 74 } 75 76 func TestAccFWFirewallV1_no_router(t *testing.T) { 77 var firewall Firewall 78 79 resource.Test(t, resource.TestCase{ 80 PreCheck: func() { testAccPreCheck(t) }, 81 Providers: testAccProviders, 82 CheckDestroy: testAccCheckFWFirewallV1Destroy, 83 Steps: []resource.TestStep{ 84 resource.TestStep{ 85 Config: testAccFWFirewallV1_no_router, 86 Check: resource.ComposeTestCheckFunc( 87 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 88 resource.TestCheckResourceAttr("openstack_fw_firewall_v1.fw_1", "description", "firewall router test"), 89 testAccCheckFWFirewallRouterCount(&firewall, 0), 90 ), 91 }, 92 }, 93 }) 94 } 95 96 func TestAccFWFirewallV1_router_update(t *testing.T) { 97 var firewall Firewall 98 99 resource.Test(t, resource.TestCase{ 100 PreCheck: func() { testAccPreCheck(t) }, 101 Providers: testAccProviders, 102 CheckDestroy: testAccCheckFWFirewallV1Destroy, 103 Steps: []resource.TestStep{ 104 resource.TestStep{ 105 Config: testAccFWFirewallV1_router, 106 Check: resource.ComposeTestCheckFunc( 107 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 108 testAccCheckFWFirewallRouterCount(&firewall, 1), 109 ), 110 }, 111 resource.TestStep{ 112 Config: testAccFWFirewallV1_router_add, 113 Check: resource.ComposeTestCheckFunc( 114 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 115 testAccCheckFWFirewallRouterCount(&firewall, 2), 116 ), 117 }, 118 }, 119 }) 120 } 121 122 func TestAccFWFirewallV1_router_remove(t *testing.T) { 123 var firewall Firewall 124 125 resource.Test(t, resource.TestCase{ 126 PreCheck: func() { testAccPreCheck(t) }, 127 Providers: testAccProviders, 128 CheckDestroy: testAccCheckFWFirewallV1Destroy, 129 Steps: []resource.TestStep{ 130 resource.TestStep{ 131 Config: testAccFWFirewallV1_router, 132 Check: resource.ComposeTestCheckFunc( 133 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 134 testAccCheckFWFirewallRouterCount(&firewall, 1), 135 ), 136 }, 137 resource.TestStep{ 138 Config: testAccFWFirewallV1_router_remove, 139 Check: resource.ComposeTestCheckFunc( 140 testAccCheckFWFirewallV1Exists("openstack_fw_firewall_v1.fw_1", &firewall), 141 testAccCheckFWFirewallRouterCount(&firewall, 0), 142 ), 143 }, 144 }, 145 }) 146 } 147 148 func testAccCheckFWFirewallV1Destroy(s *terraform.State) error { 149 config := testAccProvider.Meta().(*Config) 150 networkingClient, err := config.networkingV2Client(OS_REGION_NAME) 151 if err != nil { 152 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 153 } 154 for _, rs := range s.RootModule().Resources { 155 if rs.Type != "openstack_firewall" { 156 continue 157 } 158 159 _, err = firewalls.Get(networkingClient, rs.Primary.ID).Extract() 160 if err == nil { 161 return fmt.Errorf("Firewall (%s) still exists.", rs.Primary.ID) 162 } 163 if _, ok := err.(gophercloud.ErrDefault404); !ok { 164 return err 165 } 166 } 167 return nil 168 } 169 170 func testAccCheckFWFirewallV1Exists(n string, firewall *Firewall) resource.TestCheckFunc { 171 return func(s *terraform.State) error { 172 rs, ok := s.RootModule().Resources[n] 173 if !ok { 174 return fmt.Errorf("Not found: %s", n) 175 } 176 177 if rs.Primary.ID == "" { 178 return fmt.Errorf("No ID is set") 179 } 180 181 config := testAccProvider.Meta().(*Config) 182 networkingClient, err := config.networkingV2Client(OS_REGION_NAME) 183 if err != nil { 184 return fmt.Errorf("Exists) Error creating OpenStack networking client: %s", err) 185 } 186 187 var found Firewall 188 err = firewalls.Get(networkingClient, rs.Primary.ID).ExtractInto(&found) 189 if err != nil { 190 return err 191 } 192 193 if found.ID != rs.Primary.ID { 194 return fmt.Errorf("Firewall not found") 195 } 196 197 *firewall = found 198 199 return nil 200 } 201 } 202 203 func testAccCheckFWFirewallRouterCount(firewall *Firewall, expected int) resource.TestCheckFunc { 204 return func(s *terraform.State) error { 205 if len(firewall.RouterIDs) != expected { 206 return fmt.Errorf("Expected %d Routers, got %d", expected, len(firewall.RouterIDs)) 207 } 208 209 return nil 210 } 211 } 212 213 func testAccCheckFWFirewallV1(n, expectedName, expectedDescription string, policyID *string) resource.TestCheckFunc { 214 return func(s *terraform.State) error { 215 rs, ok := s.RootModule().Resources[n] 216 if !ok { 217 return fmt.Errorf("Not found: %s", n) 218 } 219 220 if rs.Primary.ID == "" { 221 return fmt.Errorf("No ID is set") 222 } 223 224 config := testAccProvider.Meta().(*Config) 225 networkingClient, err := config.networkingV2Client(OS_REGION_NAME) 226 if err != nil { 227 return fmt.Errorf("Exists) Error creating OpenStack networking client: %s", err) 228 } 229 230 var found *firewalls.Firewall 231 for i := 0; i < 5; i++ { 232 // Firewall creation is asynchronous. Retry some times 233 // if we get a 404 error. Fail on any other error. 234 found, err = firewalls.Get(networkingClient, rs.Primary.ID).Extract() 235 if err != nil { 236 if _, ok := err.(gophercloud.ErrDefault404); ok { 237 time.Sleep(time.Second) 238 continue 239 } 240 return err 241 } 242 break 243 } 244 245 switch { 246 case found.Name != expectedName: 247 err = fmt.Errorf("Expected Name to be <%s> but found <%s>", expectedName, found.Name) 248 case found.Description != expectedDescription: 249 err = fmt.Errorf("Expected Description to be <%s> but found <%s>", 250 expectedDescription, found.Description) 251 case found.PolicyID == "": 252 err = fmt.Errorf("Policy should not be empty") 253 case policyID != nil && found.PolicyID == *policyID: 254 err = fmt.Errorf("Policy had not been correctly updated. Went from <%s> to <%s>", 255 expectedName, found.Name) 256 } 257 258 if err != nil { 259 return err 260 } 261 262 policyID = &found.PolicyID 263 264 return nil 265 } 266 } 267 268 const testAccFWFirewallV1_basic_1 = ` 269 resource "openstack_fw_firewall_v1" "fw_1" { 270 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 271 } 272 273 resource "openstack_fw_policy_v1" "policy_1" { 274 name = "policy_1" 275 } 276 ` 277 278 const testAccFWFirewallV1_basic_2 = ` 279 resource "openstack_fw_firewall_v1" "fw_1" { 280 name = "fw_1" 281 description = "terraform acceptance test" 282 policy_id = "${openstack_fw_policy_v1.policy_2.id}" 283 admin_state_up = true 284 } 285 286 resource "openstack_fw_policy_v1" "policy_2" { 287 name = "policy_2" 288 } 289 ` 290 291 const testAccFWFirewallV1_timeout = ` 292 resource "openstack_fw_firewall_v1" "fw_1" { 293 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 294 295 timeouts { 296 create = "5m" 297 update = "5m" 298 delete = "5m" 299 } 300 } 301 302 resource "openstack_fw_policy_v1" "policy_1" { 303 name = "policy_1" 304 } 305 ` 306 307 const testAccFWFirewallV1_router = ` 308 resource "openstack_networking_router_v2" "router_1" { 309 name = "router_1" 310 admin_state_up = "true" 311 distributed = "false" 312 } 313 314 resource "openstack_fw_policy_v1" "policy_1" { 315 name = "policy_1" 316 } 317 318 resource "openstack_fw_firewall_v1" "fw_1" { 319 name = "firewall_1" 320 description = "firewall router test" 321 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 322 associated_routers = ["${openstack_networking_router_v2.router_1.id}"] 323 } 324 ` 325 326 const testAccFWFirewallV1_router_add = ` 327 resource "openstack_networking_router_v2" "router_1" { 328 name = "router_1" 329 admin_state_up = "true" 330 distributed = "false" 331 } 332 333 resource "openstack_networking_router_v2" "router_2" { 334 name = "router_2" 335 admin_state_up = "true" 336 distributed = "false" 337 } 338 339 resource "openstack_fw_policy_v1" "policy_1" { 340 name = "policy_1" 341 } 342 343 resource "openstack_fw_firewall_v1" "fw_1" { 344 name = "firewall_1" 345 description = "firewall router test" 346 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 347 associated_routers = [ 348 "${openstack_networking_router_v2.router_1.id}", 349 "${openstack_networking_router_v2.router_2.id}" 350 ] 351 } 352 ` 353 354 const testAccFWFirewallV1_router_remove = ` 355 resource "openstack_fw_policy_v1" "policy_1" { 356 name = "policy_1" 357 } 358 359 resource "openstack_fw_firewall_v1" "fw_1" { 360 name = "firewall_1" 361 description = "firewall router test" 362 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 363 no_routers = true 364 } 365 ` 366 367 const testAccFWFirewallV1_no_router = ` 368 resource "openstack_fw_policy_v1" "policy_1" { 369 name = "policy_1" 370 } 371 372 resource "openstack_fw_firewall_v1" "fw_1" { 373 name = "firewall_1" 374 description = "firewall router test" 375 policy_id = "${openstack_fw_policy_v1.policy_1.id}" 376 no_routers = true 377 } 378 `