github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 10 "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/secgroups" 11 ) 12 13 func TestAccComputeV2SecGroup_basic(t *testing.T) { 14 var secgroup secgroups.SecurityGroup 15 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testAccComputeV2SecGroup_basic_orig, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 25 ), 26 }, 27 }, 28 }) 29 } 30 31 func TestAccComputeV2SecGroup_update(t *testing.T) { 32 var secgroup secgroups.SecurityGroup 33 34 resource.Test(t, resource.TestCase{ 35 PreCheck: func() { testAccPreCheck(t) }, 36 Providers: testAccProviders, 37 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 38 Steps: []resource.TestStep{ 39 resource.TestStep{ 40 Config: testAccComputeV2SecGroup_basic_orig, 41 Check: resource.ComposeTestCheckFunc( 42 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 43 ), 44 }, 45 resource.TestStep{ 46 Config: testAccComputeV2SecGroup_basic_update, 47 Check: resource.ComposeTestCheckFunc( 48 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 49 testAccCheckComputeV2SecGroupRuleCount(t, &secgroup, 2), 50 ), 51 }, 52 }, 53 }) 54 } 55 56 func TestAccComputeV2SecGroup_groupID(t *testing.T) { 57 var secgroup1, secgroup2, secgroup3 secgroups.SecurityGroup 58 59 resource.Test(t, resource.TestCase{ 60 PreCheck: func() { testAccPreCheck(t) }, 61 Providers: testAccProviders, 62 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 63 Steps: []resource.TestStep{ 64 resource.TestStep{ 65 Config: testAccComputeV2SecGroup_groupID_orig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup1), 68 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_2", &secgroup2), 69 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_3", &secgroup3), 70 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup1, &secgroup3), 71 ), 72 }, 73 resource.TestStep{ 74 Config: testAccComputeV2SecGroup_groupID_update, 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup1), 77 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_2", &secgroup2), 78 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_3", &secgroup3), 79 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup2, &secgroup3), 80 ), 81 }, 82 }, 83 }) 84 } 85 86 func TestAccComputeV2SecGroup_self(t *testing.T) { 87 var secgroup secgroups.SecurityGroup 88 89 resource.Test(t, resource.TestCase{ 90 PreCheck: func() { testAccPreCheck(t) }, 91 Providers: testAccProviders, 92 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 93 Steps: []resource.TestStep{ 94 resource.TestStep{ 95 Config: testAccComputeV2SecGroup_self, 96 Check: resource.ComposeTestCheckFunc( 97 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup), 98 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup, &secgroup), 99 resource.TestCheckResourceAttr( 100 "openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.self", "true"), 101 resource.TestCheckResourceAttr( 102 "openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.from_group_id", ""), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccComputeV2SecGroup_icmpZero(t *testing.T) { 110 var secgroup secgroups.SecurityGroup 111 112 resource.Test(t, resource.TestCase{ 113 PreCheck: func() { testAccPreCheck(t) }, 114 Providers: testAccProviders, 115 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 116 Steps: []resource.TestStep{ 117 resource.TestStep{ 118 Config: testAccComputeV2SecGroup_icmpZero, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup), 121 ), 122 }, 123 }, 124 }) 125 } 126 127 func TestAccComputeV2SecGroup_lowerCaseCIDR(t *testing.T) { 128 var secgroup secgroups.SecurityGroup 129 130 resource.Test(t, resource.TestCase{ 131 PreCheck: func() { testAccPreCheck(t) }, 132 Providers: testAccProviders, 133 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 134 Steps: []resource.TestStep{ 135 resource.TestStep{ 136 Config: testAccComputeV2SecGroup_lowerCaseCIDR, 137 Check: resource.ComposeTestCheckFunc( 138 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup), 139 resource.TestCheckResourceAttr( 140 "openstack_compute_secgroup_v2.test_group_1", "rule.3862435458.cidr", "2001:558:fc00::/39"), 141 ), 142 }, 143 }, 144 }) 145 } 146 147 func testAccCheckComputeV2SecGroupDestroy(s *terraform.State) error { 148 config := testAccProvider.Meta().(*Config) 149 computeClient, err := config.computeV2Client(OS_REGION_NAME) 150 if err != nil { 151 return fmt.Errorf("(testAccCheckComputeV2SecGroupDestroy) Error creating OpenStack compute client: %s", err) 152 } 153 154 for _, rs := range s.RootModule().Resources { 155 if rs.Type != "openstack_compute_secgroup_v2" { 156 continue 157 } 158 159 _, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 160 if err == nil { 161 return fmt.Errorf("Security group still exists") 162 } 163 } 164 165 return nil 166 } 167 168 func testAccCheckComputeV2SecGroupExists(t *testing.T, n string, secgroup *secgroups.SecurityGroup) resource.TestCheckFunc { 169 return func(s *terraform.State) error { 170 rs, ok := s.RootModule().Resources[n] 171 if !ok { 172 return fmt.Errorf("Not found: %s", n) 173 } 174 175 if rs.Primary.ID == "" { 176 return fmt.Errorf("No ID is set") 177 } 178 179 config := testAccProvider.Meta().(*Config) 180 computeClient, err := config.computeV2Client(OS_REGION_NAME) 181 if err != nil { 182 return fmt.Errorf("(testAccCheckComputeV2SecGroupExists) Error creating OpenStack compute client: %s", err) 183 } 184 185 found, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 186 if err != nil { 187 return err 188 } 189 190 if found.ID != rs.Primary.ID { 191 return fmt.Errorf("Security group not found") 192 } 193 194 *secgroup = *found 195 196 return nil 197 } 198 } 199 200 func testAccCheckComputeV2SecGroupRuleCount(t *testing.T, secgroup *secgroups.SecurityGroup, count int) resource.TestCheckFunc { 201 return func(s *terraform.State) error { 202 if len(secgroup.Rules) != count { 203 return fmt.Errorf("Security group rule count does not match. Expected %d, got %d", count, len(secgroup.Rules)) 204 } 205 206 return nil 207 } 208 } 209 210 func testAccCheckComputeV2SecGroupGroupIDMatch(t *testing.T, sg1, sg2 *secgroups.SecurityGroup) resource.TestCheckFunc { 211 return func(s *terraform.State) error { 212 if len(sg2.Rules) == 1 { 213 if sg1.Name != sg2.Rules[0].Group.Name || sg1.TenantID != sg2.Rules[0].Group.TenantID { 214 return fmt.Errorf("%s was not correctly applied to %s", sg1.Name, sg2.Name) 215 } 216 } else { 217 return fmt.Errorf("%s rule count is incorrect", sg2.Name) 218 } 219 220 return nil 221 } 222 } 223 224 var testAccComputeV2SecGroup_basic_orig = fmt.Sprintf(` 225 resource "openstack_compute_secgroup_v2" "foo" { 226 name = "test_group_1" 227 description = "first test security group" 228 rule { 229 from_port = 22 230 to_port = 22 231 ip_protocol = "tcp" 232 cidr = "0.0.0.0/0" 233 } 234 rule { 235 from_port = 1 236 to_port = 65535 237 ip_protocol = "udp" 238 cidr = "0.0.0.0/0" 239 } 240 rule { 241 from_port = -1 242 to_port = -1 243 ip_protocol = "icmp" 244 cidr = "0.0.0.0/0" 245 } 246 }`) 247 248 var testAccComputeV2SecGroup_basic_update = fmt.Sprintf(` 249 resource "openstack_compute_secgroup_v2" "foo" { 250 name = "test_group_1" 251 description = "first test security group" 252 rule { 253 from_port = 2200 254 to_port = 2200 255 ip_protocol = "tcp" 256 cidr = "0.0.0.0/0" 257 } 258 rule { 259 from_port = -1 260 to_port = -1 261 ip_protocol = "icmp" 262 cidr = "0.0.0.0/0" 263 } 264 }`) 265 266 var testAccComputeV2SecGroup_groupID_orig = fmt.Sprintf(` 267 resource "openstack_compute_secgroup_v2" "test_group_1" { 268 name = "test_group_1" 269 description = "first test security group" 270 rule { 271 from_port = 22 272 to_port = 22 273 ip_protocol = "tcp" 274 cidr = "0.0.0.0/0" 275 } 276 } 277 278 resource "openstack_compute_secgroup_v2" "test_group_2" { 279 name = "test_group_2" 280 description = "second test security group" 281 rule { 282 from_port = -1 283 to_port = -1 284 ip_protocol = "icmp" 285 cidr = "0.0.0.0/0" 286 } 287 } 288 289 resource "openstack_compute_secgroup_v2" "test_group_3" { 290 name = "test_group_3" 291 description = "third test security group" 292 rule { 293 from_port = 80 294 to_port = 80 295 ip_protocol = "tcp" 296 from_group_id = "${openstack_compute_secgroup_v2.test_group_1.id}" 297 } 298 }`) 299 300 var testAccComputeV2SecGroup_groupID_update = fmt.Sprintf(` 301 resource "openstack_compute_secgroup_v2" "test_group_1" { 302 name = "test_group_1" 303 description = "first test security group" 304 rule { 305 from_port = 22 306 to_port = 22 307 ip_protocol = "tcp" 308 cidr = "0.0.0.0/0" 309 } 310 } 311 312 resource "openstack_compute_secgroup_v2" "test_group_2" { 313 name = "test_group_2" 314 description = "second test security group" 315 rule { 316 from_port = -1 317 to_port = -1 318 ip_protocol = "icmp" 319 cidr = "0.0.0.0/0" 320 } 321 } 322 323 resource "openstack_compute_secgroup_v2" "test_group_3" { 324 name = "test_group_3" 325 description = "third test security group" 326 rule { 327 from_port = 80 328 to_port = 80 329 ip_protocol = "tcp" 330 from_group_id = "${openstack_compute_secgroup_v2.test_group_2.id}" 331 } 332 }`) 333 334 var testAccComputeV2SecGroup_self = fmt.Sprintf(` 335 resource "openstack_compute_secgroup_v2" "test_group_1" { 336 name = "test_group_1" 337 description = "first test security group" 338 rule { 339 from_port = 22 340 to_port = 22 341 ip_protocol = "tcp" 342 self = true 343 } 344 }`) 345 346 var testAccComputeV2SecGroup_icmpZero = fmt.Sprintf(` 347 resource "openstack_compute_secgroup_v2" "test_group_1" { 348 name = "test_group_1" 349 description = "first test security group" 350 rule { 351 from_port = 0 352 to_port = 0 353 ip_protocol = "icmp" 354 cidr = "0.0.0.0/0" 355 } 356 }`) 357 358 var testAccComputeV2SecGroup_lowerCaseCIDR = fmt.Sprintf(` 359 resource "openstack_compute_secgroup_v2" "test_group_1" { 360 name = "test_group_1" 361 description = "first test security group" 362 rule { 363 from_port = 0 364 to_port = 0 365 ip_protocol = "icmp" 366 cidr = "2001:558:FC00::/39" 367 } 368 }`)