github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/openstack/resource_openstack_fw_firewall_v1.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "log" 6 "time" 7 8 "github.com/gophercloud/gophercloud" 9 "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/firewalls" 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/helper/schema" 12 ) 13 14 func resourceFWFirewallV1() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceFWFirewallV1Create, 17 Read: resourceFWFirewallV1Read, 18 Update: resourceFWFirewallV1Update, 19 Delete: resourceFWFirewallV1Delete, 20 Importer: &schema.ResourceImporter{ 21 State: schema.ImportStatePassthrough, 22 }, 23 24 Schema: map[string]*schema.Schema{ 25 "region": &schema.Schema{ 26 Type: schema.TypeString, 27 Required: true, 28 ForceNew: true, 29 DefaultFunc: schema.EnvDefaultFunc("OS_REGION_NAME", ""), 30 }, 31 "name": &schema.Schema{ 32 Type: schema.TypeString, 33 Optional: true, 34 }, 35 "description": &schema.Schema{ 36 Type: schema.TypeString, 37 Optional: true, 38 }, 39 "policy_id": &schema.Schema{ 40 Type: schema.TypeString, 41 Required: true, 42 }, 43 "admin_state_up": &schema.Schema{ 44 Type: schema.TypeBool, 45 Optional: true, 46 Computed: true, 47 }, 48 "tenant_id": &schema.Schema{ 49 Type: schema.TypeString, 50 Optional: true, 51 ForceNew: true, 52 Computed: true, 53 }, 54 }, 55 } 56 } 57 58 func resourceFWFirewallV1Create(d *schema.ResourceData, meta interface{}) error { 59 60 config := meta.(*Config) 61 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 62 if err != nil { 63 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 64 } 65 66 adminStateUp := d.Get("admin_state_up").(bool) 67 68 firewallConfiguration := firewalls.CreateOpts{ 69 Name: d.Get("name").(string), 70 Description: d.Get("description").(string), 71 PolicyID: d.Get("policy_id").(string), 72 AdminStateUp: &adminStateUp, 73 TenantID: d.Get("tenant_id").(string), 74 } 75 76 log.Printf("[DEBUG] Create firewall: %#v", firewallConfiguration) 77 78 firewall, err := firewalls.Create(networkingClient, firewallConfiguration).Extract() 79 if err != nil { 80 return err 81 } 82 83 log.Printf("[DEBUG] Firewall created: %#v", firewall) 84 85 stateConf := &resource.StateChangeConf{ 86 Pending: []string{"PENDING_CREATE"}, 87 Target: []string{"ACTIVE"}, 88 Refresh: waitForFirewallActive(networkingClient, firewall.ID), 89 Timeout: 30 * time.Second, 90 Delay: 0, 91 MinTimeout: 2 * time.Second, 92 } 93 94 _, err = stateConf.WaitForState() 95 96 d.SetId(firewall.ID) 97 98 return resourceFWFirewallV1Read(d, meta) 99 } 100 101 func resourceFWFirewallV1Read(d *schema.ResourceData, meta interface{}) error { 102 log.Printf("[DEBUG] Retrieve information about firewall: %s", d.Id()) 103 104 config := meta.(*Config) 105 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 106 if err != nil { 107 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 108 } 109 110 firewall, err := firewalls.Get(networkingClient, d.Id()).Extract() 111 if err != nil { 112 return CheckDeleted(d, err, "firewall") 113 } 114 115 log.Printf("[DEBUG] Read OpenStack Firewall %s: %#v", d.Id(), firewall) 116 117 d.Set("name", firewall.Name) 118 d.Set("description", firewall.Description) 119 d.Set("policy_id", firewall.PolicyID) 120 d.Set("admin_state_up", firewall.AdminStateUp) 121 d.Set("tenant_id", firewall.TenantID) 122 123 return nil 124 } 125 126 func resourceFWFirewallV1Update(d *schema.ResourceData, meta interface{}) error { 127 128 config := meta.(*Config) 129 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 130 if err != nil { 131 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 132 } 133 134 opts := firewalls.UpdateOpts{} 135 136 if d.HasChange("name") { 137 opts.Name = d.Get("name").(string) 138 } 139 140 if d.HasChange("description") { 141 opts.Description = d.Get("description").(string) 142 } 143 144 if d.HasChange("policy_id") { 145 opts.PolicyID = d.Get("policy_id").(string) 146 } 147 148 if d.HasChange("admin_state_up") { 149 adminStateUp := d.Get("admin_state_up").(bool) 150 opts.AdminStateUp = &adminStateUp 151 } 152 153 log.Printf("[DEBUG] Updating firewall with id %s: %#v", d.Id(), opts) 154 155 stateConf := &resource.StateChangeConf{ 156 Pending: []string{"PENDING_CREATE", "PENDING_UPDATE"}, 157 Target: []string{"ACTIVE"}, 158 Refresh: waitForFirewallActive(networkingClient, d.Id()), 159 Timeout: 30 * time.Second, 160 Delay: 0, 161 MinTimeout: 2 * time.Second, 162 } 163 164 _, err = stateConf.WaitForState() 165 166 err = firewalls.Update(networkingClient, d.Id(), opts).Err 167 if err != nil { 168 return err 169 } 170 171 return resourceFWFirewallV1Read(d, meta) 172 } 173 174 func resourceFWFirewallV1Delete(d *schema.ResourceData, meta interface{}) error { 175 log.Printf("[DEBUG] Destroy firewall: %s", d.Id()) 176 177 config := meta.(*Config) 178 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 179 if err != nil { 180 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 181 } 182 183 stateConf := &resource.StateChangeConf{ 184 Pending: []string{"PENDING_CREATE", "PENDING_UPDATE"}, 185 Target: []string{"ACTIVE"}, 186 Refresh: waitForFirewallActive(networkingClient, d.Id()), 187 Timeout: 30 * time.Second, 188 Delay: 0, 189 MinTimeout: 2 * time.Second, 190 } 191 192 _, err = stateConf.WaitForState() 193 194 err = firewalls.Delete(networkingClient, d.Id()).Err 195 196 if err != nil { 197 return err 198 } 199 200 stateConf = &resource.StateChangeConf{ 201 Pending: []string{"DELETING"}, 202 Target: []string{"DELETED"}, 203 Refresh: waitForFirewallDeletion(networkingClient, d.Id()), 204 Timeout: 2 * time.Minute, 205 Delay: 0, 206 MinTimeout: 2 * time.Second, 207 } 208 209 _, err = stateConf.WaitForState() 210 211 return err 212 } 213 214 func waitForFirewallActive(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc { 215 216 return func() (interface{}, string, error) { 217 fw, err := firewalls.Get(networkingClient, id).Extract() 218 log.Printf("[DEBUG] Get firewall %s => %#v", id, fw) 219 220 if err != nil { 221 return nil, "", err 222 } 223 return fw, fw.Status, nil 224 } 225 } 226 227 func waitForFirewallDeletion(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc { 228 229 return func() (interface{}, string, error) { 230 fw, err := firewalls.Get(networkingClient, id).Extract() 231 log.Printf("[DEBUG] Get firewall %s => %#v", id, fw) 232 233 if err != nil { 234 if _, ok := err.(gophercloud.ErrDefault404); ok { 235 log.Printf("[DEBUG] Firewall %s is actually deleted", id) 236 return "", "DELETED", nil 237 } 238 return nil, "", fmt.Errorf("Unexpected error: %s", err) 239 } 240 241 log.Printf("[DEBUG] Firewall %s deletion is pending", id) 242 return fw, "DELETING", nil 243 } 244 }