github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/openstack/resource_openstack_fw_rule_v1_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "reflect" 6 "testing" 7 "time" 8 9 "github.com/gophercloud/gophercloud" 10 "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/rules" 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccFWRuleV1_basic(t *testing.T) { 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckFWRuleV1Destroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testFirewallRuleMinimalConfig, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckFWRuleV1Exists( 25 "openstack_fw_rule_v1.accept_test_minimal", 26 &rules.Rule{ 27 Protocol: "udp", 28 Action: "deny", 29 IPVersion: 4, 30 Enabled: true, 31 }), 32 ), 33 }, 34 resource.TestStep{ 35 Config: testFirewallRuleConfig, 36 Check: resource.ComposeTestCheckFunc( 37 testAccCheckFWRuleV1Exists( 38 "openstack_fw_rule_v1.accept_test", 39 &rules.Rule{ 40 Name: "accept_test", 41 Protocol: "udp", 42 Action: "deny", 43 Description: "Terraform accept test", 44 IPVersion: 4, 45 SourceIPAddress: "1.2.3.4", 46 DestinationIPAddress: "4.3.2.0/24", 47 SourcePort: "444", 48 DestinationPort: "555", 49 Enabled: true, 50 }), 51 ), 52 }, 53 resource.TestStep{ 54 Config: testFirewallRuleUpdateAllFieldsConfig, 55 Check: resource.ComposeTestCheckFunc( 56 testAccCheckFWRuleV1Exists( 57 "openstack_fw_rule_v1.accept_test", 58 &rules.Rule{ 59 Name: "accept_test_updated_2", 60 Protocol: "tcp", 61 Action: "allow", 62 Description: "Terraform accept test updated", 63 IPVersion: 4, 64 SourceIPAddress: "1.2.3.0/24", 65 DestinationIPAddress: "4.3.2.8", 66 SourcePort: "666", 67 DestinationPort: "777", 68 Enabled: false, 69 }), 70 ), 71 }, 72 }, 73 }) 74 } 75 76 func TestAccFWRuleV1_anyProtocol(t *testing.T) { 77 resource.Test(t, resource.TestCase{ 78 PreCheck: func() { testAccPreCheck(t) }, 79 Providers: testAccProviders, 80 CheckDestroy: testAccCheckFWRuleV1Destroy, 81 Steps: []resource.TestStep{ 82 resource.TestStep{ 83 Config: testFirewallRuleAnyProtocol, 84 Check: resource.ComposeTestCheckFunc( 85 testAccCheckFWRuleV1Exists( 86 "openstack_fw_rule_v1.rule_1", 87 &rules.Rule{ 88 Name: "rule_1", 89 Description: "Allow any protocol", 90 Protocol: "", 91 Action: "allow", 92 IPVersion: 4, 93 SourceIPAddress: "192.168.199.0/24", 94 Enabled: true, 95 }), 96 ), 97 }, 98 }, 99 }) 100 } 101 102 func testAccCheckFWRuleV1Destroy(s *terraform.State) error { 103 104 config := testAccProvider.Meta().(*Config) 105 networkingClient, err := config.networkingV2Client(OS_REGION_NAME) 106 if err != nil { 107 return fmt.Errorf("(testAccCheckOpenstackFirewallRuleDestroy) Error creating OpenStack networking client: %s", err) 108 } 109 for _, rs := range s.RootModule().Resources { 110 if rs.Type != "openstack_firewall_rule" { 111 continue 112 } 113 _, err = rules.Get(networkingClient, rs.Primary.ID).Extract() 114 if err == nil { 115 return fmt.Errorf("Firewall rule (%s) still exists.", rs.Primary.ID) 116 } 117 if _, ok := err.(gophercloud.ErrDefault404); !ok { 118 return err 119 } 120 } 121 return nil 122 } 123 124 func testAccCheckFWRuleV1Exists(n string, expected *rules.Rule) resource.TestCheckFunc { 125 126 return func(s *terraform.State) error { 127 128 rs, ok := s.RootModule().Resources[n] 129 if !ok { 130 return fmt.Errorf("Not found: %s", n) 131 } 132 133 if rs.Primary.ID == "" { 134 return fmt.Errorf("No ID is set") 135 } 136 137 config := testAccProvider.Meta().(*Config) 138 networkingClient, err := config.networkingV2Client(OS_REGION_NAME) 139 if err != nil { 140 return fmt.Errorf("(testAccCheckFirewallRuleExists) Error creating OpenStack networking client: %s", err) 141 } 142 143 var found *rules.Rule 144 for i := 0; i < 5; i++ { 145 // Firewall rule creation is asynchronous. Retry some times 146 // if we get a 404 error. Fail on any other error. 147 found, err = rules.Get(networkingClient, rs.Primary.ID).Extract() 148 if err != nil { 149 if _, ok := err.(gophercloud.ErrDefault404); ok { 150 time.Sleep(time.Second) 151 continue 152 } 153 return err 154 } 155 break 156 } 157 158 expected.ID = found.ID 159 // Erase the tenant id because we don't want to compare 160 // it as long it is not present in the expected 161 found.TenantID = "" 162 163 if !reflect.DeepEqual(expected, found) { 164 return fmt.Errorf("Expected:\n%#v\nFound:\n%#v", expected, found) 165 } 166 167 return nil 168 } 169 } 170 171 const testFirewallRuleMinimalConfig = ` 172 resource "openstack_fw_rule_v1" "accept_test_minimal" { 173 protocol = "udp" 174 action = "deny" 175 } 176 ` 177 178 const testFirewallRuleConfig = ` 179 resource "openstack_fw_rule_v1" "accept_test" { 180 name = "accept_test" 181 description = "Terraform accept test" 182 protocol = "udp" 183 action = "deny" 184 ip_version = 4 185 source_ip_address = "1.2.3.4" 186 destination_ip_address = "4.3.2.0/24" 187 source_port = "444" 188 destination_port = "555" 189 enabled = true 190 } 191 ` 192 193 const testFirewallRuleUpdateAllFieldsConfig = ` 194 resource "openstack_fw_rule_v1" "accept_test" { 195 name = "accept_test_updated_2" 196 description = "Terraform accept test updated" 197 protocol = "tcp" 198 action = "allow" 199 ip_version = 4 200 source_ip_address = "1.2.3.0/24" 201 destination_ip_address = "4.3.2.8" 202 source_port = "666" 203 destination_port = "777" 204 enabled = false 205 } 206 ` 207 208 const testFirewallRuleAnyProtocol = ` 209 resource "openstack_fw_rule_v1" "rule_1" { 210 name = "rule_1" 211 description = "Allow any protocol" 212 protocol = "any" 213 action = "allow" 214 ip_version = 4 215 source_ip_address = "192.168.199.0/24" 216 enabled = true 217 } 218 `