github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/openstack/compute/v2/extensions/secgroups/requests.go (about) 1 package secgroups 2 3 import ( 4 "time" 5 6 "github.com/opentelekomcloud/gophertelekomcloud" 7 "github.com/opentelekomcloud/gophertelekomcloud/pagination" 8 ) 9 10 func commonList(client *golangsdk.ServiceClient, url string) pagination.Pager { 11 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page { 12 return SecurityGroupPage{pagination.SinglePageBase(r)} 13 }) 14 } 15 16 // List will return a collection of all the security groups for a particular 17 // tenant. 18 func List(client *golangsdk.ServiceClient) pagination.Pager { 19 return commonList(client, rootURL(client)) 20 } 21 22 // ListByServer will return a collection of all the security groups which are 23 // associated with a particular server. 24 func ListByServer(client *golangsdk.ServiceClient, serverID string) pagination.Pager { 25 return commonList(client, listByServerURL(client, serverID)) 26 } 27 28 // GroupOpts is the underlying struct responsible for creating or updating 29 // security groups. It therefore represents the mutable attributes of a 30 // security group. 31 type GroupOpts struct { 32 // the name of your security group. 33 Name string `json:"name" required:"true"` 34 // the description of your security group. 35 Description string `json:"description" required:"true"` 36 } 37 38 // CreateOpts is the struct responsible for creating a security group. 39 type CreateOpts GroupOpts 40 41 // CreateOptsBuilder allows extensions to add additional parameters to the 42 // Create request. 43 type CreateOptsBuilder interface { 44 ToSecGroupCreateMap() (map[string]interface{}, error) 45 } 46 47 // ToSecGroupCreateMap builds a request body from CreateOpts. 48 func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error) { 49 return golangsdk.BuildRequestBody(opts, "security_group") 50 } 51 52 // Create will create a new security group. 53 func Create(client *golangsdk.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 54 b, err := opts.ToSecGroupCreateMap() 55 if err != nil { 56 r.Err = err 57 return 58 } 59 _, r.Err = client.Post(rootURL(client), b, &r.Body, &golangsdk.RequestOpts{ 60 OkCodes: []int{200}, 61 }) 62 return 63 } 64 65 // UpdateOpts is the struct responsible for updating an existing security group. 66 type UpdateOpts GroupOpts 67 68 // UpdateOptsBuilder allows extensions to add additional parameters to the 69 // Update request. 70 type UpdateOptsBuilder interface { 71 ToSecGroupUpdateMap() (map[string]interface{}, error) 72 } 73 74 // ToSecGroupUpdateMap builds a request body from UpdateOpts. 75 func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error) { 76 return golangsdk.BuildRequestBody(opts, "security_group") 77 } 78 79 // Update will modify the mutable properties of a security group, notably its 80 // name and description. 81 func Update(client *golangsdk.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) { 82 b, err := opts.ToSecGroupUpdateMap() 83 if err != nil { 84 r.Err = err 85 return 86 } 87 _, r.Err = client.Put(resourceURL(client, id), b, &r.Body, &golangsdk.RequestOpts{ 88 OkCodes: []int{200}, 89 }) 90 return 91 } 92 93 // Get will return details for a particular security group. 94 func Get(client *golangsdk.ServiceClient, id string) (r GetResult) { 95 _, r.Err = client.Get(resourceURL(client, id), &r.Body, nil) 96 return 97 } 98 99 // Delete will permanently delete a security group from the project. 100 func Delete(client *golangsdk.ServiceClient, id string) (r DeleteResult) { 101 _, r.Err = client.Delete(resourceURL(client, id), nil) 102 return 103 } 104 105 // DeleteWithRetry will try to permanently delete a particular security 106 // group based on its unique ID and RetryTimeout. 107 func DeleteWithRetry(c *golangsdk.ServiceClient, id string, timeout int) error { 108 return golangsdk.WaitFor(timeout, func() (bool, error) { 109 _, err := c.Delete(resourceURL(c, id), nil) 110 if err != nil { 111 if _, ok := err.(golangsdk.ErrDefault400); ok { 112 time.Sleep(10 * time.Second) 113 return false, nil 114 } 115 return false, err 116 } 117 return true, nil 118 }) 119 } 120 121 // CreateRuleOpts represents the configuration for adding a new rule to an 122 // existing security group. 123 type CreateRuleOpts struct { 124 // ID is the ID of the group that this rule will be added to. 125 ParentGroupID string `json:"parent_group_id" required:"true"` 126 127 // FromPort is the lower bound of the port range that will be opened. 128 // Use -1 to allow all ICMP traffic. 129 FromPort int `json:"from_port"` 130 131 // ToPort is the upper bound of the port range that will be opened. 132 // Use -1 to allow all ICMP traffic. 133 ToPort int `json:"to_port"` 134 135 // IPProtocol the protocol type that will be allowed, e.g. TCP. 136 IPProtocol string `json:"ip_protocol" required:"true"` 137 138 // CIDR is the network CIDR to allow traffic from. 139 // This is ONLY required if FromGroupID is blank. This represents the IP 140 // range that will be the source of network traffic to your security group. 141 // Use 0.0.0.0/0 to allow all IP addresses. 142 CIDR string `json:"cidr,omitempty" or:"FromGroupID"` 143 144 // FromGroupID represents another security group to allow access. 145 // This is ONLY required if CIDR is blank. This value represents the ID of a 146 // group that forwards traffic to the parent group. So, instead of accepting 147 // network traffic from an entire IP range, you can instead refine the 148 // inbound source by an existing security group. 149 FromGroupID string `json:"group_id,omitempty" or:"CIDR"` 150 } 151 152 // CreateRuleOptsBuilder allows extensions to add additional parameters to the 153 // CreateRule request. 154 type CreateRuleOptsBuilder interface { 155 ToRuleCreateMap() (map[string]interface{}, error) 156 } 157 158 // ToRuleCreateMap builds a request body from CreateRuleOpts. 159 func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error) { 160 return golangsdk.BuildRequestBody(opts, "security_group_rule") 161 } 162 163 // CreateRule will add a new rule to an existing security group (whose ID is 164 // specified in CreateRuleOpts). You have the option of controlling inbound 165 // traffic from either an IP range (CIDR) or from another security group. 166 func CreateRule(client *golangsdk.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult) { 167 b, err := opts.ToRuleCreateMap() 168 if err != nil { 169 r.Err = err 170 return 171 } 172 _, r.Err = client.Post(rootRuleURL(client), b, &r.Body, &golangsdk.RequestOpts{ 173 OkCodes: []int{200}, 174 }) 175 return 176 } 177 178 // DeleteRule will permanently delete a rule from a security group. 179 func DeleteRule(client *golangsdk.ServiceClient, id string) (r DeleteRuleResult) { 180 _, r.Err = client.Delete(resourceRuleURL(client, id), nil) 181 return 182 } 183 184 func actionMap(prefix, groupName string) map[string]map[string]string { 185 return map[string]map[string]string{ 186 prefix + "SecurityGroup": {"name": groupName}, 187 } 188 } 189 190 // AddServer will associate a server and a security group, enforcing the 191 // rules of the group on the server. 192 func AddServer(client *golangsdk.ServiceClient, serverID, groupName string) (r AddServerResult) { 193 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("add", groupName), nil, nil) 194 return 195 } 196 197 // RemoveServer will disassociate a server from a security group. 198 func RemoveServer(client *golangsdk.ServiceClient, serverID, groupName string) (r RemoveServerResult) { 199 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("remove", groupName), nil, nil) 200 return 201 }