github.com/paulmey/terraform@v0.5.2-0.20150519145237-046e9b4c884d/builtin/providers/cloudstack/resource_cloudstack_egress_firewall_test.go (about)

     1  package cloudstack
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  	"testing"
     7  
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/terraform"
    10  	"github.com/xanzy/go-cloudstack/cloudstack"
    11  )
    12  
    13  func TestAccCloudStackEgressFirewall_basic(t *testing.T) {
    14  	resource.Test(t, resource.TestCase{
    15  		PreCheck:     func() { testAccPreCheck(t) },
    16  		Providers:    testAccProviders,
    17  		CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy,
    18  		Steps: []resource.TestStep{
    19  			resource.TestStep{
    20  				Config: testAccCloudStackEgressFirewall_basic,
    21  				Check: resource.ComposeTestCheckFunc(
    22  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    23  					resource.TestCheckResourceAttr(
    24  						"cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1),
    25  					resource.TestCheckResourceAttr(
    26  						"cloudstack_egress_firewall.foo",
    27  						"rule.411689741.source_cidr",
    28  						CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"),
    29  					resource.TestCheckResourceAttr(
    30  						"cloudstack_egress_firewall.foo", "rule.411689741.protocol", "tcp"),
    31  					resource.TestCheckResourceAttr(
    32  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.#", "2"),
    33  					resource.TestCheckResourceAttr(
    34  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1209010669", "1000-2000"),
    35  					resource.TestCheckResourceAttr(
    36  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1889509032", "80"),
    37  				),
    38  			},
    39  		},
    40  	})
    41  }
    42  
    43  func TestAccCloudStackEgressFirewall_update(t *testing.T) {
    44  	resource.Test(t, resource.TestCase{
    45  		PreCheck:     func() { testAccPreCheck(t) },
    46  		Providers:    testAccProviders,
    47  		CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy,
    48  		Steps: []resource.TestStep{
    49  			resource.TestStep{
    50  				Config: testAccCloudStackEgressFirewall_basic,
    51  				Check: resource.ComposeTestCheckFunc(
    52  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    53  					resource.TestCheckResourceAttr(
    54  						"cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1),
    55  					resource.TestCheckResourceAttr(
    56  						"cloudstack_egress_firewall.foo", "rule.#", "1"),
    57  					resource.TestCheckResourceAttr(
    58  						"cloudstack_egress_firewall.foo",
    59  						"rule.411689741.source_cidr",
    60  						CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"),
    61  					resource.TestCheckResourceAttr(
    62  						"cloudstack_egress_firewall.foo", "rule.411689741.protocol", "tcp"),
    63  					resource.TestCheckResourceAttr(
    64  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.#", "2"),
    65  					resource.TestCheckResourceAttr(
    66  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1209010669", "1000-2000"),
    67  					resource.TestCheckResourceAttr(
    68  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1889509032", "80"),
    69  				),
    70  			},
    71  
    72  			resource.TestStep{
    73  				Config: testAccCloudStackEgressFirewall_update,
    74  				Check: resource.ComposeTestCheckFunc(
    75  					testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"),
    76  					resource.TestCheckResourceAttr(
    77  						"cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1),
    78  					resource.TestCheckResourceAttr(
    79  						"cloudstack_egress_firewall.foo", "rule.#", "2"),
    80  					resource.TestCheckResourceAttr(
    81  						"cloudstack_egress_firewall.foo",
    82  						"rule.411689741.source_cidr",
    83  						CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"),
    84  					resource.TestCheckResourceAttr(
    85  						"cloudstack_egress_firewall.foo", "rule.411689741.protocol", "tcp"),
    86  					resource.TestCheckResourceAttr(
    87  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.#", "2"),
    88  					resource.TestCheckResourceAttr(
    89  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1209010669", "1000-2000"),
    90  					resource.TestCheckResourceAttr(
    91  						"cloudstack_egress_firewall.foo", "rule.411689741.ports.1889509032", "80"),
    92  					resource.TestCheckResourceAttr(
    93  						"cloudstack_egress_firewall.foo",
    94  						"rule.845479598.source_cidr",
    95  						CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"),
    96  					resource.TestCheckResourceAttr(
    97  						"cloudstack_egress_firewall.foo", "rule.845479598.protocol", "tcp"),
    98  					resource.TestCheckResourceAttr(
    99  						"cloudstack_egress_firewall.foo", "rule.845479598.ports.#", "1"),
   100  					resource.TestCheckResourceAttr(
   101  						"cloudstack_egress_firewall.foo", "rule.845479598.ports.3638101695", "443"),
   102  				),
   103  			},
   104  		},
   105  	})
   106  }
   107  
   108  func testAccCheckCloudStackEgressFirewallRulesExist(n string) resource.TestCheckFunc {
   109  	return func(s *terraform.State) error {
   110  		rs, ok := s.RootModule().Resources[n]
   111  		if !ok {
   112  			return fmt.Errorf("Not found: %s", n)
   113  		}
   114  
   115  		if rs.Primary.ID == "" {
   116  			return fmt.Errorf("No firewall ID is set")
   117  		}
   118  
   119  		for k, uuid := range rs.Primary.Attributes {
   120  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") {
   121  				continue
   122  			}
   123  
   124  			cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   125  			_, count, err := cs.Firewall.GetEgressFirewallRuleByID(uuid)
   126  
   127  			if err != nil {
   128  				return err
   129  			}
   130  
   131  			if count == 0 {
   132  				return fmt.Errorf("Firewall rule for %s not found", k)
   133  			}
   134  		}
   135  
   136  		return nil
   137  	}
   138  }
   139  
   140  func testAccCheckCloudStackEgressFirewallDestroy(s *terraform.State) error {
   141  	cs := testAccProvider.Meta().(*cloudstack.CloudStackClient)
   142  
   143  	for _, rs := range s.RootModule().Resources {
   144  		if rs.Type != "cloudstack_egress_firewall" {
   145  			continue
   146  		}
   147  
   148  		if rs.Primary.ID == "" {
   149  			return fmt.Errorf("No instance ID is set")
   150  		}
   151  
   152  		for k, uuid := range rs.Primary.Attributes {
   153  			if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") {
   154  				continue
   155  			}
   156  
   157  			p := cs.Firewall.NewDeleteEgressFirewallRuleParams(uuid)
   158  			_, err := cs.Firewall.DeleteEgressFirewallRule(p)
   159  
   160  			if err != nil {
   161  				return err
   162  			}
   163  		}
   164  	}
   165  
   166  	return nil
   167  }
   168  
   169  var testAccCloudStackEgressFirewall_basic = fmt.Sprintf(`
   170  resource "cloudstack_egress_firewall" "foo" {
   171    network = "%s"
   172  
   173    rule {
   174      source_cidr = "%s/32"
   175      protocol = "tcp"
   176      ports = ["80", "1000-2000"]
   177    }
   178  }`,
   179  	CLOUDSTACK_NETWORK_1,
   180  	CLOUDSTACK_NETWORK_1_IPADDRESS)
   181  
   182  var testAccCloudStackEgressFirewall_update = fmt.Sprintf(`
   183  resource "cloudstack_egress_firewall" "foo" {
   184    network = "%s"
   185  
   186    rule {
   187      source_cidr = "%s/32"
   188      protocol = "tcp"
   189      ports = ["80", "1000-2000"]
   190    }
   191  
   192    rule {
   193      source_cidr = "%s/32"
   194      protocol = "tcp"
   195      ports = ["443"]
   196    }
   197  }`,
   198  	CLOUDSTACK_NETWORK_1,
   199  	CLOUDSTACK_NETWORK_1_IPADDRESS,
   200  	CLOUDSTACK_NETWORK_1_IPADDRESS)