github.com/ricardclau/terraform@v0.6.17-0.20160519222547-283e3ae6b5a9/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 10 "github.com/rackspace/gophercloud/openstack/compute/v2/extensions/secgroups" 11 ) 12 13 func TestAccComputeV2SecGroup_basic(t *testing.T) { 14 var secgroup secgroups.SecurityGroup 15 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testAccComputeV2SecGroup_basic_orig, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 25 ), 26 }, 27 }, 28 }) 29 } 30 31 func TestAccComputeV2SecGroup_update(t *testing.T) { 32 var secgroup secgroups.SecurityGroup 33 34 resource.Test(t, resource.TestCase{ 35 PreCheck: func() { testAccPreCheck(t) }, 36 Providers: testAccProviders, 37 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 38 Steps: []resource.TestStep{ 39 resource.TestStep{ 40 Config: testAccComputeV2SecGroup_basic_orig, 41 Check: resource.ComposeTestCheckFunc( 42 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 43 ), 44 }, 45 resource.TestStep{ 46 Config: testAccComputeV2SecGroup_basic_update, 47 Check: resource.ComposeTestCheckFunc( 48 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.foo", &secgroup), 49 testAccCheckComputeV2SecGroupRuleCount(t, &secgroup, 2), 50 ), 51 }, 52 }, 53 }) 54 } 55 56 func TestAccComputeV2SecGroup_groupID(t *testing.T) { 57 var secgroup1, secgroup2, secgroup3 secgroups.SecurityGroup 58 59 resource.Test(t, resource.TestCase{ 60 PreCheck: func() { testAccPreCheck(t) }, 61 Providers: testAccProviders, 62 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 63 Steps: []resource.TestStep{ 64 resource.TestStep{ 65 Config: testAccComputeV2SecGroup_groupID_orig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup1), 68 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_2", &secgroup2), 69 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_3", &secgroup3), 70 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup1, &secgroup3), 71 ), 72 }, 73 resource.TestStep{ 74 Config: testAccComputeV2SecGroup_groupID_update, 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup1), 77 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_2", &secgroup2), 78 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_3", &secgroup3), 79 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup2, &secgroup3), 80 ), 81 }, 82 }, 83 }) 84 } 85 86 func TestAccComputeV2SecGroup_self(t *testing.T) { 87 var secgroup secgroups.SecurityGroup 88 89 resource.Test(t, resource.TestCase{ 90 PreCheck: func() { testAccPreCheck(t) }, 91 Providers: testAccProviders, 92 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 93 Steps: []resource.TestStep{ 94 resource.TestStep{ 95 Config: testAccComputeV2SecGroup_self, 96 Check: resource.ComposeTestCheckFunc( 97 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup), 98 testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup, &secgroup), 99 resource.TestCheckResourceAttr( 100 "openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.self", "true"), 101 resource.TestCheckResourceAttr( 102 "openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.from_group_id", ""), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccComputeV2SecGroup_icmpZero(t *testing.T) { 110 var secgroup secgroups.SecurityGroup 111 112 resource.Test(t, resource.TestCase{ 113 PreCheck: func() { testAccPreCheck(t) }, 114 Providers: testAccProviders, 115 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 116 Steps: []resource.TestStep{ 117 resource.TestStep{ 118 Config: testAccComputeV2SecGroup_icmpZero, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup), 121 ), 122 }, 123 }, 124 }) 125 } 126 127 func testAccCheckComputeV2SecGroupDestroy(s *terraform.State) error { 128 config := testAccProvider.Meta().(*Config) 129 computeClient, err := config.computeV2Client(OS_REGION_NAME) 130 if err != nil { 131 return fmt.Errorf("(testAccCheckComputeV2SecGroupDestroy) Error creating OpenStack compute client: %s", err) 132 } 133 134 for _, rs := range s.RootModule().Resources { 135 if rs.Type != "openstack_compute_secgroup_v2" { 136 continue 137 } 138 139 _, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 140 if err == nil { 141 return fmt.Errorf("Security group still exists") 142 } 143 } 144 145 return nil 146 } 147 148 func testAccCheckComputeV2SecGroupExists(t *testing.T, n string, secgroup *secgroups.SecurityGroup) resource.TestCheckFunc { 149 return func(s *terraform.State) error { 150 rs, ok := s.RootModule().Resources[n] 151 if !ok { 152 return fmt.Errorf("Not found: %s", n) 153 } 154 155 if rs.Primary.ID == "" { 156 return fmt.Errorf("No ID is set") 157 } 158 159 config := testAccProvider.Meta().(*Config) 160 computeClient, err := config.computeV2Client(OS_REGION_NAME) 161 if err != nil { 162 return fmt.Errorf("(testAccCheckComputeV2SecGroupExists) Error creating OpenStack compute client: %s", err) 163 } 164 165 found, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 166 if err != nil { 167 return err 168 } 169 170 if found.ID != rs.Primary.ID { 171 return fmt.Errorf("Security group not found") 172 } 173 174 *secgroup = *found 175 176 return nil 177 } 178 } 179 180 func testAccCheckComputeV2SecGroupRuleCount(t *testing.T, secgroup *secgroups.SecurityGroup, count int) resource.TestCheckFunc { 181 return func(s *terraform.State) error { 182 if len(secgroup.Rules) != count { 183 return fmt.Errorf("Security group rule count does not match. Expected %d, got %d", count, len(secgroup.Rules)) 184 } 185 186 return nil 187 } 188 } 189 190 func testAccCheckComputeV2SecGroupGroupIDMatch(t *testing.T, sg1, sg2 *secgroups.SecurityGroup) resource.TestCheckFunc { 191 return func(s *terraform.State) error { 192 if len(sg2.Rules) == 1 { 193 if sg1.Name != sg2.Rules[0].Group.Name || sg1.TenantID != sg2.Rules[0].Group.TenantID { 194 return fmt.Errorf("%s was not correctly applied to %s", sg1.Name, sg2.Name) 195 } 196 } else { 197 return fmt.Errorf("%s rule count is incorrect", sg2.Name) 198 } 199 200 return nil 201 } 202 } 203 204 var testAccComputeV2SecGroup_basic_orig = fmt.Sprintf(` 205 resource "openstack_compute_secgroup_v2" "foo" { 206 name = "test_group_1" 207 description = "first test security group" 208 rule { 209 from_port = 22 210 to_port = 22 211 ip_protocol = "tcp" 212 cidr = "0.0.0.0/0" 213 } 214 rule { 215 from_port = 1 216 to_port = 65535 217 ip_protocol = "udp" 218 cidr = "0.0.0.0/0" 219 } 220 rule { 221 from_port = -1 222 to_port = -1 223 ip_protocol = "icmp" 224 cidr = "0.0.0.0/0" 225 } 226 }`) 227 228 var testAccComputeV2SecGroup_basic_update = fmt.Sprintf(` 229 resource "openstack_compute_secgroup_v2" "foo" { 230 name = "test_group_1" 231 description = "first test security group" 232 rule { 233 from_port = 2200 234 to_port = 2200 235 ip_protocol = "tcp" 236 cidr = "0.0.0.0/0" 237 } 238 rule { 239 from_port = -1 240 to_port = -1 241 ip_protocol = "icmp" 242 cidr = "0.0.0.0/0" 243 } 244 }`) 245 246 var testAccComputeV2SecGroup_groupID_orig = fmt.Sprintf(` 247 resource "openstack_compute_secgroup_v2" "test_group_1" { 248 name = "test_group_1" 249 description = "first test security group" 250 rule { 251 from_port = 22 252 to_port = 22 253 ip_protocol = "tcp" 254 cidr = "0.0.0.0/0" 255 } 256 } 257 258 resource "openstack_compute_secgroup_v2" "test_group_2" { 259 name = "test_group_2" 260 description = "second test security group" 261 rule { 262 from_port = -1 263 to_port = -1 264 ip_protocol = "icmp" 265 cidr = "0.0.0.0/0" 266 } 267 } 268 269 resource "openstack_compute_secgroup_v2" "test_group_3" { 270 name = "test_group_3" 271 description = "third test security group" 272 rule { 273 from_port = 80 274 to_port = 80 275 ip_protocol = "tcp" 276 from_group_id = "${openstack_compute_secgroup_v2.test_group_1.id}" 277 } 278 }`) 279 280 var testAccComputeV2SecGroup_groupID_update = fmt.Sprintf(` 281 resource "openstack_compute_secgroup_v2" "test_group_1" { 282 name = "test_group_1" 283 description = "first test security group" 284 rule { 285 from_port = 22 286 to_port = 22 287 ip_protocol = "tcp" 288 cidr = "0.0.0.0/0" 289 } 290 } 291 292 resource "openstack_compute_secgroup_v2" "test_group_2" { 293 name = "test_group_2" 294 description = "second test security group" 295 rule { 296 from_port = -1 297 to_port = -1 298 ip_protocol = "icmp" 299 cidr = "0.0.0.0/0" 300 } 301 } 302 303 resource "openstack_compute_secgroup_v2" "test_group_3" { 304 name = "test_group_3" 305 description = "third test security group" 306 rule { 307 from_port = 80 308 to_port = 80 309 ip_protocol = "tcp" 310 from_group_id = "${openstack_compute_secgroup_v2.test_group_2.id}" 311 } 312 }`) 313 314 var testAccComputeV2SecGroup_self = fmt.Sprintf(` 315 resource "openstack_compute_secgroup_v2" "test_group_1" { 316 name = "test_group_1" 317 description = "first test security group" 318 rule { 319 from_port = 22 320 to_port = 22 321 ip_protocol = "tcp" 322 self = true 323 } 324 }`) 325 326 var testAccComputeV2SecGroup_icmpZero = fmt.Sprintf(` 327 resource "openstack_compute_secgroup_v2" "test_group_1" { 328 name = "test_group_1" 329 description = "first test security group" 330 rule { 331 from_port = 0 332 to_port = 0 333 ip_protocol = "icmp" 334 cidr = "0.0.0.0/0" 335 } 336 }`)