github.com/simonswine/terraform@v0.9.0-beta2/builtin/providers/openstack/resource_openstack_networking_secgroup_v2.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "log" 6 "time" 7 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/helper/schema" 10 11 "github.com/gophercloud/gophercloud" 12 "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/groups" 13 "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules" 14 ) 15 16 func resourceNetworkingSecGroupV2() *schema.Resource { 17 return &schema.Resource{ 18 Create: resourceNetworkingSecGroupV2Create, 19 Read: resourceNetworkingSecGroupV2Read, 20 Delete: resourceNetworkingSecGroupV2Delete, 21 Importer: &schema.ResourceImporter{ 22 State: schema.ImportStatePassthrough, 23 }, 24 25 Schema: map[string]*schema.Schema{ 26 "region": &schema.Schema{ 27 Type: schema.TypeString, 28 Required: true, 29 ForceNew: true, 30 DefaultFunc: schema.EnvDefaultFunc("OS_REGION_NAME", ""), 31 }, 32 "name": &schema.Schema{ 33 Type: schema.TypeString, 34 Required: true, 35 ForceNew: true, 36 }, 37 "description": &schema.Schema{ 38 Type: schema.TypeString, 39 Optional: true, 40 ForceNew: true, 41 Computed: true, 42 }, 43 "tenant_id": &schema.Schema{ 44 Type: schema.TypeString, 45 Optional: true, 46 ForceNew: true, 47 Computed: true, 48 }, 49 }, 50 } 51 } 52 53 func resourceNetworkingSecGroupV2Create(d *schema.ResourceData, meta interface{}) error { 54 55 config := meta.(*Config) 56 networkingClient, err := config.networkingV2Client(GetRegion(d)) 57 if err != nil { 58 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 59 } 60 61 opts := groups.CreateOpts{ 62 Name: d.Get("name").(string), 63 Description: d.Get("description").(string), 64 TenantID: d.Get("tenant_id").(string), 65 } 66 67 log.Printf("[DEBUG] Create OpenStack Neutron Security Group: %#v", opts) 68 69 security_group, err := groups.Create(networkingClient, opts).Extract() 70 if err != nil { 71 return err 72 } 73 74 // Remove the default rules 75 for _, rule := range security_group.Rules { 76 if err := rules.Delete(networkingClient, rule.ID).ExtractErr(); err != nil { 77 return fmt.Errorf( 78 "There was a problem deleting a default security group rule: %s", err) 79 } 80 } 81 82 log.Printf("[DEBUG] OpenStack Neutron Security Group created: %#v", security_group) 83 84 d.SetId(security_group.ID) 85 86 return resourceNetworkingSecGroupV2Read(d, meta) 87 } 88 89 func resourceNetworkingSecGroupV2Read(d *schema.ResourceData, meta interface{}) error { 90 log.Printf("[DEBUG] Retrieve information about security group: %s", d.Id()) 91 92 config := meta.(*Config) 93 networkingClient, err := config.networkingV2Client(GetRegion(d)) 94 if err != nil { 95 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 96 } 97 98 security_group, err := groups.Get(networkingClient, d.Id()).Extract() 99 100 if err != nil { 101 return CheckDeleted(d, err, "OpenStack Neutron Security group") 102 } 103 104 d.Set("description", security_group.Description) 105 d.Set("tenant_id", security_group.TenantID) 106 d.Set("name", security_group.Name) 107 d.Set("region", GetRegion(d)) 108 109 return nil 110 } 111 112 func resourceNetworkingSecGroupV2Delete(d *schema.ResourceData, meta interface{}) error { 113 log.Printf("[DEBUG] Destroy security group: %s", d.Id()) 114 115 config := meta.(*Config) 116 networkingClient, err := config.networkingV2Client(GetRegion(d)) 117 if err != nil { 118 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 119 } 120 121 stateConf := &resource.StateChangeConf{ 122 Pending: []string{"ACTIVE"}, 123 Target: []string{"DELETED"}, 124 Refresh: waitForSecGroupDelete(networkingClient, d.Id()), 125 Timeout: 2 * time.Minute, 126 Delay: 5 * time.Second, 127 MinTimeout: 3 * time.Second, 128 } 129 130 _, err = stateConf.WaitForState() 131 if err != nil { 132 return fmt.Errorf("Error deleting OpenStack Neutron Security Group: %s", err) 133 } 134 135 d.SetId("") 136 return err 137 } 138 139 func waitForSecGroupDelete(networkingClient *gophercloud.ServiceClient, secGroupId string) resource.StateRefreshFunc { 140 return func() (interface{}, string, error) { 141 log.Printf("[DEBUG] Attempting to delete OpenStack Security Group %s.\n", secGroupId) 142 143 r, err := groups.Get(networkingClient, secGroupId).Extract() 144 if err != nil { 145 if _, ok := err.(gophercloud.ErrDefault404); ok { 146 log.Printf("[DEBUG] Successfully deleted OpenStack Neutron Security Group %s", secGroupId) 147 return r, "DELETED", nil 148 } 149 return r, "ACTIVE", err 150 } 151 152 err = groups.Delete(networkingClient, secGroupId).ExtractErr() 153 if err != nil { 154 if _, ok := err.(gophercloud.ErrDefault404); ok { 155 log.Printf("[DEBUG] Successfully deleted OpenStack Neutron Security Group %s", secGroupId) 156 return r, "DELETED", nil 157 } 158 return r, "ACTIVE", err 159 } 160 161 log.Printf("[DEBUG] OpenStack Neutron Security Group %s still active.\n", secGroupId) 162 return r, "ACTIVE", nil 163 } 164 }