github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/cloudstack/resource_cloudstack_egress_firewall_test.go (about) 1 package cloudstack 2 3 import ( 4 "fmt" 5 "strconv" 6 "strings" 7 "testing" 8 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/helper/schema" 11 "github.com/hashicorp/terraform/terraform" 12 "github.com/xanzy/go-cloudstack/cloudstack" 13 ) 14 15 func TestAccCloudStackEgressFirewall_basic(t *testing.T) { 16 hash := makeTestCloudStackEgressFirewallRuleHash([]interface{}{"1000-2000", "80"}) 17 18 resource.Test(t, resource.TestCase{ 19 PreCheck: func() { testAccPreCheck(t) }, 20 Providers: testAccProviders, 21 CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy, 22 Steps: []resource.TestStep{ 23 resource.TestStep{ 24 Config: testAccCloudStackEgressFirewall_basic, 25 Check: resource.ComposeTestCheckFunc( 26 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 27 resource.TestCheckResourceAttr( 28 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 29 resource.TestCheckResourceAttr( 30 "cloudstack_egress_firewall.foo", 31 "rule."+hash+".source_cidr", 32 CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"), 33 resource.TestCheckResourceAttr( 34 "cloudstack_egress_firewall.foo", "rule."+hash+".protocol", "tcp"), 35 resource.TestCheckResourceAttr( 36 "cloudstack_egress_firewall.foo", "rule."+hash+".ports.#", "2"), 37 resource.TestCheckResourceAttr( 38 "cloudstack_egress_firewall.foo", "rule."+hash+".ports.1209010669", "1000-2000"), 39 resource.TestCheckResourceAttr( 40 "cloudstack_egress_firewall.foo", "rule."+hash+".ports.1889509032", "80"), 41 ), 42 }, 43 }, 44 }) 45 } 46 47 func TestAccCloudStackEgressFirewall_update(t *testing.T) { 48 hash1 := makeTestCloudStackEgressFirewallRuleHash([]interface{}{"1000-2000", "80"}) 49 hash2 := makeTestCloudStackEgressFirewallRuleHash([]interface{}{"443"}) 50 51 resource.Test(t, resource.TestCase{ 52 PreCheck: func() { testAccPreCheck(t) }, 53 Providers: testAccProviders, 54 CheckDestroy: testAccCheckCloudStackEgressFirewallDestroy, 55 Steps: []resource.TestStep{ 56 resource.TestStep{ 57 Config: testAccCloudStackEgressFirewall_basic, 58 Check: resource.ComposeTestCheckFunc( 59 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 60 resource.TestCheckResourceAttr( 61 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 62 resource.TestCheckResourceAttr( 63 "cloudstack_egress_firewall.foo", "rule.#", "1"), 64 resource.TestCheckResourceAttr( 65 "cloudstack_egress_firewall.foo", 66 "rule."+hash1+".source_cidr", 67 CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"), 68 resource.TestCheckResourceAttr( 69 "cloudstack_egress_firewall.foo", "rule."+hash1+".protocol", "tcp"), 70 resource.TestCheckResourceAttr( 71 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.#", "2"), 72 resource.TestCheckResourceAttr( 73 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.1209010669", "1000-2000"), 74 resource.TestCheckResourceAttr( 75 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.1889509032", "80"), 76 ), 77 }, 78 79 resource.TestStep{ 80 Config: testAccCloudStackEgressFirewall_update, 81 Check: resource.ComposeTestCheckFunc( 82 testAccCheckCloudStackEgressFirewallRulesExist("cloudstack_egress_firewall.foo"), 83 resource.TestCheckResourceAttr( 84 "cloudstack_egress_firewall.foo", "network", CLOUDSTACK_NETWORK_1), 85 resource.TestCheckResourceAttr( 86 "cloudstack_egress_firewall.foo", "rule.#", "2"), 87 resource.TestCheckResourceAttr( 88 "cloudstack_egress_firewall.foo", 89 "rule."+hash1+".source_cidr", 90 CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"), 91 resource.TestCheckResourceAttr( 92 "cloudstack_egress_firewall.foo", "rule."+hash1+".protocol", "tcp"), 93 resource.TestCheckResourceAttr( 94 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.#", "2"), 95 resource.TestCheckResourceAttr( 96 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.1209010669", "1000-2000"), 97 resource.TestCheckResourceAttr( 98 "cloudstack_egress_firewall.foo", "rule."+hash1+".ports.1889509032", "80"), 99 resource.TestCheckResourceAttr( 100 "cloudstack_egress_firewall.foo", 101 "rule."+hash2+".source_cidr", 102 CLOUDSTACK_NETWORK_1_IPADDRESS+"/32"), 103 resource.TestCheckResourceAttr( 104 "cloudstack_egress_firewall.foo", "rule."+hash2+".protocol", "tcp"), 105 resource.TestCheckResourceAttr( 106 "cloudstack_egress_firewall.foo", "rule."+hash2+".ports.#", "1"), 107 resource.TestCheckResourceAttr( 108 "cloudstack_egress_firewall.foo", "rule."+hash2+".ports.3638101695", "443"), 109 ), 110 }, 111 }, 112 }) 113 } 114 115 func testAccCheckCloudStackEgressFirewallRulesExist(n string) resource.TestCheckFunc { 116 return func(s *terraform.State) error { 117 rs, ok := s.RootModule().Resources[n] 118 if !ok { 119 return fmt.Errorf("Not found: %s", n) 120 } 121 122 if rs.Primary.ID == "" { 123 return fmt.Errorf("No firewall ID is set") 124 } 125 126 for k, id := range rs.Primary.Attributes { 127 if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") { 128 continue 129 } 130 131 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 132 _, count, err := cs.Firewall.GetEgressFirewallRuleByID(id) 133 134 if err != nil { 135 return err 136 } 137 138 if count == 0 { 139 return fmt.Errorf("Firewall rule for %s not found", k) 140 } 141 } 142 143 return nil 144 } 145 } 146 147 func testAccCheckCloudStackEgressFirewallDestroy(s *terraform.State) error { 148 cs := testAccProvider.Meta().(*cloudstack.CloudStackClient) 149 150 for _, rs := range s.RootModule().Resources { 151 if rs.Type != "cloudstack_egress_firewall" { 152 continue 153 } 154 155 if rs.Primary.ID == "" { 156 return fmt.Errorf("No instance ID is set") 157 } 158 159 for k, id := range rs.Primary.Attributes { 160 if !strings.Contains(k, ".uuids.") || strings.HasSuffix(k, ".uuids.#") { 161 continue 162 } 163 164 _, _, err := cs.Firewall.GetEgressFirewallRuleByID(id) 165 if err == nil { 166 return fmt.Errorf("Egress rule %s still exists", rs.Primary.ID) 167 } 168 } 169 } 170 171 return nil 172 } 173 174 func makeTestCloudStackEgressFirewallRuleHash(ports []interface{}) string { 175 return strconv.Itoa(resourceCloudStackEgressFirewallRuleHash(map[string]interface{}{ 176 "source_cidr": CLOUDSTACK_NETWORK_1_IPADDRESS + "/32", 177 "protocol": "tcp", 178 "ports": schema.NewSet(schema.HashString, ports), 179 "icmp_type": 0, 180 "icmp_code": 0, 181 })) 182 } 183 184 var testAccCloudStackEgressFirewall_basic = fmt.Sprintf(` 185 resource "cloudstack_egress_firewall" "foo" { 186 network = "%s" 187 188 rule { 189 source_cidr = "%s/32" 190 protocol = "tcp" 191 ports = ["80", "1000-2000"] 192 } 193 }`, 194 CLOUDSTACK_NETWORK_1, 195 CLOUDSTACK_NETWORK_1_IPADDRESS) 196 197 var testAccCloudStackEgressFirewall_update = fmt.Sprintf(` 198 resource "cloudstack_egress_firewall" "foo" { 199 network = "%s" 200 201 rule { 202 source_cidr = "%s/32" 203 protocol = "tcp" 204 ports = ["80", "1000-2000"] 205 } 206 207 rule { 208 source_cidr = "%s/32" 209 protocol = "tcp" 210 ports = ["443"] 211 } 212 }`, 213 CLOUDSTACK_NETWORK_1, 214 CLOUDSTACK_NETWORK_1_IPADDRESS, 215 CLOUDSTACK_NETWORK_1_IPADDRESS)