github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/openstack/resource_openstack_fw_firewall_v1.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "log" 6 "time" 7 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/helper/schema" 10 "github.com/rackspace/gophercloud" 11 "github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/firewalls" 12 ) 13 14 func resourceFWFirewallV1() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceFWFirewallV1Create, 17 Read: resourceFWFirewallV1Read, 18 Update: resourceFWFirewallV1Update, 19 Delete: resourceFWFirewallV1Delete, 20 21 Schema: map[string]*schema.Schema{ 22 "region": &schema.Schema{ 23 Type: schema.TypeString, 24 Required: true, 25 ForceNew: true, 26 DefaultFunc: envDefaultFuncAllowMissing("OS_REGION_NAME"), 27 }, 28 "name": &schema.Schema{ 29 Type: schema.TypeString, 30 Optional: true, 31 }, 32 "description": &schema.Schema{ 33 Type: schema.TypeString, 34 Optional: true, 35 }, 36 "policy_id": &schema.Schema{ 37 Type: schema.TypeString, 38 Required: true, 39 }, 40 "admin_state_up": &schema.Schema{ 41 Type: schema.TypeBool, 42 Optional: true, 43 Computed: true, 44 }, 45 "tenant_id": &schema.Schema{ 46 Type: schema.TypeString, 47 Optional: true, 48 ForceNew: true, 49 Computed: true, 50 }, 51 }, 52 } 53 } 54 55 func resourceFWFirewallV1Create(d *schema.ResourceData, meta interface{}) error { 56 57 config := meta.(*Config) 58 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 59 if err != nil { 60 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 61 } 62 63 adminStateUp := d.Get("admin_state_up").(bool) 64 65 firewallConfiguration := firewalls.CreateOpts{ 66 Name: d.Get("name").(string), 67 Description: d.Get("description").(string), 68 PolicyID: d.Get("policy_id").(string), 69 AdminStateUp: &adminStateUp, 70 TenantID: d.Get("tenant_id").(string), 71 } 72 73 log.Printf("[DEBUG] Create firewall: %#v", firewallConfiguration) 74 75 firewall, err := firewalls.Create(networkingClient, firewallConfiguration).Extract() 76 if err != nil { 77 return err 78 } 79 80 log.Printf("[DEBUG] Firewall created: %#v", firewall) 81 82 stateConf := &resource.StateChangeConf{ 83 Pending: []string{"PENDING_CREATE"}, 84 Target: "ACTIVE", 85 Refresh: waitForFirewallActive(networkingClient, firewall.ID), 86 Timeout: 30 * time.Second, 87 Delay: 0, 88 MinTimeout: 2 * time.Second, 89 } 90 91 _, err = stateConf.WaitForState() 92 93 d.SetId(firewall.ID) 94 95 return resourceFWFirewallV1Read(d, meta) 96 } 97 98 func resourceFWFirewallV1Read(d *schema.ResourceData, meta interface{}) error { 99 log.Printf("[DEBUG] Retrieve information about firewall: %s", d.Id()) 100 101 config := meta.(*Config) 102 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 103 if err != nil { 104 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 105 } 106 107 firewall, err := firewalls.Get(networkingClient, d.Id()).Extract() 108 109 if err != nil { 110 return CheckDeleted(d, err, "firewall") 111 } 112 113 d.Set("name", firewall.Name) 114 d.Set("description", firewall.Description) 115 d.Set("policy_id", firewall.PolicyID) 116 d.Set("admin_state_up", firewall.AdminStateUp) 117 d.Set("tenant_id", firewall.TenantID) 118 119 return nil 120 } 121 122 func resourceFWFirewallV1Update(d *schema.ResourceData, meta interface{}) error { 123 124 config := meta.(*Config) 125 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 126 if err != nil { 127 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 128 } 129 130 opts := firewalls.UpdateOpts{} 131 132 if d.HasChange("name") { 133 opts.Name = d.Get("name").(string) 134 } 135 136 if d.HasChange("description") { 137 opts.Description = d.Get("description").(string) 138 } 139 140 if d.HasChange("policy_id") { 141 opts.PolicyID = d.Get("policy_id").(string) 142 } 143 144 if d.HasChange("admin_state_up") { 145 adminStateUp := d.Get("admin_state_up").(bool) 146 opts.AdminStateUp = &adminStateUp 147 } 148 149 log.Printf("[DEBUG] Updating firewall with id %s: %#v", d.Id(), opts) 150 151 stateConf := &resource.StateChangeConf{ 152 Pending: []string{"PENDING_CREATE", "PENDING_UPDATE"}, 153 Target: "ACTIVE", 154 Refresh: waitForFirewallActive(networkingClient, d.Id()), 155 Timeout: 30 * time.Second, 156 Delay: 0, 157 MinTimeout: 2 * time.Second, 158 } 159 160 _, err = stateConf.WaitForState() 161 162 err = firewalls.Update(networkingClient, d.Id(), opts).Err 163 if err != nil { 164 return err 165 } 166 167 return resourceFWFirewallV1Read(d, meta) 168 } 169 170 func resourceFWFirewallV1Delete(d *schema.ResourceData, meta interface{}) error { 171 log.Printf("[DEBUG] Destroy firewall: %s", d.Id()) 172 173 config := meta.(*Config) 174 networkingClient, err := config.networkingV2Client(d.Get("region").(string)) 175 if err != nil { 176 return fmt.Errorf("Error creating OpenStack networking client: %s", err) 177 } 178 179 stateConf := &resource.StateChangeConf{ 180 Pending: []string{"PENDING_CREATE", "PENDING_UPDATE"}, 181 Target: "ACTIVE", 182 Refresh: waitForFirewallActive(networkingClient, d.Id()), 183 Timeout: 30 * time.Second, 184 Delay: 0, 185 MinTimeout: 2 * time.Second, 186 } 187 188 _, err = stateConf.WaitForState() 189 190 err = firewalls.Delete(networkingClient, d.Id()).Err 191 192 if err != nil { 193 return err 194 } 195 196 stateConf = &resource.StateChangeConf{ 197 Pending: []string{"DELETING"}, 198 Target: "DELETED", 199 Refresh: waitForFirewallDeletion(networkingClient, d.Id()), 200 Timeout: 2 * time.Minute, 201 Delay: 0, 202 MinTimeout: 2 * time.Second, 203 } 204 205 _, err = stateConf.WaitForState() 206 207 return err 208 } 209 210 func waitForFirewallActive(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc { 211 212 return func() (interface{}, string, error) { 213 fw, err := firewalls.Get(networkingClient, id).Extract() 214 log.Printf("[DEBUG] Get firewall %s => %#v", id, fw) 215 216 if err != nil { 217 return nil, "", err 218 } 219 return fw, fw.Status, nil 220 } 221 } 222 223 func waitForFirewallDeletion(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc { 224 225 return func() (interface{}, string, error) { 226 fw, err := firewalls.Get(networkingClient, id).Extract() 227 log.Printf("[DEBUG] Get firewall %s => %#v", id, fw) 228 229 if err != nil { 230 httpStatus := err.(*gophercloud.UnexpectedResponseCodeError) 231 log.Printf("[DEBUG] Get firewall %s status is %d", id, httpStatus.Actual) 232 233 if httpStatus.Actual == 404 { 234 log.Printf("[DEBUG] Firewall %s is actually deleted", id) 235 return "", "DELETED", nil 236 } 237 return nil, "", fmt.Errorf("Unexpected status code %d", httpStatus.Actual) 238 } 239 240 log.Printf("[DEBUG] Firewall %s deletion is pending", id) 241 return fw, "DELETING", nil 242 } 243 }