github.com/vnpaycloud-console/gophercloud/v2@v2.0.5/openstack/compute/v2/secgroups/requests.go (about) 1 package secgroups 2 3 import ( 4 "context" 5 6 "github.com/vnpaycloud-console/gophercloud/v2" 7 "github.com/vnpaycloud-console/gophercloud/v2/pagination" 8 ) 9 10 func commonList(client *gophercloud.ServiceClient, url string) pagination.Pager { 11 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page { 12 return SecurityGroupPage{pagination.SinglePageBase(r)} 13 }) 14 } 15 16 // List will return a collection of all the security groups for a particular 17 // tenant. 18 func List(client *gophercloud.ServiceClient) pagination.Pager { 19 return commonList(client, rootURL(client)) 20 } 21 22 // ListByServer will return a collection of all the security groups which are 23 // associated with a particular server. 24 func ListByServer(client *gophercloud.ServiceClient, serverID string) pagination.Pager { 25 return commonList(client, listByServerURL(client, serverID)) 26 } 27 28 // CreateOpts is the struct responsible for creating a security group. 29 type CreateOpts struct { 30 // the name of your security group. 31 Name string `json:"name" required:"true"` 32 // the description of your security group. 33 Description string `json:"description,omitempty"` 34 } 35 36 // CreateOptsBuilder allows extensions to add additional parameters to the 37 // Create request. 38 type CreateOptsBuilder interface { 39 ToSecGroupCreateMap() (map[string]any, error) 40 } 41 42 // ToSecGroupCreateMap builds a request body from CreateOpts. 43 func (opts CreateOpts) ToSecGroupCreateMap() (map[string]any, error) { 44 return gophercloud.BuildRequestBody(opts, "security_group") 45 } 46 47 // Create will create a new security group. 48 func Create(ctx context.Context, client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) { 49 b, err := opts.ToSecGroupCreateMap() 50 if err != nil { 51 r.Err = err 52 return 53 } 54 resp, err := client.Post(ctx, rootURL(client), b, &r.Body, &gophercloud.RequestOpts{ 55 OkCodes: []int{200}, 56 }) 57 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 58 return 59 } 60 61 // UpdateOpts is the struct responsible for updating an existing security group. 62 type UpdateOpts struct { 63 // the name of your security group. 64 Name string `json:"name,omitempty"` 65 // the description of your security group. 66 Description *string `json:"description,omitempty"` 67 } 68 69 // UpdateOptsBuilder allows extensions to add additional parameters to the 70 // Update request. 71 type UpdateOptsBuilder interface { 72 ToSecGroupUpdateMap() (map[string]any, error) 73 } 74 75 // ToSecGroupUpdateMap builds a request body from UpdateOpts. 76 func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]any, error) { 77 return gophercloud.BuildRequestBody(opts, "security_group") 78 } 79 80 // Update will modify the mutable properties of a security group, notably its 81 // name and description. 82 func Update(ctx context.Context, client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) { 83 b, err := opts.ToSecGroupUpdateMap() 84 if err != nil { 85 r.Err = err 86 return 87 } 88 resp, err := client.Put(ctx, resourceURL(client, id), b, &r.Body, &gophercloud.RequestOpts{ 89 OkCodes: []int{200}, 90 }) 91 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 92 return 93 } 94 95 // Get will return details for a particular security group. 96 func Get(ctx context.Context, client *gophercloud.ServiceClient, id string) (r GetResult) { 97 resp, err := client.Get(ctx, resourceURL(client, id), &r.Body, nil) 98 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 99 return 100 } 101 102 // Delete will permanently delete a security group from the project. 103 func Delete(ctx context.Context, client *gophercloud.ServiceClient, id string) (r DeleteResult) { 104 resp, err := client.Delete(ctx, resourceURL(client, id), nil) 105 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 106 return 107 } 108 109 // CreateRuleOpts represents the configuration for adding a new rule to an 110 // existing security group. 111 type CreateRuleOpts struct { 112 // ID is the ID of the group that this rule will be added to. 113 ParentGroupID string `json:"parent_group_id" required:"true"` 114 115 // FromPort is the lower bound of the port range that will be opened. 116 // Use -1 to allow all ICMP traffic. 117 FromPort int `json:"from_port"` 118 119 // ToPort is the upper bound of the port range that will be opened. 120 // Use -1 to allow all ICMP traffic. 121 ToPort int `json:"to_port"` 122 123 // IPProtocol the protocol type that will be allowed, e.g. TCP. 124 IPProtocol string `json:"ip_protocol" required:"true"` 125 126 // CIDR is the network CIDR to allow traffic from. 127 // This is ONLY required if FromGroupID is blank. This represents the IP 128 // range that will be the source of network traffic to your security group. 129 // Use 0.0.0.0/0 to allow all IP addresses. 130 CIDR string `json:"cidr,omitempty" or:"FromGroupID"` 131 132 // FromGroupID represents another security group to allow access. 133 // This is ONLY required if CIDR is blank. This value represents the ID of a 134 // group that forwards traffic to the parent group. So, instead of accepting 135 // network traffic from an entire IP range, you can instead refine the 136 // inbound source by an existing security group. 137 FromGroupID string `json:"group_id,omitempty" or:"CIDR"` 138 } 139 140 // CreateRuleOptsBuilder allows extensions to add additional parameters to the 141 // CreateRule request. 142 type CreateRuleOptsBuilder interface { 143 ToRuleCreateMap() (map[string]any, error) 144 } 145 146 // ToRuleCreateMap builds a request body from CreateRuleOpts. 147 func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]any, error) { 148 return gophercloud.BuildRequestBody(opts, "security_group_rule") 149 } 150 151 // CreateRule will add a new rule to an existing security group (whose ID is 152 // specified in CreateRuleOpts). You have the option of controlling inbound 153 // traffic from either an IP range (CIDR) or from another security group. 154 func CreateRule(ctx context.Context, client *gophercloud.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult) { 155 b, err := opts.ToRuleCreateMap() 156 if err != nil { 157 r.Err = err 158 return 159 } 160 resp, err := client.Post(ctx, rootRuleURL(client), b, &r.Body, &gophercloud.RequestOpts{ 161 OkCodes: []int{200}, 162 }) 163 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 164 return 165 } 166 167 // DeleteRule will permanently delete a rule from a security group. 168 func DeleteRule(ctx context.Context, client *gophercloud.ServiceClient, id string) (r DeleteRuleResult) { 169 resp, err := client.Delete(ctx, resourceRuleURL(client, id), nil) 170 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 171 return 172 } 173 174 func actionMap(prefix, groupName string) map[string]map[string]string { 175 return map[string]map[string]string{ 176 prefix + "SecurityGroup": {"name": groupName}, 177 } 178 } 179 180 // AddServer will associate a server and a security group, enforcing the 181 // rules of the group on the server. 182 func AddServer(ctx context.Context, client *gophercloud.ServiceClient, serverID, groupName string) (r AddServerResult) { 183 resp, err := client.Post(ctx, serverActionURL(client, serverID), actionMap("add", groupName), nil, nil) 184 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 185 return 186 } 187 188 // RemoveServer will disassociate a server from a security group. 189 func RemoveServer(ctx context.Context, client *gophercloud.ServiceClient, serverID, groupName string) (r RemoveServerResult) { 190 resp, err := client.Post(ctx, serverActionURL(client, serverID), actionMap("remove", groupName), nil, nil) 191 _, r.Header, r.Err = gophercloud.ParseResponse(resp, err) 192 return 193 }