github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go (about) 1 package openstack 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 10 "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/secgroups" 11 ) 12 13 func TestAccComputeV2SecGroup_basic(t *testing.T) { 14 var secgroup secgroups.SecurityGroup 15 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testAccComputeV2SecGroup_basic_orig, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 25 ), 26 }, 27 }, 28 }) 29 } 30 31 func TestAccComputeV2SecGroup_update(t *testing.T) { 32 var secgroup secgroups.SecurityGroup 33 34 resource.Test(t, resource.TestCase{ 35 PreCheck: func() { testAccPreCheck(t) }, 36 Providers: testAccProviders, 37 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 38 Steps: []resource.TestStep{ 39 resource.TestStep{ 40 Config: testAccComputeV2SecGroup_basic_orig, 41 Check: resource.ComposeTestCheckFunc( 42 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 43 ), 44 }, 45 resource.TestStep{ 46 Config: testAccComputeV2SecGroup_basic_update, 47 Check: resource.ComposeTestCheckFunc( 48 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 49 testAccCheckComputeV2SecGroupRuleCount(&secgroup, 2), 50 ), 51 }, 52 }, 53 }) 54 } 55 56 func TestAccComputeV2SecGroup_groupID(t *testing.T) { 57 var secgroup1, secgroup2, secgroup3 secgroups.SecurityGroup 58 59 resource.Test(t, resource.TestCase{ 60 PreCheck: func() { testAccPreCheck(t) }, 61 Providers: testAccProviders, 62 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 63 Steps: []resource.TestStep{ 64 resource.TestStep{ 65 Config: testAccComputeV2SecGroup_groupID_orig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup1), 68 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_2", &secgroup2), 69 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_3", &secgroup3), 70 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup1, &secgroup3), 71 ), 72 }, 73 resource.TestStep{ 74 Config: testAccComputeV2SecGroup_groupID_update, 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup1), 77 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_2", &secgroup2), 78 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_3", &secgroup3), 79 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup2, &secgroup3), 80 ), 81 }, 82 }, 83 }) 84 } 85 86 func TestAccComputeV2SecGroup_self(t *testing.T) { 87 var secgroup secgroups.SecurityGroup 88 89 resource.Test(t, resource.TestCase{ 90 PreCheck: func() { testAccPreCheck(t) }, 91 Providers: testAccProviders, 92 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 93 Steps: []resource.TestStep{ 94 resource.TestStep{ 95 Config: testAccComputeV2SecGroup_self, 96 Check: resource.ComposeTestCheckFunc( 97 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 98 testAccCheckComputeV2SecGroupGroupIDMatch(&secgroup, &secgroup), 99 resource.TestCheckResourceAttr( 100 "openstack_compute_secgroup_v2.sg_1", "rule.3170486100.self", "true"), 101 resource.TestCheckResourceAttr( 102 "openstack_compute_secgroup_v2.sg_1", "rule.3170486100.from_group_id", ""), 103 ), 104 }, 105 }, 106 }) 107 } 108 109 func TestAccComputeV2SecGroup_icmpZero(t *testing.T) { 110 var secgroup secgroups.SecurityGroup 111 112 resource.Test(t, resource.TestCase{ 113 PreCheck: func() { testAccPreCheck(t) }, 114 Providers: testAccProviders, 115 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 116 Steps: []resource.TestStep{ 117 resource.TestStep{ 118 Config: testAccComputeV2SecGroup_icmpZero, 119 Check: resource.ComposeTestCheckFunc( 120 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 121 ), 122 }, 123 }, 124 }) 125 } 126 127 func TestAccComputeV2SecGroup_lowerCaseCIDR(t *testing.T) { 128 var secgroup secgroups.SecurityGroup 129 130 resource.Test(t, resource.TestCase{ 131 PreCheck: func() { testAccPreCheck(t) }, 132 Providers: testAccProviders, 133 CheckDestroy: testAccCheckComputeV2SecGroupDestroy, 134 Steps: []resource.TestStep{ 135 resource.TestStep{ 136 Config: testAccComputeV2SecGroup_lowerCaseCIDR, 137 Check: resource.ComposeTestCheckFunc( 138 testAccCheckComputeV2SecGroupExists("openstack_compute_secgroup_v2.sg_1", &secgroup), 139 resource.TestCheckResourceAttr( 140 "openstack_compute_secgroup_v2.sg_1", "rule.3862435458.cidr", "2001:558:fc00::/39"), 141 ), 142 }, 143 }, 144 }) 145 } 146 147 func testAccCheckComputeV2SecGroupDestroy(s *terraform.State) error { 148 config := testAccProvider.Meta().(*Config) 149 computeClient, err := config.computeV2Client(OS_REGION_NAME) 150 if err != nil { 151 return fmt.Errorf("Error creating OpenStack compute client: %s", err) 152 } 153 154 for _, rs := range s.RootModule().Resources { 155 if rs.Type != "openstack_compute_secgroup_v2" { 156 continue 157 } 158 159 _, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 160 if err == nil { 161 return fmt.Errorf("Security group still exists") 162 } 163 } 164 165 return nil 166 } 167 168 func testAccCheckComputeV2SecGroupExists(n string, secgroup *secgroups.SecurityGroup) resource.TestCheckFunc { 169 return func(s *terraform.State) error { 170 rs, ok := s.RootModule().Resources[n] 171 if !ok { 172 return fmt.Errorf("Not found: %s", n) 173 } 174 175 if rs.Primary.ID == "" { 176 return fmt.Errorf("No ID is set") 177 } 178 179 config := testAccProvider.Meta().(*Config) 180 computeClient, err := config.computeV2Client(OS_REGION_NAME) 181 if err != nil { 182 return fmt.Errorf("Error creating OpenStack compute client: %s", err) 183 } 184 185 found, err := secgroups.Get(computeClient, rs.Primary.ID).Extract() 186 if err != nil { 187 return err 188 } 189 190 if found.ID != rs.Primary.ID { 191 return fmt.Errorf("Security group not found") 192 } 193 194 *secgroup = *found 195 196 return nil 197 } 198 } 199 200 func testAccCheckComputeV2SecGroupRuleCount(secgroup *secgroups.SecurityGroup, count int) resource.TestCheckFunc { 201 return func(s *terraform.State) error { 202 if len(secgroup.Rules) != count { 203 return fmt.Errorf("Security group rule count does not match. Expected %d, got %d", count, len(secgroup.Rules)) 204 } 205 206 return nil 207 } 208 } 209 210 func testAccCheckComputeV2SecGroupGroupIDMatch(sg1, sg2 *secgroups.SecurityGroup) resource.TestCheckFunc { 211 return func(s *terraform.State) error { 212 if len(sg2.Rules) == 1 { 213 if sg1.Name != sg2.Rules[0].Group.Name || sg1.TenantID != sg2.Rules[0].Group.TenantID { 214 return fmt.Errorf("%s was not correctly applied to %s", sg1.Name, sg2.Name) 215 } 216 } else { 217 return fmt.Errorf("%s rule count is incorrect", sg2.Name) 218 } 219 220 return nil 221 } 222 } 223 224 const testAccComputeV2SecGroup_basic_orig = ` 225 resource "openstack_compute_secgroup_v2" "sg_1" { 226 name = "sg_1" 227 description = "first test security group" 228 rule { 229 from_port = 22 230 to_port = 22 231 ip_protocol = "tcp" 232 cidr = "0.0.0.0/0" 233 } 234 rule { 235 from_port = 1 236 to_port = 65535 237 ip_protocol = "udp" 238 cidr = "0.0.0.0/0" 239 } 240 rule { 241 from_port = -1 242 to_port = -1 243 ip_protocol = "icmp" 244 cidr = "0.0.0.0/0" 245 } 246 } 247 ` 248 249 const testAccComputeV2SecGroup_basic_update = ` 250 resource "openstack_compute_secgroup_v2" "sg_1" { 251 name = "sg_1" 252 description = "first test security group" 253 rule { 254 from_port = 2200 255 to_port = 2200 256 ip_protocol = "tcp" 257 cidr = "0.0.0.0/0" 258 } 259 rule { 260 from_port = -1 261 to_port = -1 262 ip_protocol = "icmp" 263 cidr = "0.0.0.0/0" 264 } 265 } 266 ` 267 268 const testAccComputeV2SecGroup_groupID_orig = ` 269 resource "openstack_compute_secgroup_v2" "sg_1" { 270 name = "sg_1" 271 description = "first test security group" 272 rule { 273 from_port = 22 274 to_port = 22 275 ip_protocol = "tcp" 276 cidr = "0.0.0.0/0" 277 } 278 } 279 280 resource "openstack_compute_secgroup_v2" "sg_2" { 281 name = "sg_2" 282 description = "second test security group" 283 rule { 284 from_port = -1 285 to_port = -1 286 ip_protocol = "icmp" 287 cidr = "0.0.0.0/0" 288 } 289 } 290 291 resource "openstack_compute_secgroup_v2" "sg_3" { 292 name = "sg_3" 293 description = "third test security group" 294 rule { 295 from_port = 80 296 to_port = 80 297 ip_protocol = "tcp" 298 from_group_id = "${openstack_compute_secgroup_v2.sg_1.id}" 299 } 300 } 301 ` 302 303 const testAccComputeV2SecGroup_groupID_update = ` 304 resource "openstack_compute_secgroup_v2" "sg_1" { 305 name = "sg_1" 306 description = "first test security group" 307 rule { 308 from_port = 22 309 to_port = 22 310 ip_protocol = "tcp" 311 cidr = "0.0.0.0/0" 312 } 313 } 314 315 resource "openstack_compute_secgroup_v2" "sg_2" { 316 name = "sg_2" 317 description = "second test security group" 318 rule { 319 from_port = -1 320 to_port = -1 321 ip_protocol = "icmp" 322 cidr = "0.0.0.0/0" 323 } 324 } 325 326 resource "openstack_compute_secgroup_v2" "sg_3" { 327 name = "sg_3" 328 description = "third test security group" 329 rule { 330 from_port = 80 331 to_port = 80 332 ip_protocol = "tcp" 333 from_group_id = "${openstack_compute_secgroup_v2.sg_2.id}" 334 } 335 } 336 ` 337 338 const testAccComputeV2SecGroup_self = ` 339 resource "openstack_compute_secgroup_v2" "sg_1" { 340 name = "sg_1" 341 description = "first test security group" 342 rule { 343 from_port = 22 344 to_port = 22 345 ip_protocol = "tcp" 346 self = true 347 } 348 } 349 ` 350 351 const testAccComputeV2SecGroup_icmpZero = ` 352 resource "openstack_compute_secgroup_v2" "sg_1" { 353 name = "sg_1" 354 description = "first test security group" 355 rule { 356 from_port = 0 357 to_port = 0 358 ip_protocol = "icmp" 359 cidr = "0.0.0.0/0" 360 } 361 } 362 ` 363 364 const testAccComputeV2SecGroup_lowerCaseCIDR = ` 365 resource "openstack_compute_secgroup_v2" "sg_1" { 366 name = "sg_1" 367 description = "first test security group" 368 rule { 369 from_port = 0 370 to_port = 0 371 ip_protocol = "icmp" 372 cidr = "2001:558:FC00::/39" 373 } 374 } 375 `