func waitForSecGroupRuleDelete(networkingClient *gophercloud.ServiceClient, secGroupRuleId string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
log.Printf("[DEBUG] Attempting to delete OpenStack Security Group Rule %s.\n", secGroupRuleId)
r, err := rules.Get(networkingClient, secGroupRuleId).Extract()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
log.Printf("[DEBUG] Successfully deleted OpenStack Neutron Security Group Rule %s", secGroupRuleId)
return r, "DELETED", nil
}
return r, "ACTIVE", err
}
err = rules.Delete(networkingClient, secGroupRuleId).ExtractErr()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
log.Printf("[DEBUG] Successfully deleted OpenStack Neutron Security Group Rule %s", secGroupRuleId)
return r, "DELETED", nil
}
return r, "ACTIVE", err
}
log.Printf("[DEBUG] OpenStack Neutron Security Group Rule %s still active.\n", secGroupRuleId)
return r, "ACTIVE", nil
}
}
func resourceNetworkingSecGroupRuleV2Read(d *schema.ResourceData, meta interface{}) error {
log.Printf("[DEBUG] Retrieve information about security group rule: %s", d.Id())
config := meta.(*Config)
networkingClient, err := config.networkingV2Client(d.Get("region").(string))
if err != nil {
return fmt.Errorf("Error creating OpenStack networking client: %s", err)
}
security_group_rule, err := rules.Get(networkingClient, d.Id()).Extract()
if err != nil {
return CheckDeleted(d, err, "OpenStack Security Group Rule")
}
d.Set("direction", security_group_rule.Direction)
d.Set("ethertype", security_group_rule.EtherType)
d.Set("protocol", security_group_rule.Protocol)
d.Set("port_range_min", security_group_rule.PortRangeMin)
d.Set("port_range_max", security_group_rule.PortRangeMax)
d.Set("remote_group_id", security_group_rule.RemoteGroupID)
d.Set("remote_ip_prefix", security_group_rule.RemoteIPPrefix)
d.Set("security_group_id", security_group_rule.SecGroupID)
d.Set("tenant_id", security_group_rule.TenantID)
return nil
}
func testAccCheckNetworkingV2SecGroupRuleExists(t *testing.T, n string, security_group_rule *rules.SecGroupRule) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("(testAccCheckNetworkingV2SecGroupRuleExists) Error creating OpenStack networking client: %s", err)
}
found, err := rules.Get(networkingClient, rs.Primary.ID).Extract()
if err != nil {
return err
}
if found.ID != rs.Primary.ID {
return fmt.Errorf("Security group rule not found")
}
*security_group_rule = *found
return nil
}
}
func TestGet(t *testing.T) {
th.SetupHTTP()
defer th.TeardownHTTP()
th.Mux.HandleFunc("/v2.0/security-group-rules/3c0e45ff-adaf-4124-b083-bf390e5482ff", func(w http.ResponseWriter, r *http.Request) {
th.TestMethod(t, r, "GET")
th.TestHeader(t, r, "X-Auth-Token", fake.TokenID)
w.Header().Add("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
fmt.Fprintf(w, `
{
"security_group_rule": {
"direction": "egress",
"ethertype": "IPv6",
"id": "3c0e45ff-adaf-4124-b083-bf390e5482ff",
"port_range_max": null,
"port_range_min": null,
"protocol": null,
"remote_group_id": null,
"remote_ip_prefix": null,
"security_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5",
"tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"
}
}
`)
})
sr, err := rules.Get(fake.ServiceClient(), "3c0e45ff-adaf-4124-b083-bf390e5482ff").Extract()
th.AssertNoErr(t, err)
th.AssertEquals(t, "egress", sr.Direction)
th.AssertEquals(t, "IPv6", sr.EtherType)
th.AssertEquals(t, "3c0e45ff-adaf-4124-b083-bf390e5482ff", sr.ID)
th.AssertEquals(t, 0, sr.PortRangeMax)
th.AssertEquals(t, 0, sr.PortRangeMin)
th.AssertEquals(t, "", sr.Protocol)
th.AssertEquals(t, "", sr.RemoteGroupID)
th.AssertEquals(t, "", sr.RemoteIPPrefix)
th.AssertEquals(t, "85cc3048-abc3-43cc-89b3-377341426ac5", sr.SecGroupID)
th.AssertEquals(t, "e4f50856753b4dc6afee5fa6b9b6c550", sr.TenantID)
}
func testAccCheckNetworkingV2SecGroupRuleDestroy(s *terraform.State) error {
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("(testAccCheckNetworkingV2SecGroupRuleDestroy) Error creating OpenStack networking client: %s", err)
}
for _, rs := range s.RootModule().Resources {
if rs.Type != "openstack_networking_secgroup_rule_v2" {
continue
}
_, err := rules.Get(networkingClient, rs.Primary.ID).Extract()
if err == nil {
return fmt.Errorf("Security group rule still exists")
}
}
return nil
}
