func createNetworkACLRules(d *schema.ResourceData, meta interface{}, rules *schema.Set, nrs *schema.Set) error {
var errs *multierror.Error
var wg sync.WaitGroup
wg.Add(nrs.Len())
sem := make(chan struct{}, d.Get("parallelism").(int))
for _, rule := range nrs.List() {
// Put in a tiny sleep here to avoid DoS'ing the API
time.Sleep(500 * time.Millisecond)
go func(rule map[string]interface{}) {
defer wg.Done()
sem <- struct{}{}
// Create a single rule
err := createNetworkACLRule(d, meta, rule)
// If we have at least one UUID, we need to save the rule
if len(rule["uuids"].(map[string]interface{})) > 0 {
rules.Add(rule)
}
if err != nil {
errs = multierror.Append(errs, err)
}
<-sem
}(rule.(map[string]interface{}))
}
wg.Wait()
return errs.ErrorOrNil()
}
//Convert schema.Set to a slice of strings
func setToStringSlice(s *schema.Set) []string {
list := make([]string, s.Len())
for i, v := range s.List() {
list[i] = v.(string)
}
return list
}
func deletePortForwards(d *schema.ResourceData, meta interface{}, forwards *schema.Set, ors *schema.Set) error {
var errs *multierror.Error
var wg sync.WaitGroup
wg.Add(ors.Len())
sem := make(chan struct{}, 10)
for _, forward := range ors.List() {
// Put a sleep here to avoid DoS'ing the API
time.Sleep(500 * time.Millisecond)
go func(forward map[string]interface{}) {
defer wg.Done()
sem <- struct{}{}
// Delete a single forward
err := deletePortForward(d, meta, forward)
// If we have a UUID, we need to save the forward
if forward["uuid"].(string) != "" {
forwards.Add(forward)
}
if err != nil {
errs = multierror.Append(errs, err)
}
<-sem
}(forward.(map[string]interface{}))
}
wg.Wait()
return errs.ErrorOrNil()
}
// dataSourceGoogleIamPolicyMembers converts a set of members in a binding
// (a member is a principal, usually an e-mail address) into an array of
// string.
func dataSourceGoogleIamPolicyMembers(d *schema.Set) []string {
var members []string
members = make([]string, d.Len())
for i, v := range d.List() {
members[i] = v.(string)
}
return members
}
func deleteEgressFirewallRules(
d *schema.ResourceData,
meta interface{},
rules *schema.Set,
ors *schema.Set) error {
var errs *multierror.Error
var wg sync.WaitGroup
wg.Add(ors.Len())
sem := make(chan struct{}, 10)
for _, rule := range ors.List() {
// Put a sleep here to avoid DoS'ing the API
time.Sleep(500 * time.Millisecond)
go func(rule map[string]interface{}) {
defer wg.Done()
sem <- struct{}{}
// Delete a single rule
err := deleteEgressFirewallRule(d, meta, rule)
// If we have at least one UUID, we need to save the rule
if len(rule["uuids"].(map[string]interface{})) > 0 {
rules.Add(rule)
}
if err != nil {
errs = multierror.Append(errs, err)
}
<-sem
}(rule.(map[string]interface{}))
}
wg.Wait()
return errs.ErrorOrNil()
}
func ipamConfigSetToIpamConfigs(ipamConfigSet *schema.Set) []dc.IPAMConfig {
ipamConfigs := make([]dc.IPAMConfig, ipamConfigSet.Len())
for i, ipamConfigInt := range ipamConfigSet.List() {
ipamConfigRaw := ipamConfigInt.(map[string]interface{})
ipamConfig := dc.IPAMConfig{}
ipamConfig.Subnet = ipamConfigRaw["subnet"].(string)
ipamConfig.IPRange = ipamConfigRaw["ip_range"].(string)
ipamConfig.Gateway = ipamConfigRaw["gateway"].(string)
auxAddressRaw := ipamConfigRaw["aux_address"].(map[string]interface{})
ipamConfig.AuxAddress = make(map[string]string, len(auxAddressRaw))
for k, v := range auxAddressRaw {
ipamConfig.AuxAddress[k] = v.(string)
}
ipamConfigs[i] = ipamConfig
}
return ipamConfigs
}
func createSecurityGroupRules(d *schema.ResourceData, meta interface{}, rules *schema.Set, nrs *schema.Set) error {
cs := meta.(*cloudstack.CloudStackClient)
var errs *multierror.Error
var wg sync.WaitGroup
wg.Add(nrs.Len())
sem := make(chan struct{}, d.Get("parallelism").(int))
for _, rule := range nrs.List() {
// Put in a tiny sleep here to avoid DoS'ing the API
time.Sleep(500 * time.Millisecond)
go func(rule map[string]interface{}) {
defer wg.Done()
sem <- struct{}{}
// Make sure all required parameters are there
if err := verifySecurityGroupRuleParams(d, rule); err != nil {
errs = multierror.Append(errs, err)
return
}
var p authorizeSecurityGroupParams
if cidrList, ok := rule["cidr_list"].(*schema.Set); ok && cidrList.Len() > 0 {
for _, cidr := range cidrList.List() {
// Create a new parameter struct
switch rule["traffic_type"].(string) {
case "ingress":
p = cs.SecurityGroup.NewAuthorizeSecurityGroupIngressParams()
case "egress":
p = cs.SecurityGroup.NewAuthorizeSecurityGroupEgressParams()
}
p.SetSecuritygroupid(d.Id())
p.SetCidrlist([]string{cidr.(string)})
// Create a single rule
err := createSecurityGroupRule(d, meta, rule, p, cidr.(string))
if err != nil {
errs = multierror.Append(errs, err)
}
}
}
if usgList, ok := rule["user_security_group_list"].(*schema.Set); ok && usgList.Len() > 0 {
for _, usg := range usgList.List() {
sg, _, err := cs.SecurityGroup.GetSecurityGroupByName(
usg.(string),
cloudstack.WithProject(d.Get("project").(string)),
)
if err != nil {
errs = multierror.Append(errs, err)
continue
}
// Create a new parameter struct
switch rule["traffic_type"].(string) {
case "ingress":
p = cs.SecurityGroup.NewAuthorizeSecurityGroupIngressParams()
case "egress":
p = cs.SecurityGroup.NewAuthorizeSecurityGroupEgressParams()
}
p.SetSecuritygroupid(d.Id())
p.SetUsersecuritygrouplist(map[string]string{sg.Account: usg.(string)})
// Create a single rule
err = createSecurityGroupRule(d, meta, rule, p, usg.(string))
if err != nil {
errs = multierror.Append(errs, err)
}
}
}
// If we have at least one UUID, we need to save the rule
if len(rule["uuids"].(map[string]interface{})) > 0 {
rules.Add(rule)
}
<-sem
}(rule.(map[string]interface{}))
}
wg.Wait()
return errs.ErrorOrNil()
}