func resourceFWFirewallV1Read(d *schema.ResourceData, meta interface{}) error {
log.Printf("[DEBUG] Retrieve information about firewall: %s", d.Id())
config := meta.(*Config)
networkingClient, err := config.networkingV2Client(GetRegion(d))
if err != nil {
return fmt.Errorf("Error creating OpenStack networking client: %s", err)
}
firewall, err := firewalls.Get(networkingClient, d.Id()).Extract()
if err != nil {
return CheckDeleted(d, err, "firewall")
}
log.Printf("[DEBUG] Read OpenStack Firewall %s: %#v", d.Id(), firewall)
d.Set("name", firewall.Name)
d.Set("description", firewall.Description)
d.Set("policy_id", firewall.PolicyID)
d.Set("admin_state_up", firewall.AdminStateUp)
d.Set("tenant_id", firewall.TenantID)
d.Set("region", GetRegion(d))
return nil
}
func testAccCheckFWFirewallV1Exists(n, expectedName, expectedDescription string, policyID *string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("Exists) Error creating OpenStack networking client: %s", err)
}
var found *firewalls.Firewall
for i := 0; i < 5; i++ {
// Firewall creation is asynchronous. Retry some times
// if we get a 404 error. Fail on any other error.
found, err = firewalls.Get(networkingClient, rs.Primary.ID).Extract()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
time.Sleep(time.Second)
continue
}
return err
}
break
}
switch {
case found.Name != expectedName:
err = fmt.Errorf("Expected Name to be <%s> but found <%s>", expectedName, found.Name)
case found.Description != expectedDescription:
err = fmt.Errorf("Expected Description to be <%s> but found <%s>",
expectedDescription, found.Description)
case found.PolicyID == "":
err = fmt.Errorf("Policy should not be empty")
case policyID != nil && found.PolicyID == *policyID:
err = fmt.Errorf("Policy had not been correctly updated. Went from <%s> to <%s>",
expectedName, found.Name)
}
if err != nil {
return err
}
policyID = &found.PolicyID
return nil
}
}
func waitForFirewallActive(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
fw, err := firewalls.Get(networkingClient, id).Extract()
log.Printf("[DEBUG] Get firewall %s => %#v", id, fw)
if err != nil {
return nil, "", err
}
return fw, fw.Status, nil
}
}
func TestFirewallCRUD(t *testing.T) {
client, err := clients.NewNetworkV2Client()
if err != nil {
t.Fatalf("Unable to create a network client: %v", err)
}
rule, err := CreateRule(t, client)
if err != nil {
t.Fatalf("Unable to create rule: %v", err)
}
defer DeleteRule(t, client, rule.ID)
PrintRule(t, rule)
policy, err := CreatePolicy(t, client, rule.ID)
if err != nil {
t.Fatalf("Unable to create policy: %v", err)
}
defer DeletePolicy(t, client, policy.ID)
PrintPolicy(t, policy)
firewall, err := CreateFirewall(t, client, policy.ID)
if err != nil {
t.Fatalf("Unable to create firewall: %v", err)
}
defer DeleteFirewall(t, client, firewall.ID)
PrintFirewall(t, firewall)
updateOpts := firewalls.UpdateOpts{
PolicyID: policy.ID,
Description: "Some firewall description",
}
_, err = firewalls.Update(client, firewall.ID, updateOpts).Extract()
if err != nil {
t.Fatalf("Unable to update firewall: %v", err)
}
newFirewall, err := firewalls.Get(client, firewall.ID).Extract()
if err != nil {
t.Fatalf("Unable to get firewall: %v", err)
}
PrintFirewall(t, newFirewall)
}
func waitForFirewallDeletion(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
fw, err := firewalls.Get(networkingClient, id).Extract()
log.Printf("[DEBUG] Get firewall %s => %#v", id, fw)
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
log.Printf("[DEBUG] Firewall %s is actually deleted", id)
return "", "DELETED", nil
}
return nil, "", fmt.Errorf("Unexpected error: %s", err)
}
log.Printf("[DEBUG] Firewall %s deletion is pending", id)
return fw, "DELETING", nil
}
}
// WaitForFirewallState will wait until a firewall reaches a given state.
func WaitForFirewallState(client *gophercloud.ServiceClient, firewallID, status string, secs int) error {
return gophercloud.WaitFor(secs, func() (bool, error) {
current, err := firewalls.Get(client, firewallID).Extract()
if err != nil {
if httpStatus, ok := err.(gophercloud.ErrDefault404); ok {
if httpStatus.Actual == 404 {
if status == "DELETED" {
return true, nil
}
}
}
return false, err
}
if current.Status == status {
return true, nil
}
return false, nil
})
}
func testAccCheckFWFirewallV1Destroy(s *terraform.State) error {
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("Error creating OpenStack networking client: %s", err)
}
for _, rs := range s.RootModule().Resources {
if rs.Type != "openstack_firewall" {
continue
}
_, err = firewalls.Get(networkingClient, rs.Primary.ID).Extract()
if err == nil {
return fmt.Errorf("Firewall (%s) still exists.", rs.Primary.ID)
}
if _, ok := err.(gophercloud.ErrDefault404); !ok {
return err
}
}
return nil
}
func TestGet(t *testing.T) {
th.SetupHTTP()
defer th.TeardownHTTP()
th.Mux.HandleFunc("/v2.0/fw/firewalls/fb5b5315-64f6-4ea3-8e58-981cc37c6f61", func(w http.ResponseWriter, r *http.Request) {
th.TestMethod(t, r, "GET")
th.TestHeader(t, r, "X-Auth-Token", fake.TokenID)
w.Header().Add("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
fmt.Fprintf(w, `
{
"firewall": {
"status": "ACTIVE",
"name": "fw",
"admin_state_up": true,
"tenant_id": "b4eedccc6fb74fa8a7ad6b08382b852b",
"firewall_policy_id": "34be8c83-4d42-4dca-a74e-b77fffb8e28a",
"id": "fb5b5315-64f6-4ea3-8e58-981cc37c6f61",
"description": "OpenStack firewall"
}
}
`)
})
fw, err := firewalls.Get(fake.ServiceClient(), "fb5b5315-64f6-4ea3-8e58-981cc37c6f61").Extract()
th.AssertNoErr(t, err)
th.AssertEquals(t, "ACTIVE", fw.Status)
th.AssertEquals(t, "fw", fw.Name)
th.AssertEquals(t, "OpenStack firewall", fw.Description)
th.AssertEquals(t, true, fw.AdminStateUp)
th.AssertEquals(t, "34be8c83-4d42-4dca-a74e-b77fffb8e28a", fw.PolicyID)
th.AssertEquals(t, "fb5b5315-64f6-4ea3-8e58-981cc37c6f61", fw.ID)
th.AssertEquals(t, "b4eedccc6fb74fa8a7ad6b08382b852b", fw.TenantID)
}