func resourceFWPolicyV1Read(d *schema.ResourceData, meta interface{}) error {
log.Printf("[DEBUG] Retrieve information about firewall policy: %s", d.Id())
config := meta.(*Config)
networkingClient, err := config.networkingV2Client(GetRegion(d))
if err != nil {
return fmt.Errorf("Error creating OpenStack networking client: %s", err)
}
policy, err := policies.Get(networkingClient, d.Id()).Extract()
if err != nil {
return CheckDeleted(d, err, "FW policy")
}
log.Printf("[DEBUG] Read OpenStack Firewall Policy %s: %#v", d.Id(), policy)
d.Set("name", policy.Name)
d.Set("description", policy.Description)
d.Set("shared", policy.Shared)
d.Set("audited", policy.Audited)
d.Set("tenant_id", policy.TenantID)
d.Set("rules", policy.Rules)
d.Set("region", GetRegion(d))
return nil
}
func testAccCheckFWPolicyV1Exists(n, name, description string, ruleCount int) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("(testAccCheckFirewallPolicyExists) Error creating OpenStack networking client: %s", err)
}
var found *policies.Policy
for i := 0; i < 5; i++ {
// Firewall policy creation is asynchronous. Retry some times
// if we get a 404 error. Fail on any other error.
found, err = policies.Get(networkingClient, rs.Primary.ID).Extract()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
time.Sleep(time.Second)
continue
}
return err
}
break
}
if name != found.Name {
return fmt.Errorf("Expected name <%s>, but found <%s>", name, found.Name)
}
if description != found.Description {
return fmt.Errorf("Expected description <%s>, but found <%s>", description, found.Description)
}
if ruleCount != len(found.Rules) {
return fmt.Errorf("Expected rule count <%d>, but found <%d>", ruleCount, len(found.Rules))
}
return nil
}
}
func testAccCheckFWPolicyV1Destroy(s *terraform.State) error {
config := testAccProvider.Meta().(*Config)
networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
if err != nil {
return fmt.Errorf("Error creating OpenStack networking client: %s", err)
}
for _, rs := range s.RootModule().Resources {
if rs.Type != "openstack_fw_policy_v1" {
continue
}
_, err = policies.Get(networkingClient, rs.Primary.ID).Extract()
if err == nil {
return fmt.Errorf("Firewall policy (%s) still exists.", rs.Primary.ID)
}
if _, ok := err.(gophercloud.ErrDefault404); !ok {
return err
}
}
return nil
}
func TestGet(t *testing.T) {
th.SetupHTTP()
defer th.TeardownHTTP()
th.Mux.HandleFunc("/v2.0/fw/firewall_policies/bcab5315-64f6-4ea3-8e58-981cc37c6f61", func(w http.ResponseWriter, r *http.Request) {
th.TestMethod(t, r, "GET")
th.TestHeader(t, r, "X-Auth-Token", fake.TokenID)
w.Header().Add("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
fmt.Fprintf(w, `
{
"firewall_policy":{
"name": "www",
"firewall_rules": [
"75452b36-268e-4e75-aaf4-f0e7ed50bc97",
"c9e77ca0-1bc8-497d-904d-948107873dc6",
"03d2a6ad-633f-431a-8463-4370d06a22c8"
],
"tenant_id": "9145d91459d248b1b02fdaca97c6a75d",
"audited": false,
"id": "f2b08c1e-aa81-4668-8ae1-1401bcb0576c",
"description": "Firewall policy web"
}
}
`)
})
policy, err := policies.Get(fake.ServiceClient(), "bcab5315-64f6-4ea3-8e58-981cc37c6f61").Extract()
th.AssertNoErr(t, err)
th.AssertEquals(t, "www", policy.Name)
th.AssertEquals(t, "f2b08c1e-aa81-4668-8ae1-1401bcb0576c", policy.ID)
th.AssertEquals(t, "Firewall policy web", policy.Description)
th.AssertEquals(t, 3, len(policy.Rules))
th.AssertEquals(t, "75452b36-268e-4e75-aaf4-f0e7ed50bc97", policy.Rules[0])
th.AssertEquals(t, "c9e77ca0-1bc8-497d-904d-948107873dc6", policy.Rules[1])
th.AssertEquals(t, "03d2a6ad-633f-431a-8463-4370d06a22c8", policy.Rules[2])
th.AssertEquals(t, "9145d91459d248b1b02fdaca97c6a75d", policy.TenantID)
}
func TestPolicyCRUD(t *testing.T) {
client, err := clients.NewNetworkV2Client()
if err != nil {
t.Fatalf("Unable to create a network client: %v", err)
}
rule, err := CreateRule(t, client)
if err != nil {
t.Fatalf("Unable to create rule: %v", err)
}
defer DeleteRule(t, client, rule.ID)
PrintRule(t, rule)
policy, err := CreatePolicy(t, client, rule.ID)
if err != nil {
t.Fatalf("Unable to create policy: %v", err)
}
defer DeletePolicy(t, client, policy.ID)
PrintPolicy(t, policy)
updateOpts := policies.UpdateOpts{
Description: "Some policy description",
}
_, err = policies.Update(client, policy.ID, updateOpts).Extract()
if err != nil {
t.Fatalf("Unable to update policy: %v", err)
}
newPolicy, err := policies.Get(client, policy.ID).Extract()
if err != nil {
t.Fatalf("Unable to get policy: %v", err)
}
PrintPolicy(t, newPolicy)
}