func (s *firewallerSuite) TestLife(c *gc.C) {
// Unassign unit 1 from its machine, so we can change its life cycle.
err := s.units[1].UnassignFromMachine()
c.Assert(err, gc.IsNil)
err = s.machines[1].EnsureDead()
c.Assert(err, gc.IsNil)
s.assertLife(c, 0, state.Alive)
s.assertLife(c, 1, state.Dead)
s.assertLife(c, 2, state.Alive)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.machines[0].Tag()},
{Tag: s.machines[1].Tag()},
{Tag: s.machines[2].Tag()},
}})
result, err := s.firewaller.Life(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.LifeResults{
Results: []params.LifeResult{
{Life: "alive"},
{Life: "dead"},
{Life: "alive"},
{Error: apiservertesting.NotFoundError("machine 42")},
{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
{Error: apiservertesting.NotFoundError(`service "bar"`)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Remove a machine and make sure it's detected.
err = s.machines[1].Remove()
c.Assert(err, gc.IsNil)
err = s.machines[1].Refresh()
c.Assert(err, jc.Satisfies, errors.IsNotFound)
args = params.Entities{
Entities: []params.Entity{
{Tag: s.machines[1].Tag()},
},
}
result, err = s.firewaller.Life(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.LifeResults{
Results: []params.LifeResult{
{Error: apiservertesting.NotFoundError("machine 1")},
},
})
}
func (s *firewallerSuite) TestWatchUnits(c *gc.C) {
c.Assert(s.resources.Count(), gc.Equals, 0)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.machines[0].Tag()},
{Tag: s.service.Tag()},
{Tag: s.units[0].Tag()},
}})
result, err := s.firewaller.WatchUnits(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.StringsWatchResults{
Results: []params.StringsWatchResult{
{Changes: []string{"wordpress/0"}, StringsWatcherId: "1"},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError("machine 42")},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Verify the resource was registered and stop when done
c.Assert(s.resources.Count(), gc.Equals, 1)
c.Assert(result.Results[0].StringsWatcherId, gc.Equals, "1")
resource := s.resources.Get("1")
defer statetesting.AssertStop(c, resource)
// Check that the Watch has consumed the initial event ("returned" in
// the Watch call)
wc := statetesting.NewStringsWatcherC(c, s.State, resource.(state.StringsWatcher))
wc.AssertNoChange()
}
func (s *firewallerSuite) TestInstanceId(c *gc.C) {
// Provision 2 machines first.
err := s.machines[0].SetProvisioned("i-am", "fake_nonce", nil)
c.Assert(err, gc.IsNil)
hwChars := instance.MustParseHardware("arch=i386", "mem=4G")
err = s.machines[1].SetProvisioned("i-am-not", "fake_nonce", &hwChars)
c.Assert(err, gc.IsNil)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.machines[0].Tag()},
{Tag: s.machines[1].Tag()},
{Tag: s.machines[2].Tag()},
{Tag: s.service.Tag()},
{Tag: s.units[2].Tag()},
}})
result, err := s.firewaller.InstanceId(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.StringResults{
Results: []params.StringResult{
{Result: "i-am"},
{Result: "i-am-not"},
{Error: apiservertesting.NotProvisionedError("2")},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError("machine 42")},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
}
func (s *firewallerSuite) TestWatch(c *gc.C) {
c.Assert(s.resources.Count(), gc.Equals, 0)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.machines[0].Tag()},
{Tag: s.service.Tag()},
{Tag: s.units[0].Tag()},
}})
result, err := s.firewaller.Watch(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.NotifyWatchResults{
Results: []params.NotifyWatchResult{
{Error: apiservertesting.ErrUnauthorized},
{NotifyWatcherId: "1"},
{NotifyWatcherId: "2"},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
{Error: apiservertesting.NotFoundError(`service "bar"`)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Verify the resources were registered and stop when done.
c.Assert(s.resources.Count(), gc.Equals, 2)
c.Assert(result.Results[1].NotifyWatcherId, gc.Equals, "1")
watcher1 := s.resources.Get("1")
defer statetesting.AssertStop(c, watcher1)
c.Assert(result.Results[2].NotifyWatcherId, gc.Equals, "2")
watcher2 := s.resources.Get("2")
defer statetesting.AssertStop(c, watcher2)
// Check that the Watch has consumed the initial event ("returned" in
// the Watch call)
wc1 := statetesting.NewNotifyWatcherC(c, s.State, watcher1.(state.NotifyWatcher))
wc1.AssertNoChange()
wc2 := statetesting.NewNotifyWatcherC(c, s.State, watcher2.(state.NotifyWatcher))
wc2.AssertNoChange()
}
func (s *firewallerSuite) TestOpenedPorts(c *gc.C) {
// Open some ports on two of the units.
err := s.units[0].OpenPort("foo", 1234)
c.Assert(err, gc.IsNil)
err = s.units[0].OpenPort("bar", 4321)
c.Assert(err, gc.IsNil)
err = s.units[2].OpenPort("baz", 1111)
c.Assert(err, gc.IsNil)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.units[0].Tag()},
{Tag: s.units[1].Tag()},
{Tag: s.units[2].Tag()},
}})
result, err := s.firewaller.OpenedPorts(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.PortsResults{
Results: []params.PortsResult{
{Ports: []instance.Port{{"bar", 4321}, {"foo", 1234}}},
{Ports: []instance.Port{}},
{Ports: []instance.Port{{"baz", 1111}}},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Now close unit 2's port and check again.
err = s.units[2].ClosePort("baz", 1111)
c.Assert(err, gc.IsNil)
args = params.Entities{Entities: []params.Entity{
{Tag: s.units[2].Tag()},
}}
result, err = s.firewaller.OpenedPorts(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.PortsResults{
Results: []params.PortsResult{
{Ports: []instance.Port{}},
},
})
}
func (s *firewallerSuite) TestGetAssignedMachine(c *gc.C) {
// Unassign a unit first.
err := s.units[2].UnassignFromMachine()
c.Assert(err, gc.IsNil)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.units[0].Tag()},
{Tag: s.units[1].Tag()},
{Tag: s.units[2].Tag()},
}})
result, err := s.firewaller.GetAssignedMachine(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.StringResults{
Results: []params.StringResult{
{Result: s.machines[0].Tag()},
{Result: s.machines[1].Tag()},
{Error: apiservertesting.NotAssignedError("wordpress/2")},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Now reset assign unit 2 again and check.
err = s.units[2].AssignToMachine(s.machines[0])
c.Assert(err, gc.IsNil)
args = params.Entities{Entities: []params.Entity{
{Tag: s.units[2].Tag()},
}}
result, err = s.firewaller.GetAssignedMachine(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.StringResults{
Results: []params.StringResult{
{Result: s.machines[0].Tag()},
},
})
}
func (s *firewallerSuite) TestGetExposed(c *gc.C) {
// Set the service to exposed first.
err := s.service.SetExposed()
c.Assert(err, gc.IsNil)
args := addFakeEntities(params.Entities{Entities: []params.Entity{
{Tag: s.service.Tag()},
}})
result, err := s.firewaller.GetExposed(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.BoolResults{
Results: []params.BoolResult{
{Result: true},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.NotFoundError(`service "bar"`)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Now reset the exposed flag for the service and check again.
err = s.service.ClearExposed()
c.Assert(err, gc.IsNil)
args = params.Entities{Entities: []params.Entity{
{Tag: s.service.Tag()},
}}
result, err = s.firewaller.GetExposed(args)
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.BoolResults{
Results: []params.BoolResult{
{Result: false},
},
})
}