Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / debian / gophercloud / 3860b51298ec4cc58acd486c4f82d826ac29a239 / . / openstack / compute / v2 / extensions / secgroups / requests.go
blob: cfb2df8f14872e6f1870ea5874cf80d15e0a0d21 [file] [log] [blame]
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]1package secgroups
2
3import (
Jon Perritt27249f42016-02-18 10:35:59 -0600[diff] [blame]4 "github.com/gophercloud/gophercloud"
5 "github.com/gophercloud/gophercloud/pagination"
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]6)
7
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]8func commonList(client *gophercloud.ServiceClient, url string) pagination.Pager {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]9 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]10 return SecurityGroupPage{pagination.SinglePageBase(r)}
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]11 })
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]12}
13
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]14// List will return a collection of all the security groups for a particular
15// tenant.
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]16func List(client *gophercloud.ServiceClient) pagination.Pager {
17 return commonList(client, rootURL(client))
18}
19
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]20// ListByServer will return a collection of all the security groups which are
21// associated with a particular server.
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]22func ListByServer(client *gophercloud.ServiceClient, serverID string) pagination.Pager {
23 return commonList(client, listByServerURL(client, serverID))
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]24}
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]25
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]26// GroupOpts is the underlying struct responsible for creating or updating
27// security groups. It therefore represents the mutable attributes of a
28// security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]29type GroupOpts struct {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]30 // the name of your security group.
31 Name string `json:"name" required:"true"`
32 // the description of your security group.
33 Description string `json:"description" required:"true"`
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]34}
35
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]36// CreateOpts is the struct responsible for creating a security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]37type CreateOpts GroupOpts
38
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]39// CreateOptsBuilder builds the create options into a serializable format.
40type CreateOptsBuilder interface {
41 ToSecGroupCreateMap() (map[string]interface{}, error)
42}
43
44// ToSecGroupCreateMap builds the create options into a serializable format.
45func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]46 return gophercloud.BuildRequestBody(opts, "security_group")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]47}
48
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]49// Create will create a new security group.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]50func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]51 b, err := opts.ToSecGroupCreateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]52 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]53 r.Err = err
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]54 return
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]55 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]56 _, r.Err = client.Post(rootURL(client), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]57 OkCodes: []int{200},
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]58 })
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]59}
Jamie Hannafordb38dd312014-11-19 13:02:11 +0100[diff] [blame]60
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]61// UpdateOpts is the struct responsible for updating an existing security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]62type UpdateOpts GroupOpts
63
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]64// UpdateOptsBuilder builds the update options into a serializable format.
65type UpdateOptsBuilder interface {
66 ToSecGroupUpdateMap() (map[string]interface{}, error)
67}
68
69// ToSecGroupUpdateMap builds the update options into a serializable format.
70func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]71 return gophercloud.BuildRequestBody(opts, "security_group")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]72}
73
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]74// Update will modify the mutable properties of a security group, notably its
75// name and description.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]76func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]77 b, err := opts.ToSecGroupUpdateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]78 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]79 r.Err = err
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]80 return
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]81 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]82 _, r.Err = client.Put(resourceURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]83 OkCodes: []int{200},
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]84 })
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]85}
86
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]87// Get will return details for a particular security group.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]88func Get(client *gophercloud.ServiceClient, id string) (r GetResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]89 _, r.Err = client.Get(resourceURL(client, id), &r.Body, nil)
Jamie Hannafordb38dd312014-11-19 13:02:11 +0100[diff] [blame]90}
Jamie Hannafordd276e612014-11-19 13:56:28 +0100[diff] [blame]91
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]92// Delete will permanently delete a security group from the project.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]93func Delete(client *gophercloud.ServiceClient, id string) (r gophercloud.ErrResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]94 _, r.Err = client.Delete(resourceURL(client, id), nil)
Jamie Hannafordd276e612014-11-19 13:56:28 +0100[diff] [blame]95}
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]96
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]97// CreateRuleOpts represents the configuration for adding a new rule to an
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]98// existing security group.
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]99type CreateRuleOpts struct {
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]100 // Required - the ID of the group that this rule will be added to.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]101 ParentGroupID string `json:"parent_group_id" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]102 // Required - the lower bound of the port range that will be opened.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]103 FromPort int `json:"from_port" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]104 // Required - the upper bound of the port range that will be opened.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]105 ToPort int `json:"to_port" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]106 // Required - the protocol type that will be allowed, e.g. TCP.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]107 IPProtocol string `json:"ip_protocol" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]108 // ONLY required if FromGroupID is blank. This represents the IP range that
109 // will be the source of network traffic to your security group. Use
110 // 0.0.0.0/0 to allow all IP addresses.
111 CIDR string `json:"cidr,omitempty"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]112 // ONLY required if CIDR is blank. This value represents the ID of a group
113 // that forwards traffic to the parent group. So, instead of accepting
114 // network traffic from an entire IP range, you can instead refine the
115 // inbound source by an existing security group.
116 FromGroupID string `json:"group_id,omitempty"`
117}
118
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]119// CreateRuleOptsBuilder builds the create rule options into a serializable format.
120type CreateRuleOptsBuilder interface {
121 ToRuleCreateMap() (map[string]interface{}, error)
122}
123
124// ToRuleCreateMap builds the create rule options into a serializable format.
125func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]126 return gophercloud.BuildRequestBody(opts, "security_group_rule")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]127}
128
129// CreateRule will add a new rule to an existing security group (whose ID is
130// specified in CreateRuleOpts). You have the option of controlling inbound
131// traffic from either an IP range (CIDR) or from another security group.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]132func CreateRule(client *gophercloud.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]133 b, err := opts.ToRuleCreateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]134 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]135 r.Err = err
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]136 return
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]137 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]138 _, r.Err = client.Post(rootRuleURL(client), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]139 OkCodes: []int{200},
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]140 })
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]141}
Jamie Hannaford61f81ca2014-11-19 14:44:33 +0100[diff] [blame]142
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]143// DeleteRule will permanently delete a rule from a security group.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]144func DeleteRule(client *gophercloud.ServiceClient, id string) (r gophercloud.ErrResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]145 _, r.Err = client.Delete(resourceRuleURL(client, id), nil)
Jamie Hannaford61f81ca2014-11-19 14:44:33 +0100[diff] [blame]146}
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]147
148func actionMap(prefix, groupName string) map[string]map[string]string {
149 return map[string]map[string]string{
150 prefix + "SecurityGroup": map[string]string{"name": groupName},
151 }
152}
153
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]154// AddServer will associate a server and a security group, enforcing the
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]155// rules of the group on the server.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]156func AddServer(client *gophercloud.ServiceClient, serverID, groupName string) (r gophercloud.ErrResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]157 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("add", groupName), &r.Body, nil)
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]158}
159
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]160// RemoveServer will disassociate a server from a security group.
Jon Perritt3860b512016-03-29 12:01:48 -0500[diff] [blame^]161func RemoveServer(client *gophercloud.ServiceClient, serverID, groupName string) (r gophercloud.ErrResult) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]162 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("remove", groupName), &r.Body, nil)
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]163}