| Jon Perritt | db9a9b3 | 2015-03-09 12:08:50 -0600 | [diff] [blame] | 1 | // +build acceptance networking security |
| 2 | |
| 3 | package v2 |
| 4 | |
| 5 | import ( |
| 6 | "testing" |
| 7 | |
| 8 | osGroups "github.com/rackspace/gophercloud/openstack/networking/v2/extensions/security/groups" |
| 9 | osRules "github.com/rackspace/gophercloud/openstack/networking/v2/extensions/security/rules" |
| 10 | osNetworks "github.com/rackspace/gophercloud/openstack/networking/v2/networks" |
| 11 | osPorts "github.com/rackspace/gophercloud/openstack/networking/v2/ports" |
| 12 | "github.com/rackspace/gophercloud/pagination" |
| 13 | rsNetworks "github.com/rackspace/gophercloud/rackspace/networking/v2/networks" |
| 14 | rsPorts "github.com/rackspace/gophercloud/rackspace/networking/v2/ports" |
| 15 | rsGroups "github.com/rackspace/gophercloud/rackspace/networking/v2/security/groups" |
| 16 | rsRules "github.com/rackspace/gophercloud/rackspace/networking/v2/security/rules" |
| 17 | th "github.com/rackspace/gophercloud/testhelper" |
| 18 | ) |
| 19 | |
| 20 | func TestSecurityGroups(t *testing.T) { |
| 21 | Setup(t) |
| 22 | defer Teardown() |
| 23 | |
| 24 | // create security group |
| 25 | groupID := createSecGroup(t) |
| 26 | |
| 27 | // delete security group |
| 28 | defer deleteSecGroup(t, groupID) |
| 29 | |
| 30 | // list security group |
| 31 | listSecGroups(t) |
| 32 | |
| 33 | // get security group |
| 34 | getSecGroup(t, groupID) |
| Jon Perritt | db9a9b3 | 2015-03-09 12:08:50 -0600 | [diff] [blame] | 35 | } |
| 36 | |
| 37 | func TestSecurityGroupRules(t *testing.T) { |
| 38 | Setup(t) |
| 39 | defer Teardown() |
| 40 | |
| 41 | // create security group |
| 42 | groupID := createSecGroup(t) |
| 43 | |
| 44 | defer deleteSecGroup(t, groupID) |
| 45 | |
| 46 | // create security group rule |
| 47 | ruleID := createSecRule(t, groupID) |
| 48 | |
| 49 | // delete security group rule |
| 50 | defer deleteSecRule(t, ruleID) |
| 51 | |
| 52 | // list security group rule |
| 53 | listSecRules(t) |
| 54 | |
| 55 | // get security group rule |
| 56 | getSecRule(t, ruleID) |
| 57 | } |
| 58 | |
| 59 | func createSecGroup(t *testing.T) string { |
| 60 | sg, err := rsGroups.Create(Client, osGroups.CreateOpts{ |
| 61 | Name: "new-webservers", |
| 62 | Description: "security group for webservers", |
| 63 | }).Extract() |
| 64 | |
| 65 | th.AssertNoErr(t, err) |
| 66 | |
| 67 | t.Logf("Created security group %s", sg.ID) |
| 68 | |
| 69 | return sg.ID |
| 70 | } |
| 71 | |
| 72 | func listSecGroups(t *testing.T) { |
| 73 | err := rsGroups.List(Client, osGroups.ListOpts{}).EachPage(func(page pagination.Page) (bool, error) { |
| 74 | list, err := osGroups.ExtractGroups(page) |
| 75 | if err != nil { |
| 76 | t.Errorf("Failed to extract secgroups: %v", err) |
| 77 | return false, err |
| 78 | } |
| 79 | |
| 80 | for _, sg := range list { |
| 81 | t.Logf("Listing security group: ID [%s] Name [%s]", sg.ID, sg.Name) |
| 82 | } |
| 83 | |
| 84 | return true, nil |
| 85 | }) |
| 86 | |
| 87 | th.AssertNoErr(t, err) |
| 88 | } |
| 89 | |
| 90 | func getSecGroup(t *testing.T, id string) { |
| 91 | sg, err := rsGroups.Get(Client, id).Extract() |
| 92 | th.AssertNoErr(t, err) |
| 93 | t.Logf("Getting security group: ID [%s] Name [%s] Description [%s]", sg.ID, sg.Name, sg.Description) |
| 94 | } |
| 95 | |
| 96 | func createSecGroupPort(t *testing.T, groupID string) (string, string) { |
| 97 | n, err := rsNetworks.Create(Client, osNetworks.CreateOpts{Name: "tmp_network"}).Extract() |
| 98 | th.AssertNoErr(t, err) |
| 99 | t.Logf("Created network %s", n.ID) |
| 100 | |
| 101 | opts := osPorts.CreateOpts{ |
| 102 | NetworkID: n.ID, |
| 103 | Name: "my_port", |
| 104 | SecurityGroups: []string{groupID}, |
| 105 | } |
| 106 | p, err := rsPorts.Create(Client, opts).Extract() |
| 107 | th.AssertNoErr(t, err) |
| 108 | t.Logf("Created port %s with security group %s", p.ID, groupID) |
| 109 | |
| 110 | return n.ID, p.ID |
| 111 | } |
| 112 | |
| 113 | func deleteSecGroup(t *testing.T, groupID string) { |
| 114 | res := rsGroups.Delete(Client, groupID) |
| 115 | th.AssertNoErr(t, res.Err) |
| 116 | t.Logf("Deleted security group %s", groupID) |
| 117 | } |
| 118 | |
| 119 | func createSecRule(t *testing.T, groupID string) string { |
| 120 | r, err := rsRules.Create(Client, osRules.CreateOpts{ |
| 121 | Direction: "ingress", |
| 122 | PortRangeMin: 80, |
| 123 | EtherType: "IPv4", |
| 124 | PortRangeMax: 80, |
| 125 | Protocol: "tcp", |
| 126 | SecGroupID: groupID, |
| 127 | }).Extract() |
| 128 | |
| 129 | th.AssertNoErr(t, err) |
| 130 | |
| 131 | t.Logf("Created security group rule %s", r.ID) |
| 132 | |
| 133 | return r.ID |
| 134 | } |
| 135 | |
| 136 | func listSecRules(t *testing.T) { |
| 137 | err := rsRules.List(Client, osRules.ListOpts{}).EachPage(func(page pagination.Page) (bool, error) { |
| 138 | list, err := osRules.ExtractRules(page) |
| 139 | if err != nil { |
| 140 | t.Errorf("Failed to extract sec rules: %v", err) |
| 141 | return false, err |
| 142 | } |
| 143 | |
| 144 | for _, r := range list { |
| 145 | t.Logf("Listing security rule: ID [%s]", r.ID) |
| 146 | } |
| 147 | |
| 148 | return true, nil |
| 149 | }) |
| 150 | |
| 151 | th.AssertNoErr(t, err) |
| 152 | } |
| 153 | |
| 154 | func getSecRule(t *testing.T, id string) { |
| 155 | r, err := rsRules.Get(Client, id).Extract() |
| 156 | th.AssertNoErr(t, err) |
| 157 | t.Logf("Getting security rule: ID [%s] Direction [%s] EtherType [%s] Protocol [%s]", |
| 158 | r.ID, r.Direction, r.EtherType, r.Protocol) |
| 159 | } |
| 160 | |
| 161 | func deleteSecRule(t *testing.T, id string) { |
| 162 | res := rsRules.Delete(Client, id) |
| 163 | th.AssertNoErr(t, res.Err) |
| 164 | t.Logf("Deleted security rule %s", id) |
| 165 | } |