Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / debian / gophercloud / fea907314733f0027d89b69909decad27ca4c4b1 / . / openstack / compute / v2 / extensions / secgroups / requests.go
blob: 48ff6983a604387aba81b1d30d8407843497095c [file] [log] [blame]
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]1package secgroups
2
3import (
Jon Perritt27249f42016-02-18 10:35:59 -0600[diff] [blame]4 "github.com/gophercloud/gophercloud"
5 "github.com/gophercloud/gophercloud/pagination"
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]6)
7
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]8func commonList(client *gophercloud.ServiceClient, url string) pagination.Pager {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]9 return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]10 return SecurityGroupPage{pagination.SinglePageBase(r)}
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]11 })
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]12}
13
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]14// List will return a collection of all the security groups for a particular
15// tenant.
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]16func List(client *gophercloud.ServiceClient) pagination.Pager {
17 return commonList(client, rootURL(client))
18}
19
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]20// ListByServer will return a collection of all the security groups which are
21// associated with a particular server.
Jamie Hannaford19151792014-11-19 12:46:47 +0100[diff] [blame]22func ListByServer(client *gophercloud.ServiceClient, serverID string) pagination.Pager {
23 return commonList(client, listByServerURL(client, serverID))
Jamie Hannaford924c09d2014-11-19 12:05:38 +0100[diff] [blame]24}
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]25
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]26// GroupOpts is the underlying struct responsible for creating or updating
27// security groups. It therefore represents the mutable attributes of a
28// security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]29type GroupOpts struct {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]30 // the name of your security group.
31 Name string `json:"name" required:"true"`
32 // the description of your security group.
33 Description string `json:"description" required:"true"`
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]34}
35
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]36// CreateOpts is the struct responsible for creating a security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]37type CreateOpts GroupOpts
38
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]39// CreateOptsBuilder builds the create options into a serializable format.
40type CreateOptsBuilder interface {
41 ToSecGroupCreateMap() (map[string]interface{}, error)
42}
43
44// ToSecGroupCreateMap builds the create options into a serializable format.
45func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]46 return gophercloud.BuildRequestBody(opts, "security_group")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]47}
48
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]49// Create will create a new security group.
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]50func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) CreateResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]51 var r CreateResult
52 b, err := opts.ToSecGroupCreateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]53 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]54 r.Err = err
55 return r
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]56 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]57 _, r.Err = client.Post(rootURL(client), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]58 OkCodes: []int{200},
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]59 })
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]60 return r
Jamie Hannaforda493e642014-11-19 12:40:30 +0100[diff] [blame]61}
Jamie Hannafordb38dd312014-11-19 13:02:11 +0100[diff] [blame]62
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]63// UpdateOpts is the struct responsible for updating an existing security group.
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]64type UpdateOpts GroupOpts
65
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]66// UpdateOptsBuilder builds the update options into a serializable format.
67type UpdateOptsBuilder interface {
68 ToSecGroupUpdateMap() (map[string]interface{}, error)
69}
70
71// ToSecGroupUpdateMap builds the update options into a serializable format.
72func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]73 return gophercloud.BuildRequestBody(opts, "security_group")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]74}
75
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]76// Update will modify the mutable properties of a security group, notably its
77// name and description.
Jamie Hannaford2f226172014-11-25 11:52:25 +0100[diff] [blame]78func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) UpdateResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]79 var r UpdateResult
80 b, err := opts.ToSecGroupUpdateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]81 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]82 r.Err = err
83 return r
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]84 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]85 _, r.Err = client.Put(resourceURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]86 OkCodes: []int{200},
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]87 })
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]88 return r
Jamie Hannaford30c74662014-11-19 15:37:34 +0100[diff] [blame]89}
90
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]91// Get will return details for a particular security group.
Jamie Hannaford2f226172014-11-25 11:52:25 +0100[diff] [blame]92func Get(client *gophercloud.ServiceClient, id string) GetResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]93 var r GetResult
94 _, r.Err = client.Get(resourceURL(client, id), &r.Body, nil)
95 return r
Jamie Hannafordb38dd312014-11-19 13:02:11 +0100[diff] [blame]96}
Jamie Hannafordd276e612014-11-19 13:56:28 +0100[diff] [blame]97
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]98// Delete will permanently delete a security group from the project.
Jamie Hannaford2f226172014-11-25 11:52:25 +0100[diff] [blame]99func Delete(client *gophercloud.ServiceClient, id string) gophercloud.ErrResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]100 var r gophercloud.ErrResult
101 _, r.Err = client.Delete(resourceURL(client, id), nil)
102 return r
Jamie Hannafordd276e612014-11-19 13:56:28 +0100[diff] [blame]103}
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]104
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]105// CreateRuleOpts represents the configuration for adding a new rule to an
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]106// existing security group.
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]107type CreateRuleOpts struct {
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]108 // Required - the ID of the group that this rule will be added to.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]109 ParentGroupID string `json:"parent_group_id" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]110 // Required - the lower bound of the port range that will be opened.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]111 FromPort int `json:"from_port" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]112 // Required - the upper bound of the port range that will be opened.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]113 ToPort int `json:"to_port" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]114 // Required - the protocol type that will be allowed, e.g. TCP.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]115 IPProtocol string `json:"ip_protocol" required:"true"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]116 // ONLY required if FromGroupID is blank. This represents the IP range that
117 // will be the source of network traffic to your security group. Use
118 // 0.0.0.0/0 to allow all IP addresses.
119 CIDR string `json:"cidr,omitempty"`
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]120 // ONLY required if CIDR is blank. This value represents the ID of a group
121 // that forwards traffic to the parent group. So, instead of accepting
122 // network traffic from an entire IP range, you can instead refine the
123 // inbound source by an existing security group.
124 FromGroupID string `json:"group_id,omitempty"`
125}
126
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]127// CreateRuleOptsBuilder builds the create rule options into a serializable format.
128type CreateRuleOptsBuilder interface {
129 ToRuleCreateMap() (map[string]interface{}, error)
130}
131
132// ToRuleCreateMap builds the create rule options into a serializable format.
133func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error) {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]134 return gophercloud.BuildRequestBody(opts, "security_group_rule")
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]135}
136
137// CreateRule will add a new rule to an existing security group (whose ID is
138// specified in CreateRuleOpts). You have the option of controlling inbound
139// traffic from either an IP range (CIDR) or from another security group.
140func CreateRule(client *gophercloud.ServiceClient, opts CreateRuleOptsBuilder) CreateRuleResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]141 var r CreateRuleResult
142 b, err := opts.ToRuleCreateMap()
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]143 if err != nil {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]144 r.Err = err
145 return r
Jamie Hannaford04abbc72014-11-21 11:27:57 +0100[diff] [blame]146 }
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]147 _, r.Err = client.Post(rootRuleURL(client), b, &r.Body, &gophercloud.RequestOpts{
Jamie Hannaford6a3a78f2015-03-24 14:56:12 +0100[diff] [blame]148 OkCodes: []int{200},
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]149 })
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]150 return r
Jamie Hannaford8badf1e2014-11-19 14:39:26 +0100[diff] [blame]151}
Jamie Hannaford61f81ca2014-11-19 14:44:33 +0100[diff] [blame]152
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]153// DeleteRule will permanently delete a rule from a security group.
Jamie Hannaford2f226172014-11-25 11:52:25 +0100[diff] [blame]154func DeleteRule(client *gophercloud.ServiceClient, id string) gophercloud.ErrResult {
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]155 var r gophercloud.ErrResult
156 _, r.Err = client.Delete(resourceRuleURL(client, id), nil)
157 return r
Jamie Hannaford61f81ca2014-11-19 14:44:33 +0100[diff] [blame]158}
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]159
160func actionMap(prefix, groupName string) map[string]map[string]string {
161 return map[string]map[string]string{
162 prefix + "SecurityGroup": map[string]string{"name": groupName},
163 }
164}
165
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]166// AddServer will associate a server and a security group, enforcing the
Jamie Hannaford7f34d8e2014-11-20 12:24:55 +0100[diff] [blame]167// rules of the group on the server.
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]168func AddServer(client *gophercloud.ServiceClient, serverID, groupName string) gophercloud.ErrResult {
169 var r gophercloud.ErrResult
170 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("add", groupName), &r.Body, nil)
171 return r
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]172}
173
Jon Perrittdb0ae142016-03-13 00:33:41 -0600[diff] [blame]174// RemoveServer will disassociate a server from a security group.
175func RemoveServer(client *gophercloud.ServiceClient, serverID, groupName string) gophercloud.ErrResult {
176 var r gophercloud.ErrResult
177 _, r.Err = client.Post(serverActionURL(client, serverID), actionMap("remove", groupName), &r.Body, nil)
178 return r
Jamie Hannaford740e4a32014-11-19 16:13:30 +0100[diff] [blame]179}