PageRenderTime 77ms CodeModel.GetById 0ms RepoModel.GetById 0ms app.codeStats 0ms

/vendor/github.com/gophercloud/gophercloud/acceptance/openstack/networking/v2/extensions/fwaas/fwaas.go

https://gitlab.com/unofficial-mirrors/openshift-origin
Go | 203 lines | 141 code | 42 blank | 20 comment | 29 complexity | 3f77e93f67d925a5003cd04343091351 MD5 | raw file
  1. package fwaas
  2. import (
  3. "fmt"
  4. "strconv"
  5. "testing"
  6. "github.com/gophercloud/gophercloud"
  7. "github.com/gophercloud/gophercloud/acceptance/tools"
  8. "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/firewalls"
  9. "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/policies"
  10. "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/routerinsertion"
  11. "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas/rules"
  12. )
  13. // CreateFirewall will create a Firewaill with a random name and a specified
  14. // policy ID. An error will be returned if the firewall could not be created.
  15. func CreateFirewall(t *testing.T, client *gophercloud.ServiceClient, policyID string) (*firewalls.Firewall, error) {
  16. firewallName := tools.RandomString("TESTACC-", 8)
  17. t.Logf("Attempting to create firewall %s", firewallName)
  18. iTrue := true
  19. createOpts := firewalls.CreateOpts{
  20. Name: firewallName,
  21. PolicyID: policyID,
  22. AdminStateUp: &iTrue,
  23. }
  24. firewall, err := firewalls.Create(client, createOpts).Extract()
  25. if err != nil {
  26. return firewall, err
  27. }
  28. t.Logf("Waiting for firewall to become active.")
  29. if err := WaitForFirewallState(client, firewall.ID, "ACTIVE", 60); err != nil {
  30. return firewall, err
  31. }
  32. t.Logf("Successfully created firewall %s", firewallName)
  33. return firewall, nil
  34. }
  35. // CreateFirewallOnRouter will create a Firewall with a random name and a
  36. // specified policy ID attached to a specified Router. An error will be
  37. // returned if the firewall could not be created.
  38. func CreateFirewallOnRouter(t *testing.T, client *gophercloud.ServiceClient, policyID string, routerID string) (*firewalls.Firewall, error) {
  39. firewallName := tools.RandomString("TESTACC-", 8)
  40. t.Logf("Attempting to create firewall %s", firewallName)
  41. firewallCreateOpts := firewalls.CreateOpts{
  42. Name: firewallName,
  43. PolicyID: policyID,
  44. }
  45. createOpts := routerinsertion.CreateOptsExt{
  46. CreateOptsBuilder: firewallCreateOpts,
  47. RouterIDs: []string{routerID},
  48. }
  49. firewall, err := firewalls.Create(client, createOpts).Extract()
  50. if err != nil {
  51. return firewall, err
  52. }
  53. t.Logf("Waiting for firewall to become active.")
  54. if err := WaitForFirewallState(client, firewall.ID, "ACTIVE", 60); err != nil {
  55. return firewall, err
  56. }
  57. t.Logf("Successfully created firewall %s", firewallName)
  58. return firewall, nil
  59. }
  60. // CreatePolicy will create a Firewall Policy with a random name and given
  61. // rule. An error will be returned if the rule could not be created.
  62. func CreatePolicy(t *testing.T, client *gophercloud.ServiceClient, ruleID string) (*policies.Policy, error) {
  63. policyName := tools.RandomString("TESTACC-", 8)
  64. t.Logf("Attempting to create policy %s", policyName)
  65. createOpts := policies.CreateOpts{
  66. Name: policyName,
  67. Rules: []string{
  68. ruleID,
  69. },
  70. }
  71. policy, err := policies.Create(client, createOpts).Extract()
  72. if err != nil {
  73. return policy, err
  74. }
  75. t.Logf("Successfully created policy %s", policyName)
  76. return policy, nil
  77. }
  78. // CreateRule will create a Firewall Rule with a random source address and
  79. //source port, destination address and port. An error will be returned if
  80. // the rule could not be created.
  81. func CreateRule(t *testing.T, client *gophercloud.ServiceClient) (*rules.Rule, error) {
  82. ruleName := tools.RandomString("TESTACC-", 8)
  83. sourceAddress := fmt.Sprintf("192.168.1.%d", tools.RandomInt(1, 100))
  84. sourcePort := strconv.Itoa(tools.RandomInt(1, 100))
  85. destinationAddress := fmt.Sprintf("192.168.2.%d", tools.RandomInt(1, 100))
  86. destinationPort := strconv.Itoa(tools.RandomInt(1, 100))
  87. t.Logf("Attempting to create rule %s with source %s:%s and destination %s:%s",
  88. ruleName, sourceAddress, sourcePort, destinationAddress, destinationPort)
  89. createOpts := rules.CreateOpts{
  90. Name: ruleName,
  91. Protocol: rules.ProtocolTCP,
  92. Action: "allow",
  93. SourceIPAddress: sourceAddress,
  94. SourcePort: sourcePort,
  95. DestinationIPAddress: destinationAddress,
  96. DestinationPort: destinationPort,
  97. }
  98. rule, err := rules.Create(client, createOpts).Extract()
  99. if err != nil {
  100. return rule, err
  101. }
  102. t.Logf("Rule %s successfully created", ruleName)
  103. return rule, nil
  104. }
  105. // DeleteFirewall will delete a firewall with a specified ID. A fatal error
  106. // will occur if the delete was not successful. This works best when used as
  107. // a deferred function.
  108. func DeleteFirewall(t *testing.T, client *gophercloud.ServiceClient, firewallID string) {
  109. t.Logf("Attempting to delete firewall: %s", firewallID)
  110. err := firewalls.Delete(client, firewallID).ExtractErr()
  111. if err != nil {
  112. t.Fatalf("Unable to delete firewall %s: %v", firewallID, err)
  113. }
  114. t.Logf("Waiting for firewall to delete.")
  115. if err := WaitForFirewallState(client, firewallID, "DELETED", 60); err != nil {
  116. t.Logf("Unable to delete firewall: %s", firewallID)
  117. }
  118. t.Logf("Firewall deleted: %s", firewallID)
  119. }
  120. // DeletePolicy will delete a policy with a specified ID. A fatal error will
  121. // occur if the delete was not successful. This works best when used as a
  122. // deferred function.
  123. func DeletePolicy(t *testing.T, client *gophercloud.ServiceClient, policyID string) {
  124. t.Logf("Attempting to delete policy: %s", policyID)
  125. err := policies.Delete(client, policyID).ExtractErr()
  126. if err != nil {
  127. t.Fatalf("Unable to delete policy %s: %v", policyID, err)
  128. }
  129. t.Logf("Deleted policy: %s", policyID)
  130. }
  131. // DeleteRule will delete a rule with a specified ID. A fatal error will occur
  132. // if the delete was not successful. This works best when used as a deferred
  133. // function.
  134. func DeleteRule(t *testing.T, client *gophercloud.ServiceClient, ruleID string) {
  135. t.Logf("Attempting to delete rule: %s", ruleID)
  136. err := rules.Delete(client, ruleID).ExtractErr()
  137. if err != nil {
  138. t.Fatalf("Unable to delete rule %s: %v", ruleID, err)
  139. }
  140. t.Logf("Deleted rule: %s", ruleID)
  141. }
  142. // WaitForFirewallState will wait until a firewall reaches a given state.
  143. func WaitForFirewallState(client *gophercloud.ServiceClient, firewallID, status string, secs int) error {
  144. return gophercloud.WaitFor(secs, func() (bool, error) {
  145. current, err := firewalls.Get(client, firewallID).Extract()
  146. if err != nil {
  147. if httpStatus, ok := err.(gophercloud.ErrDefault404); ok {
  148. if httpStatus.Actual == 404 {
  149. if status == "DELETED" {
  150. return true, nil
  151. }
  152. }
  153. }
  154. return false, err
  155. }
  156. if current.Status == status {
  157. return true, nil
  158. }
  159. return false, nil
  160. })
  161. }