ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/aws: expandIPPerms works again

This commit is contained in:
Mitchell Hashimoto 2014-08-20 10:54:43 -07:00
parent 33a7d32f40
commit a594ef9a28
3 changed files with 46 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
builtin/providers/aws/resource_aws_security_group.go
View File

@ -3,7 +3,6 @@ package aws
import ( import (
"fmt" "fmt"
"log" "log"
"strings"
"time" "time"
"github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/resource"
@ -16,6 +15,7 @@ func resourceAwsSecurityGroup() *schema.Resource {
return &schema.Resource{ return &schema.Resource{
Create: resourceAwsSecurityGroupCreate, Create: resourceAwsSecurityGroupCreate,
Read: resourceAwsSecurityGroupRead, Read: resourceAwsSecurityGroupRead,
Update: resourceAwsSecurityGroupUpdate,
Delete: resourceAwsSecurityGroupDelete, Delete: resourceAwsSecurityGroupDelete,
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
@ -130,43 +130,7 @@ func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) er
} }
ingressList := ingressRaw.([]interface{}) ingressList := ingressRaw.([]interface{})
if len(ingressList) > 0 { if len(ingressList) > 0 {
ingressRules := make([]ec2.IPPerm, len(ingressList)) ingressRules := expandIPPerms(ingressList)
for i, mRaw := range ingressList {
var perm ec2.IPPerm
m := mRaw.(map[string]interface{})
perm.FromPort = m["from_port"].(int)
perm.ToPort = m["to_port"].(int)
perm.Protocol = m["protocol"].(string)
if raw, ok := m["security_groups"]; ok {
list := raw.([]interface{})
perm.SourceGroups = make([]ec2.UserSecurityGroup, len(list))
for i, v := range list {
name := v.(string)
ownerId, id := "", name
if items := strings.Split(id, "/"); len(items) > 1 {
ownerId, id = items[0], items[1]
}
perm.SourceGroups[i] = ec2.UserSecurityGroup{
Id: id,
OwnerId: ownerId,
}
}
}
if raw, ok := m["cidr_blocks"]; ok {
list := raw.([]interface{})
perm.SourceIPs = make([]string, len(list))
for i, v := range list {
perm.SourceIPs[i] = v.(string)
}
}
ingressRules[i] = perm
}
_, err = ec2conn.AuthorizeSecurityGroup(group, ingressRules) _, err = ec2conn.AuthorizeSecurityGroup(group, ingressRules)
if err != nil { if err != nil {
return fmt.Errorf("Error authorizing security group ingress rules: %s", err) return fmt.Errorf("Error authorizing security group ingress rules: %s", err)
@ -176,6 +140,10 @@ func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) er
return resourceAwsSecurityGroupRead(d, meta) return resourceAwsSecurityGroupRead(d, meta)
} }
func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
return nil
}
func resourceAwsSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error { func resourceAwsSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
p := meta.(*ResourceProvider) p := meta.(*ResourceProvider)
ec2conn := p.ec2conn ec2conn := p.ec2conn

76
builtin/providers/aws/structure.go
View File

@ -41,69 +41,45 @@ func expandListeners(configured []interface{}) ([]elb.Listener, error) {
// Takes the result of flatmap.Expand for an array of ingress/egress // Takes the result of flatmap.Expand for an array of ingress/egress
// security group rules and returns EC2 API compatible objects // security group rules and returns EC2 API compatible objects
func expandIPPerms(configured []interface{}) ([]ec2.IPPerm, error) { func expandIPPerms(configured []interface{}) []ec2.IPPerm {
perms := make([]ec2.IPPerm, 0, len(configured)) perms := make([]ec2.IPPerm, len(configured))
for i, mRaw := range configured {
var perm ec2.IPPerm
m := mRaw.(map[string]interface{})
// Loop over our configured permissions and create perm.FromPort = m["from_port"].(int)
// an array of goamz/ec2 compatabile objects perm.ToPort = m["to_port"].(int)
for _, perm := range configured { perm.Protocol = m["protocol"].(string)
// Our permission object
newP := perm.(map[string]interface{})
// Our new returned goamz compatible permission if raw, ok := m["security_groups"]; ok {
p := ec2.IPPerm{} list := raw.([]interface{})
perm.SourceGroups = make([]ec2.UserSecurityGroup, len(list))
// Ports for i, v := range list {
if attr, ok := newP["from_port"].(string); ok { name := v.(string)
fromPort, err := strconv.Atoi(attr) ownerId, id := "", name
if err != nil { if items := strings.Split(id, "/"); len(items) > 1 {
return nil, err
}
p.FromPort = fromPort
}
if attr, ok := newP["to_port"].(string); ok {
toPort, err := strconv.Atoi(attr)
if err != nil {
return nil, err
}
p.ToPort = toPort
}
if attr, ok := newP["protocol"].(string); ok {
p.Protocol = attr
}
// Loop over the array of sg ids and built
// compatibile goamz objects
if secGroups, ok := newP["security_groups"].([]interface{}); ok {
expandedGroups := []ec2.UserSecurityGroup{}
gs := expandStringList(secGroups)
for _, g := range gs {
ownerId, id := "", g
if items := strings.Split(g, "/"); len(items) > 1 {
ownerId, id = items[0], items[1] ownerId, id = items[0], items[1]
} }
newG := ec2.UserSecurityGroup{
Id: id, perm.SourceGroups[i] = ec2.UserSecurityGroup{
Id: id,
OwnerId: ownerId, OwnerId: ownerId,
} }
expandedGroups = append(expandedGroups, newG)
} }
p.SourceGroups = expandedGroups
} }
// Expand CIDR blocks if raw, ok := m["cidr_blocks"]; ok {
if cidrBlocks, ok := newP["cidr_blocks"].([]interface{}); ok { list := raw.([]interface{})
p.SourceIPs = expandStringList(cidrBlocks) perm.SourceIPs = make([]string, len(list))
for i, v := range list {
perm.SourceIPs[i] = v.(string)
}
} }
perms = append(perms, p) perms[i] = perm
} }
return perms, nil return perms
} }
// Flattens an array of ipPerms into a list of primitives that // Flattens an array of ipPerms into a list of primitives that

69
builtin/providers/aws/structure_test.go
View File

@ -33,12 +33,20 @@ func testConf() map[string]string {
} }
func Test_expandIPPerms(t *testing.T) { func Test_expandIPPerms(t *testing.T) {
expanded := flatmap.Expand(testConf(), "ingress").([]interface{}) expanded := []interface{}{
perms, err := expandIPPerms(expanded) map[string]interface{}{
"protocol": "icmp",
if err != nil { "from_port": 1,
t.Fatalf("bad: %#v", err) "to_port": -1,
"cidr_blocks": []interface{}{"0.0.0.0/0"},
"security_groups": []interface{}{
"sg-11111",
"foo/sg-22222",
},
},
} }
perms := expandIPPerms(expanded)
expected := ec2.IPPerm{ expected := ec2.IPPerm{
Protocol: "icmp", Protocol: "icmp",
FromPort: 1, FromPort: 1,
@ -50,56 +58,7 @@ func Test_expandIPPerms(t *testing.T) {
}, },
ec2.UserSecurityGroup{ ec2.UserSecurityGroup{
OwnerId: "foo", OwnerId: "foo",
Id: "sg-22222", Id: "sg-22222",
},
},
}
if !reflect.DeepEqual(perms[0], expected) {
t.Fatalf(
"Got:\n\n%#v\n\nExpected:\n\n%#v\n",
perms[0],
expected)
}
}
func Test_expandIPPerms_bad(t *testing.T) {
badConf := map[string]string{
"ingress.#": "1",
"ingress.0.from_port": "not number",
}
expanded := flatmap.Expand(badConf, "ingress").([]interface{})
perms, err := expandIPPerms(expanded)
if err == nil {
t.Fatalf("should have err: %#v", perms)
}
}
func Test_expandIPPerms_NoCidr(t *testing.T) {
conf := testConf()
delete(conf, "ingress.0.cidr_blocks.#")
delete(conf, "ingress.0.cidr_blocks.0")
expanded := flatmap.Expand(conf, "ingress").([]interface{})
perms, err := expandIPPerms(expanded)
if err != nil {
t.Fatalf("bad: %#v", err)
}
expected := ec2.IPPerm{
Protocol: "icmp",
FromPort: 1,
ToPort: -1,
SourceGroups: []ec2.UserSecurityGroup{
ec2.UserSecurityGroup{
Id: "sg-11111",
},
ec2.UserSecurityGroup{
OwnerId: "foo",
Id: "sg-22222",
}, },
}, },
} }