From bcc6f884b1dcea1ca64ca915081e779d5dc80cf0 Mon Sep 17 00:00:00 2001 From: Jack Pearkes Date: Wed, 16 Jul 2014 20:13:16 -0400 Subject: [PATCH] providers/aws: actually return ingress rule on refresh, tests --- .../aws/resource_aws_security_group.go | 18 +++++-- builtin/providers/aws/structure.go | 1 + builtin/providers/aws/structure_test.go | 47 +++++++++++++++---- 3 files changed, 52 insertions(+), 14 deletions(-) diff --git a/builtin/providers/aws/resource_aws_security_group.go b/builtin/providers/aws/resource_aws_security_group.go index f7cdb4c9f..8109f4e65 100644 --- a/builtin/providers/aws/resource_aws_security_group.go +++ b/builtin/providers/aws/resource_aws_security_group.go @@ -23,9 +23,15 @@ func resource_aws_security_group_create( rs := s.MergeDiff(d) securityGroupOpts := ec2.SecurityGroup{ - Name: rs.Attributes["name"], - Description: rs.Attributes["description"], - VpcId: rs.Attributes["vpc_id"], + Name: rs.Attributes["name"], + } + + if rs.Attributes["vpc_id"] != "" { + securityGroupOpts.VpcId = rs.Attributes["vpc_id"] + } + + if rs.Attributes["description"] != "" { + securityGroupOpts.Description = rs.Attributes["description"] } log.Printf("[DEBUG] Security Group create configuration: %#v", securityGroupOpts) @@ -118,12 +124,12 @@ func resource_aws_security_group_diff( Attrs: map[string]diff.AttrType{ "name": diff.AttrTypeCreate, "description": diff.AttrTypeUpdate, - "vpc_id": diff.AttrTypeUpdate, "ingress": diff.AttrTypeUpdate, }, ComputedAttrs: []string{ "owner_id", + "vpc_id", }, } @@ -139,7 +145,7 @@ func resource_aws_security_group_update_state( s.Attributes["vpc_id"] = sg.VpcId s.Attributes["owner_id"] = sg.OwnerId - // Flatten our sg values + // Flatten our ingress values toFlatten := make(map[string]interface{}) toFlatten["ingress"] = flattenIPPerms(sg.IPPerms) @@ -192,6 +198,8 @@ func resource_aws_security_group_validation() *config.Validator { "description", "vpc_id", "owner_id", + "ingress.*.cidr_blocks.*", + "ingress.*.security_groups.*", }, } } diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index a1533056c..06f61b76e 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -81,6 +81,7 @@ func flattenIPPerms(list []ec2.IPPerm) []map[string]interface{} { n["to_port"] = perm.ToPort n["cidr_blocks"] = perm.SourceIPs n["security_groups"] = flattenSecurityGroups(perm.SourceGroups) + result = append(result, n) } return result diff --git a/builtin/providers/aws/structure_test.go b/builtin/providers/aws/structure_test.go index c1c2e7371..c114d06e0 100644 --- a/builtin/providers/aws/structure_test.go +++ b/builtin/providers/aws/structure_test.go @@ -20,19 +20,19 @@ func testConf() map[string]string { "availability_zones.#": "2", "availability_zones.0": "us-east-1a", "availability_zones.1": "us-east-1b", - "egress.#": "1", - "egress.0.protocol": "icmp", - "egress.0.from_port": "1", - "egress.0.to_port": "-1", - "egress.0.cidr_blocks.#": "1", - "egress.0.cidr_blocks.0": "0.0.0.0/0", - "egress.0.security_groups.#": "1", - "egress.0.security_groups.0": "sg-11111", + "ingress.#": "1", + "ingress.0.protocol": "icmp", + "ingress.0.from_port": "1", + "ingress.0.to_port": "-1", + "ingress.0.cidr_blocks.#": "1", + "ingress.0.cidr_blocks.0": "0.0.0.0/0", + "ingress.0.security_groups.#": "1", + "ingress.0.security_groups.0": "sg-11111", } } func Test_expandIPPerms(t *testing.T) { - expanded := flatmap.Expand(testConf(), "egress").([]interface{}) + expanded := flatmap.Expand(testConf(), "ingress").([]interface{}) perms := expandIPPerms(expanded) expected := ec2.IPPerm{ Protocol: "icmp", @@ -55,6 +55,35 @@ func Test_expandIPPerms(t *testing.T) { } +func Test_flattenIPPerms(t *testing.T) { + rawIp := []ec2.IPPerm{ + ec2.IPPerm{ + Protocol: "icmp", + FromPort: 1, + ToPort: -1, + SourceIPs: []string{"0.0.0.0/0"}, + SourceGroups: []ec2.UserSecurityGroup{ + ec2.UserSecurityGroup{ + Id: "sg-11111", + }, + }, + }, + } + + toFlatten := make(map[string]interface{}) + toFlatten["ingress"] = flattenIPPerms(rawIp) + + perms := flatmap.Flatten(toFlatten) + + if perms["ingress.0.protocol"] != "icmp" { + t.Fatalf("bad protocol") + } + + if perms["ingress.0.security_groups.0"] != "sg-11111" { + t.Fatalf("bad security group") + } +} + func Test_expandListeners(t *testing.T) { expanded := flatmap.Expand(testConf(), "listener").([]interface{}) listeners := expandListeners(expanded)