ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Converted firewall_rules rule set to a list type. Code tidy

This commit is contained in:
Brett Mack 2015-11-16 20:11:05 +00:00
parent dc8924b537
commit ecc4ce3657
7 changed files with 127 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
builtin/providers/vcd/resource_vcd_dnat.go
View File

@ -41,15 +41,15 @@ func resourceVcdDNAT() *schema.Resource {
} }
func resourceVcdDNATCreate(d *schema.ResourceData, meta interface{}) error { func resourceVcdDNATCreate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as // Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an // the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client // operation we must wait until we can aquire a lock on the client
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
portString := getPortString(d.Get("port").(int)) portString := getPortString(d.Get("port").(int))
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)
@ -80,8 +80,8 @@ func resourceVcdDNATCreate(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdDNATRead(d *schema.ResourceData, meta interface{}) error { func resourceVcdDNATRead(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
e, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) e, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)
@ -106,15 +106,15 @@ func resourceVcdDNATRead(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdDNATDelete(d *schema.ResourceData, meta interface{}) error { func resourceVcdDNATDelete(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as // Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an // the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client // operation we must wait until we can aquire a lock on the client
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
portString := getPortString(d.Get("port").(int)) portString := getPortString(d.Get("port").(int))
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)

142
builtin/providers/vcd/resource_vcd_firewall_rules.go
View File

@ -1,12 +1,11 @@
package vcd package vcd
import ( import (
"bytes"
"fmt" "fmt"
"github.com/hashicorp/terraform/helper/hashcode"
"github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/schema"
"github.com/hmrc/vmware-govcd" "github.com/hmrc/vmware-govcd"
types "github.com/hmrc/vmware-govcd/types/v56" types "github.com/hmrc/vmware-govcd/types/v56"
"log"
"strings" "strings"
) )
@ -30,7 +29,7 @@ func resourceVcdFirewallRules() *schema.Resource {
}, },
"rule": &schema.Schema{ "rule": &schema.Schema{
Type: schema.TypeSet, Type: schema.TypeList,
Optional: true, Optional: true,
ForceNew: true, ForceNew: true,
Elem: &schema.Resource{ Elem: &schema.Resource{
@ -77,29 +76,30 @@ func resourceVcdFirewallRules() *schema.Resource {
}, },
}, },
}, },
Set: resourceVcdNetworkFirewallRuleHash,
}, },
}, },
} }
} }
func resourceVcdFirewallRulesCreate(d *schema.ResourceData, meta interface{}) error { func resourceVcdFirewallRulesCreate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %s", err) return fmt.Errorf("Unable to find edge gateway: %s", err)
} }
err = retryCall(5, func() error { err = retryCall(5, func() error {
edgeGateway.Refresh() edgeGateway.Refresh()
firewallRules, _ := expandFirewallRules(d.Get("rule").(*schema.Set).List(), edgeGateway.EdgeGateway) firewallRules, _ := expandFirewallRules(d, edgeGateway.EdgeGateway)
task, err := edgeGateway.CreateFirewallRules(d.Get("default_action").(string), firewallRules) task, err := edgeGateway.CreateFirewallRules(d.Get("default_action").(string), firewallRules)
if err != nil { if err != nil {
log.Printf("[INFO] Error setting firewall rules: %s", err)
return fmt.Errorf("Error setting firewall rules: %#v", err) return fmt.Errorf("Error setting firewall rules: %#v", err)
} }
return task.WaitTaskCompletion() return task.WaitTaskCompletion()
}) })
if err != nil { if err != nil {
@ -112,13 +112,13 @@ func resourceVcdFirewallRulesCreate(d *schema.ResourceData, meta interface{}) er
} }
func resourceFirewallRulesDelete(d *schema.ResourceData, meta interface{}) error { func resourceFirewallRulesDelete(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
firewallRules := deleteFirewallRules(d.Get("rule").(*schema.Set).List(), edgeGateway.EdgeGateway) firewallRules := deleteFirewallRules(d, edgeGateway.EdgeGateway)
defaultAction := edgeGateway.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.DefaultAction defaultAction := edgeGateway.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.DefaultAction
task, err := edgeGateway.CreateFirewallRules(defaultAction, firewallRules) task, err := edgeGateway.CreateFirewallRules(defaultAction, firewallRules)
if err != nil { if err != nil {
@ -134,28 +134,42 @@ func resourceFirewallRulesDelete(d *schema.ResourceData, meta interface{}) error
} }
func resourceFirewallRulesRead(d *schema.ResourceData, meta interface{}) error { func resourceFirewallRulesRead(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Error finding edge gateway: %#v", err) return fmt.Errorf("Error finding edge gateway: %#v", err)
} }
ruleList := d.Get("rule").([]interface{})
firewallRules := *edgeGateway.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService firewallRules := *edgeGateway.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService
d.Set("rule", resourceVcdFirewallRulesGather(firewallRules.FirewallRule, d.Get("rule").(*schema.Set).List())) rulesCount := d.Get("rule.#").(int)
for i := 0; i < rulesCount; i++ {
prefix := fmt.Sprintf("rule.%d", i)
if d.Get(prefix+".id").(string) == "" {
log.Printf("[INFO] Rule %d has no id. Searching...", i)
ruleid, err := matchFirewallRule(d, prefix, firewallRules.FirewallRule)
if err == nil {
currentRule := ruleList[i].(map[string]interface{})
currentRule["id"] = ruleid
ruleList[i] = currentRule
}
}
}
d.Set("rule", ruleList)
d.Set("default_action", firewallRules.DefaultAction) d.Set("default_action", firewallRules.DefaultAction)
return nil return nil
} }
func deleteFirewallRules(configured []interface{}, gateway *types.EdgeGateway) []*types.FirewallRule { func deleteFirewallRules(d *schema.ResourceData, gateway *types.EdgeGateway) []*types.FirewallRule {
firewallRules := gateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.FirewallRule firewallRules := gateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.FirewallRule
fwrules := make([]*types.FirewallRule, 0, len(firewallRules)-len(configured)) rulesCount := d.Get("rule.#").(int)
fwrules := make([]*types.FirewallRule, 0, len(firewallRules)-rulesCount)
for _, f := range firewallRules { for _, f := range firewallRules {
keep := true keep := true
for _, r := range configured { for i := 0; i < rulesCount; i++ {
data := r.(map[string]interface{}) if d.Get(fmt.Sprintf("rule.%d.id", i)).(string) != f.ID {
if data["id"].(string) != f.ID {
continue continue
} }
keep = false keep = false
@ -167,75 +181,25 @@ func deleteFirewallRules(configured []interface{}, gateway *types.EdgeGateway) [
return fwrules return fwrules
} }
func resourceVcdFirewallRulesGather(rules []*types.FirewallRule, configured []interface{}) []map[string]interface{} { func matchFirewallRule(d *schema.ResourceData, prefix string, rules []*types.FirewallRule) (string, error) {
fwrules := make([]map[string]interface{}, 0, len(configured))
for i := len(configured) - 1; i >= 0; i-- {
data := configured[i].(map[string]interface{})
rule, err := matchFirewallRule(data, rules)
if err != nil {
continue
}
fwrules = append(fwrules, rule)
}
return fwrules
}
func matchFirewallRule(data map[string]interface{}, rules []*types.FirewallRule) (map[string]interface{}, error) {
rule := make(map[string]interface{})
for _, m := range rules { for _, m := range rules {
if data["id"].(string) == "" { log.Printf("[INFO] %s - %s", d.Get(prefix+".description").(string), m.Description)
if data["description"].(string) == m.Description && log.Printf("[INFO] %s - %s", d.Get(prefix+".policy").(string), m.Policy)
data["policy"].(string) == m.Policy && log.Printf("[INFO] %s - %s", d.Get(prefix+".protocol").(string), getProtocol(*m.Protocols))
data["protocol"].(string) == getProtocol(*m.Protocols) && log.Printf("[INFO] %s - %s", d.Get(prefix+".destination_port").(string), getPortString(m.Port))
data["destination_port"].(string) == getPortString(m.Port) && log.Printf("[INFO] %s - %s", strings.ToLower(d.Get(prefix+".destination_ip").(string)), strings.ToLower(m.DestinationIP))
strings.ToLower(data["destination_ip"].(string)) == strings.ToLower(m.DestinationIP) && log.Printf("[INFO] %s - %s", d.Get(prefix+".source_port").(string), getPortString(m.SourcePort))
data["source_port"].(string) == getPortString(m.SourcePort) && log.Printf("[INFO] %s - %s", strings.ToLower(d.Get(prefix+".source_ip").(string)), strings.ToLower(m.SourceIP))
strings.ToLower(data["source_ip"].(string)) == strings.ToLower(m.SourceIP) { if d.Get(prefix+".description").(string) == m.Description &&
rule["id"] = m.ID d.Get(prefix+".policy").(string) == m.Policy &&
rule["description"] = m.Description strings.ToLower(d.Get(prefix+".protocol").(string)) == getProtocol(*m.Protocols) &&
rule["policy"] = m.Policy strings.ToLower(d.Get(prefix+".destination_port").(string)) == getPortString(m.Port) &&
rule["protocol"] = getProtocol(*m.Protocols) strings.ToLower(d.Get(prefix+".destination_ip").(string)) == strings.ToLower(m.DestinationIP) &&
rule["destination_port"] = getPortString(m.Port) strings.ToLower(d.Get(prefix+".source_port").(string)) == getPortString(m.SourcePort) &&
rule["destination_ip"] = strings.ToLower(m.DestinationIP) strings.ToLower(d.Get(prefix+".source_ip").(string)) == strings.ToLower(m.SourceIP) {
rule["source_port"] = getPortString(m.SourcePort) return m.ID, nil
rule["source_ip"] = strings.ToLower(m.SourceIP)
return rule, nil
}
} else {
if data["id"].(string) == m.ID {
rule["id"] = m.ID
rule["description"] = m.Description
rule["policy"] = m.Policy
rule["protocol"] = getProtocol(*m.Protocols)
rule["destination_port"] = getPortString(m.Port)
rule["destination_ip"] = strings.ToLower(m.DestinationIP)
rule["source_port"] = getPortString(m.SourcePort)
rule["source_ip"] = strings.ToLower(m.SourceIP)
return rule, nil
} }
} }
} return "", fmt.Errorf("Unable to find rule")
return rule, fmt.Errorf("Unable to find rule")
}
func resourceVcdNetworkFirewallRuleHash(v interface{}) int {
var buf bytes.Buffer
m := v.(map[string]interface{})
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["description"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["policy"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["protocol"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["destination_port"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["destination_ip"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["source_port"].(string))))
buf.WriteString(fmt.Sprintf("%s-",
strings.ToLower(m["source_ip"].(string))))
return hashcode.String(buf.String())
} }

3
builtin/providers/vcd/resource_vcd_firewall_rules_test.go
View File

@ -2,10 +2,9 @@ package vcd
import ( import (
"fmt" "fmt"
"testing"
//"regexp"
"log" "log"
"os" "os"
"testing"
"github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform" "github.com/hashicorp/terraform/terraform"

44
builtin/providers/vcd/resource_vcd_network.go
View File

@ -95,7 +95,7 @@ func resourceVcdNetwork() *schema.Resource {
}, },
}, },
}, },
Set: resourceVcdNetworkIpAddressHash, Set: resourceVcdNetworkIPAddressHash,
}, },
"static_ip_pool": &schema.Schema{ "static_ip_pool": &schema.Schema{
Type: schema.TypeSet, Type: schema.TypeSet,
@ -114,21 +114,21 @@ func resourceVcdNetwork() *schema.Resource {
}, },
}, },
}, },
Set: resourceVcdNetworkIpAddressHash, Set: resourceVcdNetworkIPAddressHash,
}, },
}, },
} }
} }
func resourceVcdNetworkCreate(d *schema.ResourceData, meta interface{}) error { func resourceVcdNetworkCreate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
log.Printf("[TRACE] CLIENT: %#v", vcd_client) log.Printf("[TRACE] CLIENT: %#v", vcdClient)
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
ipRanges := expandIpRange(d.Get("static_ip_pool").(*schema.Set).List()) ipRanges := expandIPRange(d.Get("static_ip_pool").(*schema.Set).List())
newnetwork := &types.OrgVDCNetwork{ newnetwork := &types.OrgVDCNetwork{
Xmlns: "http://www.vmware.com/vcloud/v1.5", Xmlns: "http://www.vmware.com/vcloud/v1.5",
@ -157,18 +157,18 @@ func resourceVcdNetworkCreate(d *schema.ResourceData, meta interface{}) error {
log.Printf("[INFO] NETWORK: %#v", newnetwork) log.Printf("[INFO] NETWORK: %#v", newnetwork)
err = retryCall(4, func() error { err = retryCall(4, func() error {
return vcd_client.OrgVdc.CreateOrgVDCNetwork(newnetwork) return vcdClient.OrgVdc.CreateOrgVDCNetwork(newnetwork)
}) })
if err != nil { if err != nil {
return fmt.Errorf("Error: %#v", err) return fmt.Errorf("Error: %#v", err)
} }
err = vcd_client.OrgVdc.Refresh() err = vcdClient.OrgVdc.Refresh()
if err != nil { if err != nil {
return fmt.Errorf("Error refreshing vdc: %#v", err) return fmt.Errorf("Error refreshing vdc: %#v", err)
} }
network, err := vcd_client.OrgVdc.FindVDCNetwork(d.Get("name").(string)) network, err := vcdClient.OrgVdc.FindVDCNetwork(d.Get("name").(string))
if err != nil { if err != nil {
return fmt.Errorf("Error finding network: %#v", err) return fmt.Errorf("Error finding network: %#v", err)
} }
@ -194,16 +194,16 @@ func resourceVcdNetworkCreate(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdNetworkRead(d *schema.ResourceData, meta interface{}) error { func resourceVcdNetworkRead(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
log.Printf("[DEBUG] VCD Client configuration: %#v", vcd_client) log.Printf("[DEBUG] VCD Client configuration: %#v", vcdClient)
log.Printf("[DEBUG] VCD Client configuration: %#v", vcd_client.OrgVdc) log.Printf("[DEBUG] VCD Client configuration: %#v", vcdClient.OrgVdc)
err := vcd_client.OrgVdc.Refresh() err := vcdClient.OrgVdc.Refresh()
if err != nil { if err != nil {
return fmt.Errorf("Error refreshing vdc: %#v", err) return fmt.Errorf("Error refreshing vdc: %#v", err)
} }
network, err := vcd_client.OrgVdc.FindVDCNetwork(d.Id()) network, err := vcdClient.OrgVdc.FindVDCNetwork(d.Id())
if err != nil { if err != nil {
log.Printf("[DEBUG] Network no longer exists. Removing from tfstate") log.Printf("[DEBUG] Network no longer exists. Removing from tfstate")
d.SetId("") d.SetId("")
@ -222,15 +222,15 @@ func resourceVcdNetworkRead(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdNetworkDelete(d *schema.ResourceData, meta interface{}) error { func resourceVcdNetworkDelete(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
err := vcd_client.OrgVdc.Refresh() err := vcdClient.OrgVdc.Refresh()
if err != nil { if err != nil {
return fmt.Errorf("Error refreshing vdc: %#v", err) return fmt.Errorf("Error refreshing vdc: %#v", err)
} }
network, err := vcd_client.OrgVdc.FindVDCNetwork(d.Id()) network, err := vcdClient.OrgVdc.FindVDCNetwork(d.Id())
if err != nil { if err != nil {
return fmt.Errorf("Error finding network: %#v", err) return fmt.Errorf("Error finding network: %#v", err)
} }
@ -249,7 +249,7 @@ func resourceVcdNetworkDelete(d *schema.ResourceData, meta interface{}) error {
return nil return nil
} }
func resourceVcdNetworkIpAddressHash(v interface{}) int { func resourceVcdNetworkIPAddressHash(v interface{}) int {
var buf bytes.Buffer var buf bytes.Buffer
m := v.(map[string]interface{}) m := v.(map[string]interface{})
buf.WriteString(fmt.Sprintf("%s-", buf.WriteString(fmt.Sprintf("%s-",

20
builtin/providers/vcd/resource_vcd_snat.go
View File

@ -35,18 +35,18 @@ func resourceVcdSNAT() *schema.Resource {
} }
func resourceVcdSNATCreate(d *schema.ResourceData, meta interface{}) error { func resourceVcdSNATCreate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as // Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an // the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client // operation we must wait until we can aquire a lock on the client
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
// Creating a loop to offer further protection from the edge gateway erroring // Creating a loop to offer further protection from the edge gateway erroring
// due to being busy eg another person is using another client so wouldn't be // due to being busy eg another person is using another client so wouldn't be
// constrained by out lock. If the edge gateway reurns with a busy error, wait // constrained by out lock. If the edge gateway reurns with a busy error, wait
// 3 seconds and then try again. Continue until a non-busy error or success // 3 seconds and then try again. Continue until a non-busy error or success
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)
} }
@ -69,8 +69,8 @@ func resourceVcdSNATCreate(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdSNATRead(d *schema.ResourceData, meta interface{}) error { func resourceVcdSNATRead(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
e, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) e, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)
@ -94,14 +94,14 @@ func resourceVcdSNATRead(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdSNATDelete(d *schema.ResourceData, meta interface{}) error { func resourceVcdSNATDelete(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as // Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an // the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client // operation we must wait until we can aquire a lock on the client
vcd_client.Mutex.Lock() vcdClient.Mutex.Lock()
defer vcd_client.Mutex.Unlock() defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcd_client.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string)) edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil { if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err) return fmt.Errorf("Unable to find edge gateway: %#v", err)
} }

30
builtin/providers/vcd/resource_vcd_vapp.go
View File

@ -80,9 +80,9 @@ func resourceVcdVApp() *schema.Resource {
} }
func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error { func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
catalog, err := vcd_client.Org.FindCatalog(d.Get("catalog_name").(string)) catalog, err := vcdClient.Org.FindCatalog(d.Get("catalog_name").(string))
if err != nil { if err != nil {
return fmt.Errorf("Error finding catalog: %#v", err) return fmt.Errorf("Error finding catalog: %#v", err)
} }
@ -99,7 +99,7 @@ func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
log.Printf("[DEBUG] VAppTemplate: %#v", vapptemplate) log.Printf("[DEBUG] VAppTemplate: %#v", vapptemplate)
var networkHref string var networkHref string
net, err := vcd_client.OrgVdc.FindVDCNetwork(d.Get("network_name").(string)) net, err := vcdClient.OrgVdc.FindVDCNetwork(d.Get("network_name").(string))
if err != nil { if err != nil {
return fmt.Errorf("Error finding OrgVCD Network: %#v", err) return fmt.Errorf("Error finding OrgVCD Network: %#v", err)
} }
@ -108,7 +108,7 @@ func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
} else { } else {
networkHref = net.OrgVDCNetwork.HREF networkHref = net.OrgVDCNetwork.HREF
} }
// vapptemplate := govcd.NewVAppTemplate(&vcd_client.Client) // vapptemplate := govcd.NewVAppTemplate(&vcdClient.Client)
// //
createvapp := &types.InstantiateVAppTemplateParams{ createvapp := &types.InstantiateVAppTemplateParams{
Ovf: "http://schemas.dmtf.org/ovf/envelope/1", Ovf: "http://schemas.dmtf.org/ovf/envelope/1",
@ -134,13 +134,13 @@ func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
} }
err = retryCall(4, func() error { err = retryCall(4, func() error {
e := vcd_client.OrgVdc.InstantiateVAppTemplate(createvapp) e := vcdClient.OrgVdc.InstantiateVAppTemplate(createvapp)
if e != nil { if e != nil {
return fmt.Errorf("Error: %#v", e) return fmt.Errorf("Error: %#v", e)
} }
e = vcd_client.OrgVdc.Refresh() e = vcdClient.OrgVdc.Refresh()
if e != nil { if e != nil {
return fmt.Errorf("Error: %#v", e) return fmt.Errorf("Error: %#v", e)
} }
@ -150,7 +150,7 @@ func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
return err return err
} }
vapp, err := vcd_client.OrgVdc.FindVAppByName(d.Get("name").(string)) vapp, err := vcdClient.OrgVdc.FindVAppByName(d.Get("name").(string))
err = retryCall(4, func() error { err = retryCall(4, func() error {
task, err := vapp.ChangeVMName(d.Get("name").(string)) task, err := vapp.ChangeVMName(d.Get("name").(string))
@ -194,8 +194,8 @@ func resourceVcdVAppCreate(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdVAppUpdate(d *schema.ResourceData, meta interface{}) error { func resourceVcdVAppUpdate(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
vapp, err := vcd_client.OrgVdc.FindVAppByName(d.Id()) vapp, err := vcdClient.OrgVdc.FindVAppByName(d.Id())
if err != nil { if err != nil {
return fmt.Errorf("Error finding VApp: %#v", err) return fmt.Errorf("Error finding VApp: %#v", err)
@ -209,7 +209,7 @@ func resourceVcdVAppUpdate(d *schema.ResourceData, meta interface{}) error {
if d.HasChange("metadata") { if d.HasChange("metadata") {
oraw, nraw := d.GetChange("metadata") oraw, nraw := d.GetChange("metadata")
metadata := oraw.(map[string]interface{}) metadata := oraw.(map[string]interface{})
for k, _ := range metadata { for k := range metadata {
task, err := vapp.DeleteMetadata(k) task, err := vapp.DeleteMetadata(k)
if err != nil { if err != nil {
return fmt.Errorf("Error deleting metadata: %#v", err) return fmt.Errorf("Error deleting metadata: %#v", err)
@ -290,14 +290,14 @@ func resourceVcdVAppUpdate(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdVAppRead(d *schema.ResourceData, meta interface{}) error { func resourceVcdVAppRead(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
err := vcd_client.OrgVdc.Refresh() err := vcdClient.OrgVdc.Refresh()
if err != nil { if err != nil {
return fmt.Errorf("Error refreshing vdc: %#v", err) return fmt.Errorf("Error refreshing vdc: %#v", err)
} }
vapp, err := vcd_client.OrgVdc.FindVAppByName(d.Id()) vapp, err := vcdClient.OrgVdc.FindVAppByName(d.Id())
if err != nil { if err != nil {
log.Printf("[DEBUG] Unable to find vapp. Removing from tfstate") log.Printf("[DEBUG] Unable to find vapp. Removing from tfstate")
d.SetId("") d.SetId("")
@ -309,8 +309,8 @@ func resourceVcdVAppRead(d *schema.ResourceData, meta interface{}) error {
} }
func resourceVcdVAppDelete(d *schema.ResourceData, meta interface{}) error { func resourceVcdVAppDelete(d *schema.ResourceData, meta interface{}) error {
vcd_client := meta.(*govcd.VCDClient) vcdClient := meta.(*govcd.VCDClient)
vapp, err := vcd_client.OrgVdc.FindVAppByName(d.Id()) vapp, err := vcdClient.OrgVdc.FindVAppByName(d.Id())
if err != nil { if err != nil {
return fmt.Errorf("error finding vdc: %s", err) return fmt.Errorf("error finding vdc: %s", err)

29
builtin/providers/vcd/structure.go
View File

@ -1,13 +1,15 @@
package vcd package vcd
import ( import (
"fmt"
"github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/helper/schema"
types "github.com/hmrc/vmware-govcd/types/v56" types "github.com/hmrc/vmware-govcd/types/v56"
"strconv" "strconv"
"time" "time"
) )
func expandIpRange(configured []interface{}) types.IPRanges { func expandIPRange(configured []interface{}) types.IPRanges {
ipRange := make([]*types.IPRange, 0, len(configured)) ipRange := make([]*types.IPRange, 0, len(configured))
for _, ipRaw := range configured { for _, ipRaw := range configured {
@ -28,15 +30,16 @@ func expandIpRange(configured []interface{}) types.IPRanges {
return ipRanges return ipRanges
} }
func expandFirewallRules(configured []interface{}, gateway *types.EdgeGateway) ([]*types.FirewallRule, error) { func expandFirewallRules(d *schema.ResourceData, gateway *types.EdgeGateway) ([]*types.FirewallRule, error) {
//firewallRules := make([]*types.FirewallRule, 0, len(configured)) //firewallRules := make([]*types.FirewallRule, 0, len(configured))
firewallRules := gateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.FirewallRule firewallRules := gateway.Configuration.EdgeGatewayServiceConfiguration.FirewallService.FirewallRule
for i := len(configured) - 1; i >= 0; i-- { rulesCount := d.Get("rule.#").(int)
data := configured[i].(map[string]interface{}) for i := 0; i < rulesCount; i++ {
prefix := fmt.Sprintf("rule.%d", i)
var protocol *types.FirewallRuleProtocols var protocol *types.FirewallRuleProtocols
switch data["protocol"].(string) { switch d.Get(prefix + ".protocol").(string) {
case "tcp": case "tcp":
protocol = &types.FirewallRuleProtocols{ protocol = &types.FirewallRuleProtocols{
TCP: true, TCP: true,
@ -58,15 +61,15 @@ func expandFirewallRules(configured []interface{}, gateway *types.EdgeGateway) (
//ID: strconv.Itoa(len(configured) - i), //ID: strconv.Itoa(len(configured) - i),
IsEnabled: true, IsEnabled: true,
MatchOnTranslate: false, MatchOnTranslate: false,
Description: data["description"].(string), Description: d.Get(prefix + ".description").(string),
Policy: data["policy"].(string), Policy: d.Get(prefix + ".policy").(string),
Protocols: protocol, Protocols: protocol,
Port: getNumericPort(data["destination_port"]), Port: getNumericPort(d.Get(prefix + ".destination_port")),
DestinationPortRange: data["destination_port"].(string), DestinationPortRange: d.Get(prefix + ".destination_port").(string),
DestinationIP: data["destination_ip"].(string), DestinationIP: d.Get(prefix + ".destination_ip").(string),
SourcePort: getNumericPort(data["source_port"]), SourcePort: getNumericPort(d.Get(prefix + ".source_port")),
SourcePortRange: data["source_port"].(string), SourcePortRange: d.Get(prefix + ".source_port").(string),
SourceIP: data["source_ip"].(string), SourceIP: d.Get(prefix + ".source_ip").(string),
EnableLogging: false, EnableLogging: false,
} }
firewallRules = append(firewallRules, rule) firewallRules = append(firewallRules, rule)