Switch nova_security_group to openstack provider
The current nova provider for nova_security_group is broken at the
moment. Due to the fact that the commands are getting deprecated,
the warnings are confusing the text parsing and result in repeated
creation of security groups.
This patch resolves this issue by switching it to the new openstack
provider. It also adds the instances and prefetch methods which
will allow `puppet resource` CLI usage.
Change-Id: Ibdd930d9b89a1e9ac6d47a5cbf2d7903b145971e
(cherry picked from commit 0f8c04df8e
)
This commit is contained in:
parent
3a344a71f9
commit
f0a7f33e48
@ -1,37 +0,0 @@
|
||||
require File.join(File.dirname(__FILE__), '..','..','..',
|
||||
'puppet/provider/nova')
|
||||
|
||||
Puppet::Type.type(:nova_security_group).provide(
|
||||
:nova,
|
||||
:parent => Puppet::Provider::Nova
|
||||
) do
|
||||
|
||||
desc "Manage nova security groups"
|
||||
|
||||
commands :nova => 'nova'
|
||||
|
||||
mk_resource_methods
|
||||
|
||||
def exists?
|
||||
sec_groups = self.class.cliout2list(auth_nova('secgroup-list'))
|
||||
return sec_groups.detect do |n|
|
||||
n['Name'] == resource['name']
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
auth_nova("secgroup-delete", name)
|
||||
@property_hash[:ensure] = :absent
|
||||
end
|
||||
|
||||
def create
|
||||
result = self.class.cliout2list(auth_nova("secgroup-create", resource[:name], resource[:description]))
|
||||
|
||||
@property_hash = {
|
||||
:ensure => :present,
|
||||
:name => resource[:name],
|
||||
:id => result[0]['Id'],
|
||||
:description => resource[:description]
|
||||
}
|
||||
end
|
||||
end
|
82
lib/puppet/provider/nova_security_group/openstack.rb
Normal file
82
lib/puppet/provider/nova_security_group/openstack.rb
Normal file
@ -0,0 +1,82 @@
|
||||
require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova')
|
||||
|
||||
Puppet::Type.type(:nova_security_group).provide(
|
||||
:openstack,
|
||||
:parent => Puppet::Provider::Nova
|
||||
) do
|
||||
desc <<-EOT
|
||||
Manage nova security groups
|
||||
EOT
|
||||
|
||||
@credentials = Puppet::Provider::Openstack::CredentialsV3.new
|
||||
|
||||
def initialize(value={})
|
||||
super(value)
|
||||
@property_flush = {}
|
||||
end
|
||||
|
||||
def create
|
||||
opts = [@resource[:name]]
|
||||
(opts << '--description' << @resource[:description]) if @resource[:description]
|
||||
@property_hash = self.class.nova_request('security group', 'create', nil, opts)
|
||||
@property_hash[:ensure] = :present
|
||||
end
|
||||
|
||||
def exists?
|
||||
@property_hash[:ensure] == :present
|
||||
end
|
||||
|
||||
def destroy
|
||||
self.class.request('security group', 'delete', @resource[:name])
|
||||
end
|
||||
|
||||
mk_resource_methods
|
||||
|
||||
def id=(value)
|
||||
fail('id is read only')
|
||||
end
|
||||
|
||||
def name=(value)
|
||||
fail('name is read only')
|
||||
end
|
||||
|
||||
def description=(value)
|
||||
@property_flush[:description] = value
|
||||
end
|
||||
|
||||
def self.instances
|
||||
# NOTE(mnaser): The OpenStack client makes a request to the Neutron endpoint
|
||||
# to get security groups and if it has an admin role, it will
|
||||
# retrieve all security groups. The following helps filter it.
|
||||
project_id = self.nova_request('token', 'issue', nil, ['-c', 'project_id', '-f', 'value']).strip
|
||||
|
||||
self.nova_request('security group', 'list', nil).select do |attrs|
|
||||
attrs[:project] == project_id
|
||||
end.collect do |attrs|
|
||||
new(
|
||||
:ensure => :present,
|
||||
:id => attrs[:id],
|
||||
:name => attrs[:name],
|
||||
:description => attrs[:description]
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def self.prefetch(resources)
|
||||
security_groups = instances
|
||||
resources.keys.each do |name|
|
||||
if provider = security_groups.find { |security_group| security_group.name == name }
|
||||
resources[name].provider = provider
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def flush
|
||||
unless @property_flush.empty?
|
||||
opts = [@resource[:name]]
|
||||
(opts << '--description' << @resource[:description]) if @resource[:description]
|
||||
self.class.request('security group', 'set', opts)
|
||||
@property_flush.clear
|
||||
end
|
||||
end
|
||||
end
|
@ -1,91 +0,0 @@
|
||||
require 'puppet'
|
||||
require 'puppet/provider/nova_security_group/nova'
|
||||
require 'tempfile'
|
||||
|
||||
provider_class = Puppet::Type.type(:nova_security_group).provider(:nova)
|
||||
|
||||
describe provider_class do
|
||||
|
||||
let :secgroup_attrs do
|
||||
{
|
||||
:name => "scg0",
|
||||
:description => "Security Group",
|
||||
}
|
||||
end
|
||||
|
||||
let :resource do
|
||||
Puppet::Type::Nova_security_group.new(secgroup_attrs)
|
||||
end
|
||||
|
||||
let :provider do
|
||||
provider_class.new(resource)
|
||||
end
|
||||
|
||||
shared_examples "nova_security_group" do
|
||||
describe "#exists?" do
|
||||
it 'should check non-existing security group' do
|
||||
output = <<-EOT
|
||||
+--------------------------------------+---------+------------------------+
|
||||
| Id | Name | Description |
|
||||
+--------------------------------------+---------+------------------------+
|
||||
| f630dd92-3ff7-49bc-b012-b211451aa418 | default | Default security group |
|
||||
+--------------------------------------+---------+------------------------+
|
||||
EOT
|
||||
|
||||
provider.expects(:auth_nova).with('secgroup-list').returns(output)
|
||||
|
||||
expect(provider.exists?).to be_falsey
|
||||
end
|
||||
|
||||
it 'should check existing security group' do
|
||||
output = <<-EOT
|
||||
+--------------------------------------+------+----------------+
|
||||
| Id | Name | Description |
|
||||
+--------------------------------------+------+----------------+
|
||||
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
|
||||
+--------------------------------------+------+----------------+
|
||||
EOT
|
||||
|
||||
provider.expects(:auth_nova).with('secgroup-list').returns(output)
|
||||
|
||||
expect(provider.exists?).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
describe "#create" do
|
||||
it 'should create security group' do
|
||||
output = <<-EOT
|
||||
+--------------------------------------+------+----------------+
|
||||
| Id | Name | Description |
|
||||
+--------------------------------------+------+----------------+
|
||||
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
|
||||
+--------------------------------------+------+----------------+
|
||||
EOT
|
||||
|
||||
provider.expects(:auth_nova).with('secgroup-create', 'scg0', 'Security Group').returns(output)
|
||||
|
||||
expect(provider.create).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
describe "#destroy" do
|
||||
it 'should destroy security group' do
|
||||
output = <<-EOT
|
||||
+--------------------------------------+------+----------------+
|
||||
| Id | Name | Description |
|
||||
+--------------------------------------+------+----------------+
|
||||
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
|
||||
+--------------------------------------+------+----------------+
|
||||
EOT
|
||||
|
||||
provider.expects(:auth_nova).with('secgroup-delete', 'scg0').returns(output)
|
||||
|
||||
expect(provider.destroy).to be_truthy
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like('nova_security_group')
|
||||
end
|
48
spec/unit/provider/nova_security_group/openstack_spec.rb
Normal file
48
spec/unit/provider/nova_security_group/openstack_spec.rb
Normal file
@ -0,0 +1,48 @@
|
||||
require 'puppet'
|
||||
require 'spec_helper'
|
||||
require 'puppet/provider/nova_flavor/openstack'
|
||||
|
||||
provider_class = Puppet::Type.type(:nova_security_group).provider(:openstack)
|
||||
|
||||
describe provider_class do
|
||||
|
||||
describe 'managing security groups' do
|
||||
let(:secgroup_attrs) do
|
||||
{
|
||||
:name => "scg0",
|
||||
:description => "Security Group",
|
||||
}
|
||||
end
|
||||
|
||||
let :resource do
|
||||
Puppet::Type::Nova_security_group.new(secgroup_attrs)
|
||||
end
|
||||
|
||||
let(:provider) do
|
||||
provider_class.new(resource)
|
||||
end
|
||||
|
||||
describe "#create" do
|
||||
it 'should create security group' do
|
||||
provider.class.stubs(:openstack)
|
||||
.with('security group', 'list', ['--all'])
|
||||
.returns('"ID", "Name", "Description", "Project"')
|
||||
provider.class.stubs(:openstack)
|
||||
.with('security group', 'create', ['scg0', '--description', 'Security Group'])
|
||||
.returns('id="f630dd92-3ff7-49bc-b012-b211451aa419"
|
||||
name="scg0"
|
||||
description="Security Group"')
|
||||
end
|
||||
end
|
||||
|
||||
describe '#destroy' do
|
||||
it 'removes flavor' do
|
||||
provider_class.expects(:openstack)
|
||||
.with('security group', 'delete', 'scg0')
|
||||
provider.instance_variable_set(:@property_hash, secgroup_attrs)
|
||||
provider.destroy
|
||||
expect(provider.exists?).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user