139 lines
3.6 KiB
Go
139 lines
3.6 KiB
Go
package opc
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/go-oracle-terraform/compute"
|
|
"github.com/hashicorp/terraform/helper/acctest"
|
|
"github.com/hashicorp/terraform/helper/resource"
|
|
"github.com/hashicorp/terraform/terraform"
|
|
)
|
|
|
|
func TestAccOPCSecRule_Basic(t *testing.T) {
|
|
ri := acctest.RandInt()
|
|
config := fmt.Sprintf(testAccOPCSecRuleBasic, ri, ri, ri, ri)
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccCheckSecRuleDestroy,
|
|
Steps: []resource.TestStep{
|
|
{
|
|
Config: config,
|
|
Check: testAccCheckSecRuleExists,
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestAccOPCSecRule_Complete(t *testing.T) {
|
|
ri := acctest.RandInt()
|
|
config := fmt.Sprintf(testAccOPCSecRuleComplete, ri, ri, ri, ri)
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccCheckSecRuleDestroy,
|
|
Steps: []resource.TestStep{
|
|
{
|
|
Config: config,
|
|
Check: testAccCheckSecRuleExists,
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func testAccCheckSecRuleExists(s *terraform.State) error {
|
|
client := testAccProvider.Meta().(*compute.Client).SecRules()
|
|
for _, rs := range s.RootModule().Resources {
|
|
if rs.Type != "opc_compute_sec_rule" {
|
|
continue
|
|
}
|
|
|
|
input := compute.GetSecRuleInput{
|
|
Name: rs.Primary.Attributes["name"],
|
|
}
|
|
if _, err := client.GetSecRule(&input); err != nil {
|
|
return fmt.Errorf("Error retrieving state of Sec Rule %s: %s", input.Name, err)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func testAccCheckSecRuleDestroy(s *terraform.State) error {
|
|
client := testAccProvider.Meta().(*compute.Client).SecRules()
|
|
|
|
for _, rs := range s.RootModule().Resources {
|
|
if rs.Type != "opc_compute_sec_rule" {
|
|
continue
|
|
}
|
|
|
|
input := compute.GetSecRuleInput{
|
|
Name: rs.Primary.Attributes["name"],
|
|
}
|
|
if info, err := client.GetSecRule(&input); err == nil {
|
|
return fmt.Errorf("Sec Rule %s still exists: %#v", input.Name, info)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
var testAccOPCSecRuleBasic = `
|
|
resource "opc_compute_security_list" "test" {
|
|
name = "acc-test-sec-rule-list-%d"
|
|
policy = "PERMIT"
|
|
outbound_cidr_policy = "DENY"
|
|
}
|
|
|
|
resource "opc_compute_security_application" "test" {
|
|
name = "acc-test-sec-rule-app-%d"
|
|
protocol = "tcp"
|
|
dport = "8080"
|
|
}
|
|
|
|
resource "opc_compute_security_ip_list" "test" {
|
|
name = "acc-test-sec-rule-ip-list-%d"
|
|
ip_entries = ["217.138.34.4"]
|
|
}
|
|
|
|
resource "opc_compute_sec_rule" "test" {
|
|
name = "acc-test-sec-rule-%d"
|
|
source_list = "seclist:${opc_compute_security_list.test.name}"
|
|
destination_list = "seciplist:${opc_compute_security_ip_list.test.name}"
|
|
action = "PERMIT"
|
|
application = "${opc_compute_security_application.test.name}"
|
|
}
|
|
`
|
|
|
|
var testAccOPCSecRuleComplete = `
|
|
resource "opc_compute_security_list" "test" {
|
|
name = "acc-test-sec-rule-list-%d"
|
|
policy = "PERMIT"
|
|
outbound_cidr_policy = "DENY"
|
|
}
|
|
|
|
resource "opc_compute_security_application" "test" {
|
|
name = "acc-test-sec-rule-app-%d"
|
|
protocol = "tcp"
|
|
dport = "8080"
|
|
}
|
|
|
|
resource "opc_compute_security_ip_list" "test" {
|
|
name = "acc-test-sec-rule-ip-list-%d"
|
|
ip_entries = ["217.138.34.4"]
|
|
}
|
|
|
|
resource "opc_compute_sec_rule" "test" {
|
|
name = "acc-test-sec-rule-%d"
|
|
source_list = "seclist:${opc_compute_security_list.test.name}"
|
|
destination_list = "seciplist:${opc_compute_security_ip_list.test.name}"
|
|
action = "PERMIT"
|
|
application = "${opc_compute_security_application.test.name}"
|
|
disabled = false
|
|
description = "This is a test description"
|
|
}
|
|
`
|