Switch nova_security_group to openstack provider

The current nova provider for nova_security_group is broken at the
moment.  Due to the fact that the commands are getting deprecated,
the warnings are confusing the text parsing and result in repeated
creation of security groups.

This patch resolves this issue by switching it to the new openstack
provider.  It also adds the instances and prefetch methods which
will allow `puppet resource` CLI usage.

Change-Id: Ibdd930d9b89a1e9ac6d47a5cbf2d7903b145971e
(cherry picked from commit 0f8c04df8e)
This commit is contained in:
Mohammed Naser 2017-07-25 19:38:31 -04:00
parent 3a344a71f9
commit f0a7f33e48
4 changed files with 130 additions and 128 deletions

View File

@ -1,37 +0,0 @@
require File.join(File.dirname(__FILE__), '..','..','..',
'puppet/provider/nova')
Puppet::Type.type(:nova_security_group).provide(
:nova,
:parent => Puppet::Provider::Nova
) do
desc "Manage nova security groups"
commands :nova => 'nova'
mk_resource_methods
def exists?
sec_groups = self.class.cliout2list(auth_nova('secgroup-list'))
return sec_groups.detect do |n|
n['Name'] == resource['name']
end
end
def destroy
auth_nova("secgroup-delete", name)
@property_hash[:ensure] = :absent
end
def create
result = self.class.cliout2list(auth_nova("secgroup-create", resource[:name], resource[:description]))
@property_hash = {
:ensure => :present,
:name => resource[:name],
:id => result[0]['Id'],
:description => resource[:description]
}
end
end

View File

@ -0,0 +1,82 @@
require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova')
Puppet::Type.type(:nova_security_group).provide(
:openstack,
:parent => Puppet::Provider::Nova
) do
desc <<-EOT
Manage nova security groups
EOT
@credentials = Puppet::Provider::Openstack::CredentialsV3.new
def initialize(value={})
super(value)
@property_flush = {}
end
def create
opts = [@resource[:name]]
(opts << '--description' << @resource[:description]) if @resource[:description]
@property_hash = self.class.nova_request('security group', 'create', nil, opts)
@property_hash[:ensure] = :present
end
def exists?
@property_hash[:ensure] == :present
end
def destroy
self.class.request('security group', 'delete', @resource[:name])
end
mk_resource_methods
def id=(value)
fail('id is read only')
end
def name=(value)
fail('name is read only')
end
def description=(value)
@property_flush[:description] = value
end
def self.instances
# NOTE(mnaser): The OpenStack client makes a request to the Neutron endpoint
# to get security groups and if it has an admin role, it will
# retrieve all security groups. The following helps filter it.
project_id = self.nova_request('token', 'issue', nil, ['-c', 'project_id', '-f', 'value']).strip
self.nova_request('security group', 'list', nil).select do |attrs|
attrs[:project] == project_id
end.collect do |attrs|
new(
:ensure => :present,
:id => attrs[:id],
:name => attrs[:name],
:description => attrs[:description]
)
end
end
def self.prefetch(resources)
security_groups = instances
resources.keys.each do |name|
if provider = security_groups.find { |security_group| security_group.name == name }
resources[name].provider = provider
end
end
end
def flush
unless @property_flush.empty?
opts = [@resource[:name]]
(opts << '--description' << @resource[:description]) if @resource[:description]
self.class.request('security group', 'set', opts)
@property_flush.clear
end
end
end

View File

@ -1,91 +0,0 @@
require 'puppet'
require 'puppet/provider/nova_security_group/nova'
require 'tempfile'
provider_class = Puppet::Type.type(:nova_security_group).provider(:nova)
describe provider_class do
let :secgroup_attrs do
{
:name => "scg0",
:description => "Security Group",
}
end
let :resource do
Puppet::Type::Nova_security_group.new(secgroup_attrs)
end
let :provider do
provider_class.new(resource)
end
shared_examples "nova_security_group" do
describe "#exists?" do
it 'should check non-existing security group' do
output = <<-EOT
+--------------------------------------+---------+------------------------+
| Id | Name | Description |
+--------------------------------------+---------+------------------------+
| f630dd92-3ff7-49bc-b012-b211451aa418 | default | Default security group |
+--------------------------------------+---------+------------------------+
EOT
provider.expects(:auth_nova).with('secgroup-list').returns(output)
expect(provider.exists?).to be_falsey
end
it 'should check existing security group' do
output = <<-EOT
+--------------------------------------+------+----------------+
| Id | Name | Description |
+--------------------------------------+------+----------------+
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
+--------------------------------------+------+----------------+
EOT
provider.expects(:auth_nova).with('secgroup-list').returns(output)
expect(provider.exists?).to be_truthy
end
end
describe "#create" do
it 'should create security group' do
output = <<-EOT
+--------------------------------------+------+----------------+
| Id | Name | Description |
+--------------------------------------+------+----------------+
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
+--------------------------------------+------+----------------+
EOT
provider.expects(:auth_nova).with('secgroup-create', 'scg0', 'Security Group').returns(output)
expect(provider.create).to be_truthy
end
end
describe "#destroy" do
it 'should destroy security group' do
output = <<-EOT
+--------------------------------------+------+----------------+
| Id | Name | Description |
+--------------------------------------+------+----------------+
| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
+--------------------------------------+------+----------------+
EOT
provider.expects(:auth_nova).with('secgroup-delete', 'scg0').returns(output)
expect(provider.destroy).to be_truthy
end
end
end
it_behaves_like('nova_security_group')
end

View File

@ -0,0 +1,48 @@
require 'puppet'
require 'spec_helper'
require 'puppet/provider/nova_flavor/openstack'
provider_class = Puppet::Type.type(:nova_security_group).provider(:openstack)
describe provider_class do
describe 'managing security groups' do
let(:secgroup_attrs) do
{
:name => "scg0",
:description => "Security Group",
}
end
let :resource do
Puppet::Type::Nova_security_group.new(secgroup_attrs)
end
let(:provider) do
provider_class.new(resource)
end
describe "#create" do
it 'should create security group' do
provider.class.stubs(:openstack)
.with('security group', 'list', ['--all'])
.returns('"ID", "Name", "Description", "Project"')
provider.class.stubs(:openstack)
.with('security group', 'create', ['scg0', '--description', 'Security Group'])
.returns('id="f630dd92-3ff7-49bc-b012-b211451aa419"
name="scg0"
description="Security Group"')
end
end
describe '#destroy' do
it 'removes flavor' do
provider_class.expects(:openstack)
.with('security group', 'delete', 'scg0')
provider.instance_variable_set(:@property_hash, secgroup_attrs)
provider.destroy
expect(provider.exists?).to be_falsey
end
end
end
end