diff --git a/lib/puppet/provider/nova_security_group/nova.rb b/lib/puppet/provider/nova_security_group/nova.rb deleted file mode 100644 index 8e70d804b..000000000 --- a/lib/puppet/provider/nova_security_group/nova.rb +++ /dev/null @@ -1,37 +0,0 @@ -require File.join(File.dirname(__FILE__), '..','..','..', - 'puppet/provider/nova') - -Puppet::Type.type(:nova_security_group).provide( - :nova, - :parent => Puppet::Provider::Nova -) do - - desc "Manage nova security groups" - - commands :nova => 'nova' - - mk_resource_methods - - def exists? - sec_groups = self.class.cliout2list(auth_nova('secgroup-list')) - return sec_groups.detect do |n| - n['Name'] == resource['name'] - end - end - - def destroy - auth_nova("secgroup-delete", name) - @property_hash[:ensure] = :absent - end - - def create - result = self.class.cliout2list(auth_nova("secgroup-create", resource[:name], resource[:description])) - - @property_hash = { - :ensure => :present, - :name => resource[:name], - :id => result[0]['Id'], - :description => resource[:description] - } - end -end diff --git a/lib/puppet/provider/nova_security_group/openstack.rb b/lib/puppet/provider/nova_security_group/openstack.rb new file mode 100644 index 000000000..eb44e4999 --- /dev/null +++ b/lib/puppet/provider/nova_security_group/openstack.rb @@ -0,0 +1,82 @@ +require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova') + +Puppet::Type.type(:nova_security_group).provide( + :openstack, + :parent => Puppet::Provider::Nova +) do + desc <<-EOT + Manage nova security groups + EOT + + @credentials = Puppet::Provider::Openstack::CredentialsV3.new + + def initialize(value={}) + super(value) + @property_flush = {} + end + + def create + opts = [@resource[:name]] + (opts << '--description' << @resource[:description]) if @resource[:description] + @property_hash = self.class.nova_request('security group', 'create', nil, opts) + @property_hash[:ensure] = :present + end + + def exists? + @property_hash[:ensure] == :present + end + + def destroy + self.class.request('security group', 'delete', @resource[:name]) + end + + mk_resource_methods + + def id=(value) + fail('id is read only') + end + + def name=(value) + fail('name is read only') + end + + def description=(value) + @property_flush[:description] = value + end + + def self.instances + # NOTE(mnaser): The OpenStack client makes a request to the Neutron endpoint + # to get security groups and if it has an admin role, it will + # retrieve all security groups. The following helps filter it. + project_id = self.nova_request('token', 'issue', nil, ['-c', 'project_id', '-f', 'value']).strip + + self.nova_request('security group', 'list', nil).select do |attrs| + attrs[:project] == project_id + end.collect do |attrs| + new( + :ensure => :present, + :id => attrs[:id], + :name => attrs[:name], + :description => attrs[:description] + ) + end + end + + def self.prefetch(resources) + security_groups = instances + resources.keys.each do |name| + if provider = security_groups.find { |security_group| security_group.name == name } + resources[name].provider = provider + end + end + end + + def flush + unless @property_flush.empty? + opts = [@resource[:name]] + (opts << '--description' << @resource[:description]) if @resource[:description] + self.class.request('security group', 'set', opts) + @property_flush.clear + end + end +end \ No newline at end of file diff --git a/spec/unit/provider/nova_security_group/nova_spec.rb b/spec/unit/provider/nova_security_group/nova_spec.rb deleted file mode 100644 index b0b1bac6c..000000000 --- a/spec/unit/provider/nova_security_group/nova_spec.rb +++ /dev/null @@ -1,91 +0,0 @@ -require 'puppet' -require 'puppet/provider/nova_security_group/nova' -require 'tempfile' - -provider_class = Puppet::Type.type(:nova_security_group).provider(:nova) - -describe provider_class do - - let :secgroup_attrs do - { - :name => "scg0", - :description => "Security Group", - } - end - - let :resource do - Puppet::Type::Nova_security_group.new(secgroup_attrs) - end - - let :provider do - provider_class.new(resource) - end - - shared_examples "nova_security_group" do - describe "#exists?" do - it 'should check non-existing security group' do - output = <<-EOT -+--------------------------------------+---------+------------------------+ -| Id | Name | Description | -+--------------------------------------+---------+------------------------+ -| f630dd92-3ff7-49bc-b012-b211451aa418 | default | Default security group | -+--------------------------------------+---------+------------------------+ -EOT - - provider.expects(:auth_nova).with('secgroup-list').returns(output) - - expect(provider.exists?).to be_falsey - end - - it 'should check existing security group' do - output = <<-EOT -+--------------------------------------+------+----------------+ -| Id | Name | Description | -+--------------------------------------+------+----------------+ -| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group | -+--------------------------------------+------+----------------+ -EOT - - provider.expects(:auth_nova).with('secgroup-list').returns(output) - - expect(provider.exists?).to be_truthy - end - end - - - describe "#create" do - it 'should create security group' do - output = <<-EOT -+--------------------------------------+------+----------------+ -| Id | Name | Description | -+--------------------------------------+------+----------------+ -| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group | -+--------------------------------------+------+----------------+ -EOT - - provider.expects(:auth_nova).with('secgroup-create', 'scg0', 'Security Group').returns(output) - - expect(provider.create).to be_truthy - end - end - - - describe "#destroy" do - it 'should destroy security group' do - output = <<-EOT -+--------------------------------------+------+----------------+ -| Id | Name | Description | -+--------------------------------------+------+----------------+ -| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group | -+--------------------------------------+------+----------------+ -EOT - - provider.expects(:auth_nova).with('secgroup-delete', 'scg0').returns(output) - - expect(provider.destroy).to be_truthy - end - end - end - - it_behaves_like('nova_security_group') -end diff --git a/spec/unit/provider/nova_security_group/openstack_spec.rb b/spec/unit/provider/nova_security_group/openstack_spec.rb new file mode 100644 index 000000000..cf9251c82 --- /dev/null +++ b/spec/unit/provider/nova_security_group/openstack_spec.rb @@ -0,0 +1,48 @@ +require 'puppet' +require 'spec_helper' +require 'puppet/provider/nova_flavor/openstack' + +provider_class = Puppet::Type.type(:nova_security_group).provider(:openstack) + +describe provider_class do + + describe 'managing security groups' do + let(:secgroup_attrs) do + { + :name => "scg0", + :description => "Security Group", + } + end + + let :resource do + Puppet::Type::Nova_security_group.new(secgroup_attrs) + end + + let(:provider) do + provider_class.new(resource) + end + + describe "#create" do + it 'should create security group' do + provider.class.stubs(:openstack) + .with('security group', 'list', ['--all']) + .returns('"ID", "Name", "Description", "Project"') + provider.class.stubs(:openstack) + .with('security group', 'create', ['scg0', '--description', 'Security Group']) + .returns('id="f630dd92-3ff7-49bc-b012-b211451aa419" +name="scg0" +description="Security Group"') + end + end + + describe '#destroy' do + it 'removes flavor' do + provider_class.expects(:openstack) + .with('security group', 'delete', 'scg0') + provider.instance_variable_set(:@property_hash, secgroup_attrs) + provider.destroy + expect(provider.exists?).to be_falsey + end + end + end +end