82 lines
2.2 KiB
Ruby
82 lines
2.2 KiB
Ruby
require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova')
|
|
|
|
Puppet::Type.type(:nova_security_group).provide(
|
|
:openstack,
|
|
:parent => Puppet::Provider::Nova
|
|
) do
|
|
desc <<-EOT
|
|
Manage nova security groups
|
|
EOT
|
|
|
|
@credentials = Puppet::Provider::Openstack::CredentialsV3.new
|
|
|
|
def initialize(value={})
|
|
super(value)
|
|
@property_flush = {}
|
|
end
|
|
|
|
def create
|
|
opts = [@resource[:name]]
|
|
(opts << '--description' << @resource[:description]) if @resource[:description]
|
|
@property_hash = self.class.nova_request('security group', 'create', nil, opts)
|
|
@property_hash[:ensure] = :present
|
|
end
|
|
|
|
def exists?
|
|
@property_hash[:ensure] == :present
|
|
end
|
|
|
|
def destroy
|
|
self.class.request('security group', 'delete', @resource[:name])
|
|
end
|
|
|
|
mk_resource_methods
|
|
|
|
def id=(value)
|
|
fail('id is read only')
|
|
end
|
|
|
|
def name=(value)
|
|
fail('name is read only')
|
|
end
|
|
|
|
def description=(value)
|
|
@property_flush[:description] = value
|
|
end
|
|
|
|
def self.instances
|
|
# NOTE(mnaser): The OpenStack client makes a request to the Neutron endpoint
|
|
# to get security groups and if it has an admin role, it will
|
|
# retrieve all security groups. The following helps filter it.
|
|
project_id = self.nova_request('token', 'issue', nil, ['-c', 'project_id', '-f', 'value']).strip
|
|
|
|
self.nova_request('security group', 'list', nil).select do |attrs|
|
|
attrs[:project] == project_id
|
|
end.collect do |attrs|
|
|
new(
|
|
:ensure => :present,
|
|
:id => attrs[:id],
|
|
:name => attrs[:name],
|
|
:description => attrs[:description]
|
|
)
|
|
end
|
|
end
|
|
|
|
def self.prefetch(resources)
|
|
security_groups = instances
|
|
resources.keys.each do |name|
|
|
if provider = security_groups.find { |security_group| security_group.name == name }
|
|
resources[name].provider = provider
|
|
end
|
|
end
|
|
end
|
|
|
|
def flush
|
|
unless @property_flush.empty?
|
|
opts = [@resource[:name]]
|
|
(opts << '--description' << @resource[:description]) if @resource[:description]
|
|
self.class.request('security group', 'set', opts)
|
|
@property_flush.clear
|
|
end
|
|
end
|
|
end |