Merge pull request #11758 from gildub/network-provisioning-security-g…

…roups

Security Group provisioning backend
(cherry picked from commit b4916f9)

app/models/manageiq/providers/openstack/network_manager.rb

@@ -16,6 +16,7 @@ class ManageIQ::Providers::Openstack::NetworkManager < ManageIQ::Providers::Netw
   include ManageIQ::Providers::Openstack::ManagerMixin
   include SupportsFeatureMixin
 
+  supports :create_security_group
   supports :create_network_router
 
   has_many :public_networks,  :foreign_key => :ems_id, :dependent => :destroy,
@@ -111,4 +112,25 @@ def create_network_router_queue(userid, options = {})
     }
     MiqTask.generic_action_with_callback(task_opts, queue_opts)
   end
+
+  def create_security_group(options)
+    SecurityGroup.raw_create_security_group(self, options)
+  end
+
+  def create_security_group_queue(userid, options = {})
+    task_opts = {
+      :action => "creating Security Group for user #{userid}",
+      :userid => userid
+    }
+    queue_opts = {
+      :class_name  => self.class.name,
+      :method_name => 'create_security_group',
+      :instance_id => id,
+      :priority    => MiqQueue::HIGH_PRIORITY,
+      :role        => 'ems_operations',
+      :zone        => my_zone,
+      :args        => [options]
+    }
+    MiqTask.generic_action_with_callback(task_opts, queue_opts)
+  end
 end

app/models/manageiq/providers/openstack/network_manager/security_group.rb

@@ -1,2 +1,85 @@
 class ManageIQ::Providers::Openstack::NetworkManager::SecurityGroup < ::SecurityGroup
+  include ProviderObjectMixin
+  include AsyncDeleteMixin
+  include SupportsFeatureMixin
+
+  supports :create_security_group
+  supports :delete_security_group
+  supports :update_security_group
+
+  def self.raw_create_security_group(ext_management_system, options)
+    cloud_tenant = options.delete(:cloud_tenant)
+    security_group = nil
+    ext_management_system.with_provider_connection(connection_options(cloud_tenant)) do |service|
+      security_group = service.create_security_group(options).body
+    end
+    {:ems_ref => security_group['id'], :name => options[:name]}
+  rescue => e
+    _log.error "security_group=[#{options[:name]}], error: #{e}"
+    raise MiqException::MiqSecurityGroupCreateError, e.to_s, e.backtrace
+  end
+
+  def raw_delete_security_group
+    ext_management_system.with_provider_connection(connection_options(cloud_tenant)) do |service|
+      service.delete_security_group(ems_ref)
+    end
+  rescue => e
+    _log.error "security_group=[#{name}], error: #{e}"
+    raise MiqException::MiqSecurityGroupDeleteError, e.to_s, e.backtrace
+  end
+
+  def delete_security_group_queue(userid)
+    task_opts = {
+      :action => "deleting Security Group for user #{userid}",
+      :userid => userid
+    }
+    queue_opts = {
+      :class_name  => self.class.name,
+      :method_name => 'raw_delete_security_group',
+      :instance_id => id,
+      :priority    => MiqQueue::HIGH_PRIORITY,
+      :role        => 'ems_operations',
+      :zone        => ext_management_system.my_zone,
+      :args        => []
+    }
+    MiqTask.generic_action_with_callback(task_opts, queue_opts)
+  end
+
+  def raw_update_security_group(options)
+    ext_management_system.with_provider_connection(connection_options(cloud_tenant)) do |service|
+      service.update_security_group(ems_ref, options)
+    end
+  rescue => e
+    _log.error "security_group=[#{name}], error: #{e}"
+    raise MiqException::MiqSecurityGroupUpdateError, e.to_s, e.backtrace
+  end
+
+  def update_security_group_queue(userid, options = {})
+    task_opts = {
+      :action => "updating Security Group for user #{userid}",
+      :userid => userid
+    }
+    queue_opts = {
+      :class_name  => self.class.name,
+      :method_name => 'raw_update_security_group',
+      :instance_id => id,
+      :priority    => MiqQueue::HIGH_PRIORITY,
+      :role        => 'ems_operations',
+      :zone        => ext_management_system.my_zone,
+      :args        => [options]
+    }
+    MiqTask.generic_action_with_callback(task_opts, queue_opts)
+  end
+
+  def self.connection_options(cloud_tenant = nil)
+    connection_options = {:service => "Network"}
+    connection_options[:tenant_name] = cloud_tenant.name if cloud_tenant
+    connection_options
+  end
+
+  private
+
+  def connection_options(cloud_tenant = nil)
+    self.class.connection_options(cloud_tenant)
+  end
 end

app/models/mixins/supports_feature_mixin.rb

@@ -69,10 +69,12 @@ module SupportsFeatureMixin
     :cinder_service             => 'Cinder storage service',
     :create_host_aggregate      => 'Host Aggregate Creation',
     :create_network_router      => 'Network Router Creation',
+    :create_security_group      => 'Security Group Creation',
     :swift_service              => 'Swift storage service',
     :delete                     => 'Deletion',
     :delete_aggregate           => 'Host Aggregate Deletion',
     :delete_network_router      => 'Network Router Deletion',
+    :delete_security_group      => 'Security Group Deletion',
     :disassociate_floating_ip   => 'Disassociate a Floating IP',
     :discovery                  => 'Discovery of Managers for a Provider',
     :evacuate                   => 'Evacuation',
@@ -97,6 +99,7 @@ module SupportsFeatureMixin
     :update_network_router      => 'Network Router Update',
     :refresh_network_interfaces => 'Refresh Network Interfaces for a Host',
     :ems_network_new            => 'New EMS Network Provider',
+    :update_security_group      => 'Security Group Update',
   }.freeze
 
   # Whenever this mixin is included we define all features as unsupported by default.

gems/pending/util/miq-exception.rb

@@ -134,6 +134,10 @@ class MiqVolumeSnapshotCreateError < Error; end
   class MiqVolumeSnapshotUpdateError < Error; end
   class MiqVolumeSnapshotDeleteError < Error; end
 
+  class MiqSecurityGroupCreateError < Error; end
+  class MiqSecurityGroupUpdateError < Error; end
+  class MiqSecurityGroupDeleteError < Error; end
+
   class MiqCloudTenantCreateError < Error; end
   class MiqCloudTenantUpdateError < Error; end
   class MiqCloudTenantDeleteError < Error; end