/
securitygroup.go
208 lines (176 loc) · 6.29 KB
/
securitygroup.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
package mcir
import (
"encoding/json"
"fmt"
"os"
"strconv"
"github.com/cloud-barista/cb-spider/interface/api"
"github.com/cloud-barista/poc-cicd-tumblebug/src/core/common"
"github.com/go-resty/resty/v2"
)
// 2020-04-13 https://github.com/cloud-barista/cb-spider/blob/master/cloud-control-manager/cloud-driver/interfaces/resources/SecurityHandler.go
type SpiderSecurityReqInfoWrapper struct { // Spider
ConnectionName string
ReqInfo SpiderSecurityInfo
}
/*
type SpiderSecurityReqInfo struct { // Spider
Name string
VPCName string
SecurityRules *[]SpiderSecurityRuleInfo
//Direction string // @todo used??
}
*/
type SpiderSecurityRuleInfo struct { // Spider
FromPort string //`json:"fromPort"`
ToPort string //`json:"toPort"`
IPProtocol string //`json:"ipProtocol"`
Direction string //`json:"direction"`
CIDR string
}
type SpiderSecurityInfo struct { // Spider
// Fields for request
Name string
VPCName string
// Fields for both request and response
SecurityRules *[]SpiderSecurityRuleInfo
// Fields for response
IId common.IID // {NameId, SystemId}
VpcIID common.IID // {NameId, SystemId}
Direction string // @todo userd??
KeyValueList []common.KeyValue
}
type TbSecurityGroupReq struct { // Tumblebug
Name string `json:"name"`
ConnectionName string `json:"connectionName"`
VNetId string `json:"vNetId"`
Description string `json:"description"`
FirewallRules *[]SpiderSecurityRuleInfo `json:"firewallRules"`
}
type TbSecurityGroupInfo struct { // Tumblebug
Id string `json:"id"`
Name string `json:"name"`
ConnectionName string `json:"connectionName"`
VNetId string `json:"vNetId"`
Description string `json:"description"`
FirewallRules *[]SpiderSecurityRuleInfo `json:"firewallRules"`
CspSecurityGroupId string `json:"cspSecurityGroupId"`
CspSecurityGroupName string `json:"cspSecurityGroupName"`
KeyValueList []common.KeyValue `json:"keyValueList"`
AssociatedObjectList []string `json:"associatedObjectList"`
IsAutoGenerated bool `json:"isAutoGenerated"`
// Disabled for now
//ResourceGroupName string `json:"resourceGroupName"`
}
// CreateSecurityGroup accepts SG creation request, creates and returns an TB SG object
func CreateSecurityGroup(nsId string, u *TbSecurityGroupReq) (TbSecurityGroupInfo, error) {
resourceType := common.StrSecurityGroup
err := common.CheckString(nsId)
if err != nil {
temp := TbSecurityGroupInfo{}
common.CBLog.Error(err)
return temp, err
}
err = common.CheckString(u.Name)
if err != nil {
temp := TbSecurityGroupInfo{}
common.CBLog.Error(err)
return temp, err
}
check, err := CheckResource(nsId, resourceType, u.Name)
if check {
temp := TbSecurityGroupInfo{}
err := fmt.Errorf("The securityGroup " + u.Name + " already exists.")
//return temp, http.StatusConflict, nil, err
return temp, err
}
if err != nil {
common.CBLog.Error(err)
content := TbSecurityGroupInfo{}
err := fmt.Errorf("Cannot create securityGroup")
return content, err
}
tempReq := SpiderSecurityReqInfoWrapper{}
tempReq.ConnectionName = u.ConnectionName
tempReq.ReqInfo.Name = u.Name
tempReq.ReqInfo.VPCName = u.VNetId
tempReq.ReqInfo.SecurityRules = u.FirewallRules
var tempSpiderSecurityInfo *SpiderSecurityInfo
if os.Getenv("SPIDER_CALL_METHOD") == "REST" {
url := common.SPIDER_REST_URL + "/securitygroup"
client := resty.New().SetCloseConnection(true)
resp, err := client.R().
SetHeader("Content-Type", "application/json").
SetBody(tempReq).
SetResult(&SpiderSecurityInfo{}). // or SetResult(AuthSuccess{}).
//SetError(&AuthError{}). // or SetError(AuthError{}).
Post(url)
if err != nil {
common.CBLog.Error(err)
content := TbSecurityGroupInfo{}
err := fmt.Errorf("an error occurred while requesting to CB-Spider")
return content, err
}
fmt.Println("HTTP Status code: " + strconv.Itoa(resp.StatusCode()))
switch {
case resp.StatusCode() >= 400 || resp.StatusCode() < 200:
err := fmt.Errorf(string(resp.Body()))
common.CBLog.Error(err)
content := TbSecurityGroupInfo{}
return content, err
}
tempSpiderSecurityInfo = resp.Result().(*SpiderSecurityInfo)
} else {
// CCM API 설정
ccm := api.NewCloudResourceHandler()
err := ccm.SetConfigPath(os.Getenv("CBTUMBLEBUG_ROOT") + "/conf/grpc_conf.yaml")
if err != nil {
common.CBLog.Error("ccm failed to set config : ", err)
return TbSecurityGroupInfo{}, err
}
err = ccm.Open()
if err != nil {
common.CBLog.Error("ccm api open failed : ", err)
return TbSecurityGroupInfo{}, err
}
defer ccm.Close()
payload, _ := json.Marshal(tempReq)
fmt.Println("payload: " + string(payload)) // for debug
result, err := ccm.CreateSecurity(string(payload))
if err != nil {
common.CBLog.Error(err)
return TbSecurityGroupInfo{}, err
}
tempSpiderSecurityInfo = &SpiderSecurityInfo{}
err = json.Unmarshal([]byte(result), &tempSpiderSecurityInfo)
if err != nil {
common.CBLog.Error(err)
return TbSecurityGroupInfo{}, err
}
}
content := TbSecurityGroupInfo{}
//content.Id = common.GenUuid()
content.Id = u.Name
content.Name = u.Name
content.ConnectionName = u.ConnectionName
content.VNetId = tempSpiderSecurityInfo.VpcIID.NameId
content.CspSecurityGroupId = tempSpiderSecurityInfo.IId.SystemId
content.CspSecurityGroupName = tempSpiderSecurityInfo.IId.NameId
content.Description = u.Description
content.FirewallRules = tempSpiderSecurityInfo.SecurityRules
content.KeyValueList = tempSpiderSecurityInfo.KeyValueList
content.AssociatedObjectList = []string{}
// cb-store
fmt.Println("=========================== PUT CreateSecurityGroup")
Key := common.GenResourceKey(nsId, resourceType, content.Id)
Val, _ := json.Marshal(content)
err = common.CBStore.Put(string(Key), string(Val))
if err != nil {
common.CBLog.Error(err)
return content, err
}
keyValue, _ := common.CBStore.Get(string(Key))
fmt.Println("<" + keyValue.Key + "> \n" + keyValue.Value)
fmt.Println("===========================")
return content, nil
}