[FWaaS_V2]: Add FW Group V2 resource (#1588)

Add resourceFWGroupV2 CRUD Add resourceFWGroupV2 tests Add resourceFWGroupV2 docs Add import_openstack_fw_group_v2_test Enable openstack_fw_group_v2 in provider.go
terraform-provider-openstack · Jun 29, 2023 · 0862ef7 · 0862ef7
1 parent 33459b9
commit 0862ef7
Show file tree

Hide file tree

Showing 10 changed files with 1,113 additions and 4 deletions.
diff --git a/openstack/fw_group_v2.go b/openstack/fw_group_v2.go
@@ -0,0 +1,86 @@
+package openstack
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/gophercloud/gophercloud"
+	"github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/fwaas_v2/groups"
+)
+
+func fwGroupV2RefreshFunc(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
+	return func() (interface{}, string, error) {
+		group, err := groups.Get(networkingClient, id).Extract()
+		if err != nil {
+			return nil, "", err
+		}
+
+		return group, group.Status, nil
+	}
+}
+
+func fwGroupV2DeleteFunc(networkingClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
+	return func() (interface{}, string, error) {
+		group, err := groups.Get(networkingClient, id).Extract()
+
+		if err != nil {
+			if _, ok := err.(gophercloud.ErrDefault404); ok {
+				return "", "DELETED", nil
+			}
+			return nil, "", fmt.Errorf("Unexpected error: %s", err)
+		}
+
+		return group, "DELETING", nil
+	}
+}
+
+func fwGroupV2IngressPolicyDeleteFunc(networkingClient *gophercloud.ServiceClient, d *schema.ResourceData, ctx context.Context, groupID string) diag.Diagnostics {
+	stateConf := &resource.StateChangeConf{
+		Pending:    []string{"PENDING_CREATE", "PENDING_UPDATE"},
+		Target:     []string{"ACTIVE", "INACTIVE", "DOWN"},
+		Refresh:    fwGroupV2RefreshFunc(networkingClient, d.Id()),
+		Timeout:    d.Timeout(schema.TimeoutUpdate),
+		Delay:      0,
+		MinTimeout: 2 * time.Second,
+	}
+
+	_, err := stateConf.WaitForStateContext(ctx)
+	if err != nil {
+		return diag.Errorf("Error waiting for openstack_fw_group_v2 %s to become active: %s", d.Id(), err)
+	}
+
+	_, err = groups.RemoveIngressPolicy(networkingClient, groupID).Extract()
+	if err != nil {
+		return diag.Errorf("Error removing ingress firewall policy from openstack_fw_group_v2 %s: %s", d.Id(), err)
+	}
+
+	return nil
+}
+
+func fwGroupV2EgressPolicyDeleteFunc(networkingClient *gophercloud.ServiceClient, d *schema.ResourceData, ctx context.Context, groupID string) diag.Diagnostics {
+	stateConf := &resource.StateChangeConf{
+		Pending:    []string{"PENDING_CREATE", "PENDING_UPDATE"},
+		Target:     []string{"ACTIVE", "INACTIVE", "DOWN"},
+		Refresh:    fwGroupV2RefreshFunc(networkingClient, d.Id()),
+		Timeout:    d.Timeout(schema.TimeoutUpdate),
+		Delay:      0,
+		MinTimeout: 2 * time.Second,
+	}
+
+	_, err := stateConf.WaitForStateContext(ctx)
+	if err != nil {
+		return diag.Errorf("Error waiting for openstack_fw_group_v2 %s to become active: %s", d.Id(), err)
+	}
+
+	_, err = groups.RemoveEgressPolicy(networkingClient, groupID).Extract()
+	if err != nil {
+		return diag.Errorf("Error removing egress firewall policy from openstack_fw_group_v2 %s: %s", d.Id(), err)
+	}
+
+	return nil
+}
diff --git a/openstack/import_openstack_fw_group_v2_test.go b/openstack/import_openstack_fw_group_v2_test.go
@@ -0,0 +1,32 @@
+package openstack
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccFWGroupV2_importBasic(t *testing.T) {
+	resourceName := "openstack_fw_group_v2.group_1"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+			testAccPreCheckNonAdminOnly(t)
+			testAccPreCheckFW(t)
+		},
+		ProviderFactories: testAccProviders,
+		CheckDestroy:      testAccCheckFWGroupV2Destroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccFWGroupV2Basic1,
+			},
+
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
diff --git a/openstack/provider.go b/openstack/provider.go
@@ -355,6 +355,7 @@ func Provider() *schema.Provider {
 			"openstack_dns_transfer_request_v2":                  resourceDNSTransferRequestV2(),
 			"openstack_dns_transfer_accept_v2":                   resourceDNSTransferAcceptV2(),
 			"openstack_fw_firewall_v1":                           resourceFWFirewallV1(),
+			"openstack_fw_group_v2":                              resourceFWGroupV2(),
 			"openstack_fw_policy_v1":                             resourceFWPolicyV1(),
 			"openstack_fw_policy_v2":                             resourceFWPolicyV2(),
 			"openstack_fw_rule_v1":                               resourceFWRuleV1(),