private void deleteSecurityGroupFromAnotherView(SecurityGroup seedGroup) { ComputeServiceContext localView = createView(setupProperties(), setupModules()); try { ComputeService localComputeService = localView.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = localComputeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security extension was not present"); final SecurityGroupExtension security = securityGroupExtension.get(); boolean deleted = security.removeSecurityGroup(seedGroup.getId()); assertTrue(deleted, "just created security group failed deletion"); } finally { localView.close(); } }
@AfterClass @Override protected void tearDownContext() { super.tearDownContext(); }
@AfterClass(groups = { "integration", "live" }) @Override protected void tearDownContext() { try { cleanup(); } catch (Exception e) { } super.tearDownContext(); }
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testAddIpPermission") public void testRemoveIpPermission() { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security group extension was not present"); Optional<SecurityGroup> optGroup = getGroup(securityGroupExtension.get()); assertTrue(optGroup.isPresent()); SecurityGroup group = optGroup.get(); IpPermission portRangeIpPermission = createPortRangePermission(); IpPermission singlePortIpPermission = createSinglePortPermission(); SecurityGroup newGroup = securityGroupExtension.get().removeIpPermission(portRangeIpPermission, group); SecurityGroup emptyGroup = securityGroupExtension.get().removeIpPermission(singlePortIpPermission, newGroup); assertEquals(Iterables.size(emptyGroup.getIpPermissions()), 0, "Group should have no permissions, but has " + Iterables.size(emptyGroup.getIpPermissions())); }
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testRemoveIpPermission") public void testAddIpPermissionsFromSpec() { skipIfSecurityGroupsNotSupported(); assertTrue(securityGroupExtension.isPresent(), "security group extension was not present"); Optional<SecurityGroup> optGroup = getGroup(securityGroupExtension.get()); 50, 60, emptyMultimap(), ImmutableSet.of("0.0.0.0/0"), emptyStringSet(), group); fromPort, toPort, emptyMultimap(), emptyStringSet(), ImmutableSet.of(group.getId()), newGroup); toPort, thirdPerm.getTenantIdGroupNamePairs(), emptyStringSet(), emptyStringSet(), newGroup);
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testAddIpPermissionWithCidrExclusionGroup") public void testRemoveIpPermissionWithCidrExclusionGroup() { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security group extension was not present"); if (!securityGroupExtension.get().supportsExclusionCidrBlocks()) { throw new SkipException("Test cannot run without CIDR exclusion groups available."); } Optional<SecurityGroup> optGroup = getGroup(securityGroupExtension.get()); assertTrue(optGroup.isPresent()); SecurityGroup group = optGroup.get(); IpPermission cidrExclusionPermission = createCidrExclusionPermission(); SecurityGroup emptyGroup = securityGroupExtension.get().removeIpPermission(cidrExclusionPermission, group); assertFalse(emptyGroup.getIpPermissions().contains(cidrExclusionPermission)); }
@Override protected Properties setupProperties() { Properties overrides = super.setupProperties(); // This is a hack to make sure we get a different set of node IDs, nodes, groups, etc from StubComputeServiceIntegrationTest. overrides.setProperty(provider + ".identity", "sec-stub"); return overrides; } }
@BeforeClass(groups = { "integration", "live" }) public void setupContext() { super.setupContext(); resourceDeleted = context.utils().injector().getInstance(Key.get(new TypeLiteral<Predicate<URI>>() { }, Names.named(TIMEOUT_RESOURCE_DELETED))); createResourceGroup(resourceGroupName); }
@Test(groups = {"integration", "live"}, singleThreaded = true) public void testSecurityGroupCacheInvalidatedWhenDeletedExternally() throws Exception { String testSecurityGroupName = secGroupNameToDelete + "-externally"; ComputeService computeService = view.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security extension was not present"); final SecurityGroupExtension security = securityGroupExtension.get(); final SecurityGroup seedGroup = security.createSecurityGroup(testSecurityGroupName, getNodeTemplate().getLocation()); deleteSecurityGroupFromAnotherView(seedGroup); boolean deleted = security.removeSecurityGroup(seedGroup.getId()); assertFalse(deleted, "SG deleted externally so should've failed deletion"); final SecurityGroup recreatedGroup = security.createSecurityGroup(testSecurityGroupName, getNodeTemplate().getLocation()); // Makes sure the security group exists and is re-created and is not just returned from cache security.addIpPermission(IpPermission.builder() .fromPort(1000) .toPort(1000) .cidrBlock("1.1.1.1/32") .ipProtocol(IpProtocol.TCP) .build(), recreatedGroup); boolean deleted2 = security.removeSecurityGroup(recreatedGroup.getId()); assertTrue(deleted2, "just created security group failed deletion"); }
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testGetSecurityGroupById") public void testAddIpPermission() { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security group extension was not present"); Optional<SecurityGroup> optGroup = getGroup(securityGroupExtension.get()); assertTrue(optGroup.isPresent()); SecurityGroup group = optGroup.get(); IpPermission portRangeIpPermission = createPortRangePermission(); IpPermission singlePortIpPermission = createSinglePortPermission(); Set<IpPermission> expectedPermissions = ImmutableSet.of(portRangeIpPermission, singlePortIpPermission); SecurityGroup onePermissionAdded = securityGroupExtension.get().addIpPermission(portRangeIpPermission, group); SecurityGroup twoPermissionsAdded = securityGroupExtension.get().addIpPermission(singlePortIpPermission, onePermissionAdded); assertEquals(twoPermissionsAdded.getIpPermissions(), expectedPermissions); }
@Test(groups = { "integration", "live" }, singleThreaded = true, dependsOnMethods = "testAddIpPermissionsFromSpec") public void testAddIpPermissionWithCidrExclusionGroup() { skipIfSecurityGroupsNotSupported(); ComputeService computeService = view.getComputeService(); Optional<SecurityGroupExtension> securityGroupExtension = computeService.getSecurityGroupExtension(); assertTrue(securityGroupExtension.isPresent(), "security group extension was not present"); if (!securityGroupExtension.get().supportsExclusionCidrBlocks()) { throw new SkipException("Test cannot run without CIDR exclusion groups available."); } Optional<SecurityGroup> optGroup = getGroup(securityGroupExtension.get()); assertTrue(optGroup.isPresent()); SecurityGroup group = optGroup.get(); IpPermission cidrExclusionPermission = createCidrExclusionPermission(); Set<IpPermission> expectedPermissions = ImmutableSet.of(cidrExclusionPermission); SecurityGroup securityGroupWithExclusion = securityGroupExtension.get().addIpPermission(cidrExclusionPermission, group); assertTrue(securityGroupWithExclusion.getIpPermissions().containsAll(expectedPermissions)); }
@Override protected Properties setupProperties() { Properties properties = super.setupProperties(); AzureLiveTestUtils.defaultProperties(properties); setIfTestSystemPropertyPresent(properties, "oauth.endpoint"); return properties; }
@BeforeClass(groups = { "integration", "live" }) public void setupContext() { super.setupContext(); CloudStackApi api = view.unwrapApi(CloudStackApi.class); for (Zone z : api.getZoneApi().listZones()) { if (z.isSecurityGroupsEnabled()) { zone = z; break; } } if (zone == null) securityGroupsSupported = false; }
@AfterClass(groups = { "integration", "live" }) @Override protected void tearDownContext() { try { URI uri = view.unwrapApi(AzureComputeApi.class).getResourceGroupApi().delete(resourceGroupName); if (uri != null) { assertTrue(resourceDeleted.apply(uri), String.format("Resource %s was not terminated in the configured timeout", uri)); } } finally { super.tearDownContext(); } }