Merge "Switch nova_security_group to openstack provider"

lib/puppet/provider/nova_security_group/nova.rb

@@ -1,37 +0,0 @@
-require File.join(File.dirname(__FILE__), '..','..','..',
-                  'puppet/provider/nova')
-
-Puppet::Type.type(:nova_security_group).provide(
-  :nova,
-  :parent => Puppet::Provider::Nova
-) do
-
-  desc "Manage nova security groups"
-
-  commands :nova => 'nova'
-
-  mk_resource_methods
-
-  def exists?
-    sec_groups = self.class.cliout2list(auth_nova('secgroup-list'))
-    return sec_groups.detect do |n|
-        n['Name'] == resource['name']
-    end
-  end
-
-  def destroy
-    auth_nova("secgroup-delete", name)
-    @property_hash[:ensure] = :absent
-  end
-
-  def create
-    result = self.class.cliout2list(auth_nova("secgroup-create", resource[:name], resource[:description]))
-
-    @property_hash = {
-      :ensure => :present,
-      :name => resource[:name],
-      :id => result[0]['Id'],
-      :description => resource[:description]
-    }
-  end
-end

lib/puppet/provider/nova_security_group/openstack.rb

@@ -0,0 +1,82 @@
+require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova')
+
+Puppet::Type.type(:nova_security_group).provide(
+  :openstack,
+  :parent => Puppet::Provider::Nova
+) do
+  desc <<-EOT
+      Manage nova security groups
+  EOT
+
+  @credentials = Puppet::Provider::Openstack::CredentialsV3.new
+
+  def initialize(value={})
+    super(value)
+    @property_flush = {}
+  end
+
+  def create
+    opts = [@resource[:name]]
+    (opts << '--description' << @resource[:description]) if @resource[:description]
+    @property_hash = self.class.nova_request('security group', 'create', nil, opts)
+    @property_hash[:ensure] = :present
+  end
+
+  def exists?
+    @property_hash[:ensure] == :present
+  end
+
+  def destroy
+    self.class.request('security group', 'delete', @resource[:name])
+  end
+
+  mk_resource_methods
+
+  def id=(value)
+    fail('id is read only')
+  end
+
+  def name=(value)
+    fail('name is read only')
+  end
+
+  def description=(value)
+    @property_flush[:description] = value
+  end
+
+  def self.instances
+    # NOTE(mnaser): The OpenStack client makes a request to the Neutron endpoint
+    #               to get security groups and if it has an admin role, it will
+    #               retrieve all security groups.  The following helps filter it.
+    project_id = self.nova_request('token', 'issue', nil, ['-c', 'project_id', '-f', 'value']).strip
+
+    self.nova_request('security group', 'list', nil).select do |attrs|
+      attrs[:project] == project_id
+    end.collect do |attrs|
+      new(
+        :ensure      => :present,
+        :id          => attrs[:id],
+        :name        => attrs[:name],
+        :description => attrs[:description]
+      )
+    end
+  end
+
+  def self.prefetch(resources)
+    security_groups = instances
+    resources.keys.each do |name|
+      if provider = security_groups.find { |security_group| security_group.name == name }
+        resources[name].provider = provider
+      end
+    end
+  end
+
+  def flush
+    unless @property_flush.empty?
+      opts = [@resource[:name]]
+      (opts << '--description' << @resource[:description]) if @resource[:description]
+      self.class.request('security group', 'set', opts)
+      @property_flush.clear
+    end
+  end
+end

spec/unit/provider/nova_security_group/nova_spec.rb

@@ -1,91 +0,0 @@
-require 'puppet'
-require 'puppet/provider/nova_security_group/nova'
-require 'tempfile'
-
-provider_class = Puppet::Type.type(:nova_security_group).provider(:nova)
-
-describe provider_class do
-
-  let :secgroup_attrs do
-    {
-      :name => "scg0",
-      :description => "Security Group",
-    }
-  end
-
-  let :resource do
-    Puppet::Type::Nova_security_group.new(secgroup_attrs)
-  end
-
-  let :provider do
-    provider_class.new(resource)
-  end
-
-  shared_examples "nova_security_group" do
-    describe "#exists?" do
-      it 'should check non-existing security group' do
-        output = <<-EOT
-+--------------------------------------+---------+------------------------+
-| Id                                   | Name    | Description            |
-+--------------------------------------+---------+------------------------+
-| f630dd92-3ff7-49bc-b012-b211451aa418 | default | Default security group |
-+--------------------------------------+---------+------------------------+
-EOT
-
-        provider.expects(:auth_nova).with('secgroup-list').returns(output)
-
-        expect(provider.exists?).to be_falsey
-      end 
-
-      it 'should check existing security group' do
-        output = <<-EOT
-+--------------------------------------+------+----------------+
-| Id                                   | Name | Description    |
-+--------------------------------------+------+----------------+
-| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
-+--------------------------------------+------+----------------+
-EOT
-
-        provider.expects(:auth_nova).with('secgroup-list').returns(output)
-
-        expect(provider.exists?).to be_truthy
-      end
-    end
-
-    
-    describe "#create" do
-      it 'should create security group' do
-        output = <<-EOT
-+--------------------------------------+------+----------------+
-| Id                                   | Name | Description    |
-+--------------------------------------+------+----------------+
-| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
-+--------------------------------------+------+----------------+
-EOT
-
-        provider.expects(:auth_nova).with('secgroup-create', 'scg0', 'Security Group').returns(output)
-
-        expect(provider.create).to be_truthy
-      end 
-    end
-
-
-    describe "#destroy" do
-      it 'should destroy security group' do
-        output = <<-EOT
-+--------------------------------------+------+----------------+
-| Id                                   | Name | Description    |
-+--------------------------------------+------+----------------+
-| f630dd92-3ff7-49bc-b012-b211451aa419 | scg0 | Security Group |
-+--------------------------------------+------+----------------+
-EOT
-
-        provider.expects(:auth_nova).with('secgroup-delete', 'scg0').returns(output)
-
-        expect(provider.destroy).to be_truthy
-      end 
-    end
-  end
-
-  it_behaves_like('nova_security_group')
-end

spec/unit/provider/nova_security_group/openstack_spec.rb

@@ -0,0 +1,48 @@
+require 'puppet'
+require 'spec_helper'
+require 'puppet/provider/nova_flavor/openstack'
+
+provider_class = Puppet::Type.type(:nova_security_group).provider(:openstack)
+
+describe provider_class do
+
+  describe 'managing security groups' do
+    let(:secgroup_attrs) do
+      {
+        :name => "scg0",
+        :description => "Security Group",
+      }
+    end
+
+    let :resource do
+      Puppet::Type::Nova_security_group.new(secgroup_attrs)
+    end
+
+    let(:provider) do
+      provider_class.new(resource)
+    end
+
+    describe "#create" do
+      it 'should create security group' do
+        provider.class.stubs(:openstack)
+                      .with('security group', 'list', ['--all'])
+                      .returns('"ID", "Name", "Description", "Project"')
+        provider.class.stubs(:openstack)
+                      .with('security group', 'create', ['scg0', '--description', 'Security Group'])
+                      .returns('id="f630dd92-3ff7-49bc-b012-b211451aa419"
+name="scg0"
+description="Security Group"')
+      end
+    end
+
+    describe '#destroy' do
+      it 'removes flavor' do
+        provider_class.expects(:openstack)
+          .with('security group', 'delete', 'scg0')
+        provider.instance_variable_set(:@property_hash, secgroup_attrs)
+        provider.destroy
+        expect(provider.exists?).to be_falsey
+      end
+    end
+  end
+end