EnsureSecurityGroupExistsLiveTest.java

/*
 * Copyright (c) 2012 S.C. Axemblr Software Solutions S.R.L
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.axemblr.provisionr.cloudstack.activities;

import com.axemblr.provisionr.api.network.Network;
import com.axemblr.provisionr.api.network.Rule;
import com.axemblr.provisionr.api.pool.Pool;
import com.axemblr.provisionr.cloudstack.core.ConvertIngressRuleToRule;
import com.axemblr.provisionr.cloudstack.core.SecurityGroups;
import com.axemblr.provisionr.core.CoreProcessVariables;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import java.util.NoSuchElementException;
import org.activiti.engine.delegate.DelegateExecution;
import static org.fest.assertions.api.Assertions.assertThat;
import org.jclouds.cloudstack.domain.SecurityGroup;
import static org.jclouds.cloudstack.options.ListSecurityGroupsOptions.Builder.named;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class EnsureSecurityGroupExistsLiveTest extends CloudStackActivityLiveTest<EnsureSecurityGroupExists> {

    private static final Logger LOG = LoggerFactory.getLogger(EnsureSecurityGroupExistsLiveTest.class);

    private final String SECURITY_GROUP_NAME = "network-" + BUSINESS_KEY;

    private final ImmutableSet<Rule> ingressRules = ImmutableSet.of(
        Rule.builder().anySource().icmp().createRule(),
        Rule.builder().anySource().tcp().port(22).createRule(),
        Rule.builder().anySource().udp().port(53).createRule());

    private final Network network = Network.builder().ingress(ingressRules).createNetwork();

    @Override
    @Before
    public void setUp() throws Exception {
        super.setUp();
        logSecurityGroupDetails();
        deleteSecurityGroupIfExists();
    }

    @Override
    @After
    public void tearDown() throws Exception {
        deleteSecurityGroupIfExists();
        logSecurityGroupDetails();
        super.tearDown();
    }

    private void deleteSecurityGroupIfExists() {
        try {
            SecurityGroup securityGroup = Iterables.getOnlyElement(context.getApi()
                .getSecurityGroupClient()
                .listSecurityGroups(named(SECURITY_GROUP_NAME)));

            context.getApi().getSecurityGroupClient().deleteSecurityGroup(securityGroup.getId());
        } catch (NoSuchElementException e) {
            LOG.info("Security group {} was not found", SECURITY_GROUP_NAME);
        } catch (Exception e2) {
            LOG.error("Exception deleting security group {}", e2);
        }
    }

    @Test
    public void testCreateSecurityGroup() throws Exception {
        DelegateExecution execution = mock(DelegateExecution.class);
        Pool pool = mock(Pool.class);

        when(pool.getProvider()).thenReturn(provider);
        when(pool.getNetwork()).thenReturn(network);

        when(execution.getVariable(CoreProcessVariables.POOL)).thenReturn(pool);
        when(execution.getProcessBusinessKey()).thenReturn(BUSINESS_KEY);

        activity.execute(execution);
        assertSecurityGroupExistsWithRules(SecurityGroups.getByName(
            context.getApi(), SECURITY_GROUP_NAME), ingressRules);
    }

    @Test
    public void testCreateSecurityGroupWithExistingSecurityGroup() throws Exception {
        DelegateExecution execution = mock(DelegateExecution.class);
        Pool pool = mock(Pool.class);

        when(pool.getProvider()).thenReturn(provider);

        when(execution.getVariable(CoreProcessVariables.POOL)).thenReturn(pool);
        when(execution.getProcessBusinessKey()).thenReturn(BUSINESS_KEY);

        // create the SecurityGroup with an extra Network Rule, then call the activity
        when(pool.getNetwork()).thenReturn(network.toBuilder().addRules(
            Rule.builder().anySource().tcp().port(80).createRule()).createNetwork());

        activity.execute(execution);
        // call the process again with the old network rules and check the rules
        when(pool.getNetwork()).thenReturn(network);

        activity.execute(execution);

        assertSecurityGroupExistsWithRules(SecurityGroups.getByName(context.getApi(),
            SECURITY_GROUP_NAME), ingressRules);
    }

    private void assertSecurityGroupExistsWithRules(SecurityGroup securityGroup, ImmutableSet<Rule> ingressRules) {
        assertThat(ingressRules).containsAll(Iterables.transform(securityGroup.getIngressRules(),
            ConvertIngressRuleToRule.FUNCTION));
    }
}