Checks provisioning state in Rule resource instead of Group (#30)

* Checks provisioning state in Rule resource instead of Group

* comments by @nacx to proper check and delete rules

* Fixes log message deleting rule
This commit is contained in:
Daniel Estévez 2019-05-17 02:59:01 -04:00 committed by Ignasi Barrera
parent 3e855c26be
commit e1c64244cb
6 changed files with 64 additions and 19 deletions

View File

@ -45,6 +45,7 @@ import org.jclouds.azurecompute.arm.domain.Image;
import org.jclouds.azurecompute.arm.domain.Key.DeletedKeyBundle;
import org.jclouds.azurecompute.arm.domain.Key.KeyBundle;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroup;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRule;
import org.jclouds.azurecompute.arm.domain.Provisionable;
import org.jclouds.azurecompute.arm.domain.ResourceDefinition;
import org.jclouds.azurecompute.arm.domain.Secret.DeletedSecretBundle;
@ -122,6 +123,12 @@ public class AzurePredicatesModule extends AbstractModule {
return new SecurityGroupAvailablePredicateFactory(api, resourceAvailable);
}
@Provides
protected SecurityGroupRuleAvailablePredicateFactory provideSecurityGroupRuleAvailablePredicate(final AzureComputeApi api,
Predicate<Supplier<Provisionable>> resourceAvailable) {
return new SecurityGroupRuleAvailablePredicateFactory(api, resourceAvailable);
}
@Provides
protected ImageAvailablePredicateFactory provideImageAvailablePredicate(final AzureComputeApi api,
final ComputeServiceConstants.Timeouts timeouts, final PollPeriod pollPeriod) {
@ -292,6 +299,34 @@ public class AzurePredicatesModule extends AbstractModule {
}
}
public static class SecurityGroupRuleAvailablePredicateFactory {
private final AzureComputeApi api;
private final Predicate<Supplier<Provisionable>> resourceAvailable;
SecurityGroupRuleAvailablePredicateFactory(final AzureComputeApi api, Predicate<Supplier<Provisionable>> resourceAvailable) {
this.api = checkNotNull(api, "api cannot be null");
this.resourceAvailable = resourceAvailable;
}
public Predicate<String> create(final String resourceGroup, final String securityGroupName) {
checkNotNull(resourceGroup, "resourceGroup cannot be null");
checkNotNull(securityGroupName, "securityGroupName cannot be null");
return new Predicate<String>() {
@Override
public boolean apply(final String name) {
checkNotNull(name, "name cannot be null");
return resourceAvailable.apply(new Supplier<Provisionable>() {
@Override
public Provisionable get() {
NetworkSecurityRule securityRule = api.getNetworkSecurityRuleApi(resourceGroup, securityGroupName).get(name);
return securityRule == null ? null : securityRule.properties();
}
});
}
};
}
}
public static class NetworkAvailablePredicateFactory {
private final AzureComputeApi api;
private final Predicate<Supplier<Provisionable>> resourceAvailable;

View File

@ -30,13 +30,13 @@ import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import org.jclouds.azurecompute.arm.AzureComputeApi;
import org.jclouds.azurecompute.arm.compute.config.AzurePredicatesModule.SecurityGroupAvailablePredicateFactory;
import org.jclouds.azurecompute.arm.compute.config.AzurePredicatesModule.SecurityGroupRuleAvailablePredicateFactory;
import org.jclouds.azurecompute.arm.compute.domain.ResourceGroupAndName;
import org.jclouds.azurecompute.arm.domain.NetworkInterfaceCard;
import org.jclouds.azurecompute.arm.domain.NetworkProfile.NetworkInterface;
@ -78,20 +78,21 @@ public class AzureComputeSecurityGroupExtension implements SecurityGroupExtensio
private final AzureComputeApi api;
private final Function<NetworkSecurityGroup, SecurityGroup> securityGroupConverter;
private final SecurityGroupAvailablePredicateFactory securityGroupAvailable;
private final SecurityGroupRuleAvailablePredicateFactory securityGroupRuleAvailable;
private final Predicate<URI> resourceDeleted;
private final LoadingCache<String, ResourceGroup> defaultResourceGroup;
private final Supplier<Set<String>> regionIds;
@Inject
AzureComputeSecurityGroupExtension(AzureComputeApi api,
Function<NetworkSecurityGroup, SecurityGroup> groupConverter,
SecurityGroupAvailablePredicateFactory securityRuleAvailable,
AzureComputeSecurityGroupExtension(AzureComputeApi api, Function<NetworkSecurityGroup, SecurityGroup> groupConverter,
SecurityGroupAvailablePredicateFactory securityGroupAvailable, SecurityGroupRuleAvailablePredicateFactory securityGroupRuleAvailable,
@Named(TIMEOUT_RESOURCE_DELETED) Predicate<URI> resourceDeleted,
LoadingCache<String, ResourceGroup> defaultResourceGroup,
@Region Supplier<Set<String>> regionIds) {
this.api = api;
this.securityGroupConverter = groupConverter;
this.securityGroupAvailable = securityRuleAvailable;
this.securityGroupAvailable = securityGroupAvailable;
this.securityGroupRuleAvailable = securityGroupRuleAvailable;
this.resourceDeleted = resourceDeleted;
this.defaultResourceGroup = defaultResourceGroup;
this.regionIds = regionIds;
@ -252,8 +253,7 @@ public class AzureComputeSecurityGroupExtension implements SecurityGroupExtensio
ruleApi.createOrUpdate(ruleName, properties);
checkState(
securityGroupAvailable.create(resourceGroupAndName.resourceGroup()).apply(networkSecurityGroup.name()),
checkState(securityGroupRuleAvailable.create(resourceGroupAndName.resourceGroup(), networkSecurityGroup.name()).apply(ruleName),
"Security group was not updated in the configured timeout");
}
@ -294,10 +294,11 @@ public class AzureComputeSecurityGroupExtension implements SecurityGroupExtensio
for (NetworkSecurityRule matchingRule : rules) {
logger.debug(">> deleting network security rule %s from %s...", matchingRule.name(), group.getName());
ruleApi.delete(matchingRule.name());
checkState(
securityGroupAvailable.create(resourceGroupAndName.resourceGroup()).apply(networkSecurityGroup.name()),
"Security group was not updated in the configured timeout");
URI uri = ruleApi.delete(matchingRule.name());
if (uri != null) {
checkState(resourceDeleted.apply(uri), "Rule %s could not be deleted in the configured timeout", matchingRule.id());
}
}
return getSecurityGroupById(group.getId());

View File

@ -16,14 +16,14 @@
*/
package org.jclouds.azurecompute.arm.domain;
import com.google.auto.value.AutoValue;
import org.jclouds.azurecompute.arm.util.GetEnumValue;
import org.jclouds.javax.annotation.Nullable;
import org.jclouds.json.SerializedNames;
import com.google.auto.value.AutoValue;
@AutoValue
public abstract class NetworkSecurityRuleProperties {
public abstract class NetworkSecurityRuleProperties implements Provisionable {
public enum Protocol {
// * is an allowed value, will handle in
Tcp("Tcp"),
@ -91,7 +91,10 @@ public abstract class NetworkSecurityRuleProperties {
public abstract Direction direction();
@SerializedNames({"description", "protocol", "sourcePortRange", "destinationPortRange", "sourceAddressPrefix", "destinationAddressPrefix", "access", "priority", "direction"})
@Nullable
public abstract String provisioningState();
@SerializedNames({ "description", "protocol", "sourcePortRange", "destinationPortRange", "sourceAddressPrefix", "destinationAddressPrefix", "access", "priority", "direction", "provisioningState" })
public static NetworkSecurityRuleProperties create(final String description,
final Protocol protocol,
final String sourcePortRange,
@ -100,7 +103,8 @@ public abstract class NetworkSecurityRuleProperties {
final String destinationAddressPrefix,
final Access access,
final Integer priority,
final Direction direction) {
final Direction direction,
final String provisioningState) {
return builder()
.description(description)
.protocol(protocol)
@ -110,7 +114,7 @@ public abstract class NetworkSecurityRuleProperties {
.destinationAddressPrefix(destinationAddressPrefix)
.access(access)
.priority(priority)
.direction(direction)
.direction(direction).provisioningState(provisioningState)
.build();
}
@ -140,6 +144,8 @@ public abstract class NetworkSecurityRuleProperties {
public abstract Builder direction(Direction direction);
public abstract Builder provisioningState(String provisioningState);
public abstract NetworkSecurityRuleProperties build();
}
}

View File

@ -54,6 +54,7 @@ public class NetworkSecurityGroupApiMockTest extends BaseAzureComputeApiMockTest
.access(NetworkSecurityRuleProperties.Access.Deny)
.priority(4095)
.direction(NetworkSecurityRuleProperties.Direction.Outbound)
.provisioningState("Succeeded")
.build());
ArrayList<NetworkSecurityRule> ruleList = new ArrayList<NetworkSecurityRule>();
ruleList.add(rule);

View File

@ -52,6 +52,7 @@ public class NetworkSecurityRuleApiMockTest extends BaseAzureComputeApiMockTest
.access(NetworkSecurityRuleProperties.Access.Allow)
.priority(4094)
.direction(NetworkSecurityRuleProperties.Direction.Inbound)
.provisioningState("Succeeded")
.build());
return rule;
}

View File

@ -12,6 +12,7 @@
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 4094,
"direction": "Inbound"
"direction": "Inbound",
"provisioningState": "Succeeded"
}
}