So there were a few problems, but the core ugly one is that what you
pass in for creating a rule allowing groups' access is not the same
thing you get back from a group with such a rule, which makes mapping
between the arguments and the output insanely painful. So now, well,
we do some insanely painful stuff.
Involves some non-trivial reworking of EC2 security group
translation/binding, but it was necessary.
Still problems with a number of tests:
- org.jclouds.aws.ec2.compute.AWSEC2TemplateBuilderLiveTest#testTemplateBuilderWithLessRegions
- org.jclouds.ec2.compute.EC2TemplateBuilderLiveTest#testTemplateBuilderCanUseImageIdWithoutFetchingAllImages
Those seem to be failing because there's caching going on that they're
not expecting, but I could be wrong.
Also failing:
- org.jclouds.aws.ec2.features.PlacementGroupApiLiveTest in general
- org.jclouds.aws.ec2.features.SpotInstanceApiLiveTest - a couple tests
This removes
org.jclouds.ec2.compute.functions.PasswordCredentialsFromWindowsInstanceLiveTest
due to there not being an easily detectable valid AMI for it to run,
and low interest in actually running it in the first place.
Not all S3-compatible providers support virtual host buckets and thus
we should disable this feature by default. Continue to enable virtual
host buckets for AWS-S3 which supports this although this feature
suffers from DNS settling issues. Ran ran integration tests against
AWS-S3 and Scality using its S3 API.
As recommended at
http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html:
"You can also send a signature as a URL-encoded query-string parameter
in the URL for the request."
Also deals with some of the craziness of URL encoding/decoding in
jclouds.
References JCLOUDS-200
Introduces AWSS3BlobRequestSigner, which reuses the
RequestAuthorizeSignature filter for most of the heavy lifting.
Other implementation details based on [1].
Tested with AWSS3BlobSignerLiveTest, in particular,
testSign(Get|Put)UrlWithTime.
Closes JCLOUDS-200
[1] http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html
Large blob support for AzureClient; the next step of this is to
support PutOptions.multipart and digest a blob into 4M parts. This
just implements the Azure interaction.
...and EC2-related elsewhere. Also moved *Client -> *Api, and moved
everything from .../services to .../features, and threw in a bunch of
Optionals to fit the EC2Api approach.
And a very big tip of the hat to nacx for figuring out the generics
stuff my brain just could not handle. =)
- Adds the SecurityGroupExtension to compute, with tests and stub
support.
- Gets everything else to actually build against this.
- Unifies on compute's IpPermission/IpProtocol, eliminating EC2's.
- Converters from EC2/Nova/CloudStack SecurityGroup (and rules, for
the latter two) to the compute SecurityGroup (and rules, etc).
- EC2SecurityGroupExtension and tests.
- AWSEC2SecurityGroupExtension and tests - depends on JCLOUDS-99.
- Added AWSEC2CreateSecurityGroupIfNeeded, using
AWSSecurityGroupClient's ability to call
authorizeSecurityGroupInRegion with Iterable<IpPermission>
- Added a utility method,
ComputeServiceUtils.getPortRangesInList(int... ports), to get pairs of
start/end ports covering all ranges in a list of ports. Used above.