@AfterGroups(groups = "live")
protected void tearDown() {
if (vm != null) {
assert jobComplete.apply(client.getVirtualMachineClient().destroyVirtualMachine(vm.getId()));
}
if (group != null) {
for (IngressRule rule : group.getIngressRules())
assert this.jobComplete.apply(
client.getSecurityGroupClient().revokeIngressRule(rule.getId()))
: rule;
client.getSecurityGroupClient().deleteSecurityGroup(group.getId());
assertEquals(client.getSecurityGroupClient().getSecurityGroup(group.getId()), null);
}
super.tearDown();
}
@Test
public void testCreateDestroySecurityGroup() {
try {
zone =
Iterables.find(
client.getZoneClient().listZones(),
new Predicate<Zone>() {
@Override
public boolean apply(Zone arg0) {
return arg0.isSecurityGroupsEnabled();
}
});
securityGroupsSupported = true;
for (SecurityGroup securityGroup :
client
.getSecurityGroupClient()
.listSecurityGroups(ListSecurityGroupsOptions.Builder.named(prefix))) {
for (IngressRule rule : securityGroup.getIngressRules())
assert this.jobComplete.apply(
client.getSecurityGroupClient().revokeIngressRule(rule.getId()))
: rule;
client.getSecurityGroupClient().deleteSecurityGroup(securityGroup.getId());
}
group = client.getSecurityGroupClient().createSecurityGroup(prefix);
assertEquals(group.getName(), prefix);
checkGroup(group);
try {
client.getSecurityGroupClient().createSecurityGroup(prefix);
assert false;
} catch (IllegalStateException e) {
}
} catch (NoSuchElementException e) {
e.printStackTrace();
}
}
@Test(dependsOnMethods = "testCreateDestroySecurityGroup")
public void testCreateIngress() throws Exception {
if (!securityGroupsSupported) return;
String cidr = getCurrentCIDR();
ImmutableSet<String> cidrs = ImmutableSet.of(cidr);
assert jobComplete.apply(
client.getSecurityGroupClient().authorizeIngressICMPToCIDRs(group.getId(), 0, 8, cidrs))
: group;
assert jobComplete.apply(
client
.getSecurityGroupClient()
.authorizeIngressPortsToCIDRs(group.getId(), "TCP", 22, 22, cidrs))
: group;
AccountInDomainOptions.Builder.accountInDomain(group.getAccount(), group.getDomainId());
// replace with get once bug is fixed where getGroup returns only one
// ingress rule
group =
Iterables.find(
client.getSecurityGroupClient().listSecurityGroups(),
new Predicate<SecurityGroup>() {
@Override
public boolean apply(SecurityGroup input) {
return input.getId() == group.getId();
}
});
IngressRule ICMPPingRule =
Iterables.find(
group.getIngressRules(),
new Predicate<IngressRule>() {
@Override
public boolean apply(IngressRule input) {
return "icmp".equals(input.getProtocol());
}
});
assert ICMPPingRule.getId() > 0 : ICMPPingRule;
assert "icmp".equals(ICMPPingRule.getProtocol()) : ICMPPingRule;
assert ICMPPingRule.getStartPort() == -1 : ICMPPingRule;
assert ICMPPingRule.getEndPort() == -1 : ICMPPingRule;
assert ICMPPingRule.getICMPCode() == 0 : ICMPPingRule;
assert ICMPPingRule.getICMPType() == 8 : ICMPPingRule;
assert ICMPPingRule.getAccount() == null : ICMPPingRule;
assert ICMPPingRule.getSecurityGroupName() == null : ICMPPingRule;
assert cidr.equals(ICMPPingRule.getCIDR()) : ICMPPingRule;
IngressRule SSHRule =
Iterables.find(
group.getIngressRules(),
new Predicate<IngressRule>() {
@Override
public boolean apply(IngressRule input) {
return "tcp".equals(input.getProtocol());
}
});
assert SSHRule.getId() > 0 : SSHRule;
assert "tcp".equals(SSHRule.getProtocol()) : SSHRule;
assert SSHRule.getStartPort() == 22 : SSHRule;
assert SSHRule.getEndPort() == 22 : SSHRule;
assert SSHRule.getICMPCode() == -1 : SSHRule;
assert SSHRule.getICMPType() == -1 : SSHRule;
assert SSHRule.getAccount() == null : SSHRule;
assert SSHRule.getSecurityGroupName() == null : SSHRule;
assert cidr.equals(SSHRule.getCIDR()) : SSHRule;
}