kotovalexarian-likes-github/fog--fog-aws
1
0
Fork 0
mirror of https://github.com/fog/fog-aws.git synced 2022-11-09 13:50:52 -05:00
Code Releases Activity

Merge pull request #356 from engineyard/authorize-vpc-to-rds-sg

Browse source 
Authorize vpc to rds sg
This commit is contained in:
Josh Lane 2017-03-29 09:35:21 -07:00 committed by GitHub
commit 75184e8d38
7 changed files with 59 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/fog/aws/models/rds/security_group.rb
View file

@ -29,8 +29,9 @@ module Fog
# group_owner_id defaults to the current owner_id
def authorize_ec2_security_group(group_name, group_owner_id=owner_id)
key = group_name.match(/^sg-/) ? 'EC2SecurityGroupId' : 'EC2SecurityGroupName'
authorize_ingress({
'EC2SecurityGroupName' => group_name,
key => group_name,
'EC2SecurityGroupOwnerId' => group_owner_id
})
end
@ -56,8 +57,9 @@ module Fog
# group_owner_id defaults to the current owner_id
def revoke_ec2_security_group(group_name, group_owner_id=owner_id)
key = group_name.match(/^sg-/) ? 'EC2SecurityGroupId' : 'EC2SecurityGroupName'
revoke_ingress({
'EC2SecurityGroupName' => group_name,
key => group_name,
'EC2SecurityGroupOwnerId' => group_owner_id
})
end

2
lib/fog/aws/rds.rb
View file

@ -164,7 +164,7 @@ module Fog
@data = nil
end
attr_accessor :region
attr_accessor :region, :aws_access_key_id
def initialize(options={})
@use_iam_profile = options[:use_iam_profile]

15
lib/fog/aws/requests/rds/authorize_db_security_group_ingress.rb
View file

@ -15,8 +15,8 @@ module Fog
# * response<~Excon::Response>:
# * body<~Hash>:
def authorize_db_security_group_ingress(name, opts={})
unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
unless opts.key?('CIDRIP') || ((opts.key?('EC2SecurityGroupName') || opts.key?('EC2SecurityGroupId')) && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or one of EC2SecurityGroupName or EC2SecurityGroupId, and EC2SecurityGroupOwnerId'
end
request({
@ -29,8 +29,13 @@ module Fog
class Mock
def authorize_db_security_group_ingress(name, opts = {})
unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
unless opts.key?('CIDRIP') || ((opts.key?('EC2SecurityGroupName') || opts.key?('EC2SecurityGroupId')) && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or one of EC2SecurityGroupName or EC2SecurityGroupId, and EC2SecurityGroupOwnerId'
end
if ec2_security_group_id = opts.delete("EC2SecurityGroupId")
ec2_security_group = (Fog::Compute::AWS::Mock.data[self.region][self.aws_access_key_id][:security_groups] || {}).values.detect { |sg| sg['groupId'] == ec2_security_group_id }
opts['EC2SecurityGroupName'] = ec2_security_group['groupName']
end
response = Excon::Response.new
@ -42,7 +47,7 @@ module Fog
end
sec_group['IPRanges'] << opts.merge({"Status" => 'authorizing'})
else
if sec_group['EC2SecurityGroups'].find{|h| h['EC2SecurityGroupName'] == opts['EC2SecurityGroupName']}
if sec_group['EC2SecurityGroups'].find{|h| h['EC2SecurityGroupName'] == opts['EC2SecurityGroupName'] || h['EC2SecurityGroupId'] == opts['EC2SecurityGroupId']}
raise Fog::AWS::RDS::AuthorizationAlreadyExists.new("AuthorizationAlreadyExists => #{opts['EC2SecurityGroupName']} is alreay defined")
end
sec_group['EC2SecurityGroups'] << opts.merge({"Status" => 'authorizing'})

7
lib/fog/aws/requests/rds/create_db_subnet_group.rb
View file

@ -31,15 +31,14 @@ module Fog
end
# collection = Fog::Compute::AWS.new(:aws_access_key_id => 'mock key', :aws_secret_access_key => 'mock secret')
collection = Fog::Compute[:aws]
collection.region = @region
compute_data = Fog::Compute::AWS::Mock.data[self.region][self.aws_access_key_id]
subnets = subnet_ids.map do |snid|
subnet = collection.subnets.get(snid)
subnet = compute_data[:subnets].detect { |s| s['subnetId'] == snid }
raise Fog::AWS::RDS::NotFound.new("InvalidSubnet => The subnet '#{snid}' was not found") if subnet.nil?
subnet
end
vpc_id = subnets.first.vpc_id
vpc_id = subnets.first['vpcId']
data = {
'DBSubnetGroupName' => name,

2
lib/fog/aws/requests/rds/delete_db_subnet_group.rb
View file

@ -26,6 +26,8 @@ module Fog
raise Fog::AWS::RDS::NotFound.new("DBSubnetGroupNotFound => The subnet group '#{name}' doesn't exists")
end
self.data[:subnet_groups].delete(name)
response.body = {
'ResponseMetadata'=>{ 'RequestId'=> Fog::AWS::Mock.request_id },
'return' => true,

13
lib/fog/aws/requests/rds/revoke_db_security_group_ingress.rb
View file

@ -15,8 +15,8 @@ module Fog
# * response<~Excon::Response>:
# * body<~Hash>:
def revoke_db_security_group_ingress(name, opts={})
unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
unless opts.key?('CIDRIP') || ((opts.key?('EC2SecurityGroupName') || opts.key?('EC2SecurityGroupId')) && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or one of EC2SecurityGroupName or EC2SecurityGroupId, and EC2SecurityGroupOwnerId'
end
request({
@ -29,8 +29,13 @@ module Fog
class Mock
def revoke_db_security_group_ingress(name, opts = {})
unless opts.key?('CIDRIP') || (opts.key?('EC2SecurityGroupName') && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or both EC2SecurityGroupName and EC2SecurityGroupOwnerId'
unless opts.key?('CIDRIP') || ((opts.key?('EC2SecurityGroupName') || opts.key?('EC2SecurityGroupId')) && opts.key?('EC2SecurityGroupOwnerId'))
raise ArgumentError, 'Must specify CIDRIP, or one of EC2SecurityGroupName or EC2SecurityGroupId, and EC2SecurityGroupOwnerId'
end
if ec2_security_group_id = opts.delete("EC2SecurityGroupId")
ec2_security_group = (Fog::Compute::AWS::Mock.data[self.region][self.aws_access_key_id][:security_groups] || {}).values.detect { |sg| sg['groupId'] == ec2_security_group_id }
opts['EC2SecurityGroupName'] = ec2_security_group['groupName']
end
response = Excon::Response.new

36
tests/models/rds/security_group_tests.rb
View file

@ -6,9 +6,9 @@ Shindo.tests("AWS::RDS | security_group", ['aws', 'rds']) do
tests("#description").returns('fog test') { @instance.description }
tests("#authorize_ec2_security_group").succeeds do
@ec2_sec_group = Fog::Compute[:aws].security_groups.create(:name => 'fog-test', :description => 'fog test')
@ec2_sec_group = Fog::Compute[:aws].security_groups.create(:name => uniq_id("fog-rds-test"), :description => 'fog test')
tests("#authorize_ec2_security_group('#{@ec2_sec_group.name}')").succeeds do
@instance.authorize_ec2_security_group(@ec2_sec_group.name)
returns('authorizing') do
@instance.ec2_security_groups.find{|h| h['EC2SecurityGroupName'] == @ec2_sec_group.name}['Status']
@ -17,9 +17,7 @@ Shindo.tests("AWS::RDS | security_group", ['aws', 'rds']) do
@instance.wait_for { ready? }
tests("#revoke_ec2_security_group").succeeds do
pending if Fog.mocking?
tests("#revoke_ec2_security_group('#{@ec2_sec_group.name}')").succeeds do
@instance.revoke_ec2_security_group(@ec2_sec_group.name)
returns('revoking') do
@ -29,9 +27,35 @@ Shindo.tests("AWS::RDS | security_group", ['aws', 'rds']) do
@instance.wait_for { ready? }
returns(false) { @instance.ec2_security_groups.any?{|h| h['EC2SecurityGroupName'] == @ec2_sec_group.name} }
@ec2_sec_group.destroy
end
@instance.wait_for { ready? }
tests("#authorize_ec2_security_group('#{@ec2_sec_group.group_id}')").succeeds do
@instance.authorize_ec2_security_group(@ec2_sec_group.group_id)
returns('authorizing') do
@instance.ec2_security_groups.find{|h| h['EC2SecurityGroupName'] == @ec2_sec_group.name}['Status']
end
end
@instance.wait_for { ready? }
tests("#revoke_ec2_security_group('#{@ec2_sec_group.group_id}')").succeeds do
@instance.revoke_ec2_security_group(@ec2_sec_group.group_id)
returns('revoking') do
@instance.ec2_security_groups.find{|h| h['EC2SecurityGroupName'] == @ec2_sec_group.name}['Status']
end
@instance.wait_for { ready? }
returns(false) { @instance.ec2_security_groups.any?{|h| h['EC2SecurityGroupId'] == @ec2_sec_group.group_id} }
end
@instance.wait_for { ready? }
@ec2_sec_group.destroy
tests("#authorize_cidrip").succeeds do
@cidr = '127.0.0.1/32'
@instance.authorize_cidrip(@cidr)