kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity
fog--fog/tests/vcloud_director/requests/compute/edge_gateway_tests.rb
Josh Myers 8902341086 Add support for multiple VPN tunnels.
2015-07-25 15:51:14 +01:00

217 lines
8.4 KiB
Ruby
Raw Blame History

Shindo.tests('Compute::VcloudDirector | edge gateway requests', ['vclouddirector']) do
FIREWALL_RULE_ID = '9999'
@dhcp_configuration = {
:GatewayDhcpService => {
:IsEnabled => "true",
:pools => [{
:IsEnabled => "true",
:Network => "testNet",
:DefaultLeaseTime => "65",
:MaxLeaseTime => "650",
:LowIpAddress => "192.168.9.2",
:HighIpAddress => "192.168.9.20"
}]
}
}
@vpn_configuration = {
:GatewayIpsecVpnService =>
{
:IsEnabled => "true",
:Tunnel => [{
:Name => "test vpn",
:PeerIpAddress => "110.110.110.110",
:PeerId => "1223-123UDH-12321",
:LocalIpAddress => "192.168.90.90",
:LocalId => "202UB-9602-UB629",
:PeerSubnet => {
:Name => "192.168.0.0/18",
:Gateway => "192.168.0.0",
:Netmask => "255.255.192.0",
},
:SharedSecret => "dont tell anyone",
:SharedSecretEncrypted => "false",
:EncryptionProtocol => "AES",
:Mtu => "1500",
:IsEnabled => "true",
:LocalSubnet => [{
:Name => "VDC Network",
:Gateway => "192.168.90.254",
:Netmask => "255.255.255.0"
}]
}]
}
}
@routing_service_configuration = {
:StaticRoutingService => {
:IsEnabled => "true",
:StaticRoute => [
{
:Name => "Test static route #1",
:Network => "192.168.192.0/24",
:NextHopIp => "192.168.0.1",
:GatewayInterface => {}
}
]
}
}
@new_edge_gateway_configuration = {
:FirewallService =>
{
:IsEnabled => "true",
:DefaultAction => "allow",
:LogDefaultAction => "false",
:FirewallRule => [
{
:IsEnabled => "false",
:MatchOnTranslate => "false",
:Id => FIREWALL_RULE_ID,
:Policy => "drop",
:Description => "generated from edge_gateway_tests",
:Protocols => {
:Tcp => "true"
},
:Port => "3412",
:DestinationPortRange => "3412",
:DestinationIp => "internal",
:SourcePort => "3412",
:SourceIp => "internal",
:SourcePortRange => "3412",
:EnableLogging => "false"
}
]
}
}.merge!(@vpn_configuration).merge!(@dhcp_configuration)
@service = Fog::Compute::VcloudDirector.new
@org = VcloudDirector::Compute::Helper.current_org(@service)
tests('Get first vDC with an EdgeGatewayRecord') do
@org[:Link].each do |l|
if l[:type] == 'application/vnd.vmware.vcloud.vdc+xml'
id = l[:href].split('/').last
edge_gateways = @service.get_org_vdc_gateways(id).body
if edge_gateways && edge_gateways[:EdgeGatewayRecord].size >= 1
@vdc_id = id
break
end
end
end
end
tests('#get_org_vdc_gateways').data_matches_schema(VcloudDirector::Compute::Schema::QUERY_RESULT_RECORDS_TYPE) do
begin
@edge_gateways = @service.get_org_vdc_gateways(@vdc_id).body
rescue Fog::Compute::VcloudDirector::Unauthorized # bug, may be localised
retry
end
@edge_gateways
end
@edge_gateways[:EdgeGatewayRecord].each do |result|
tests("each EdgeGatewayRecord").
data_matches_schema(VcloudDirector::Compute::Schema::QUERY_RESULT_EDGE_GATEWAY_RECORD_TYPE) do
result
end
end
tests('#get_edge_gateway').data_matches_schema(VcloudDirector::Compute::Schema::GATEWAY_TYPE) do
@edge_gateway_id = @edge_gateways[:EdgeGatewayRecord].first[:href].split('/').last
@original_gateway_conf = @service.get_edge_gateway(@edge_gateway_id).body
end
tests('#configure_edge_gateway_services') do
rule = @original_gateway_conf[:Configuration][:EdgeGatewayServiceConfiguration][:FirewallService][:FirewallRule].find { |rule| rule[:Id] == FIREWALL_RULE_ID }
raise('fail fast if our test firewall rule already exists - its likely left over from a broken test run') if rule
response = @service.post_configure_edge_gateway_services(@edge_gateway_id, @new_edge_gateway_configuration)
@service.process_task(response.body)
tests('#check for DHCP configuration').returns(@new_edge_gateway_configuration[:GatewayDhcpService][:IsEnabled]) do
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
edge_gateway[:Configuration][:EdgeGatewayServiceConfiguration][:GatewayDhcpService][:IsEnabled]
end
tests('#check for VPN').returns(@new_edge_gateway_configuration[:GatewayIpsecVpnService][:IsEnabled]) do
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
edge_gateway[:Configuration][:EdgeGatewayServiceConfiguration][:GatewayIpsecVpnService][:IsEnabled]
end
tests('#check for new firewall rule').returns(@new_edge_gateway_configuration[:FirewallService][:FirewallRule]) do
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
edge_gateway[:Configuration][:EdgeGatewayServiceConfiguration][:FirewallService][:FirewallRule]
end
tests('#remove the firewall rule added by test').returns(nil) do
response = @service.post_configure_edge_gateway_services(@edge_gateway_id,
@original_gateway_conf[:Configuration][:EdgeGatewayServiceConfiguration])
@service.process_task(response.body)
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
edge_gateway[:Configuration][:EdgeGatewayServiceConfiguration][:FirewallService][:FirewallRule].find { |rule| rule[:Id] == FIREWALL_RULE_ID }
end
tests('#check Static Routing service configuration').returns(true) do
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
gateway_interface = edge_gateway[:Configuration][:GatewayInterfaces][:GatewayInterface].first
@routing_service_configuration[:StaticRoutingService][:StaticRoute].first[:GatewayInterface] = {
:type => gateway_interface[:type],
:name => gateway_interface[:name],
:href => gateway_interface[:href]
}
response = @service.post_configure_edge_gateway_services(@edge_gateway_id,
@routing_service_configuration)
@service.process_task(response.body)
edge_gateway = @service.get_edge_gateway(@edge_gateway_id).body
edge_gateway[:Configuration][:EdgeGatewayServiceConfiguration][:StaticRoutingService][:IsEnabled] == "true"
end
tests('#check VPN xml from generator').returns(true) do
xml = Nokogiri.XML Fog::Generators::Compute::VcloudDirector::EdgeGatewayServiceConfiguration.new(@vpn_configuration).generate_xml
#Not comprehensive, only checks that the generator actually knows how to handle it and that the output looks vagely sane
paths = {
'GatewayIpsecVpnService>IsEnabled' => 'true',
'Tunnel>Name' => 'test vpn',
'Tunnel>PeerIpAddress' => '110.110.110.110',
'Tunnel>LocalSubnet>Gateway' => '192.168.90.254',
'Tunnel>PeerSubnet>Netmask' => '255.255.192.0' }
paths.none? { |path| (xml.css path[0]).inner_text != path[1] }
end
tests('#check DHCP xml from generator').returns(true) do
xml = Nokogiri.XML Fog::Generators::Compute::VcloudDirector::EdgeGatewayServiceConfiguration.new(@dhcp_configuration).generate_xml
paths = {
'GatewayDhcpService>IsEnabled' => "true",
'GatewayDhcpService>Pool>IsEnabled' => "true",
'GatewayDhcpService>Pool>Network' => "testNet",
'GatewayDhcpService>Pool>DefaultLeaseTime' => "65",
'GatewayDhcpService>Pool>MaxLeaseTime' => "650",
'GatewayDhcpService>Pool>LowIpAddress' => "192.168.9.2",
'GatewayDhcpService>Pool>HighIpAddress' => "192.168.9.20" }
paths.none? { |path| (xml.css path[0]).inner_text != path[1] }
end
end
tests('Retrieve non-existent edge gateway').raises(Fog::Compute::VcloudDirector::Forbidden) do
begin
@service.get_edge_gateway('00000000-0000-0000-0000-000000000000')
rescue Fog::Compute::VcloudDirector::Unauthorized # bug, may be localised
retry
end
end
tests('Configure non-existent edge gateway').raises(Fog::Compute::VcloudDirector::Forbidden) do
begin
@service.post_configure_edge_gateway_services('00000000-0000-0000-0000-000000000000', {})
rescue Fog::Compute::VcloudDirector::Unauthorized # bug, may be localised
retry
end
end
end
View git blame Copy permalink