You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jclouds.apache.org by ab...@apache.org on 2013/11/03 21:36:16 UTC
git commit: Cleaning up GCE SecurityGroupExtension
Updated Branches:
refs/heads/master fde547897 -> 5ec13c95b
Cleaning up GCE SecurityGroupExtension
Project: http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/repo
Commit: http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/commit/5ec13c95
Tree: http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/tree/5ec13c95
Diff: http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/diff/5ec13c95
Branch: refs/heads/master
Commit: 5ec13c95bdaa64baf22ea7178785df1b7fb14ea0
Parents: fde5478
Author: Andrew Bayer <an...@gmail.com>
Authored: Fri Nov 1 17:57:43 2013 -0700
Committer: Andrew Bayer <an...@gmail.com>
Committed: Fri Nov 1 17:57:43 2013 -0700
----------------------------------------------------------------------
...GoogleComputeEngineServiceContextModule.java | 2 +-
...ogleComputeEngineSecurityGroupExtension.java | 47 ++++++++++----------
...desWithGroupEncodedIntoNameThenAddToSet.java | 2 +-
.../functions/CreateNetworkIfNeeded.java | 39 ++++++++--------
.../predicates/NetworkFirewallPredicates.java | 30 ++++++-------
.../GoogleComputeEngineServiceExpectTest.java | 2 +
.../loaders/FindNetworkOrCreateTest.java | 2 +-
.../functions/CreateNetworkIfNeededTest.java | 2 +
8 files changed, 64 insertions(+), 62 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java
index b726f11..ccfcaf1 100644
--- a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java
+++ b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/config/GoogleComputeEngineServiceContextModule.java
@@ -160,7 +160,7 @@ public class GoogleComputeEngineServiceContextModule
@Singleton
@Memoized
public Supplier<Map<URI, ? extends org.jclouds.compute.domain.Image>> provideImagesMap(
- AtomicReference <AuthorizationException> authException,
+ AtomicReference<AuthorizationException> authException,
final Supplier<Set<? extends org.jclouds.compute.domain.Image>> images,
@Named(PROPERTY_SESSION_INTERVAL) long seconds) {
return MemoizedRetryOnTimeOutButNotOnAuthorizationExceptionSupplier.create(authException,
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/extensions/GoogleComputeEngineSecurityGroupExtension.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/extensions/GoogleComputeEngineSecurityGroupExtension.java b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/extensions/GoogleComputeEngineSecurityGroupExtension.java
index 2ceccef..71557bb 100644
--- a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/extensions/GoogleComputeEngineSecurityGroupExtension.java
+++ b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/extensions/GoogleComputeEngineSecurityGroupExtension.java
@@ -96,7 +96,7 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
"operation completed check interval");
this.operationCompleteCheckTimeout = checkNotNull(operationCompleteCheckTimeout,
"operation completed check timeout");
- this.operationDonePredicate = operationDonePredicate;
+ this.operationDonePredicate = checkNotNull(operationDonePredicate, "operationDonePredicate");
}
@Override
@@ -197,11 +197,10 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
@Override
public SecurityGroup addIpPermission(IpPermission ipPermission, SecurityGroup group) {
+ checkNotNull(group, "group");
+ checkNotNull(ipPermission, "ipPermission");
- if (api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null) {
- // Network corresponding to security group does not exist.
- return null;
- }
+ checkNotNull(api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null, "network for group is null");
ListOptions options = new ListOptions.Builder().filter("network eq .*/" + group.getName());
@@ -214,10 +213,10 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
String uniqueFwName = namingConvention.createWithoutPrefix().uniqueNameForGroup(group.getName());
fwOptions.name(uniqueFwName);
fwOptions.network(group.getUri());
- if (ipPermission.getGroupIds().size() > 0) {
+ if (!ipPermission.getGroupIds().isEmpty()) {
fwOptions.sourceTags(ipPermission.getGroupIds());
}
- if (ipPermission.getCidrBlocks().size() > 0) {
+ if (!ipPermission.getCidrBlocks().isEmpty()) {
fwOptions.sourceRanges(ipPermission.getCidrBlocks());
}
Firewall.Rule.Builder ruleBuilder = Firewall.Rule.builder();
@@ -242,16 +241,16 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
}
@Override
- public SecurityGroup addIpPermission(IpProtocol protocol, int startPort, int endPort,
- Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges,
+ public SecurityGroup addIpPermission(IpProtocol protocol, int fromPort, int toPort,
+ Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> cidrBlocks,
Iterable<String> groupIds, SecurityGroup group) {
IpPermission.Builder permBuilder = IpPermission.builder();
permBuilder.ipProtocol(protocol);
- permBuilder.fromPort(startPort);
- permBuilder.toPort(endPort);
+ permBuilder.fromPort(fromPort);
+ permBuilder.toPort(toPort);
permBuilder.groupIds(groupIds);
- permBuilder.cidrBlocks(ipRanges);
+ permBuilder.cidrBlocks(cidrBlocks);
return addIpPermission(permBuilder.build(), group);
@@ -259,10 +258,10 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
@Override
public SecurityGroup removeIpPermission(IpPermission ipPermission, SecurityGroup group) {
- if (api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null) {
- // Network corresponding to security group does not exist.
- return null;
- }
+ checkNotNull(group, "group");
+ checkNotNull(ipPermission, "ipPermission");
+
+ checkNotNull(api.getNetworkApiForProject(userProject.get()).get(group.getId()) == null, "network for group is null");
ListOptions options = new ListOptions.Builder().filter("network eq .*/" + group.getName());
@@ -284,16 +283,16 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
}
@Override
- public SecurityGroup removeIpPermission(IpProtocol protocol, int startPort, int endPort,
- Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> ipRanges,
+ public SecurityGroup removeIpPermission(IpProtocol protocol, int fromPort, int toPort,
+ Multimap<String,String> tenantIdGroupNamePairs, Iterable<String> cidrBlocks,
Iterable<String> groupIds, SecurityGroup group) {
IpPermission.Builder permBuilder = IpPermission.builder();
permBuilder.ipProtocol(protocol);
- permBuilder.fromPort(startPort);
- permBuilder.toPort(endPort);
+ permBuilder.fromPort(fromPort);
+ permBuilder.toPort(toPort);
permBuilder.groupIds(groupIds);
- permBuilder.cidrBlocks(ipRanges);
+ permBuilder.cidrBlocks(cidrBlocks);
return removeIpPermission(permBuilder.build(), group);
@@ -331,10 +330,10 @@ public class GoogleComputeEngineSecurityGroupExtension implements SecurityGroupE
}
}).toSet();
- if (fws.size() > 0) {
- return groupConverter.apply(nw);
+ if (fws.isEmpty()) {
+ return null;
}
- return null;
+ return groupConverter.apply(nw);
}
}
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java
index 74059f9..991024c 100644
--- a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java
+++ b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/compute/strategy/CreateNodesWithGroupEncodedIntoNameThenAddToSet.java
@@ -97,7 +97,7 @@ public class CreateNodesWithGroupEncodedIntoNameThenAddToSet extends
"operation completed check interval");
this.operationCompleteCheckTimeout = checkNotNull(operationCompleteCheckTimeout,
"operation completed check timeout");
- this.operationDonePredicate = operationDonePredicate;
+ this.operationDonePredicate = checkNotNull(operationDonePredicate, "operationDonePredicate");
this.networkMap = checkNotNull(networkMap, "networkMap");
}
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeeded.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeeded.java b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeeded.java
index 09a4eee..15057db 100644
--- a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeeded.java
+++ b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeeded.java
@@ -69,33 +69,34 @@ public class CreateNetworkIfNeeded implements Function<NetworkAndAddressRange, N
"operation completed check interval");
this.operationCompleteCheckTimeout = checkNotNull(operationCompleteCheckTimeout,
"operation completed check timeout");
- this.operationDonePredicate = operationDonePredicate;
+ this.operationDonePredicate = checkNotNull(operationDonePredicate, "operationDonePredicate");
}
@Override
public Network apply(NetworkAndAddressRange input) {
checkNotNull(input, "input");
- try {
- if (input.getGateway().isPresent()) {
- AtomicReference<Operation> operation = new AtomicReference<Operation>(api.getNetworkApiForProject(userProject
- .get()).createInIPv4RangeWithGateway(input.getName(), input.getIpV4Range(), input.getGateway().get()));
- retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval,
- MILLISECONDS).apply(operation);
+ Network nw = api.getNetworkApiForProject(userProject.get()).get(input.getName());
+ if (nw != null) {
+ return nw;
+ }
- checkState(!operation.get().getHttpError().isPresent(), "Could not create network, operation failed" + operation);
- } else {
- AtomicReference<Operation> operation = new AtomicReference<Operation>(api.getNetworkApiForProject(userProject
- .get()).createInIPv4Range(input.getName(), input.getIpV4Range()));
- retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval,
- MILLISECONDS).apply(operation);
+ if (input.getGateway().isPresent()) {
+ AtomicReference<Operation> operation = new AtomicReference<Operation>(api.getNetworkApiForProject(userProject
+ .get()).createInIPv4RangeWithGateway(input.getName(), input.getIpV4Range(), input.getGateway().get()));
+ retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval,
+ MILLISECONDS).apply(operation);
- checkState(!operation.get().getHttpError().isPresent(), "Could not create network, operation failed" + operation);
- }
- return checkNotNull(api.getNetworkApiForProject(userProject.get()).get(input.getName()),
- "no network with name %s was found", input.getName());
- } catch (IllegalStateException e) {
- return api.getNetworkApiForProject(userProject.get()).get(input.getName());
+ checkState(!operation.get().getHttpError().isPresent(), "Could not create network, operation failed" + operation);
+ } else {
+ AtomicReference<Operation> operation = new AtomicReference<Operation>(api.getNetworkApiForProject(userProject
+ .get()).createInIPv4Range(input.getName(), input.getIpV4Range()));
+ retry(operationDonePredicate, operationCompleteCheckTimeout, operationCompleteCheckInterval,
+ MILLISECONDS).apply(operation);
+
+ checkState(!operation.get().getHttpError().isPresent(), "Could not create network, operation failed" + operation);
}
+ return checkNotNull(api.getNetworkApiForProject(userProject.get()).get(input.getName()),
+ "no network with name %s was found", input.getName());
}
}
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/predicates/NetworkFirewallPredicates.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/predicates/NetworkFirewallPredicates.java b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/predicates/NetworkFirewallPredicates.java
index e41536e..3d2f13b 100644
--- a/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/predicates/NetworkFirewallPredicates.java
+++ b/google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/predicates/NetworkFirewallPredicates.java
@@ -16,16 +16,12 @@
*/
package org.jclouds.googlecomputeengine.predicates;
-import static com.google.common.collect.Collections2.transform;
-
import org.jclouds.googlecomputeengine.domain.Firewall;
import org.jclouds.googlecomputeengine.domain.Firewall.Rule;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.net.domain.IpProtocol;
-import com.google.common.base.Function;
import com.google.common.base.Predicate;
-import com.google.common.base.Predicates;
import com.google.common.collect.Iterables;
import com.google.common.collect.Range;
import com.google.common.collect.Sets;
@@ -37,13 +33,13 @@ public class NetworkFirewallPredicates {
@Override
public boolean apply(Firewall fw) {
- return Predicates.in(transform(fw.getAllowed(), new Function<Rule, IpProtocol>() {
- @Override
- public IpProtocol apply(Rule input) {
- return input.getIpProtocol();
+ for (Rule rule: fw.getAllowed()) {
+ if (rule.getIpProtocol().equals(protocol)) {
+ return true;
}
- })).apply(protocol);
+ }
+ return false;
}
};
}
@@ -97,13 +93,15 @@ public class NetworkFirewallPredicates {
return new Predicate<Firewall>() {
@Override
public boolean apply(Firewall input) {
- return ((permission.getGroupIds().size() == 0 && input.getSourceTags().size() == 0)
- || Sets.intersection(permission.getGroupIds(), input.getSourceTags()).size() > 0)
- && ((permission.getCidrBlocks().size() == 0 && input.getSourceRanges().size() == 0)
- || Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).size() > 0)
- && hasProtocol(permission.getIpProtocol()).apply(input)
- && ((permission.getFromPort() == 0 && permission.getToPort() == 0)
- || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input));
+ boolean groupsMatchTags = (permission.getGroupIds().isEmpty() && input.getSourceTags().isEmpty())
+ || !Sets.intersection(permission.getGroupIds(), input.getSourceTags()).isEmpty();
+ boolean cidrsMatchRanges =(permission.getCidrBlocks().isEmpty() && input.getSourceRanges().isEmpty())
+ || !Sets.intersection(permission.getCidrBlocks(), input.getSourceRanges()).isEmpty();
+ boolean firewallHasPorts = hasProtocol(permission.getIpProtocol()).apply(input)
+ && ((permission.getFromPort() == 0 && permission.getToPort() == 0)
+ || hasPortRange(Range.closed(permission.getFromPort(), permission.getToPort())).apply(input));
+
+ return groupsMatchTags && cidrsMatchRanges && firewallHasPorts;
}
};
}
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceExpectTest.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceExpectTest.java b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceExpectTest.java
index ff8e435..d9e68b5 100644
--- a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceExpectTest.java
+++ b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceExpectTest.java
@@ -372,6 +372,7 @@ public class GoogleComputeEngineServiceExpectTest extends BaseGoogleComputeEngin
.add(LIST_ZONES_REQ)
.add(LIST_MACHINE_TYPES_REQUEST)
.add(GET_NETWORK_REQUEST)
+ .add(GET_NETWORK_REQUEST)
.add(requestForScopes(COMPUTE_SCOPE))
.add(INSERT_NETWORK_REQUEST)
.add(GET_GLOBAL_OPERATION_REQUEST)
@@ -400,6 +401,7 @@ public class GoogleComputeEngineServiceExpectTest extends BaseGoogleComputeEngin
.add(LIST_ZONES_SHORT_RESPONSE)
.add(LIST_MACHINE_TYPES_RESPONSE)
.add(HttpResponse.builder().statusCode(404).build())
+ .add(HttpResponse.builder().statusCode(404).build())
.add(TOKEN_RESPONSE)
.add(SUCESSFULL_OPERATION_RESPONSE)
.add(GET_GLOBAL_OPERATION_RESPONSE)
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/loaders/FindNetworkOrCreateTest.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/loaders/FindNetworkOrCreateTest.java b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/loaders/FindNetworkOrCreateTest.java
index 0384792..7fe7249 100644
--- a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/loaders/FindNetworkOrCreateTest.java
+++ b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/loaders/FindNetworkOrCreateTest.java
@@ -113,7 +113,7 @@ public class FindNetworkOrCreateTest {
.andReturn(createOp);
expect(globalApi.get("create-op")).andReturn(createOp);
// pre-creation
- expect(nwApi.get("this-network")).andReturn(null);
+ expect(nwApi.get("this-network")).andReturn(null).times(2);
// post-creation
expect(nwApi.get("this-network")).andReturn(network);
http://git-wip-us.apache.org/repos/asf/jclouds-labs-google/blob/5ec13c95/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeededTest.java
----------------------------------------------------------------------
diff --git a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeededTest.java b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeededTest.java
index 42eefeb..c9a2cff 100644
--- a/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeededTest.java
+++ b/google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/functions/CreateNetworkIfNeededTest.java
@@ -68,6 +68,7 @@ public class CreateNetworkIfNeededTest {
expect(nwApi.createInIPv4Range("this-network", "0.0.0.0/0"))
.andReturn(createOp);
expect(globalApi.get("create-op")).andReturn(createOp);
+ expect(nwApi.get("this-network")).andReturn(null);
expect(nwApi.get("this-network")).andReturn(network);
expect(createOp.getName()).andReturn("create-op");
@@ -112,6 +113,7 @@ public class CreateNetworkIfNeededTest {
expect(nwApi.createInIPv4RangeWithGateway("this-network", "0.0.0.0/0", "1.2.3.4"))
.andReturn(createOp);
expect(globalApi.get("create-op")).andReturn(createOp);
+ expect(nwApi.get("this-network")).andReturn(null);
expect(nwApi.get("this-network")).andReturn(network);
expect(createOp.getName()).andReturn("create-op");