com.bertramlabs.plugins.karman.alibaba.AlibabaSecurityGroup.groovy Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of karman-alibaba Show documentation
Show all versions of karman-alibaba Show documentation
Karman Storage Provider interface for Alibaba web services (primarily OSS)
package com.bertramlabs.plugins.karman.alibaba
import com.aliyuncs.IAcsClient
import com.aliyuncs.ecs.model.v20140526.CreateSecurityGroupRequest
import com.aliyuncs.ecs.model.v20140526.CreateSecurityGroupResponse
import com.aliyuncs.ecs.model.v20140526.DeleteSecurityGroupRequest
import com.aliyuncs.ecs.model.v20140526.DeleteSecurityGroupResponse
import com.aliyuncs.ecs.model.v20140526.DescribeSecurityGroupAttributeRequest
import com.aliyuncs.ecs.model.v20140526.DescribeSecurityGroupAttributeResponse
import com.aliyuncs.ecs.model.v20140526.DescribeSecurityGroupsResponse
import com.aliyuncs.ecs.model.v20140526.ModifySecurityGroupAttributeRequest
import com.aliyuncs.ecs.model.v20140526.ModifySecurityGroupAttributeResponse
import com.bertramlabs.plugins.karman.network.NetworkProvider
import com.bertramlabs.plugins.karman.network.SecurityGroup
import com.bertramlabs.plugins.karman.network.SecurityGroupRuleInterface
import groovy.util.logging.Commons
@Commons
class AlibabaSecurityGroup extends SecurityGroup{
String id
String name
String description
String vpcId
Boolean loaded = false
private Boolean metadataLoaded = false
AlibabaNetworkProvider provider
private List rulesList = new ArrayList()
private List rulesToRemove = new ArrayList()
@Override
NetworkProvider getProvider() {
return this.provider
}
@Override
String getId() {
return id
}
@Override
String getName() {
return name
}
@Override
void setName(String name) {
this.name = name
}
@Override
String getDescription() {
return description
}
String getVpcId() {
return vpcId
}
@Override
void setDescription(String description) {
this.description = description
}
@Override
Collection getRules() {
if(!metadataLoaded && id) {
loadAttributes()
}
return rulesList
}
private loadAttributes() {
DescribeSecurityGroupAttributeRequest request = new DescribeSecurityGroupAttributeRequest()
request.setSecurityGroupId(id)
DescribeSecurityGroupAttributeResponse response = getClient().getAcsResponse(request)
vpcId = response.vpcId
description = response.description
name = response.getSecurityGroupName()
rulesList.clear()
response.permissions?.each { DescribeSecurityGroupAttributeResponse.Permission permission ->
def portArgs = permission.getPortRange()?.tokenize('/')
Integer minPort = -1
Integer maxPort = -1
if(portArgs.size() > 1) {
minPort = portArgs[0].toInteger()
maxPort = portArgs[1].toInteger()
}
def options = [etherType: permission.nicType, ipProtocol: permission.getIpProtocol(), description: permission.description, minPort: minPort, maxPort: maxPort, policy: permission.policy, existing: true]
if(permission.destCidrIp || permission.destGroupId) {
options.cidr = permission.destCidrIp
options.targetGroupId = permission.destGroupId
options.targetGroupName = permission.destGroupName
options.targetGroupOwnerId = permission.destGroupOwnerAccount
options.direction = 'egress'
} else {
options.cidr = permission.sourceCidrIp
options.targetGroupId = permission.sourceGroupId
options.targetGroupName = permission.sourceGroupName
options.targetGroupOwnerId = permission.sourceGroupOwnerAccount
options.direction = 'ingress'
}
AlibabaSecurityGroupRule rule = new AlibabaSecurityGroupRule(provider,this,options)
this.rulesList.add(rule)
}
metadataLoaded = true
}
@Override
SecurityGroupRuleInterface createRule() {
return new AlibabaSecurityGroupRule(provider,this,[direction:'ingress'])
}
@Override
void removeRule(SecurityGroupRuleInterface rule) {
rulesToRemove.add(rule)
rulesToRemove.unique()
rulesList.remove(rule)
}
@Override
void clearRules() {
rulesToRemove += rules
rulesToRemove.unique()
rulesList.clear()
}
@Override
void save() {
if(!id) {
CreateSecurityGroupRequest securityGroup = new CreateSecurityGroupRequest()
securityGroup.securityGroupName = getName()
securityGroup.setDescription(getDescription())
securityGroup.setVpcId(getVpcId())
com.aliyun.ecs.model.v201
CreateSecurityGroupResponse response = client.getAcsResponse(securityGroup)
if(response.securityGroupId) {
id = response.securityGroupId
loaded = true
}
} else {
ModifySecurityGroupAttributeRequest securityGroupRequest = new ModifySecurityGroupAttributeRequest()
securityGroupRequest.setDescription(description)
securityGroupRequest.setSecurityGroupName(name)
ModifySecurityGroupAttributeResponse response = client.getAcsResponse(securityGroupRequest)
loaded = true
}
rulesToRemove?.each { SecurityGroupRuleInterface rule ->
rule.delete()
}
rulesToRemove.clear()
rulesList?.each { SecurityGroupRuleInterface rule ->
rule.save()
}
}
@Override
void delete() {
if(id && loaded) {
DeleteSecurityGroupRequest request = new DeleteSecurityGroupRequest()
request.setSecurityGroupId(id)
DeleteSecurityGroupResponse response = client.getAcsResponse(request)
id = null
loaded = false
}
}
private IAcsClient getClient() {
return provider.getClient()
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy