• Home
• com.github.felfert
• jclouds-shaded
• 2.4.0
• source code
• CreateSecurityGroupIfNeeded.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.jclouds.azurecompute.arm.compute.loaders.CreateSecurityGroupIfNeeded Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.jclouds.azurecompute.arm.compute.loaders;

import static shaded.com.google.common.base.Preconditions.checkState;
import static org.jclouds.compute.util.ComputeServiceUtils.getPortRangesFromList;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;

import org.jclouds.azurecompute.arm.AzureComputeApi;
import org.jclouds.azurecompute.arm.compute.config.AzurePredicatesModule.SecurityGroupAvailablePredicateFactory;
import org.jclouds.azurecompute.arm.compute.domain.ResourceGroupAndNameAndIngressRules;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroup;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroupProperties;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRule;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Access;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Direction;
import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Protocol;
import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.logging.Logger;

import shaded.com.google.common.cache.CacheLoader;

@Singleton
public class CreateSecurityGroupIfNeeded extends CacheLoader {
   @Resource
   @Named(ComputeServiceConstants.COMPUTE_LOGGER)
   protected Logger logger = Logger.NULL;

   private final AzureComputeApi api;
   private final SecurityGroupAvailablePredicateFactory securityGroupAvailable;

   @Inject
   CreateSecurityGroupIfNeeded(AzureComputeApi api, SecurityGroupAvailablePredicateFactory securityRuleAvailable) {
      this.api = api;
      this.securityGroupAvailable = securityRuleAvailable;
   }

   @Override
   public String load(ResourceGroupAndNameAndIngressRules key) throws Exception {
      return createSecurityGroup(key.location(), key.resourceGroup(), key.name(), key.inboundPorts());
   }

   private String createSecurityGroup(String location, String resourceGroup, String name, int[] inboundPorts) {
      logger.debug(">> creating security group %s in %s...", name, location);

      Map portRanges = getPortRangesFromList(inboundPorts);

      List rules = new ArrayList();

      int startPriority = 100;
      for (Map.Entry portRange : portRanges.entrySet()) {
         String range = portRange.getKey() + "-" + portRange.getValue();
         String ruleName = "tcp-" + range;

         NetworkSecurityRuleProperties properties = NetworkSecurityRuleProperties.builder().protocol(Protocol.Tcp) //
               .sourceAddressPrefix("*") //
               .sourcePortRange("*") //
               .destinationAddressPrefix("*") //
               .destinationPortRange(range) //
               .direction(Direction.Inbound) //
               .access(Access.Allow) //
               .priority(startPriority++) //
               .build();

         rules.add(NetworkSecurityRule.create(ruleName, null, null, properties));
      }

      NetworkSecurityGroup securityGroup = api.getNetworkSecurityGroupApi(resourceGroup).createOrUpdate(name, location,
            null, NetworkSecurityGroupProperties.builder().securityRules(rules).build());
      
      checkState(securityGroupAvailable.create(resourceGroup).apply(name),
            "Security group was not created in the configured timeout");

      return securityGroup.id();
   }

}