Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / dbdf6be8790305bbf1bb4e97369e097a4aa314cb^! / . / exercises / sec_groups.sh
commitdbdf6be8790305bbf1bb4e97369e097a4aa314cb[log] [tgz]
authorBen Andrews <andrewsben@gmail.com>Wed Apr 04 14:43:32 2012 -0400
committerBen Andrews <andrewsben@gmail.com>Wed Apr 04 14:43:49 2012 -0400
treea0a3e63a183122ae50f8cce99d87a3093f46dd3e
parentb24fca07fa9d8324b11ec812119441258e3b4b61 [diff] [blame]
added sec_groups exercise

Change-Id: Ib969efab4ef4c408fa59a44eff25d2c4ac56d024

diff --git a/exercises/sec_groups.sh b/exercises/sec_groups.sh
new file mode 100755
index 0000000..49cb58f
--- /dev/null
+++ b/exercises/sec_groups.sh

@@ -0,0 +1,74 @@
+#!/usr/bin/env bash
+
+# **sec_groups.sh**
+
+# Test security groups via the command line tools that ship with it.
+
+echo "*********************************************************************"
+echo "Begin DevStack Exercise: $0"
+echo "*********************************************************************"
+
+# This script exits on an error so that errors don't compound and you see
+# only the first error that occured.
+set -o errexit
+
+# Print the commands being run so that we can see the command that triggers
+# an error.  It is also useful for following allowing as the install occurs.
+set -o xtrace
+
+
+# Settings
+# ========
+
+# Keep track of the current directory
+EXERCISE_DIR=$(cd $(dirname "$0") && pwd)
+TOP_DIR=$(cd $EXERCISE_DIR/..; pwd)
+
+# Import common functions
+source $TOP_DIR/functions
+
+# Import configuration
+source $TOP_DIR/openrc
+
+# Import exercise configuration
+source $TOP_DIR/exerciserc
+
+
+# Testing Security Groups
+# =============
+
+# List security groups
+nova secgroup-list
+
+# Create random name for new sec group and create secgroup of said name
+SEC_GROUP_NAME="sec-group-$(openssl rand -hex 4)"
+nova secgroup-create $SEC_GROUP_NAME 'a test security group'
+
+# Add some rules to the secgroup
+RULES_TO_ADD=( 22 3389 5900 )
+
+for RULE in "${RULES_TO_ADD[@]}"; do
+    nova secgroup-add-rule $SEC_GROUP_NAME tcp $RULE $RULE 0.0.0.0/00
+done
+
+# Check to make sure rules were added
+SEC_GROUP_RULES=( $(nova secgroup-list-rules $SEC_GROUP_NAME | grep -v \- | grep -v 'Source Group' | cut -d '|' -f3 | tr -d ' ') )
+for i in "${RULES_TO_ADD[@]}"; do
+    skip=
+    for j in "${SEC_GROUP_RULES[@]}"; do
+        [[ $i == $j ]] && { skip=1; break; }
+    done
+    [[ -n $skip ]] || exit 1
+done
+
+# Delete rules and secgroup
+for RULE in "${RULES_TO_ADD[@]}"; do
+    nova secgroup-delete-rule $SEC_GROUP_NAME tcp $RULE $RULE 0.0.0.0/00
+done
+nova secgroup-delete $SEC_GROUP_NAME
+
+
+set +o xtrace
+echo "*********************************************************************"
+echo "SUCCESS: End DevStack Exercise: $0"
+echo "*********************************************************************"