azurecompute-arm/src/main/java/org/jclouds/azurecompute/arm/compute/loaders/CreateSecurityGroupIfNeeded.java - jclouds-labs - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.jclouds.azurecompute.arm.compute.loaders;

 import static com.google.common.base.Preconditions.checkState;
 import static org.jclouds.compute.util.ComputeServiceUtils.getPortRangesFromList;

 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

 import javax.annotation.Resource;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;

 import org.jclouds.azurecompute.arm.AzureComputeApi;
 import org.jclouds.azurecompute.arm.compute.config.AzurePredicatesModule.SecurityGroupAvailablePredicateFactory;
 import org.jclouds.azurecompute.arm.compute.domain.ResourceGroupAndNameAndIngressRules;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroup;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroupProperties;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityRule;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Access;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Direction;
 import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Protocol;
 import org.jclouds.compute.reference.ComputeServiceConstants;
 import org.jclouds.logging.Logger;

 import com.google.common.cache.CacheLoader;

 @Singleton
 public class CreateSecurityGroupIfNeeded extends CacheLoader<ResourceGroupAndNameAndIngressRules, String> {
    @Resource
    @Named(ComputeServiceConstants.COMPUTE_LOGGER)
    protected Logger logger = Logger.NULL;

    private final AzureComputeApi api;
    private final SecurityGroupAvailablePredicateFactory securityGroupAvailable;

    @Inject
    CreateSecurityGroupIfNeeded(AzureComputeApi api, SecurityGroupAvailablePredicateFactory securityRuleAvailable) {
       this.api = api;
       this.securityGroupAvailable = securityRuleAvailable;
    }

    @Override
    public String load(ResourceGroupAndNameAndIngressRules key) throws Exception {
       return createSecurityGroup(key.location(), key.resourceGroup(), key.name(), key.inboundPorts());
    }

    private String createSecurityGroup(String location, String resourceGroup, String name, int[] inboundPorts) {
       logger.debug(">> creating security group %s in %s...", name, location);

       Map<Integer, Integer> portRanges = getPortRangesFromList(inboundPorts);

       List<NetworkSecurityRule> rules = new ArrayList<NetworkSecurityRule>();

       int startPriority = 100;
       for (Map.Entry<Integer, Integer> portRange : portRanges.entrySet()) {
          String range = portRange.getKey() + "-" + portRange.getValue();
          String ruleName = "tcp-" + range;

          NetworkSecurityRuleProperties properties = NetworkSecurityRuleProperties.builder().protocol(Protocol.Tcp) //
                .sourceAddressPrefix("*") //
                .sourcePortRange("*") //
                .destinationAddressPrefix("*") //
                .destinationPortRange(range) //
                .direction(Direction.Inbound) //
                .access(Access.Allow) //
                .priority(startPriority++) //
                .build();

          rules.add(NetworkSecurityRule.create(ruleName, null, null, properties));
       }

       NetworkSecurityGroup securityGroup = api.getNetworkSecurityGroupApi(resourceGroup).createOrUpdate(name, location,
             null, NetworkSecurityGroupProperties.builder().securityRules(rules).build());

       checkState(securityGroupAvailable.create(resourceGroup).apply(name),
             "Security group was not created in the configured timeout");

       return securityGroup.id();
    }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.jclouds.azurecompute.arm.compute.loaders;

	import static com.google.common.base.Preconditions.checkState;
	import static org.jclouds.compute.util.ComputeServiceUtils.getPortRangesFromList;

	import java.util.ArrayList;
	import java.util.List;
	import java.util.Map;

	import javax.annotation.Resource;
	import javax.inject.Inject;
	import javax.inject.Named;
	import javax.inject.Singleton;

	import org.jclouds.azurecompute.arm.AzureComputeApi;
	import org.jclouds.azurecompute.arm.compute.config.AzurePredicatesModule.SecurityGroupAvailablePredicateFactory;
	import org.jclouds.azurecompute.arm.compute.domain.ResourceGroupAndNameAndIngressRules;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroup;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityGroupProperties;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityRule;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Access;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Direction;
	import org.jclouds.azurecompute.arm.domain.NetworkSecurityRuleProperties.Protocol;
	import org.jclouds.compute.reference.ComputeServiceConstants;
	import org.jclouds.logging.Logger;

	import com.google.common.cache.CacheLoader;

	@Singleton
	public class CreateSecurityGroupIfNeeded extends CacheLoader<ResourceGroupAndNameAndIngressRules, String> {
	@Resource
	@Named(ComputeServiceConstants.COMPUTE_LOGGER)
	protected Logger logger = Logger.NULL;

	private final AzureComputeApi api;
	private final SecurityGroupAvailablePredicateFactory securityGroupAvailable;

	@Inject
	CreateSecurityGroupIfNeeded(AzureComputeApi api, SecurityGroupAvailablePredicateFactory securityRuleAvailable) {
	this.api = api;
	this.securityGroupAvailable = securityRuleAvailable;
	}

	@Override
	public String load(ResourceGroupAndNameAndIngressRules key) throws Exception {
	return createSecurityGroup(key.location(), key.resourceGroup(), key.name(), key.inboundPorts());
	}

	private String createSecurityGroup(String location, String resourceGroup, String name, int[] inboundPorts) {
	logger.debug(">> creating security group %s in %s...", name, location);

	Map<Integer, Integer> portRanges = getPortRangesFromList(inboundPorts);

	List<NetworkSecurityRule> rules = new ArrayList<NetworkSecurityRule>();

	int startPriority = 100;
	for (Map.Entry<Integer, Integer> portRange : portRanges.entrySet()) {
	String range = portRange.getKey() + "-" + portRange.getValue();
	String ruleName = "tcp-" + range;

	NetworkSecurityRuleProperties properties = NetworkSecurityRuleProperties.builder().protocol(Protocol.Tcp) //
	.sourceAddressPrefix("*") //
	.sourcePortRange("*") //
	.destinationAddressPrefix("*") //
	.destinationPortRange(range) //
	.direction(Direction.Inbound) //
	.access(Access.Allow) //
	.priority(startPriority++) //
	.build();

	rules.add(NetworkSecurityRule.create(ruleName, null, null, properties));
	}

	NetworkSecurityGroup securityGroup = api.getNetworkSecurityGroupApi(resourceGroup).createOrUpdate(name, location,
	null, NetworkSecurityGroupProperties.builder().securityRules(rules).build());

	checkState(securityGroupAvailable.create(resourceGroup).apply(name),
	"Security group was not created in the configured timeout");

	return securityGroup.id();
	}

	}