mockGCP for compute firewall policy rule

gemmahou · Oct 1, 2024 · 42d947d · 42d947d
1 parent d30e516
commit 42d947d
Show file tree

Hide file tree

Showing 3 changed files with 127 additions and 2 deletions.
diff --git a/config/tests/samples/create/harness.go b/config/tests/samples/create/harness.go
@@ -667,6 +667,7 @@ func MaybeSkip(t *testing.T, name string, resources []*unstructured.Unstructured
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeBackendService"}:
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeDisk"}:
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeFirewallPolicy"}:
+			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeFirewallPolicyRule"}:
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeForwardingRule"}:
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeHealthCheck"}:
 			case schema.GroupKind{Group: "compute.cnrm.cloud.google.com", Kind: "ComputeInstance"}:

diff --git a/mockgcp/mockcompute/firewallpoliciesv1.go b/mockgcp/mockcompute/firewallpoliciesv1.go
@@ -226,6 +226,132 @@ func (s *FirewallPoliciesV1) Delete(ctx context.Context, req *pb.DeleteFirewallP
 	})
 }
 
+func (s *FirewallPoliciesV1) GetRule(ctx context.Context, req *pb.GetRuleFirewallPolicyRequest) (*pb.FirewallPolicyRule, error) {
+	reqName := "locations/global/firewallPolicies/" + req.GetFirewallPolicy()
+	name, err := s.parseFirewallPolicyName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.FirewallPolicy{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	var rule *pb.FirewallPolicyRule
+	rules := obj.GetRules()
+	if len(rules) == 0 {
+		return nil, err
+	}
+
+	for _, r := range rules {
+		if r.Priority == req.Priority {
+			rule = r
+		}
+	}
+	if rule == nil {
+		return nil, status.Errorf(codes.NotFound, "Invalid value for field 'priority': '%q'. The firewall policy does not contain a rule at priority %q.", strconv.Itoa(int(*req.Priority)), strconv.Itoa(int(*req.Priority)))
+	}
+
+	return rule, nil
+}
+
+func (s *FirewallPoliciesV1) AddRule(ctx context.Context, req *pb.AddRuleFirewallPolicyRequest) (*pb.Operation, error) {
+	reqName := "locations/global/firewallPolicies/" + req.GetFirewallPolicy()
+	name, err := s.parseFirewallPolicyName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.FirewallPolicy{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	obj.Rules = []*pb.FirewallPolicyRule{req.GetFirewallPolicyRuleResource()}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("addFirewallRuleToFirewallPolicy"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startGlobalOrganizationLRO(ctx, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
+func (s *FirewallPoliciesV1) PatchRule(ctx context.Context, req *pb.PatchRuleFirewallPolicyRequest) (*pb.Operation, error) {
+	reqName := "locations/global/firewallPolicies/" + req.GetFirewallPolicy()
+
+	name, err := s.parseFirewallPolicyName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+	obj := &pb.FirewallPolicy{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	obj.Rules = []*pb.FirewallPolicyRule{req.GetFirewallPolicyRuleResource()}
+
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("patchFirewallRuleInFirewallPolicy"),
+		User:          PtrTo("[email protected]"),
+		// patch operation finished super fast
+		Progress: PtrTo(int32(100)),
+		Status:   PtrTo(pb.Operation_DONE),
+	}
+	return s.startGlobalOrganizationLRO(ctx, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+func (s *FirewallPoliciesV1) RemoveRule(ctx context.Context, req *pb.RemoveRuleFirewallPolicyRequest) (*pb.Operation, error) {
+	reqName := "locations/global/firewallPolicies/" + req.GetFirewallPolicy()
+	name, err := s.parseFirewallPolicyName(reqName)
+	if err != nil {
+		return nil, err
+	}
+
+	fqn := name.String()
+
+	obj := &pb.FirewallPolicy{}
+	if err := s.storage.Get(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	obj.Rules = nil
+	if err := s.storage.Update(ctx, fqn, obj); err != nil {
+		return nil, err
+	}
+
+	op := &pb.Operation{
+		TargetId:      obj.Id,
+		TargetLink:    obj.SelfLink,
+		OperationType: PtrTo("removeFirewallRuleFromFirewallPolicy"),
+		User:          PtrTo("[email protected]"),
+	}
+	return s.startGlobalOrganizationLRO(ctx, op, func() (proto.Message, error) {
+		return obj, nil
+	})
+}
+
 type firewallPolicyName struct {
 	Name string
 }

diff --git a/...v1beta1/computefirewallpolicyrule/_generated_object_computefirewallpolicyrule.golden.yaml b/...v1beta1/computefirewallpolicyrule/_generated_object_computefirewallpolicyrule.golden.yaml
@@ -30,6 +30,4 @@ status:
     reason: UpToDate
     status: "True"
     type: Ready
-  kind: compute#firewallPolicyRule
   observedGeneration: 2
-  ruleTupleCount: 2