[2/2] incubator-brooklyn git commit: This closes #1101

2015-12-15 Thread sjcorbett 
This closes #1101


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/e6235d9b
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/e6235d9b
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/e6235d9b

Branch: refs/heads/master
Commit: e6235d9bcfce0829e3160302a568422c1429c5ae
Parents: b97370b a4de743
Author: Sam Corbett 
Authored: Tue Dec 15 15:14:51 2015 +
Committer: Sam Corbett 
Committed: Tue Dec 15 15:14:51 2015 +

--
 .../JcloudsLocationSecurityGroupCustomizer.java | 103 ---
 ...oudsLocationSecurityGroupCustomizerTest.java |  55 ++
 2 files changed, 141 insertions(+), 17 deletions(-)
--

[1/2] incubator-brooklyn git commit: Ported some Clocker changes back to brooklyn. It is now possible to remove security groups permissions Also added some error handling to JcloudsLocationSecurityGro

2015-12-15 Thread sjcorbett 
Repository: incubator-brooklyn
Updated Branches:
  refs/heads/master b97370b14 -> e6235d9bc


Ported some Clocker changes back to brooklyn.
It is now possible to remove security groups permissions
Also added some error handling to JcloudsLocationSecurityGroupCustomizer


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/a4de7439
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/a4de7439
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/a4de7439

Branch: refs/heads/master
Commit: a4de7439b51ff5b98340c4ecf39c78934b930b77
Parents: b39ef3a
Author: Graeme-Miller 
Authored: Thu Dec 10 15:37:01 2015 +
Committer: Graeme-Miller 
Committed: Tue Dec 15 11:32:03 2015 +

--
 .../JcloudsLocationSecurityGroupCustomizer.java | 103 ---
 ...oudsLocationSecurityGroupCustomizerTest.java |  55 ++
 2 files changed, 141 insertions(+), 17 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a4de7439/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
--
diff --git 
a/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
 
b/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
index 8ab6c16..3d6bc22 100644
--- 
a/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
+++ 
b/locations/jclouds/src/main/java/org/apache/brooklyn/location/jclouds/networking/JcloudsLocationSecurityGroupCustomizer.java
@@ -72,6 +72,7 @@ import com.google.common.collect.FluentIterable;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Iterables;
+import com.google.common.util.concurrent.UncheckedExecutionException;
 
 /**
  * Configures custom security groups on Jclouds locations.
@@ -179,6 +180,33 @@ public class JcloudsLocationSecurityGroupCustomizer 
extends BasicJcloudsLocation
 return this;
 }
 
+private SecurityGroup getSecurityGroup(final String nodeId, final 
SecurityGroupExtension securityApi, final String locationId) {
+// Expect to have two security groups on the node: one shared between 
all nodes in the location,
+// that is cached in sharedGroupCache, and one created by Jclouds that 
is unique to the node.
+// Relies on customize having been called before. This should be safe 
because the arguments
+// needed to call this method are not available until post-instance 
creation.
+SecurityGroup machineUniqueSecurityGroup;
+Tasks.setBlockingDetails("Loading unique security group for node: " + 
nodeId);
+try {
+machineUniqueSecurityGroup = uniqueGroupCache.get(nodeId, new 
Callable() {
+@Override public SecurityGroup call() throws Exception {
+SecurityGroup sg = 
getUniqueSecurityGroupForNodeCachingSharedGroupIfPreviouslyUnknown(nodeId, 
locationId, securityApi);
+if (sg == null) {
+throw new IllegalStateException("Failed to find 
machine-unique group on node: " + nodeId);
+}
+return sg;
+}
+});
+} catch (UncheckedExecutionException e) {
+throw Throwables.propagate(new Exception(e.getCause()));
+} catch (ExecutionException e) {
+throw Throwables.propagate(new Exception(e.getCause()));
+} finally {
+Tasks.resetBlockingDetails();
+}
+return machineUniqueSecurityGroup;
+}
+
 /**
  * Applies the given security group permissions to the given location.
  * 
@@ -201,6 +229,47 @@ public class JcloudsLocationSecurityGroupCustomizer 
extends BasicJcloudsLocation
 return this;
 }
 }
+/**
+ * Removes the given security group permissions from the given node with 
the given compute service.
+ * 
+ * Takes no action if the compute service does not have a security group 
extension.
+ * @param permissions The set of permissions to be removed from the 
location
+ * @param location Location to remove permissions from
+ */
+public void removePermissionsFromLocation(final JcloudsMachineLocation 
location, final Iterable permissions) {
+synchronized (JcloudsLocationSecurityGroupCustomizer.class) {
+ComputeService computeService =