Add NSX-T Firewall Group Support (Security Groups and IP Sets)

CHANGELOG.md

@@ -2,7 +2,27 @@
 
 * Added method `vdc.QueryEdgeGateway` [#364](https://github.com/vmware/go-vcloud-director/pull/364)
 * Deprecated `vdc.GetEdgeGatewayRecordsType` [#364](https://github.com/vmware/go-vcloud-director/pull/364)
+* Added NSX-T Firewall Group (Security Groups and IP Set) support by using structures
+  `NsxtFirewallGroup` and `NsxtFirewallGroupMemberVms`. The following methods are introduced for
+  managing Security Groups and IpP Sets: `Vdc.CreateNsxtFirewallGroup`,
+  `NsxtEdgeGateway.CreateNsxtFirewallGroup`, `Org.GetAllNsxtFirewallGroups`,
+  `Vdc.GetAllNsxtFirewallGroups`, `Org.GetNsxtFirewallGroupByName`,
+  `Vdc.GetNsxtFirewallGroupByName`, `NsxtEdgeGateway.GetNsxtFirewallGroupByName`,
+  `Org.GetNsxtFirewallGroupById`, `Vdc.GetNsxtFirewallGroupById`,
+  `NsxtEdgeGateway.GetNsxtFirewallGroupById`, `NsxtFirewallGroup.Update`,
+  `NsxtFirewallGroup.Delete`, `NsxtFirewallGroup.GetAssociatedVms`,
+  `NsxtFirewallGroup.IsSecurityGroup`, `NsxtFirewallGroup.IsIpSet`
+  [#368](https://github.com/vmware/go-vcloud-director/pull/368)
+* Added method Org.GetAllVDCs to get a list of all VDCs in Org
+  [#368](https://github.com/vmware/go-vcloud-director/pull/368)
+* Added methods Org.QueryVmList and Org.QueryVmById to find VM by ID in an Org
+  [#368](https://github.com/vmware/go-vcloud-director/pull/368)
 
+IMPROVEMENTS:
+* Improved test entity cleanup to find standalone VMs in any VDC (not only default NSX-V one)
+  [#368](https://github.com/vmware/go-vcloud-director/pull/368)
+* Improved test entity cleanup to allow specifying parent VDC for vApp removals
+  [#368](https://github.com/vmware/go-vcloud-director/pull/368)
 ## 2.11.0 (March 10, 2021)
 
 * Added structure and methods to handle Org VDC networks using OpenAPI - `OpenApiOrgVdcNetwork`. It supports VCD 9.7+

govcd/adminorg_test.go

@@ -227,7 +227,7 @@ func (vcd *TestVCD) TestOrg_AdminOrg_QueryCatalogList(check *C) {
 }
 
 // Test_GetAllVDCs checks that adminOrg.GetAllVDCs returns at least one VDC
-func (vcd *TestVCD) Test_GetAllVDCs(check *C) {
+func (vcd *TestVCD) Test_AdminOrgGetAllVDCs(check *C) {
 	if vcd.skipAdminTests {
 		check.Skip(fmt.Sprintf(TestRequiresSysAdminPrivileges, check.TestName()))
 	}
@@ -239,6 +239,26 @@ func (vcd *TestVCD) Test_GetAllVDCs(check *C) {
 	vdcs, err := adminOrg.GetAllVDCs(true)
 	check.Assert(err, IsNil)
 	check.Assert(len(vdcs) > 0, Equals, true)
+
+	// If NSX-T VDC is configured we expect to see at least 2 VDCs (NSX-V and NSX-T)
+	if vcd.config.VCD.Nsxt.Vdc != "" {
+		check.Assert(len(vdcs) >= 2, Equals, true)
+	}
+}
+
+func (vcd *TestVCD) Test_OrgGetAllVDCs(check *C) {
+	org, err := vcd.client.GetOrgByName(vcd.config.VCD.Org)
+	check.Assert(err, IsNil)
+	check.Assert(org, NotNil)
+
+	vdcs, err := org.GetAllVDCs(true)
+	check.Assert(err, IsNil)
+	check.Assert(len(vdcs) > 0, Equals, true)
+
+	// If NSX-T VDC is configured we expect to see at least 2 VDCs (NSX-V and NSX-T)
+	if vcd.config.VCD.Nsxt.Vdc != "" {
+		check.Assert(len(vdcs) >= 2, Equals, true)
+	}
 }
 
 // Test_GetAllStorageProfileReferences checks that adminOrg.GetAllStorageProfileReferences returns at least one storage

govcd/api_vcd_test.go

@@ -763,11 +763,24 @@ func (vcd *TestVCD) removeLeftoverEntities(entity CleanupEntity) {
 		vcd.infoCleanup(removedMsg, entity.EntityType, entity.Name, entity.CreatedBy)
 
 	case "vapp":
-		vapp, err := vcd.vdc.GetVAppByName(entity.Name, true)
+		vdc := vcd.vdc
+		var err error
+
+		// Check if parent VDC was specified. If not - use the default NSX-V VDC
+		if entity.Parent != "" {
+			vdc, err = vcd.org.GetVDCByName(entity.Parent, true)
+			if err != nil {
+				vcd.infoCleanup(notDeletedMsg, entity.EntityType, entity.Name, err)
+				return
+			}
+		}
+
+		vapp, err := vdc.GetVAppByName(entity.Name, true)
 		if err != nil {
 			vcd.infoCleanup(notFoundMsg, entity.EntityType, entity.Name)
 			return
 		}
+
 		task, _ := vapp.Undeploy()
 		_ = task.WaitTaskCompletion()
 		// Detach all Org networks during vApp removal because network removal errors if it happens
@@ -1034,7 +1047,7 @@ func (vcd *TestVCD) removeLeftoverEntities(entity CleanupEntity) {
 		}
 		return
 	case "standaloneVm":
-		vm, err := vcd.vdc.QueryVmById(entity.Name) // The VM ID must be passed as Name
+		vm, err := vcd.org.QueryVmById(entity.Name) // The VM ID must be passed as Name
 		if IsNotFound(err) {
 			vcd.infoCleanup(notFoundMsg, entity.EntityType, entity.Name)
 			return

govcd/nsxt_edgegateway.go

@@ -167,10 +167,10 @@ func (egw *NsxtEdgeGateway) Update(edgeGatewayConfig *types.OpenAPIEdgeGateway)
 	return returnEgw, nil
 }
 
-// Update allows to delete NSX-T edge gateway for Org admins
+// Delete allows to delete NSX-T edge gateway for sysadmins
 func (egw *NsxtEdgeGateway) Delete() error {
 	if !egw.client.IsSysAdmin {
-		return fmt.Errorf("only Provider can update Edge Gateway")
+		return fmt.Errorf("only Provider can delete Edge Gateway")
 	}
 
 	endpoint := types.OpenApiPathVersion1_0_0 + types.OpenApiEndpointEdgeGateways