**V3** client can assign **router groups** to domains

Router groups are mutually exclusive to internal and org scoped domains.

[finishes #169276053]

Author: sweinstein22

app/actions/domain_create.rb

@@ -20,6 +20,8 @@ def create(message:, shared_organizations: [])
                  )
                end
 
+      domain.router_group_guid = message.router_group_guid
+
       Domain.db.transaction do
         domain.save
 

app/controllers/v3/domains_controller.rb

@@ -42,6 +42,9 @@ def create
       unauthorized! unless permission_queryer.can_write_globally?
     end
 
+    if message.router_group_guid.present? && router_group_not_found?(message.router_group_guid)
+      unprocessable!("Router group with guid '#{message.router_group_guid}' not found.")
+    end
     domain = DomainCreate.new.create(message: message, shared_organizations: shared_org_objects)
 
     render status: :created, json: Presenters::V3::DomainPresenter.new(domain, visible_org_guids: permission_queryer.readable_org_guids)
@@ -207,4 +210,8 @@ def domain_not_found!
   def find_missing_guid(db_organizations, message_shared_org_guids)
     (message_shared_org_guids - db_organizations.map(&:guid)).first
   end
+
+  def router_group_not_found?(router_group_guid)
+    !CloudController::DependencyLocator.instance.routing_api_client.router_group(router_group_guid)
+  end
 end

app/messages/domain_create_message.rb

@@ -14,7 +14,8 @@ class DomainCreateMessage < MetadataBaseMessage
     register_allowed_keys [
       :name,
       :internal,
-      :relationships
+      :relationships,
+      :router_group
     ]
 
     def self.relationships_requested?
@@ -50,7 +51,9 @@ def self.relationships_requested?
 
     validate :alpha_numeric
 
-    validate :mutually_exclusive_organization_and_internal
+    validate :router_group_validation
+
+    validate :mutually_exclusive_fields
 
     validates :internal,
       allow_nil: true,
@@ -64,6 +67,10 @@ def relationships_message
       @relationships_message ||= Relationships.new(relationships&.deep_symbolize_keys)
     end
 
+    def router_group_guid
+      HashUtils.dig(router_group, :guid)
+    end
+
     private
 
     def alpha_numeric
@@ -72,10 +79,28 @@ def alpha_numeric
       end
     end
 
-    def mutually_exclusive_organization_and_internal
+    def mutually_exclusive_fields
       if requested?(:internal) && internal == true && requested?(:relationships)
         errors.add(:base, 'Cannot associate an internal domain with an organization')
       end
+      if requested?(:internal) && internal == true && requested?(:router_group)
+        errors.add(:base, 'Internal domains cannot be associated to a router group.')
+      end
+      if requested?(:relationships) && requested?(:router_group)
+        errors.add(:base, 'Domains scoped to an organization cannot be associated to a router group.')
+      end
+    end
+
+    def router_group_validation
+      return if router_group.nil?
+      return errors.add(:router_group, 'must be an object') unless router_group.is_a?(Hash)
+
+      extra_keys = router_group.keys - [:guid]
+      if extra_keys.any?
+        errors.add(:router_group, "Unknown field(s): '#{extra_keys.join("', '")}'")
+      end
+
+      errors.add(:router_group, 'guid must be a string') unless router_group_guid.is_a?(String)
     end
 
     class Relationships < BaseMessage

app/presenters/v3/domain_presenter.rb

@@ -23,6 +23,7 @@ def to_hash
         updated_at: domain.updated_at,
         name: domain.name,
         internal: domain.internal,
+        router_group: hashified_router_group(domain.router_group_guid),
         metadata: {
           labels: hashified_labels(domain.labels),
           annotations: hashified_annotations(domain.annotations),
@@ -57,6 +58,10 @@ def domain
       @resource
     end
 
+    def hashified_router_group(router_group_guid)
+      router_group_guid ? { guid: router_group_guid } : nil
+    end
+
     def build_links
       url_builder = VCAP::CloudController::Presenters::ApiUrlBuilder.new
       links = {

docs/v3/source/includes/api_resources/_domains.erb

@@ -5,6 +5,7 @@
   "updated_at": "2019-03-08T01:06:19Z",
   "name": "test-domain.com",
   "internal": false,
+  "router_group": null,
   "metadata": {
     "labels": <%= metadata.fetch(:labels, {}).to_json(space: ' ', object_nl: ' ')%>,
     "annotations": <%= metadata.fetch(:annotations, {}).to_json(space: ' ', object_nl: ' ')%>
@@ -60,6 +61,7 @@
       "updated_at": "2019-03-08T01:06:19Z",
       "name": "test-domain.com",
       "internal": false,
+      "router_group": { "guid": "5806148f-cce6-4d86-7fbd-aa269e3f6f3f" },
       "metadata": {
         "labels": {},
         "annotations": {}
@@ -80,7 +82,7 @@
           "href": "https://api.example.org/v3/domains/3a5d3d89-3f89-4f05-8188-8a2b298c79d5/route_reservations"
         }
       }
-    }
+    },
   ]
 }
 <% end %>

docs/v3/source/includes/resources/domains/_create.md.erb

@@ -37,13 +37,14 @@ Name     | Type     | Description
 
 #### Optional parameters
 
-| Name                                      | Type                                             | Description                                                                                                                      | Default |
-| -----------                               | --------                                         | ------------------------------------------------------------------------                                                         | ------- |
-| **internal**                              | _boolean_                                        | Whether the domain is used for internal (container-to-container) traffic.                                                        | false   |
-| **organization**                          | [_to-one relationship_](#to-one-relationships)   | A relationship to the organization the domain will be scoped to. <br>_Note: can not be used when `internal` is set to `true`_    |         |
-| **shared_organizations**                  | [_to-many relationship_](#to-many-relationships) | A relationship to organizations the domain will be shared with. <br>_Note: can not be used without an organization relationship_ |         |
-| **metadata.labels**       | [_label object_](#labels)                        | Labels applied to the domain.                                                                                                    |         |
-| **metadata.annotations**  | [_annotation object_](#annotations)              | Annotations applied to the domain.                                                                                               |         |
+| Name                                      | Type                                             | Description                                                                                                                                                                          | Default |
+| -----------                               | --------                                         | ------------------------------------------------------------------------                                                                                                             | ------- |
+| **internal**                              | _boolean_                                        | Whether the domain is used for internal (container-to-container) traffic.                                                                                                            | false   |
+| **router_group.guid**                     | _uuid_                                           | The desired router group guid. <br>_Note: cannot be used when `internal` is set to `true` or domain is scoped to an org._                       | null    |
+| **organization**                          | [_to-one relationship_](#to-one-relationships)   | A relationship to the organization the domain will be scoped to. <br>_Note: cannot be used when `internal` is set to `true` or domain is associated with a router group._           |         |
+| **shared_organizations**                  | [_to-many relationship_](#to-many-relationships) | A relationship to organizations the domain will be shared with. <br>_Note: cannot be used without an organization relationship_                                                     |         |
+| **metadata.labels**                       | [_label object_](#labels)                        | Labels applied to the domain.                                                                                                                                                        |         |
+| **metadata.annotations**                  | [_annotation object_](#annotations)              | Annotations applied to the domain.                                                                                                                                                   |         |
 
 #### Permitted roles
 

docs/v3/source/includes/resources/domains/_object.md.erb

@@ -15,6 +15,7 @@ Example Domain object
 | **updated_at**                            | _datetime_                                       | The time with zone when the object was last updated.                                                                                                          |
 | **name**                                  | _string_                                         | The name of the domain.<br>Must be between 3 ~ 253 characters and follow [RFC 1035](https://tools.ietf.org/html/rfc1035).                                     |
 | **internal**                              | _boolean_                                        | Whether the domain is used for internal (container-to-container) traffic.                                                                                     |
+| **router_group.guid**                     | _uuid_                                           | The guid of the desired router group to route TCP traffic through. If set, the domain will only be available for TCP traffic.                                      |
 | **organization**                          | [_to-one relationship_](#to-one-relationships)   | The organization the domain is scoped to. If set, the domain will only be available in that organization. Otherwise, the domain will be globally available.   |
 | **shared_organizations**                  | [_to-many relationship_](#to-many-relationships) | Organizations the domain is shared with. If set, the domain will be available in these organizations in addition to the organization the domain is scoped to. |
 | **links**                                 | [_links object_](#links)                         | Links to related resources.                                                                                                                                   |

spec/request/domains_spec.rb

@@ -7,9 +7,14 @@
   let(:org) { space.organization }
   let(:admin_header) { headers_for(user, scopes: %w(cloud_controller.admin)) }
   let(:user_header) { headers_for(user, scopes: []) }
+  let(:routing_api_client) { instance_double(VCAP::CloudController::RoutingApi::Client) }
+  let(:router_group) { instance_double(VCAP::CloudController::RoutingApi::RouterGroup) }
 
   before do
     VCAP::CloudController::Domain.dataset.destroy # this will clean up the seeded test domains
+    allow(VCAP::CloudController::RoutingApi::Client).to receive(:new).and_return(routing_api_client)
+    allow(routing_api_client).to receive(:router_group).with('some-router-guid').and_return router_group
+    allow(routing_api_client).to receive(:router_group).with('some-other-router-guid').and_return nil
   end
 
   describe 'GET /v3/domains' do
@@ -66,6 +71,7 @@
           updated_at: iso8601,
           name: visible_owned_private_domain.name,
           internal: false,
+          router_group: nil,
           metadata: {
             labels: {},
             annotations: {}
@@ -94,6 +100,7 @@
           updated_at: iso8601,
           name: visible_shared_private_domain.name,
           internal: false,
+          router_group: nil,
           metadata: {
             labels: {},
             annotations: {}
@@ -122,6 +129,7 @@
           updated_at: iso8601,
           name: not_visible_private_domain.name,
           internal: false,
+          router_group: nil,
           metadata: {
             labels: {},
             annotations: {}
@@ -150,6 +158,7 @@
           updated_at: iso8601,
           name: shared_domain.name,
           internal: false,
+          router_group: nil,
           metadata: {
             labels: {},
             annotations: {}
@@ -732,30 +741,37 @@
     end
 
     describe 'when creating a shared domain' do
-      let(:api_call) { lambda { |user_headers| post '/v3/domains', params.to_json, user_headers } }
+      let(:api_call) { lambda { |user_headers| post '/v3/domains', domain_params.to_json, user_headers } }
+
+      let(:domain_params) do
+        {
+          router_group: { guid: 'some-router-guid' },
+        }.merge(params)
+      end
 
       let(:domain_json) do
         {
-          guid: UUID_REGEX,
-          created_at: iso8601,
-          updated_at: iso8601,
-          name: params[:name],
-          internal: false,
-          metadata: {
-            labels: { key: 'value' },
-            annotations: { key2: 'value2' }
-          },
-          relationships: {
-            organization: {
-              data: nil
-            },
-            shared_organizations: {
-              data: []
-            }
+        guid: UUID_REGEX,
+        created_at: iso8601,
+        updated_at: iso8601,
+        name: params[:name],
+        internal: false,
+        router_group: { guid: 'some-router-guid' },
+        metadata: {
+        labels: { key: 'value' },
+        annotations: { key2: 'value2' }
+        },
+        relationships: {
+        organization: {
+          data: nil
           },
-          links: {
-            self: { href: %r(#{Regexp.escape(link_prefix)}\/v3\/domains\/#{UUID_REGEX}) },
-            route_reservations: { href: %r(#{Regexp.escape(link_prefix)}\/v3/domains/#{UUID_REGEX}/route_reservations) },
+        shared_organizations: {
+          data: []
+          }
+        },
+        links: {
+        self: { href: %r(#{Regexp.escape(link_prefix)}\/v3\/domains\/#{UUID_REGEX}) },
+        route_reservations: { href: %r(#{Regexp.escape(link_prefix)}\/v3/domains/#{UUID_REGEX}/route_reservations) },
           }
         }
       end
@@ -785,6 +801,7 @@
           updated_at: iso8601,
           name: params[:name],
           internal: false,
+          router_group: nil,
           metadata: {
             labels: { key: 'value' },
             annotations: { key2: 'value2' }
@@ -1070,6 +1087,30 @@
             expect(parsed_response['errors'][0]['detail']).to eq 'Relationships cannot contain shared_organizations without an owning organization.'
           end
         end
+
+        context 'when a router group is provided' do
+          let(:params) do
+            {
+              name: 'my-domain.biz',
+              router_group: { guid: 'some-router-guid' },
+              relationships: {
+                organization: {
+                  data: {
+                    guid: org.guid
+                  }
+                }
+              }
+            }
+          end
+
+          it 'returns a 422 and a helpful error message' do
+            post '/v3/domains', params.to_json, headers
+
+            expect(last_response.status).to eq(422)
+
+            expect(parsed_response['errors'][0]['detail']).to eq 'Domains scoped to an organization cannot be associated to a router group.'
+          end
+        end
       end
     end
 
@@ -1225,6 +1266,43 @@
         expect(last_response.status).to eq 201
       end
     end
+
+    describe 'when specifying a router group that does not exist' do
+      let(:user_header) { admin_headers_for(user) }
+      let(:domain_params) do
+        {
+          name: 'my-domain.com',
+          router_group: { guid: 'some-other-router-guid' },
+        }
+      end
+
+      it 'returns a 422 and a helpful error message' do
+        post '/v3/domains', domain_params.to_json, user_header
+
+        expect(last_response.status).to eq(422)
+
+        expect(parsed_response['errors'][0]['detail']).to eq "Router group with guid 'some-other-router-guid' not found."
+      end
+    end
+
+    describe 'when specifying a router group with internal: true' do
+      let(:user_header) { admin_headers_for(user) }
+      let(:domain_params) do
+        {
+          name: 'my-domain.com',
+          internal: true,
+          router_group: { guid: 'some-router-guid' },
+        }
+      end
+
+      it 'returns a 422 and a helpful error message' do
+        post '/v3/domains', domain_params.to_json, user_header
+
+        expect(last_response.status).to eq(422)
+
+        expect(parsed_response['errors'][0]['detail']).to eq 'Internal domains cannot be associated to a router group.'
+      end
+    end
   end
 
   describe 'POST /v3/domains/:guid/relationships/shared_organizations' do
@@ -1667,6 +1745,7 @@
           updated_at: iso8601,
           name: shared_domain.name,
           internal: false,
+          router_group: nil,
           metadata: {
             labels: {},
             annotations: {}
@@ -1710,6 +1789,7 @@
             updated_at: iso8601,
             name: private_domain.name,
             internal: false,
+            router_group: nil,
             metadata: {
               labels: {},
               annotations: {}
@@ -1769,6 +1849,7 @@
             updated_at: iso8601,
             name: private_domain.name,
             internal: false,
+            router_group: nil,
             metadata: {
               labels: {},
               annotations: {}
@@ -1865,6 +1946,7 @@
           updated_at: iso8601,
           name: domain.name,
           internal: false,
+          router_group: nil,
           relationships: {
             organization: {
               data: nil
@@ -1916,6 +1998,7 @@
           updated_at: iso8601,
           name: domain.name,
           internal: false,
+          router_group: nil,
           relationships: {
             organization: {
               data: { guid: org.guid }
@@ -1972,6 +2055,7 @@
           updated_at: iso8601,
           name: domain.name,
           internal: false,
+          router_group: nil,
           relationships: {
             organization: {
               data: { guid: domain.owning_organization_guid }