Convert tls_cert_request to be a data source

This resource (unlike the others in this provider) isn't stateful, so it
is a good candidate to be a data source.

The old resource form is preserved via the standard shim in helper/schema,
which will generate a deprecation warning but will still allow the
resource to be used.
This commit is contained in:
Martin Atkins 2016-07-02 08:07:53 -07:00
parent c965d9bea4
commit c244e5a668
5 changed files with 24 additions and 29 deletions

View File

@ -12,10 +12,8 @@ import (
const pemCertReqType = "CERTIFICATE REQUEST"
func resourceCertRequest() *schema.Resource {
func dataSourceCertRequest() *schema.Resource {
return &schema.Resource{
Create: CreateCertRequest,
Delete: DeleteCertRequest,
Read: ReadCertRequest,
Schema: map[string]*schema.Schema{
@ -24,7 +22,6 @@ func resourceCertRequest() *schema.Resource {
Type: schema.TypeList,
Optional: true,
Description: "List of DNS names to use as subjects of the certificate",
ForceNew: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
@ -34,7 +31,6 @@ func resourceCertRequest() *schema.Resource {
Type: schema.TypeList,
Optional: true,
Description: "List of IP addresses to use as subjects of the certificate",
ForceNew: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
@ -44,14 +40,12 @@ func resourceCertRequest() *schema.Resource {
Type: schema.TypeString,
Required: true,
Description: "Name of the algorithm to use to generate the certificate's private key",
ForceNew: true,
},
"private_key_pem": &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "PEM-encoded private key that the certificate will belong to",
ForceNew: true,
StateFunc: func(v interface{}) string {
return hashForState(v.(string))
},
@ -61,7 +55,6 @@ func resourceCertRequest() *schema.Resource {
Type: schema.TypeList,
Required: true,
Elem: nameSchema,
ForceNew: true,
},
"cert_request_pem": &schema.Schema{
@ -72,7 +65,7 @@ func resourceCertRequest() *schema.Resource {
}
}
func CreateCertRequest(d *schema.ResourceData, meta interface{}) error {
func ReadCertRequest(d *schema.ResourceData, meta interface{}) error {
key, err := parsePrivateKey(d, "private_key_pem", "key_algorithm")
if err != nil {
return err
@ -116,12 +109,3 @@ func CreateCertRequest(d *schema.ResourceData, meta interface{}) error {
return nil
}
func DeleteCertRequest(d *schema.ResourceData, meta interface{}) error {
d.SetId("")
return nil
}
func ReadCertRequest(d *schema.ResourceData, meta interface{}) error {
return nil
}

View File

@ -12,12 +12,12 @@ import (
)
func TestCertRequest(t *testing.T) {
r.Test(t, r.TestCase{
r.UnitTest(t, r.TestCase{
Providers: testProviders,
Steps: []r.TestStep{
r.TestStep{
Config: fmt.Sprintf(`
resource "tls_cert_request" "test" {
data "tls_cert_request" "test" {
subject {
common_name = "example.com"
organization = "Example, Inc"
@ -46,7 +46,7 @@ func TestCertRequest(t *testing.T) {
EOT
}
output "key_pem" {
value = "${tls_cert_request.test.cert_request_pem}"
value = "${data.tls_cert_request.test.cert_request_pem}"
}
`, testPrivateKey),
Check: func(s *terraform.State) error {

View File

@ -12,11 +12,18 @@ import (
func Provider() terraform.ResourceProvider {
return &schema.Provider{
DataSourcesMap: map[string]*schema.Resource{
"tls_cert_request": dataSourceCertRequest(),
},
ResourcesMap: map[string]*schema.Resource{
"tls_private_key": resourcePrivateKey(),
"tls_locally_signed_cert": resourceLocallySignedCert(),
"tls_self_signed_cert": resourceSelfSignedCert(),
"tls_cert_request": resourceCertRequest(),
"tls_cert_request": schema.DataSourceResourceShim(
"tls_cert_request",
dataSourceCertRequest(),
),
},
}
}

View File

@ -13,13 +13,11 @@ typical format used to request a certificate from a certificate authority.
This resource is intended to be used in conjunction with a Terraform provider
for a particular certificate authority in order to provision a new certificate.
This is a *logical resource*, so it contributes only to the current Terraform
state and does not create any external managed resources.
## Example Usage
```
resource "tls_cert_request" "example" {
data "tls_cert_request" "example" {
key_algorithm = "ECDSA"
private_key_pem = "${file(\"private_key.pem\")}"

View File

@ -10,6 +10,15 @@
<a href="/docs/providers/tls/index.html">TLS Provider</a>
</li>
<li<%= sidebar_current(/^docs-tls-data-source/) %>>
<a href="#">Data Sources</a>
<ul class="nav nav-visible">
<li<%= sidebar_current("docs-tls-data-source-cert-request") %>>
<a href="/docs/providers/tls/d/cert_request.html">tls_cert_request</a>
</li>
</ul>
</li>
<li<%= sidebar_current(/^docs-tls-resource/) %>>
<a href="#">Resources</a>
<ul class="nav nav-visible">
@ -22,9 +31,6 @@
<li<%= sidebar_current("docs-tls-resourse-locally-signed-cert") %>>
<a href="/docs/providers/tls/r/locally_signed_cert.html">tls_locally_signed_cert</a>
</li>
<li<%= sidebar_current("docs-tls-resourse-cert-request") %>>
<a href="/docs/providers/tls/r/cert_request.html">tls_cert_request</a>
</li>
</ul>
</li>
</ul>