From bd2791824f5fa897d271e5e9b837d6d2a62cfa53 Mon Sep 17 00:00:00 2001 From: Clint Shryock Date: Thu, 26 Feb 2015 11:03:56 -0600 Subject: [PATCH 1/4] Update ingress signature --- builtin/providers/aws/resource_aws_db_security_group_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builtin/providers/aws/resource_aws_db_security_group_test.go b/builtin/providers/aws/resource_aws_db_security_group_test.go index d99bc2f93..d7589ecf3 100644 --- a/builtin/providers/aws/resource_aws_db_security_group_test.go +++ b/builtin/providers/aws/resource_aws_db_security_group_test.go @@ -27,7 +27,7 @@ func TestAccAWSDBSecurityGroup(t *testing.T) { resource.TestCheckResourceAttr( "aws_db_security_group.bar", "description", "just cuz"), resource.TestCheckResourceAttr( - "aws_db_security_group.bar", "ingress.0.cidr", "10.0.0.1/24"), + "aws_db_security_group.bar", "ingress.3363517775.cidr", "10.0.0.1/24"), resource.TestCheckResourceAttr( "aws_db_security_group.bar", "ingress.#", "1"), ), From ac8da7a98878e8bec4fba1dc68d924975a494e4d Mon Sep 17 00:00:00 2001 From: Clint Shryock Date: Thu, 26 Feb 2015 15:08:39 -0600 Subject: [PATCH 2/4] provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next --- .../aws/resource_aws_db_security_group.go | 63 ++++++++++--------- .../resource_aws_db_security_group_test.go | 2 +- builtin/providers/aws/structure.go | 18 ++++++ 3 files changed, 52 insertions(+), 31 deletions(-) diff --git a/builtin/providers/aws/resource_aws_db_security_group.go b/builtin/providers/aws/resource_aws_db_security_group.go index f8d45c13b..88b98a2e4 100644 --- a/builtin/providers/aws/resource_aws_db_security_group.go +++ b/builtin/providers/aws/resource_aws_db_security_group.go @@ -6,11 +6,12 @@ import ( "log" "time" + "github.com/hashicorp/aws-sdk-go/aws" + "github.com/hashicorp/aws-sdk-go/gen/rds" "github.com/hashicorp/terraform/helper/hashcode" "github.com/hashicorp/terraform/helper/multierror" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" - "github.com/mitchellh/goamz/rds" ) func resourceAwsDbSecurityGroup() *schema.Resource { @@ -69,14 +70,14 @@ func resourceAwsDbSecurityGroup() *schema.Resource { } func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).rdsconn + conn := meta.(*AWSClient).awsRDSconn var err error var errs []error - opts := rds.CreateDBSecurityGroup{ - DBSecurityGroupName: d.Get("name").(string), - DBSecurityGroupDescription: d.Get("description").(string), + opts := rds.CreateDBSecurityGroupMessage{ + DBSecurityGroupName: aws.String(d.Get("name").(string)), + DBSecurityGroupDescription: aws.String(d.Get("description").(string)), } log.Printf("[DEBUG] DB Security Group create configuration: %#v", opts) @@ -96,7 +97,7 @@ func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{}) ingresses := d.Get("ingress").(*schema.Set) for _, ing := range ingresses.List() { - err := resourceAwsDbSecurityGroupAuthorizeRule(ing, sg.Name, conn) + err := resourceAwsDbSecurityGroupAuthorizeRule(ing, *sg.DBSecurityGroupName, conn) if err != nil { errs = append(errs, err) } @@ -131,24 +132,24 @@ func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) er return err } - d.Set("name", sg.Name) - d.Set("description", sg.Description) + d.Set("name", *sg.DBSecurityGroupName) + d.Set("description", *sg.DBSecurityGroupDescription) // Create an empty schema.Set to hold all ingress rules rules := &schema.Set{ F: resourceAwsDbSecurityGroupIngressHash, } - for _, v := range sg.CidrIps { - rule := map[string]interface{}{"cidr": v} + for _, v := range sg.IPRanges { + rule := map[string]interface{}{"cidr": *v.CIDRIP} rules.Add(rule) } - for i, _ := range sg.EC2SecurityGroupOwnerIds { + for _, g := range sg.EC2SecurityGroups { rule := map[string]interface{}{ - "security_group_name": sg.EC2SecurityGroupNames[i], - "security_group_id": sg.EC2SecurityGroupIds[i], - "security_group_owner_id": sg.EC2SecurityGroupOwnerIds[i], + "security_group_name": *g.EC2SecurityGroupName, + "security_group_id": *g.EC2SecurityGroupID, + "security_group_owner_id": *g.EC2SecurityGroupOwnerID, } rules.Add(rule) } @@ -159,17 +160,17 @@ func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) er } func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).rdsconn + conn := meta.(*AWSClient).awsRDSconn log.Printf("[DEBUG] DB Security Group destroy: %v", d.Id()) - opts := rds.DeleteDBSecurityGroup{DBSecurityGroupName: d.Id()} + opts := rds.DeleteDBSecurityGroupMessage{DBSecurityGroupName: aws.String(d.Id())} log.Printf("[DEBUG] DB Security Group destroy configuration: %v", opts) - _, err := conn.DeleteDBSecurityGroup(&opts) + err := conn.DeleteDBSecurityGroup(&opts) if err != nil { - newerr, ok := err.(*rds.Error) + newerr, ok := err.(aws.APIError) if ok && newerr.Code == "InvalidDBSecurityGroup.NotFound" { return nil } @@ -180,10 +181,10 @@ func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{}) } func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{}) (*rds.DBSecurityGroup, error) { - conn := meta.(*AWSClient).rdsconn + conn := meta.(*AWSClient).awsRDSconn - opts := rds.DescribeDBSecurityGroups{ - DBSecurityGroupName: d.Id(), + opts := rds.DescribeDBSecurityGroupsMessage{ + DBSecurityGroupName: aws.String(d.Id()), } log.Printf("[DEBUG] DB Security Group describe configuration: %#v", opts) @@ -195,7 +196,7 @@ func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{} } if len(resp.DBSecurityGroups) != 1 || - resp.DBSecurityGroups[0].Name != d.Id() { + *resp.DBSecurityGroups[0].DBSecurityGroupName != d.Id() { if err != nil { return nil, fmt.Errorf("Unable to find DB Security Group: %#v", resp.DBSecurityGroups) } @@ -207,27 +208,27 @@ func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{} } // Authorizes the ingress rule on the db security group -func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.Rds) error { +func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.RDS) error { ing := ingress.(map[string]interface{}) - opts := rds.AuthorizeDBSecurityGroupIngress{ - DBSecurityGroupName: dbSecurityGroupName, + opts := rds.AuthorizeDBSecurityGroupIngressMessage{ + DBSecurityGroupName: aws.String(dbSecurityGroupName), } if attr, ok := ing["cidr"]; ok && attr != "" { - opts.Cidr = attr.(string) + opts.CIDRIP = aws.String(attr.(string)) } if attr, ok := ing["security_group_name"]; ok && attr != "" { - opts.EC2SecurityGroupName = attr.(string) + opts.EC2SecurityGroupName = aws.String(attr.(string)) } if attr, ok := ing["security_group_id"]; ok && attr != "" { - opts.EC2SecurityGroupId = attr.(string) + opts.EC2SecurityGroupID = aws.String(attr.(string)) } if attr, ok := ing["security_group_owner_id"]; ok && attr != "" { - opts.EC2SecurityGroupOwnerId = attr.(string) + opts.EC2SecurityGroupOwnerID = aws.String(attr.(string)) } log.Printf("[DEBUG] Authorize ingress rule configuration: %#v", opts) @@ -274,7 +275,9 @@ func resourceAwsDbSecurityGroupStateRefreshFunc( return nil, "", err } - statuses := append(v.EC2SecurityGroupStatuses, v.CidrStatuses...) + st := flattenEC2SecurityGroupStatuses(v.EC2SecurityGroups) + ip := flattenIPRangeStatuses(v.IPRanges) + statuses := append(st, ip...) for _, stat := range statuses { // Not done diff --git a/builtin/providers/aws/resource_aws_db_security_group_test.go b/builtin/providers/aws/resource_aws_db_security_group_test.go index d7589ecf3..a14b0dd57 100644 --- a/builtin/providers/aws/resource_aws_db_security_group_test.go +++ b/builtin/providers/aws/resource_aws_db_security_group_test.go @@ -27,7 +27,7 @@ func TestAccAWSDBSecurityGroup(t *testing.T) { resource.TestCheckResourceAttr( "aws_db_security_group.bar", "description", "just cuz"), resource.TestCheckResourceAttr( - "aws_db_security_group.bar", "ingress.3363517775.cidr", "10.0.0.1/24"), + "aws_db_security_group.bar", "ingress.3363517775.cidr", "10.0.0.1/24"), resource.TestCheckResourceAttr( "aws_db_security_group.bar", "ingress.#", "1"), ), diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index 8943164de..b5366eee8 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -207,3 +207,21 @@ func expandStringList(configured []interface{}) []string { } return vs } + +// Flattens an array of DBSecurityGroups into a []string +func flattenEC2SecurityGroupStatuses(list []rds.EC2SecurityGroup) []string { + result := make([]string, 0, len(list)) + for _, i := range list { + result = append(result, *i.Status) + } + return result +} + +// Flattens an array of IPRanges into a []string +func flattenIPRangeStatuses(list []rds.IPRange) []string { + result := make([]string, 0, len(list)) + for _, i := range list { + result = append(result, *i.Status) + } + return result +} From 561e92e65db82bbfab7e570be665911ba43b256e Mon Sep 17 00:00:00 2001 From: Clint Shryock Date: Thu, 26 Feb 2015 15:36:38 -0600 Subject: [PATCH 3/4] provider/aws: Convert db security group test --- .../resource_aws_db_security_group_test.go | 42 ++++++++++--------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/builtin/providers/aws/resource_aws_db_security_group_test.go b/builtin/providers/aws/resource_aws_db_security_group_test.go index a14b0dd57..ecc966182 100644 --- a/builtin/providers/aws/resource_aws_db_security_group_test.go +++ b/builtin/providers/aws/resource_aws_db_security_group_test.go @@ -4,9 +4,10 @@ import ( "fmt" "testing" + "github.com/hashicorp/aws-sdk-go/aws" + "github.com/hashicorp/aws-sdk-go/gen/rds" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/terraform" - "github.com/mitchellh/goamz/rds" ) func TestAccAWSDBSecurityGroup(t *testing.T) { @@ -37,7 +38,7 @@ func TestAccAWSDBSecurityGroup(t *testing.T) { } func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*AWSClient).rdsconn + conn := testAccProvider.Meta().(*AWSClient).awsRDSconn for _, rs := range s.RootModule().Resources { if rs.Type != "aws_db_security_group" { @@ -46,19 +47,19 @@ func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error { // Try to find the Group resp, err := conn.DescribeDBSecurityGroups( - &rds.DescribeDBSecurityGroups{ - DBSecurityGroupName: rs.Primary.ID, + &rds.DescribeDBSecurityGroupsMessage{ + DBSecurityGroupName: aws.String(rs.Primary.ID), }) if err == nil { if len(resp.DBSecurityGroups) != 0 && - resp.DBSecurityGroups[0].Name == rs.Primary.ID { + *resp.DBSecurityGroups[0].DBSecurityGroupName == rs.Primary.ID { return fmt.Errorf("DB Security Group still exists") } } // Verify the error - newerr, ok := err.(*rds.Error) + newerr, ok := err.(aws.APIError) if !ok { return err } @@ -72,24 +73,25 @@ func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error { func testAccCheckAWSDBSecurityGroupAttributes(group *rds.DBSecurityGroup) resource.TestCheckFunc { return func(s *terraform.State) error { - if len(group.CidrIps) == 0 { - return fmt.Errorf("no cidr: %#v", group.CidrIps) + if len(group.IPRanges) == 0 { + return fmt.Errorf("no cidr: %#v", group.IPRanges) } - if group.CidrIps[0] != "10.0.0.1/24" { - return fmt.Errorf("bad cidr: %#v", group.CidrIps) + if *group.IPRanges[0].CIDRIP != "10.0.0.1/24" { + return fmt.Errorf("bad cidr: %#v", group.IPRanges) } - if group.CidrStatuses[0] != "authorized" { - return fmt.Errorf("bad status: %#v", group.CidrStatuses) + ipSt := flattenIPRangeStatuses(group.IPRanges) + if ipSt[0] != "authorized" { + return fmt.Errorf("bad status: %#v", ipSt) } - if group.Name != "secgroup-terraform" { - return fmt.Errorf("bad name: %#v", group.Name) + if *group.DBSecurityGroupName != "secgroup-terraform" { + return fmt.Errorf("bad name: %#v", *group.DBSecurityGroupName) } - if group.Description != "just cuz" { - return fmt.Errorf("bad description: %#v", group.Description) + if *group.DBSecurityGroupDescription != "just cuz" { + return fmt.Errorf("bad description: %#v", *group.DBSecurityGroupDescription) } return nil @@ -107,10 +109,10 @@ func testAccCheckAWSDBSecurityGroupExists(n string, v *rds.DBSecurityGroup) reso return fmt.Errorf("No DB Security Group ID is set") } - conn := testAccProvider.Meta().(*AWSClient).rdsconn + conn := testAccProvider.Meta().(*AWSClient).awsRDSconn - opts := rds.DescribeDBSecurityGroups{ - DBSecurityGroupName: rs.Primary.ID, + opts := rds.DescribeDBSecurityGroupsMessage{ + DBSecurityGroupName: aws.String(rs.Primary.ID), } resp, err := conn.DescribeDBSecurityGroups(&opts) @@ -120,7 +122,7 @@ func testAccCheckAWSDBSecurityGroupExists(n string, v *rds.DBSecurityGroup) reso } if len(resp.DBSecurityGroups) != 1 || - resp.DBSecurityGroups[0].Name != rs.Primary.ID { + *resp.DBSecurityGroups[0].DBSecurityGroupName != rs.Primary.ID { return fmt.Errorf("DB Security Group not found") } From f453d1863a4822d19c04275aef51ce288ef68f74 Mon Sep 17 00:00:00 2001 From: Clint Shryock Date: Thu, 26 Feb 2015 15:47:30 -0600 Subject: [PATCH 4/4] remove helper functions, flatten status in the function --- .../aws/resource_aws_db_security_group.go | 10 +++++++--- .../aws/resource_aws_db_security_group_test.go | 10 +++++++--- builtin/providers/aws/structure.go | 18 ------------------ 3 files changed, 14 insertions(+), 24 deletions(-) diff --git a/builtin/providers/aws/resource_aws_db_security_group.go b/builtin/providers/aws/resource_aws_db_security_group.go index 88b98a2e4..9ca37a009 100644 --- a/builtin/providers/aws/resource_aws_db_security_group.go +++ b/builtin/providers/aws/resource_aws_db_security_group.go @@ -275,9 +275,13 @@ func resourceAwsDbSecurityGroupStateRefreshFunc( return nil, "", err } - st := flattenEC2SecurityGroupStatuses(v.EC2SecurityGroups) - ip := flattenIPRangeStatuses(v.IPRanges) - statuses := append(st, ip...) + statuses := make([]string, 0, len(v.EC2SecurityGroups)+len(v.IPRanges)) + for _, ec2g := range v.EC2SecurityGroups { + statuses = append(statuses, *ec2g.Status) + } + for _, ips := range v.IPRanges { + statuses = append(statuses, *ips.Status) + } for _, stat := range statuses { // Not done diff --git a/builtin/providers/aws/resource_aws_db_security_group_test.go b/builtin/providers/aws/resource_aws_db_security_group_test.go index ecc966182..7db2def47 100644 --- a/builtin/providers/aws/resource_aws_db_security_group_test.go +++ b/builtin/providers/aws/resource_aws_db_security_group_test.go @@ -81,9 +81,13 @@ func testAccCheckAWSDBSecurityGroupAttributes(group *rds.DBSecurityGroup) resour return fmt.Errorf("bad cidr: %#v", group.IPRanges) } - ipSt := flattenIPRangeStatuses(group.IPRanges) - if ipSt[0] != "authorized" { - return fmt.Errorf("bad status: %#v", ipSt) + statuses := make([]string, 0, len(group.IPRanges)) + for _, ips := range group.IPRanges { + statuses = append(statuses, *ips.Status) + } + + if statuses[0] != "authorized" { + return fmt.Errorf("bad status: %#v", statuses) } if *group.DBSecurityGroupName != "secgroup-terraform" { diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index b5366eee8..8943164de 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -207,21 +207,3 @@ func expandStringList(configured []interface{}) []string { } return vs } - -// Flattens an array of DBSecurityGroups into a []string -func flattenEC2SecurityGroupStatuses(list []rds.EC2SecurityGroup) []string { - result := make([]string, 0, len(list)) - for _, i := range list { - result = append(result, *i.Status) - } - return result -} - -// Flattens an array of IPRanges into a []string -func flattenIPRangeStatuses(list []rds.IPRange) []string { - result := make([]string, 0, len(list)) - for _, i := range list { - result = append(result, *i.Status) - } - return result -}