provider/google: Target HTTPS proxy resource + tests & documentation

2015-11-02 14:32:07 -05:00 · 2015-11-02 14:32:07 -05:00 · d11524682a
parent 0097d7105b
commit d11524682a
6 changed files with 550 additions and 2 deletions
--- a/builtin/providers/google/provider.go
+++ b/builtin/providers/google/provider.go
@ -50,6 +50,7 @@ func Provider() terraform.ResourceProvider {
 			"google_compute_route":                  resourceComputeRoute(),
 			"google_compute_ssl_certificate":        resourceComputeSslCertificate(),
 			"google_compute_target_http_proxy":      resourceComputeTargetHttpProxy(),
+			"google_compute_target_https_proxy":     resourceComputeTargetHttpsProxy(),
 			"google_compute_target_pool":            resourceComputeTargetPool(),
 			"google_compute_url_map":                resourceComputeUrlMap(),
 			"google_compute_vpn_gateway":            resourceComputeVpnGateway(),
--- a/builtin/providers/google/resource_compute_ssl_certificate.go
+++ b/builtin/providers/google/resource_compute_ssl_certificate.go
@ -58,9 +58,9 @@ func resourceComputeSslCertificateCreate(d *schema.ResourceData, meta interface{

 	// Build the certificate parameter
 	cert := &compute.SslCertificate{
-		Name: d.Get("name").(string),
+		Name:        d.Get("name").(string),
 		Certificate: d.Get("certificate").(string),
-		PrivateKey: d.Get("private_key").(string),
+		PrivateKey:  d.Get("private_key").(string),
 	}

 	if v, ok := d.GetOk("description"); ok {
--- a/builtin/providers/google/resource_compute_target_https_proxy.go
+++ b/builtin/providers/google/resource_compute_target_https_proxy.go
@ -0,0 +1,240 @@
+package google
+
+import (
+	"fmt"
+	"log"
+	"strconv"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/compute/v1"
+	"google.golang.org/api/googleapi"
+)
+
+func resourceComputeTargetHttpsProxy() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceComputeTargetHttpsProxyCreate,
+		Read:   resourceComputeTargetHttpsProxyRead,
+		Delete: resourceComputeTargetHttpsProxyDelete,
+		Update: resourceComputeTargetHttpsProxyUpdate,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"description": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+
+			"self_link": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+
+			"id": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+
+			"url_map": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"ssl_certificates": &schema.Schema{
+				Type:     schema.TypeList,
+				Required: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+		},
+	}
+}
+
+func resourceComputeTargetHttpsProxyCreate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	_sslCertificates := d.Get("ssl_certificates").([]interface{})
+	sslCertificates := make([]string, len(_sslCertificates))
+
+	for i, v := range _sslCertificates {
+		sslCertificates[i] = v.(string)
+	}
+
+	proxy := &compute.TargetHttpsProxy{
+		Name:            d.Get("name").(string),
+		UrlMap:          d.Get("url_map").(string),
+		SslCertificates: sslCertificates,
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		proxy.Description = v.(string)
+	}
+
+	log.Printf("[DEBUG] TargetHttpsProxy insert request: %#v", proxy)
+	op, err := config.clientCompute.TargetHttpsProxies.Insert(
+		config.Project, proxy).Do()
+	if err != nil {
+		return fmt.Errorf("Error creating TargetHttpsProxy: %s", err)
+	}
+
+	err = computeOperationWaitGlobal(config, op, "Creating Target Https Proxy")
+	if err != nil {
+		return err
+	}
+
+	d.SetId(proxy.Name)
+
+	return resourceComputeTargetHttpsProxyRead(d, meta)
+}
+
+func resourceComputeTargetHttpsProxyUpdate(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	d.Partial(true)
+
+	if d.HasChange("url_map") {
+		url_map := d.Get("url_map").(string)
+		url_map_ref := &compute.UrlMapReference{UrlMap: url_map}
+		op, err := config.clientCompute.TargetHttpsProxies.SetUrlMap(
+			config.Project, d.Id(), url_map_ref).Do()
+		if err != nil {
+			return fmt.Errorf("Error updating Target HTTPS proxy URL map: %s", err)
+		}
+
+		err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy URL Map")
+		if err != nil {
+			return err
+		}
+
+		d.SetPartial("url_map")
+	}
+
+	if d.HasChange("ssl_certificates") {
+		proxy, err := config.clientCompute.TargetHttpsProxies.Get(
+			config.Project, d.Id()).Do()
+
+		_old, _new := d.GetChange("ssl_certificates")
+		_oldCerts := _old.([]interface{})
+		_newCerts := _new.([]interface{})
+		current := proxy.SslCertificates
+
+		_oldMap := make(map[string]bool)
+		_newMap := make(map[string]bool)
+
+		for _, v := range _oldCerts {
+			_oldMap[v.(string)] = true
+		}
+
+		for _, v := range _newCerts {
+			_newMap[v.(string)] = true
+		}
+
+		sslCertificates := make([]string, 0)
+		// Only modify certificates in one of our old or new states
+		for _, v := range current {
+			_, okOld := _oldMap[v]
+			_, okNew := _newMap[v]
+
+			// we deleted the certificate
+			if okOld && !okNew {
+				continue
+			}
+
+			sslCertificates = append(sslCertificates, v)
+
+			// Keep track of the fact that we have added this certificate
+			if okNew {
+				delete(_newMap, v)
+			}
+		}
+
+		// Add fresh certificates
+		for k, _ := range _newMap {
+			sslCertificates = append(sslCertificates, k)
+		}
+
+		cert_ref := &compute.TargetHttpsProxiesSetSslCertificatesRequest{
+			SslCertificates: sslCertificates,
+		}
+		op, err := config.clientCompute.TargetHttpsProxies.SetSslCertificates(
+			config.Project, d.Id(), cert_ref).Do()
+		if err != nil {
+			return fmt.Errorf("Error updating Target Https Proxy SSL Certificates: %s", err)
+		}
+
+		err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy SSL certificates")
+		if err != nil {
+			return err
+		}
+
+		d.SetPartial("ssl_certificate")
+	}
+
+	d.Partial(false)
+
+	return resourceComputeTargetHttpsProxyRead(d, meta)
+}
+
+func resourceComputeTargetHttpsProxyRead(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	proxy, err := config.clientCompute.TargetHttpsProxies.Get(
+		config.Project, d.Id()).Do()
+	if err != nil {
+		if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
+			// The resource doesn't exist anymore
+			d.SetId("")
+
+			return nil
+		}
+
+		return fmt.Errorf("Error reading TargetHttpsProxy: %s", err)
+	}
+
+	_certs := d.Get("ssl_certificates").([]interface{})
+	current := proxy.SslCertificates
+
+	_certMap := make(map[string]bool)
+	_newCerts := make([]interface{}, 0)
+
+	for _, v := range _certs {
+		_certMap[v.(string)] = true
+	}
+
+	// Store intersection of server certificates and user defined certificates
+	for _, v := range current {
+		if _, ok := _certMap[v]; ok {
+			_newCerts = append(_newCerts, v)
+		}
+	}
+
+	d.Set("ssl_certificates", _newCerts)
+	d.Set("self_link", proxy.SelfLink)
+	d.Set("id", strconv.FormatUint(proxy.Id, 10))
+
+	return nil
+}
+
+func resourceComputeTargetHttpsProxyDelete(d *schema.ResourceData, meta interface{}) error {
+	config := meta.(*Config)
+
+	// Delete the TargetHttpsProxy
+	log.Printf("[DEBUG] TargetHttpsProxy delete request")
+	op, err := config.clientCompute.TargetHttpsProxies.Delete(
+		config.Project, d.Id()).Do()
+	if err != nil {
+		return fmt.Errorf("Error deleting TargetHttpsProxy: %s", err)
+	}
+
+	err = computeOperationWaitGlobal(config, op, "Deleting Target Https Proxy")
+	if err != nil {
+		return err
+	}
+
+	d.SetId("")
+	return nil
+}
--- a/builtin/providers/google/resource_compute_target_https_proxy_test.go
+++ b/builtin/providers/google/resource_compute_target_https_proxy_test.go
@ -0,0 +1,212 @@
+package google
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccComputeTargetHttpsProxy_basic(t *testing.T) {
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccComputeTargetHttpsProxy_basic1,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeTargetHttpsProxyExists(
+						"google_compute_target_https_proxy.foobar"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccComputeTargetHttpsProxy_update(t *testing.T) {
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccComputeTargetHttpsProxy_basic1,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeTargetHttpsProxyExists(
+						"google_compute_target_https_proxy.foobar"),
+				),
+			},
+
+			resource.TestStep{
+				Config: testAccComputeTargetHttpsProxy_basic2,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeTargetHttpsProxyExists(
+						"google_compute_target_https_proxy.foobar"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckComputeTargetHttpsProxyDestroy(s *terraform.State) error {
+	config := testAccProvider.Meta().(*Config)
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "google_compute_target_https_proxy" {
+			continue
+		}
+
+		_, err := config.clientCompute.TargetHttpsProxies.Get(
+			config.Project, rs.Primary.ID).Do()
+		if err == nil {
+			return fmt.Errorf("TargetHttpsProxy still exists")
+		}
+	}
+
+	return nil
+}
+
+func testAccCheckComputeTargetHttpsProxyExists(n string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No ID is set")
+		}
+
+		config := testAccProvider.Meta().(*Config)
+
+		found, err := config.clientCompute.TargetHttpsProxies.Get(
+			config.Project, rs.Primary.ID).Do()
+		if err != nil {
+			return err
+		}
+
+		if found.Name != rs.Primary.ID {
+			return fmt.Errorf("TargetHttpsProxy not found")
+		}
+
+		return nil
+	}
+}
+
+const testAccComputeTargetHttpsProxy_basic1 = `
+resource "google_compute_target_https_proxy" "foobar" {
+	description = "Resource created for Terraform acceptance testing"
+	name = "terraform-test"
+	url_map = "${google_compute_url_map.foobar.self_link}"
+	ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
+}
+
+resource "google_compute_backend_service" "foobar" {
+	name = "service"
+	health_checks = ["${google_compute_http_health_check.zero.self_link}"]
+}
+
+resource "google_compute_http_health_check" "zero" {
+	name = "tf-test-zero"
+	request_path = "/"
+	check_interval_sec = 1
+	timeout_sec = 1
+}
+
+resource "google_compute_url_map" "foobar" {
+	name = "myurlmap"
+	default_service = "${google_compute_backend_service.foobar.self_link}"
+	host_rule {
+		hosts = ["mysite.com", "myothersite.com"]
+		path_matcher = "boop"
+	}
+	path_matcher {
+		default_service = "${google_compute_backend_service.foobar.self_link}"
+		name = "boop"
+		path_rule {
+			paths = ["/*"]
+			service = "${google_compute_backend_service.foobar.self_link}"
+		}
+	}
+	test {
+		host = "mysite.com"
+		path = "/*"
+		service = "${google_compute_backend_service.foobar.self_link}"
+	}
+}
+
+resource "google_compute_ssl_certificate" "foobar1" {
+	name = "terraform-test1"
+	description = "very descriptive"
+	private_key = "${file("~/cert/example.key")}"
+	certificate = "${file("~/cert/example.crt")}"
+}
+
+resource "google_compute_ssl_certificate" "foobar2" {
+	name = "terraform-test2"
+	description = "very descriptive"
+	private_key = "${file("~/cert/example.key")}"
+	certificate = "${file("~/cert/example.crt")}"
+}
+`
+
+const testAccComputeTargetHttpsProxy_basic2 = `
+resource "google_compute_target_https_proxy" "foobar" {
+	description = "Resource created for Terraform acceptance testing"
+	name = "terraform-test"
+	url_map = "${google_compute_url_map.foobar.self_link}"
+	ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
+}
+
+resource "google_compute_backend_service" "foobar" {
+	name = "service"
+	health_checks = ["${google_compute_http_health_check.zero.self_link}"]
+}
+
+resource "google_compute_http_health_check" "zero" {
+	name = "tf-test-zero"
+	request_path = "/"
+	check_interval_sec = 1
+	timeout_sec = 1
+}
+
+resource "google_compute_url_map" "foobar" {
+	name = "myurlmap"
+	default_service = "${google_compute_backend_service.foobar.self_link}"
+	host_rule {
+		hosts = ["mysite.com", "myothersite.com"]
+		path_matcher = "boop"
+	}
+	path_matcher {
+		default_service = "${google_compute_backend_service.foobar.self_link}"
+		name = "boop"
+		path_rule {
+			paths = ["/*"]
+			service = "${google_compute_backend_service.foobar.self_link}"
+		}
+	}
+	test {
+		host = "mysite.com"
+		path = "/*"
+		service = "${google_compute_backend_service.foobar.self_link}"
+	}
+}
+
+resource "google_compute_ssl_certificate" "foobar1" {
+	name = "terraform-test1"
+	description = "very descriptive"
+	private_key = "${file("~/cert/example.key")}"
+	certificate = "${file("~/cert/example.crt")}"
+}
+
+resource "google_compute_ssl_certificate" "foobar2" {
+	name = "terraform-test2"
+	description = "very descriptive"
+	private_key = "${file("~/cert/example.key")}"
+	certificate = "${file("~/cert/example.crt")}"
+}
+`
--- a/website/source/docs/providers/google/r/compute_target_https_proxy.html.markdown
+++ b/website/source/docs/providers/google/r/compute_target_https_proxy.html.markdown
@ -0,0 +1,91 @@
+---
+layout: "google"
+page_title: "Google: google_compute_target_https_proxy"
+sidebar_current: "docs-google-compute-target-https-proxy"
+description: |-
+  Creates a Target HTTPS Proxy resource in GCE.
+---
+
+# google\_compute\_target\_https\_proxy
+
+Creates a target HTTPS proxy resource in GCE. For more information see
+[the official
+documentation](https://cloud.google.com/compute/docs/load-balancing/http/target-proxies) and
+[API](https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies).
+
+
+## Example Usage
+
+```
+resource "google_compute_target_https_proxy" "default" {
+    name = "test-proxy"
+    description = "a description"
+    url_map = "${google_compute_url_map.default.self_link}"
+    ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"]
+}
+
+resource "google_compute_ssl_certificate" "default" {
+    name = "my-certificate"
+    description = "a description"
+    private_key = "${file("path/to/private.key")}"
+    certificate = "${file("path/to/certificate.crt")}"
+}
+
+resource "google_compute_url_map" "default" {
+    name = "url-map"
+    description = "a description"
+    default_service = "${google_compute_backend_service.default.self_link}"
+
+    host_rule {
+        hosts = ["mysite.com"]
+        path_matcher = "allpaths"
+    }
+
+    path_matcher {
+        default_service = "${google_compute_backend_service.default.self_link}"
+        name = "allpaths"
+        path_rule {
+            paths = ["/*"]
+            service = "${google_compute_backend_service.default.self_link}"
+        }
+    }
+}
+
+resource "google_compute_backend_service" "default" {
+    name = "default-backend"
+    port_name = "http"
+    protocol = "HTTP"
+    timeout_sec = 10
+    region = "us-central1"
+
+    health_checks = ["${google_compute_http_health_check.default.self_link}"]
+}
+
+resource "google_compute_http_health_check" "default" {
+    name = "test"
+    request_path = "/"
+    check_interval_sec = 1
+    timeout_sec = 1
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) A unique name for the resource, required by GCE.
+    Changing this forces a new resource to be created.
+* `description` - (Optional) A description of this resource.
+    Changing this forces a new resource to be created.
+* `url_map` - (Required) The URL of a URL Map resource that defines the
+    mapping from the URL to the BackendService.
+* `ssl_certificates` - (Required) The URLs of the SSL Certificate resources
+    that authenticate connections between users and load balancing. Currently
+    exactly one must be specified.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `self_link` - The URI of the created resource.
+* `id` - A unique ID assigned by GCE.
--- a/website/source/layouts/google.erb
+++ b/website/source/layouts/google.erb
@ -77,6 +77,10 @@
 			<a href="/docs/providers/google/r/compute_target_http_proxy.html">google_compute_target_http_proxy</a>
 			</li>

+			<li<%= sidebar_current("docs-google-compute-target-https-proxy") %>>
+			<a href="/docs/providers/google/r/compute_target_https_proxy.html">google_compute_target_https_proxy</a>
+			</li>
+
 			<li<%= sidebar_current("docs-google-compute-target-pool") %>>
 			<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
 			</li>