provider/google: Target HTTPS proxy resource + tests & documentation

This commit is contained in:
Lars Wander 2015-11-02 14:32:07 -05:00
parent 0097d7105b
commit d11524682a
6 changed files with 550 additions and 2 deletions

View File

@ -50,6 +50,7 @@ func Provider() terraform.ResourceProvider {
"google_compute_route": resourceComputeRoute(),
"google_compute_ssl_certificate": resourceComputeSslCertificate(),
"google_compute_target_http_proxy": resourceComputeTargetHttpProxy(),
"google_compute_target_https_proxy": resourceComputeTargetHttpsProxy(),
"google_compute_target_pool": resourceComputeTargetPool(),
"google_compute_url_map": resourceComputeUrlMap(),
"google_compute_vpn_gateway": resourceComputeVpnGateway(),

View File

@ -58,9 +58,9 @@ func resourceComputeSslCertificateCreate(d *schema.ResourceData, meta interface{
// Build the certificate parameter
cert := &compute.SslCertificate{
Name: d.Get("name").(string),
Name: d.Get("name").(string),
Certificate: d.Get("certificate").(string),
PrivateKey: d.Get("private_key").(string),
PrivateKey: d.Get("private_key").(string),
}
if v, ok := d.GetOk("description"); ok {

View File

@ -0,0 +1,240 @@
package google
import (
"fmt"
"log"
"strconv"
"github.com/hashicorp/terraform/helper/schema"
"google.golang.org/api/compute/v1"
"google.golang.org/api/googleapi"
)
func resourceComputeTargetHttpsProxy() *schema.Resource {
return &schema.Resource{
Create: resourceComputeTargetHttpsProxyCreate,
Read: resourceComputeTargetHttpsProxyRead,
Delete: resourceComputeTargetHttpsProxyDelete,
Update: resourceComputeTargetHttpsProxyUpdate,
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"description": &schema.Schema{
Type: schema.TypeString,
Optional: true,
ForceNew: true,
},
"self_link": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"id": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"url_map": &schema.Schema{
Type: schema.TypeString,
Required: true,
},
"ssl_certificates": &schema.Schema{
Type: schema.TypeList,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
},
}
}
func resourceComputeTargetHttpsProxyCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
_sslCertificates := d.Get("ssl_certificates").([]interface{})
sslCertificates := make([]string, len(_sslCertificates))
for i, v := range _sslCertificates {
sslCertificates[i] = v.(string)
}
proxy := &compute.TargetHttpsProxy{
Name: d.Get("name").(string),
UrlMap: d.Get("url_map").(string),
SslCertificates: sslCertificates,
}
if v, ok := d.GetOk("description"); ok {
proxy.Description = v.(string)
}
log.Printf("[DEBUG] TargetHttpsProxy insert request: %#v", proxy)
op, err := config.clientCompute.TargetHttpsProxies.Insert(
config.Project, proxy).Do()
if err != nil {
return fmt.Errorf("Error creating TargetHttpsProxy: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Creating Target Https Proxy")
if err != nil {
return err
}
d.SetId(proxy.Name)
return resourceComputeTargetHttpsProxyRead(d, meta)
}
func resourceComputeTargetHttpsProxyUpdate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
d.Partial(true)
if d.HasChange("url_map") {
url_map := d.Get("url_map").(string)
url_map_ref := &compute.UrlMapReference{UrlMap: url_map}
op, err := config.clientCompute.TargetHttpsProxies.SetUrlMap(
config.Project, d.Id(), url_map_ref).Do()
if err != nil {
return fmt.Errorf("Error updating Target HTTPS proxy URL map: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy URL Map")
if err != nil {
return err
}
d.SetPartial("url_map")
}
if d.HasChange("ssl_certificates") {
proxy, err := config.clientCompute.TargetHttpsProxies.Get(
config.Project, d.Id()).Do()
_old, _new := d.GetChange("ssl_certificates")
_oldCerts := _old.([]interface{})
_newCerts := _new.([]interface{})
current := proxy.SslCertificates
_oldMap := make(map[string]bool)
_newMap := make(map[string]bool)
for _, v := range _oldCerts {
_oldMap[v.(string)] = true
}
for _, v := range _newCerts {
_newMap[v.(string)] = true
}
sslCertificates := make([]string, 0)
// Only modify certificates in one of our old or new states
for _, v := range current {
_, okOld := _oldMap[v]
_, okNew := _newMap[v]
// we deleted the certificate
if okOld && !okNew {
continue
}
sslCertificates = append(sslCertificates, v)
// Keep track of the fact that we have added this certificate
if okNew {
delete(_newMap, v)
}
}
// Add fresh certificates
for k, _ := range _newMap {
sslCertificates = append(sslCertificates, k)
}
cert_ref := &compute.TargetHttpsProxiesSetSslCertificatesRequest{
SslCertificates: sslCertificates,
}
op, err := config.clientCompute.TargetHttpsProxies.SetSslCertificates(
config.Project, d.Id(), cert_ref).Do()
if err != nil {
return fmt.Errorf("Error updating Target Https Proxy SSL Certificates: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy SSL certificates")
if err != nil {
return err
}
d.SetPartial("ssl_certificate")
}
d.Partial(false)
return resourceComputeTargetHttpsProxyRead(d, meta)
}
func resourceComputeTargetHttpsProxyRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
proxy, err := config.clientCompute.TargetHttpsProxies.Get(
config.Project, d.Id()).Do()
if err != nil {
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
// The resource doesn't exist anymore
d.SetId("")
return nil
}
return fmt.Errorf("Error reading TargetHttpsProxy: %s", err)
}
_certs := d.Get("ssl_certificates").([]interface{})
current := proxy.SslCertificates
_certMap := make(map[string]bool)
_newCerts := make([]interface{}, 0)
for _, v := range _certs {
_certMap[v.(string)] = true
}
// Store intersection of server certificates and user defined certificates
for _, v := range current {
if _, ok := _certMap[v]; ok {
_newCerts = append(_newCerts, v)
}
}
d.Set("ssl_certificates", _newCerts)
d.Set("self_link", proxy.SelfLink)
d.Set("id", strconv.FormatUint(proxy.Id, 10))
return nil
}
func resourceComputeTargetHttpsProxyDelete(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
// Delete the TargetHttpsProxy
log.Printf("[DEBUG] TargetHttpsProxy delete request")
op, err := config.clientCompute.TargetHttpsProxies.Delete(
config.Project, d.Id()).Do()
if err != nil {
return fmt.Errorf("Error deleting TargetHttpsProxy: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Deleting Target Https Proxy")
if err != nil {
return err
}
d.SetId("")
return nil
}

View File

@ -0,0 +1,212 @@
package google
import (
"fmt"
"testing"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccComputeTargetHttpsProxy_basic(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccComputeTargetHttpsProxy_basic1,
Check: resource.ComposeTestCheckFunc(
testAccCheckComputeTargetHttpsProxyExists(
"google_compute_target_https_proxy.foobar"),
),
},
},
})
}
func TestAccComputeTargetHttpsProxy_update(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccComputeTargetHttpsProxy_basic1,
Check: resource.ComposeTestCheckFunc(
testAccCheckComputeTargetHttpsProxyExists(
"google_compute_target_https_proxy.foobar"),
),
},
resource.TestStep{
Config: testAccComputeTargetHttpsProxy_basic2,
Check: resource.ComposeTestCheckFunc(
testAccCheckComputeTargetHttpsProxyExists(
"google_compute_target_https_proxy.foobar"),
),
},
},
})
}
func testAccCheckComputeTargetHttpsProxyDestroy(s *terraform.State) error {
config := testAccProvider.Meta().(*Config)
for _, rs := range s.RootModule().Resources {
if rs.Type != "google_compute_target_https_proxy" {
continue
}
_, err := config.clientCompute.TargetHttpsProxies.Get(
config.Project, rs.Primary.ID).Do()
if err == nil {
return fmt.Errorf("TargetHttpsProxy still exists")
}
}
return nil
}
func testAccCheckComputeTargetHttpsProxyExists(n string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
config := testAccProvider.Meta().(*Config)
found, err := config.clientCompute.TargetHttpsProxies.Get(
config.Project, rs.Primary.ID).Do()
if err != nil {
return err
}
if found.Name != rs.Primary.ID {
return fmt.Errorf("TargetHttpsProxy not found")
}
return nil
}
}
const testAccComputeTargetHttpsProxy_basic1 = `
resource "google_compute_target_https_proxy" "foobar" {
description = "Resource created for Terraform acceptance testing"
name = "terraform-test"
url_map = "${google_compute_url_map.foobar.self_link}"
ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
}
resource "google_compute_backend_service" "foobar" {
name = "service"
health_checks = ["${google_compute_http_health_check.zero.self_link}"]
}
resource "google_compute_http_health_check" "zero" {
name = "tf-test-zero"
request_path = "/"
check_interval_sec = 1
timeout_sec = 1
}
resource "google_compute_url_map" "foobar" {
name = "myurlmap"
default_service = "${google_compute_backend_service.foobar.self_link}"
host_rule {
hosts = ["mysite.com", "myothersite.com"]
path_matcher = "boop"
}
path_matcher {
default_service = "${google_compute_backend_service.foobar.self_link}"
name = "boop"
path_rule {
paths = ["/*"]
service = "${google_compute_backend_service.foobar.self_link}"
}
}
test {
host = "mysite.com"
path = "/*"
service = "${google_compute_backend_service.foobar.self_link}"
}
}
resource "google_compute_ssl_certificate" "foobar1" {
name = "terraform-test1"
description = "very descriptive"
private_key = "${file("~/cert/example.key")}"
certificate = "${file("~/cert/example.crt")}"
}
resource "google_compute_ssl_certificate" "foobar2" {
name = "terraform-test2"
description = "very descriptive"
private_key = "${file("~/cert/example.key")}"
certificate = "${file("~/cert/example.crt")}"
}
`
const testAccComputeTargetHttpsProxy_basic2 = `
resource "google_compute_target_https_proxy" "foobar" {
description = "Resource created for Terraform acceptance testing"
name = "terraform-test"
url_map = "${google_compute_url_map.foobar.self_link}"
ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
}
resource "google_compute_backend_service" "foobar" {
name = "service"
health_checks = ["${google_compute_http_health_check.zero.self_link}"]
}
resource "google_compute_http_health_check" "zero" {
name = "tf-test-zero"
request_path = "/"
check_interval_sec = 1
timeout_sec = 1
}
resource "google_compute_url_map" "foobar" {
name = "myurlmap"
default_service = "${google_compute_backend_service.foobar.self_link}"
host_rule {
hosts = ["mysite.com", "myothersite.com"]
path_matcher = "boop"
}
path_matcher {
default_service = "${google_compute_backend_service.foobar.self_link}"
name = "boop"
path_rule {
paths = ["/*"]
service = "${google_compute_backend_service.foobar.self_link}"
}
}
test {
host = "mysite.com"
path = "/*"
service = "${google_compute_backend_service.foobar.self_link}"
}
}
resource "google_compute_ssl_certificate" "foobar1" {
name = "terraform-test1"
description = "very descriptive"
private_key = "${file("~/cert/example.key")}"
certificate = "${file("~/cert/example.crt")}"
}
resource "google_compute_ssl_certificate" "foobar2" {
name = "terraform-test2"
description = "very descriptive"
private_key = "${file("~/cert/example.key")}"
certificate = "${file("~/cert/example.crt")}"
}
`

View File

@ -0,0 +1,91 @@
---
layout: "google"
page_title: "Google: google_compute_target_https_proxy"
sidebar_current: "docs-google-compute-target-https-proxy"
description: |-
Creates a Target HTTPS Proxy resource in GCE.
---
# google\_compute\_target\_https\_proxy
Creates a target HTTPS proxy resource in GCE. For more information see
[the official
documentation](https://cloud.google.com/compute/docs/load-balancing/http/target-proxies) and
[API](https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies).
## Example Usage
```
resource "google_compute_target_https_proxy" "default" {
name = "test-proxy"
description = "a description"
url_map = "${google_compute_url_map.default.self_link}"
ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"]
}
resource "google_compute_ssl_certificate" "default" {
name = "my-certificate"
description = "a description"
private_key = "${file("path/to/private.key")}"
certificate = "${file("path/to/certificate.crt")}"
}
resource "google_compute_url_map" "default" {
name = "url-map"
description = "a description"
default_service = "${google_compute_backend_service.default.self_link}"
host_rule {
hosts = ["mysite.com"]
path_matcher = "allpaths"
}
path_matcher {
default_service = "${google_compute_backend_service.default.self_link}"
name = "allpaths"
path_rule {
paths = ["/*"]
service = "${google_compute_backend_service.default.self_link}"
}
}
}
resource "google_compute_backend_service" "default" {
name = "default-backend"
port_name = "http"
protocol = "HTTP"
timeout_sec = 10
region = "us-central1"
health_checks = ["${google_compute_http_health_check.default.self_link}"]
}
resource "google_compute_http_health_check" "default" {
name = "test"
request_path = "/"
check_interval_sec = 1
timeout_sec = 1
}
```
## Argument Reference
The following arguments are supported:
* `name` - (Required) A unique name for the resource, required by GCE.
Changing this forces a new resource to be created.
* `description` - (Optional) A description of this resource.
Changing this forces a new resource to be created.
* `url_map` - (Required) The URL of a URL Map resource that defines the
mapping from the URL to the BackendService.
* `ssl_certificates` - (Required) The URLs of the SSL Certificate resources
that authenticate connections between users and load balancing. Currently
exactly one must be specified.
## Attributes Reference
The following attributes are exported:
* `self_link` - The URI of the created resource.
* `id` - A unique ID assigned by GCE.

View File

@ -77,6 +77,10 @@
<a href="/docs/providers/google/r/compute_target_http_proxy.html">google_compute_target_http_proxy</a>
</li>
<li<%= sidebar_current("docs-google-compute-target-https-proxy") %>>
<a href="/docs/providers/google/r/compute_target_https_proxy.html">google_compute_target_https_proxy</a>
</li>
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
</li>