provider/google: Target HTTPS proxy resource + tests & documentation
This commit is contained in:
parent
0097d7105b
commit
d11524682a
|
@ -50,6 +50,7 @@ func Provider() terraform.ResourceProvider {
|
|||
"google_compute_route": resourceComputeRoute(),
|
||||
"google_compute_ssl_certificate": resourceComputeSslCertificate(),
|
||||
"google_compute_target_http_proxy": resourceComputeTargetHttpProxy(),
|
||||
"google_compute_target_https_proxy": resourceComputeTargetHttpsProxy(),
|
||||
"google_compute_target_pool": resourceComputeTargetPool(),
|
||||
"google_compute_url_map": resourceComputeUrlMap(),
|
||||
"google_compute_vpn_gateway": resourceComputeVpnGateway(),
|
||||
|
|
|
@ -0,0 +1,240 @@
|
|||
package google
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"strconv"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"google.golang.org/api/compute/v1"
|
||||
"google.golang.org/api/googleapi"
|
||||
)
|
||||
|
||||
func resourceComputeTargetHttpsProxy() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceComputeTargetHttpsProxyCreate,
|
||||
Read: resourceComputeTargetHttpsProxyRead,
|
||||
Delete: resourceComputeTargetHttpsProxyDelete,
|
||||
Update: resourceComputeTargetHttpsProxyUpdate,
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"name": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"description": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"self_link": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
|
||||
"id": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
|
||||
"url_map": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
|
||||
"ssl_certificates": &schema.Schema{
|
||||
Type: schema.TypeList,
|
||||
Required: true,
|
||||
Elem: &schema.Schema{Type: schema.TypeString},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceComputeTargetHttpsProxyCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
_sslCertificates := d.Get("ssl_certificates").([]interface{})
|
||||
sslCertificates := make([]string, len(_sslCertificates))
|
||||
|
||||
for i, v := range _sslCertificates {
|
||||
sslCertificates[i] = v.(string)
|
||||
}
|
||||
|
||||
proxy := &compute.TargetHttpsProxy{
|
||||
Name: d.Get("name").(string),
|
||||
UrlMap: d.Get("url_map").(string),
|
||||
SslCertificates: sslCertificates,
|
||||
}
|
||||
|
||||
if v, ok := d.GetOk("description"); ok {
|
||||
proxy.Description = v.(string)
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] TargetHttpsProxy insert request: %#v", proxy)
|
||||
op, err := config.clientCompute.TargetHttpsProxies.Insert(
|
||||
config.Project, proxy).Do()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error creating TargetHttpsProxy: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Creating Target Https Proxy")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetId(proxy.Name)
|
||||
|
||||
return resourceComputeTargetHttpsProxyRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceComputeTargetHttpsProxyUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
d.Partial(true)
|
||||
|
||||
if d.HasChange("url_map") {
|
||||
url_map := d.Get("url_map").(string)
|
||||
url_map_ref := &compute.UrlMapReference{UrlMap: url_map}
|
||||
op, err := config.clientCompute.TargetHttpsProxies.SetUrlMap(
|
||||
config.Project, d.Id(), url_map_ref).Do()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error updating Target HTTPS proxy URL map: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy URL Map")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetPartial("url_map")
|
||||
}
|
||||
|
||||
if d.HasChange("ssl_certificates") {
|
||||
proxy, err := config.clientCompute.TargetHttpsProxies.Get(
|
||||
config.Project, d.Id()).Do()
|
||||
|
||||
_old, _new := d.GetChange("ssl_certificates")
|
||||
_oldCerts := _old.([]interface{})
|
||||
_newCerts := _new.([]interface{})
|
||||
current := proxy.SslCertificates
|
||||
|
||||
_oldMap := make(map[string]bool)
|
||||
_newMap := make(map[string]bool)
|
||||
|
||||
for _, v := range _oldCerts {
|
||||
_oldMap[v.(string)] = true
|
||||
}
|
||||
|
||||
for _, v := range _newCerts {
|
||||
_newMap[v.(string)] = true
|
||||
}
|
||||
|
||||
sslCertificates := make([]string, 0)
|
||||
// Only modify certificates in one of our old or new states
|
||||
for _, v := range current {
|
||||
_, okOld := _oldMap[v]
|
||||
_, okNew := _newMap[v]
|
||||
|
||||
// we deleted the certificate
|
||||
if okOld && !okNew {
|
||||
continue
|
||||
}
|
||||
|
||||
sslCertificates = append(sslCertificates, v)
|
||||
|
||||
// Keep track of the fact that we have added this certificate
|
||||
if okNew {
|
||||
delete(_newMap, v)
|
||||
}
|
||||
}
|
||||
|
||||
// Add fresh certificates
|
||||
for k, _ := range _newMap {
|
||||
sslCertificates = append(sslCertificates, k)
|
||||
}
|
||||
|
||||
cert_ref := &compute.TargetHttpsProxiesSetSslCertificatesRequest{
|
||||
SslCertificates: sslCertificates,
|
||||
}
|
||||
op, err := config.clientCompute.TargetHttpsProxies.SetSslCertificates(
|
||||
config.Project, d.Id(), cert_ref).Do()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error updating Target Https Proxy SSL Certificates: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Updating Target Https Proxy SSL certificates")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetPartial("ssl_certificate")
|
||||
}
|
||||
|
||||
d.Partial(false)
|
||||
|
||||
return resourceComputeTargetHttpsProxyRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceComputeTargetHttpsProxyRead(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
proxy, err := config.clientCompute.TargetHttpsProxies.Get(
|
||||
config.Project, d.Id()).Do()
|
||||
if err != nil {
|
||||
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
|
||||
// The resource doesn't exist anymore
|
||||
d.SetId("")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
return fmt.Errorf("Error reading TargetHttpsProxy: %s", err)
|
||||
}
|
||||
|
||||
_certs := d.Get("ssl_certificates").([]interface{})
|
||||
current := proxy.SslCertificates
|
||||
|
||||
_certMap := make(map[string]bool)
|
||||
_newCerts := make([]interface{}, 0)
|
||||
|
||||
for _, v := range _certs {
|
||||
_certMap[v.(string)] = true
|
||||
}
|
||||
|
||||
// Store intersection of server certificates and user defined certificates
|
||||
for _, v := range current {
|
||||
if _, ok := _certMap[v]; ok {
|
||||
_newCerts = append(_newCerts, v)
|
||||
}
|
||||
}
|
||||
|
||||
d.Set("ssl_certificates", _newCerts)
|
||||
d.Set("self_link", proxy.SelfLink)
|
||||
d.Set("id", strconv.FormatUint(proxy.Id, 10))
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceComputeTargetHttpsProxyDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
// Delete the TargetHttpsProxy
|
||||
log.Printf("[DEBUG] TargetHttpsProxy delete request")
|
||||
op, err := config.clientCompute.TargetHttpsProxies.Delete(
|
||||
config.Project, d.Id()).Do()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error deleting TargetHttpsProxy: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Deleting Target Https Proxy")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
|
@ -0,0 +1,212 @@
|
|||
package google
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccComputeTargetHttpsProxy_basic(t *testing.T) {
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccComputeTargetHttpsProxy_basic1,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeTargetHttpsProxyExists(
|
||||
"google_compute_target_https_proxy.foobar"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccComputeTargetHttpsProxy_update(t *testing.T) {
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccComputeTargetHttpsProxy_basic1,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeTargetHttpsProxyExists(
|
||||
"google_compute_target_https_proxy.foobar"),
|
||||
),
|
||||
},
|
||||
|
||||
resource.TestStep{
|
||||
Config: testAccComputeTargetHttpsProxy_basic2,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeTargetHttpsProxyExists(
|
||||
"google_compute_target_https_proxy.foobar"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckComputeTargetHttpsProxyDestroy(s *terraform.State) error {
|
||||
config := testAccProvider.Meta().(*Config)
|
||||
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
if rs.Type != "google_compute_target_https_proxy" {
|
||||
continue
|
||||
}
|
||||
|
||||
_, err := config.clientCompute.TargetHttpsProxies.Get(
|
||||
config.Project, rs.Primary.ID).Do()
|
||||
if err == nil {
|
||||
return fmt.Errorf("TargetHttpsProxy still exists")
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccCheckComputeTargetHttpsProxyExists(n string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[n]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", n)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("No ID is set")
|
||||
}
|
||||
|
||||
config := testAccProvider.Meta().(*Config)
|
||||
|
||||
found, err := config.clientCompute.TargetHttpsProxies.Get(
|
||||
config.Project, rs.Primary.ID).Do()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if found.Name != rs.Primary.ID {
|
||||
return fmt.Errorf("TargetHttpsProxy not found")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccComputeTargetHttpsProxy_basic1 = `
|
||||
resource "google_compute_target_https_proxy" "foobar" {
|
||||
description = "Resource created for Terraform acceptance testing"
|
||||
name = "terraform-test"
|
||||
url_map = "${google_compute_url_map.foobar.self_link}"
|
||||
ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "foobar" {
|
||||
name = "service"
|
||||
health_checks = ["${google_compute_http_health_check.zero.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_http_health_check" "zero" {
|
||||
name = "tf-test-zero"
|
||||
request_path = "/"
|
||||
check_interval_sec = 1
|
||||
timeout_sec = 1
|
||||
}
|
||||
|
||||
resource "google_compute_url_map" "foobar" {
|
||||
name = "myurlmap"
|
||||
default_service = "${google_compute_backend_service.foobar.self_link}"
|
||||
host_rule {
|
||||
hosts = ["mysite.com", "myothersite.com"]
|
||||
path_matcher = "boop"
|
||||
}
|
||||
path_matcher {
|
||||
default_service = "${google_compute_backend_service.foobar.self_link}"
|
||||
name = "boop"
|
||||
path_rule {
|
||||
paths = ["/*"]
|
||||
service = "${google_compute_backend_service.foobar.self_link}"
|
||||
}
|
||||
}
|
||||
test {
|
||||
host = "mysite.com"
|
||||
path = "/*"
|
||||
service = "${google_compute_backend_service.foobar.self_link}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_ssl_certificate" "foobar1" {
|
||||
name = "terraform-test1"
|
||||
description = "very descriptive"
|
||||
private_key = "${file("~/cert/example.key")}"
|
||||
certificate = "${file("~/cert/example.crt")}"
|
||||
}
|
||||
|
||||
resource "google_compute_ssl_certificate" "foobar2" {
|
||||
name = "terraform-test2"
|
||||
description = "very descriptive"
|
||||
private_key = "${file("~/cert/example.key")}"
|
||||
certificate = "${file("~/cert/example.crt")}"
|
||||
}
|
||||
`
|
||||
|
||||
const testAccComputeTargetHttpsProxy_basic2 = `
|
||||
resource "google_compute_target_https_proxy" "foobar" {
|
||||
description = "Resource created for Terraform acceptance testing"
|
||||
name = "terraform-test"
|
||||
url_map = "${google_compute_url_map.foobar.self_link}"
|
||||
ssl_certificates = ["${google_compute_ssl_certificate.foobar1.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "foobar" {
|
||||
name = "service"
|
||||
health_checks = ["${google_compute_http_health_check.zero.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_http_health_check" "zero" {
|
||||
name = "tf-test-zero"
|
||||
request_path = "/"
|
||||
check_interval_sec = 1
|
||||
timeout_sec = 1
|
||||
}
|
||||
|
||||
resource "google_compute_url_map" "foobar" {
|
||||
name = "myurlmap"
|
||||
default_service = "${google_compute_backend_service.foobar.self_link}"
|
||||
host_rule {
|
||||
hosts = ["mysite.com", "myothersite.com"]
|
||||
path_matcher = "boop"
|
||||
}
|
||||
path_matcher {
|
||||
default_service = "${google_compute_backend_service.foobar.self_link}"
|
||||
name = "boop"
|
||||
path_rule {
|
||||
paths = ["/*"]
|
||||
service = "${google_compute_backend_service.foobar.self_link}"
|
||||
}
|
||||
}
|
||||
test {
|
||||
host = "mysite.com"
|
||||
path = "/*"
|
||||
service = "${google_compute_backend_service.foobar.self_link}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_ssl_certificate" "foobar1" {
|
||||
name = "terraform-test1"
|
||||
description = "very descriptive"
|
||||
private_key = "${file("~/cert/example.key")}"
|
||||
certificate = "${file("~/cert/example.crt")}"
|
||||
}
|
||||
|
||||
resource "google_compute_ssl_certificate" "foobar2" {
|
||||
name = "terraform-test2"
|
||||
description = "very descriptive"
|
||||
private_key = "${file("~/cert/example.key")}"
|
||||
certificate = "${file("~/cert/example.crt")}"
|
||||
}
|
||||
`
|
|
@ -0,0 +1,91 @@
|
|||
---
|
||||
layout: "google"
|
||||
page_title: "Google: google_compute_target_https_proxy"
|
||||
sidebar_current: "docs-google-compute-target-https-proxy"
|
||||
description: |-
|
||||
Creates a Target HTTPS Proxy resource in GCE.
|
||||
---
|
||||
|
||||
# google\_compute\_target\_https\_proxy
|
||||
|
||||
Creates a target HTTPS proxy resource in GCE. For more information see
|
||||
[the official
|
||||
documentation](https://cloud.google.com/compute/docs/load-balancing/http/target-proxies) and
|
||||
[API](https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies).
|
||||
|
||||
|
||||
## Example Usage
|
||||
|
||||
```
|
||||
resource "google_compute_target_https_proxy" "default" {
|
||||
name = "test-proxy"
|
||||
description = "a description"
|
||||
url_map = "${google_compute_url_map.default.self_link}"
|
||||
ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_ssl_certificate" "default" {
|
||||
name = "my-certificate"
|
||||
description = "a description"
|
||||
private_key = "${file("path/to/private.key")}"
|
||||
certificate = "${file("path/to/certificate.crt")}"
|
||||
}
|
||||
|
||||
resource "google_compute_url_map" "default" {
|
||||
name = "url-map"
|
||||
description = "a description"
|
||||
default_service = "${google_compute_backend_service.default.self_link}"
|
||||
|
||||
host_rule {
|
||||
hosts = ["mysite.com"]
|
||||
path_matcher = "allpaths"
|
||||
}
|
||||
|
||||
path_matcher {
|
||||
default_service = "${google_compute_backend_service.default.self_link}"
|
||||
name = "allpaths"
|
||||
path_rule {
|
||||
paths = ["/*"]
|
||||
service = "${google_compute_backend_service.default.self_link}"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "default" {
|
||||
name = "default-backend"
|
||||
port_name = "http"
|
||||
protocol = "HTTP"
|
||||
timeout_sec = 10
|
||||
region = "us-central1"
|
||||
|
||||
health_checks = ["${google_compute_http_health_check.default.self_link}"]
|
||||
}
|
||||
|
||||
resource "google_compute_http_health_check" "default" {
|
||||
name = "test"
|
||||
request_path = "/"
|
||||
check_interval_sec = 1
|
||||
timeout_sec = 1
|
||||
}
|
||||
```
|
||||
|
||||
## Argument Reference
|
||||
|
||||
The following arguments are supported:
|
||||
|
||||
* `name` - (Required) A unique name for the resource, required by GCE.
|
||||
Changing this forces a new resource to be created.
|
||||
* `description` - (Optional) A description of this resource.
|
||||
Changing this forces a new resource to be created.
|
||||
* `url_map` - (Required) The URL of a URL Map resource that defines the
|
||||
mapping from the URL to the BackendService.
|
||||
* `ssl_certificates` - (Required) The URLs of the SSL Certificate resources
|
||||
that authenticate connections between users and load balancing. Currently
|
||||
exactly one must be specified.
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
The following attributes are exported:
|
||||
|
||||
* `self_link` - The URI of the created resource.
|
||||
* `id` - A unique ID assigned by GCE.
|
|
@ -77,6 +77,10 @@
|
|||
<a href="/docs/providers/google/r/compute_target_http_proxy.html">google_compute_target_http_proxy</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-google-compute-target-https-proxy") %>>
|
||||
<a href="/docs/providers/google/r/compute_target_https_proxy.html">google_compute_target_https_proxy</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
|
||||
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
|
||||
</li>
|
||||
|
|
Loading…
Reference in New Issue