provider/google: SSL Certificates resource + tests & documentation

This commit is contained in:
Lars Wander 2015-11-02 10:15:19 -05:00
parent 5302becd5d
commit f70d4079c1
5 changed files with 257 additions and 0 deletions

View File

@ -46,6 +46,7 @@ func Provider() terraform.ResourceProvider {
"google_compute_network": resourceComputeNetwork(),
"google_compute_project_metadata": resourceComputeProjectMetadata(),
"google_compute_route": resourceComputeRoute(),
"google_compute_ssl_certificate": resourceComputeSslCertificate(),
"google_compute_target_pool": resourceComputeTargetPool(),
"google_compute_vpn_gateway": resourceComputeVpnGateway(),
"google_compute_vpn_tunnel": resourceComputeVpnTunnel(),

View File

@ -0,0 +1,125 @@
package google
import (
"fmt"
"strconv"
"github.com/hashicorp/terraform/helper/schema"
"google.golang.org/api/compute/v1"
"google.golang.org/api/googleapi"
)
func resourceComputeSslCertificate() *schema.Resource {
return &schema.Resource{
Create: resourceComputeSslCertificateCreate,
Read: resourceComputeSslCertificateRead,
Delete: resourceComputeSslCertificateDelete,
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"description": &schema.Schema{
Type: schema.TypeString,
Optional: true,
ForceNew: true,
},
"certificate": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"private_key": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"self_link": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
"id": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},
},
}
}
func resourceComputeSslCertificateCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
// Build the certificate parameter
cert := &compute.SslCertificate{
Name: d.Get("name").(string),
Certificate: d.Get("certificate").(string),
PrivateKey: d.Get("private_key").(string),
}
if v, ok := d.GetOk("description"); ok {
cert.Description = v.(string)
}
op, err := config.clientCompute.SslCertificates.Insert(
config.Project, cert).Do()
if err != nil {
return fmt.Errorf("Error creating ssl certificate: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Creating SslCertificate")
if err != nil {
return err
}
d.SetId(cert.Name)
return resourceComputeSslCertificateRead(d, meta)
}
func resourceComputeSslCertificateRead(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
cert, err := config.clientCompute.SslCertificates.Get(
config.Project, d.Id()).Do()
if err != nil {
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
// The resource doesn't exist anymore
d.SetId("")
return nil
}
return fmt.Errorf("Error reading ssl certificate: %s", err)
}
d.Set("self_link", cert.SelfLink)
d.Set("id", strconv.FormatUint(cert.Id, 10))
return nil
}
func resourceComputeSslCertificateDelete(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
op, err := config.clientCompute.SslCertificates.Delete(
config.Project, d.Id()).Do()
if err != nil {
return fmt.Errorf("Error deleting ssl certificate: %s", err)
}
err = computeOperationWaitGlobal(config, op, "Deleting SslCertificate")
if err != nil {
return err
}
d.SetId("")
return nil
}

View File

@ -0,0 +1,80 @@
package google
import (
"fmt"
"testing"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccComputeSslCertificate_basic(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckComputeSslCertificateDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccComputeSslCertificate_basic,
Check: resource.ComposeTestCheckFunc(
testAccCheckComputeSslCertificateExists(
"google_compute_ssl_certificate.foobar"),
),
},
},
})
}
func testAccCheckComputeSslCertificateDestroy(s *terraform.State) error {
config := testAccProvider.Meta().(*Config)
for _, rs := range s.RootModule().Resources {
if rs.Type != "google_compute_ssl_certificate" {
continue
}
_, err := config.clientCompute.SslCertificates.Get(
config.Project, rs.Primary.ID).Do()
if err == nil {
return fmt.Errorf("SslCertificate still exists")
}
}
return nil
}
func testAccCheckComputeSslCertificateExists(n string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
config := testAccProvider.Meta().(*Config)
found, err := config.clientCompute.SslCertificates.Get(
config.Project, rs.Primary.ID).Do()
if err != nil {
return err
}
if found.Name != rs.Primary.ID {
return fmt.Errorf("Certificate not found")
}
return nil
}
}
const testAccComputeSslCertificate_basic = `
resource "google_compute_ssl_certificate" "foobar" {
name = "terraform-test"
description = "very descriptive"
private_key = "${file("~/cert/example.key")}"
certificate = "${file("~/cert/example.crt")}"
}
`

View File

@ -0,0 +1,47 @@
---
layout: "google"
page_title: "Google: google_compute_ssl_certificate"
sidebar_current: "docs-google-compute-ssl-certificate"
description: |-
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
---
# google\_compute\_ssl\_certificate
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
For more information see
[the official documentation](https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates) and
[API](https://cloud.google.com/compute/docs/reference/latest/sslCertificates).
## Example Usage
```
resource "google_compute_ssl_certificate" "default" {
name = "my-certificate"
description = "a description"
private_key = "${file("path/to/private.key")}"
certificate = "${file("path/to/certificate.crt")}"
}
```
## Argument Reference
The following arguments are supported:
* `name` - (Required) A unique name for the resource, required by GCE.
Changing this forces a new resource to be created.
* `description` - (Optional) An optional description of this resource.
Changing this forces a new resource to be created.
* `private_key` - (Required) Write only private key in PEM format.
Changing this forces a new resource to be created.
* `description` - (Required) A local certificate file in PEM format. The chain
may be at most 5 certs long, and must include at least one intermediate cert.
Changing this forces a new resource to be created.
## Attributes Reference
The following attributes are exported:
* `self_link` - The URI of the created resource.
* `id` - A unique ID assigned by GCE.

View File

@ -65,6 +65,10 @@
<a href="/docs/providers/google/r/compute_route.html">google_compute_route</a>
</li>
<li<%= sidebar_current("docs-google-compute-ssl-certificate") %>>
<a href="/docs/providers/google/r/compute_ssl_certificate.html">google_compute_ssl_certificate</a>
</li>
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
</li>