provider/google: SSL Certificates resource + tests & documentation
This commit is contained in:
parent
5302becd5d
commit
f70d4079c1
|
@ -46,6 +46,7 @@ func Provider() terraform.ResourceProvider {
|
||||||
"google_compute_network": resourceComputeNetwork(),
|
"google_compute_network": resourceComputeNetwork(),
|
||||||
"google_compute_project_metadata": resourceComputeProjectMetadata(),
|
"google_compute_project_metadata": resourceComputeProjectMetadata(),
|
||||||
"google_compute_route": resourceComputeRoute(),
|
"google_compute_route": resourceComputeRoute(),
|
||||||
|
"google_compute_ssl_certificate": resourceComputeSslCertificate(),
|
||||||
"google_compute_target_pool": resourceComputeTargetPool(),
|
"google_compute_target_pool": resourceComputeTargetPool(),
|
||||||
"google_compute_vpn_gateway": resourceComputeVpnGateway(),
|
"google_compute_vpn_gateway": resourceComputeVpnGateway(),
|
||||||
"google_compute_vpn_tunnel": resourceComputeVpnTunnel(),
|
"google_compute_vpn_tunnel": resourceComputeVpnTunnel(),
|
||||||
|
|
|
@ -0,0 +1,125 @@
|
||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
|
"google.golang.org/api/compute/v1"
|
||||||
|
"google.golang.org/api/googleapi"
|
||||||
|
)
|
||||||
|
|
||||||
|
func resourceComputeSslCertificate() *schema.Resource {
|
||||||
|
return &schema.Resource{
|
||||||
|
Create: resourceComputeSslCertificateCreate,
|
||||||
|
Read: resourceComputeSslCertificateRead,
|
||||||
|
Delete: resourceComputeSslCertificateDelete,
|
||||||
|
|
||||||
|
Schema: map[string]*schema.Schema{
|
||||||
|
"name": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
"description": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
"certificate": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
"private_key": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Required: true,
|
||||||
|
ForceNew: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
"self_link": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Computed: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
"id": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Computed: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func resourceComputeSslCertificateCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
|
config := meta.(*Config)
|
||||||
|
|
||||||
|
// Build the certificate parameter
|
||||||
|
cert := &compute.SslCertificate{
|
||||||
|
Name: d.Get("name").(string),
|
||||||
|
Certificate: d.Get("certificate").(string),
|
||||||
|
PrivateKey: d.Get("private_key").(string),
|
||||||
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("description"); ok {
|
||||||
|
cert.Description = v.(string)
|
||||||
|
}
|
||||||
|
|
||||||
|
op, err := config.clientCompute.SslCertificates.Insert(
|
||||||
|
config.Project, cert).Do()
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Error creating ssl certificate: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = computeOperationWaitGlobal(config, op, "Creating SslCertificate")
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
d.SetId(cert.Name)
|
||||||
|
|
||||||
|
return resourceComputeSslCertificateRead(d, meta)
|
||||||
|
}
|
||||||
|
|
||||||
|
func resourceComputeSslCertificateRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
|
config := meta.(*Config)
|
||||||
|
|
||||||
|
cert, err := config.clientCompute.SslCertificates.Get(
|
||||||
|
config.Project, d.Id()).Do()
|
||||||
|
if err != nil {
|
||||||
|
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
|
||||||
|
// The resource doesn't exist anymore
|
||||||
|
d.SetId("")
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return fmt.Errorf("Error reading ssl certificate: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
d.Set("self_link", cert.SelfLink)
|
||||||
|
d.Set("id", strconv.FormatUint(cert.Id, 10))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func resourceComputeSslCertificateDelete(d *schema.ResourceData, meta interface{}) error {
|
||||||
|
config := meta.(*Config)
|
||||||
|
|
||||||
|
op, err := config.clientCompute.SslCertificates.Delete(
|
||||||
|
config.Project, d.Id()).Do()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Error deleting ssl certificate: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = computeOperationWaitGlobal(config, op, "Deleting SslCertificate")
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
d.SetId("")
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -0,0 +1,80 @@
|
||||||
|
package google
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
|
"github.com/hashicorp/terraform/terraform"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestAccComputeSslCertificate_basic(t *testing.T) {
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckComputeSslCertificateDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccComputeSslCertificate_basic,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckComputeSslCertificateExists(
|
||||||
|
"google_compute_ssl_certificate.foobar"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccCheckComputeSslCertificateDestroy(s *terraform.State) error {
|
||||||
|
config := testAccProvider.Meta().(*Config)
|
||||||
|
|
||||||
|
for _, rs := range s.RootModule().Resources {
|
||||||
|
if rs.Type != "google_compute_ssl_certificate" {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err := config.clientCompute.SslCertificates.Get(
|
||||||
|
config.Project, rs.Primary.ID).Do()
|
||||||
|
if err == nil {
|
||||||
|
return fmt.Errorf("SslCertificate still exists")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccCheckComputeSslCertificateExists(n string) resource.TestCheckFunc {
|
||||||
|
return func(s *terraform.State) error {
|
||||||
|
rs, ok := s.RootModule().Resources[n]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("Not found: %s", n)
|
||||||
|
}
|
||||||
|
|
||||||
|
if rs.Primary.ID == "" {
|
||||||
|
return fmt.Errorf("No ID is set")
|
||||||
|
}
|
||||||
|
|
||||||
|
config := testAccProvider.Meta().(*Config)
|
||||||
|
|
||||||
|
found, err := config.clientCompute.SslCertificates.Get(
|
||||||
|
config.Project, rs.Primary.ID).Do()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if found.Name != rs.Primary.ID {
|
||||||
|
return fmt.Errorf("Certificate not found")
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const testAccComputeSslCertificate_basic = `
|
||||||
|
resource "google_compute_ssl_certificate" "foobar" {
|
||||||
|
name = "terraform-test"
|
||||||
|
description = "very descriptive"
|
||||||
|
private_key = "${file("~/cert/example.key")}"
|
||||||
|
certificate = "${file("~/cert/example.crt")}"
|
||||||
|
}
|
||||||
|
`
|
|
@ -0,0 +1,47 @@
|
||||||
|
---
|
||||||
|
layout: "google"
|
||||||
|
page_title: "Google: google_compute_ssl_certificate"
|
||||||
|
sidebar_current: "docs-google-compute-ssl-certificate"
|
||||||
|
description: |-
|
||||||
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
||||||
|
---
|
||||||
|
|
||||||
|
# google\_compute\_ssl\_certificate
|
||||||
|
|
||||||
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
||||||
|
For more information see
|
||||||
|
[the official documentation](https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates) and
|
||||||
|
[API](https://cloud.google.com/compute/docs/reference/latest/sslCertificates).
|
||||||
|
|
||||||
|
|
||||||
|
## Example Usage
|
||||||
|
|
||||||
|
```
|
||||||
|
resource "google_compute_ssl_certificate" "default" {
|
||||||
|
name = "my-certificate"
|
||||||
|
description = "a description"
|
||||||
|
private_key = "${file("path/to/private.key")}"
|
||||||
|
certificate = "${file("path/to/certificate.crt")}"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## Argument Reference
|
||||||
|
|
||||||
|
The following arguments are supported:
|
||||||
|
|
||||||
|
* `name` - (Required) A unique name for the resource, required by GCE.
|
||||||
|
Changing this forces a new resource to be created.
|
||||||
|
* `description` - (Optional) An optional description of this resource.
|
||||||
|
Changing this forces a new resource to be created.
|
||||||
|
* `private_key` - (Required) Write only private key in PEM format.
|
||||||
|
Changing this forces a new resource to be created.
|
||||||
|
* `description` - (Required) A local certificate file in PEM format. The chain
|
||||||
|
may be at most 5 certs long, and must include at least one intermediate cert.
|
||||||
|
Changing this forces a new resource to be created.
|
||||||
|
|
||||||
|
## Attributes Reference
|
||||||
|
|
||||||
|
The following attributes are exported:
|
||||||
|
|
||||||
|
* `self_link` - The URI of the created resource.
|
||||||
|
* `id` - A unique ID assigned by GCE.
|
|
@ -65,6 +65,10 @@
|
||||||
<a href="/docs/providers/google/r/compute_route.html">google_compute_route</a>
|
<a href="/docs/providers/google/r/compute_route.html">google_compute_route</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
|
<li<%= sidebar_current("docs-google-compute-ssl-certificate") %>>
|
||||||
|
<a href="/docs/providers/google/r/compute_ssl_certificate.html">google_compute_ssl_certificate</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
|
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
|
||||||
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
|
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
Loading…
Reference in New Issue