provider/google: SSL Certificates resource + tests & documentation
This commit is contained in:
parent
5302becd5d
commit
f70d4079c1
|
@ -46,6 +46,7 @@ func Provider() terraform.ResourceProvider {
|
|||
"google_compute_network": resourceComputeNetwork(),
|
||||
"google_compute_project_metadata": resourceComputeProjectMetadata(),
|
||||
"google_compute_route": resourceComputeRoute(),
|
||||
"google_compute_ssl_certificate": resourceComputeSslCertificate(),
|
||||
"google_compute_target_pool": resourceComputeTargetPool(),
|
||||
"google_compute_vpn_gateway": resourceComputeVpnGateway(),
|
||||
"google_compute_vpn_tunnel": resourceComputeVpnTunnel(),
|
||||
|
|
|
@ -0,0 +1,125 @@
|
|||
package google
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"google.golang.org/api/compute/v1"
|
||||
"google.golang.org/api/googleapi"
|
||||
)
|
||||
|
||||
func resourceComputeSslCertificate() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceComputeSslCertificateCreate,
|
||||
Read: resourceComputeSslCertificateRead,
|
||||
Delete: resourceComputeSslCertificateDelete,
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"name": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"description": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"certificate": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"private_key": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"self_link": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
|
||||
"id": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceComputeSslCertificateCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
// Build the certificate parameter
|
||||
cert := &compute.SslCertificate{
|
||||
Name: d.Get("name").(string),
|
||||
Certificate: d.Get("certificate").(string),
|
||||
PrivateKey: d.Get("private_key").(string),
|
||||
}
|
||||
|
||||
if v, ok := d.GetOk("description"); ok {
|
||||
cert.Description = v.(string)
|
||||
}
|
||||
|
||||
op, err := config.clientCompute.SslCertificates.Insert(
|
||||
config.Project, cert).Do()
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error creating ssl certificate: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Creating SslCertificate")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetId(cert.Name)
|
||||
|
||||
return resourceComputeSslCertificateRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceComputeSslCertificateRead(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
cert, err := config.clientCompute.SslCertificates.Get(
|
||||
config.Project, d.Id()).Do()
|
||||
if err != nil {
|
||||
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
|
||||
// The resource doesn't exist anymore
|
||||
d.SetId("")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
return fmt.Errorf("Error reading ssl certificate: %s", err)
|
||||
}
|
||||
|
||||
d.Set("self_link", cert.SelfLink)
|
||||
d.Set("id", strconv.FormatUint(cert.Id, 10))
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceComputeSslCertificateDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
config := meta.(*Config)
|
||||
|
||||
op, err := config.clientCompute.SslCertificates.Delete(
|
||||
config.Project, d.Id()).Do()
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error deleting ssl certificate: %s", err)
|
||||
}
|
||||
|
||||
err = computeOperationWaitGlobal(config, op, "Deleting SslCertificate")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
|
@ -0,0 +1,80 @@
|
|||
package google
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccComputeSslCertificate_basic(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckComputeSslCertificateDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccComputeSslCertificate_basic,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckComputeSslCertificateExists(
|
||||
"google_compute_ssl_certificate.foobar"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckComputeSslCertificateDestroy(s *terraform.State) error {
|
||||
config := testAccProvider.Meta().(*Config)
|
||||
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
if rs.Type != "google_compute_ssl_certificate" {
|
||||
continue
|
||||
}
|
||||
|
||||
_, err := config.clientCompute.SslCertificates.Get(
|
||||
config.Project, rs.Primary.ID).Do()
|
||||
if err == nil {
|
||||
return fmt.Errorf("SslCertificate still exists")
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccCheckComputeSslCertificateExists(n string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[n]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", n)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("No ID is set")
|
||||
}
|
||||
|
||||
config := testAccProvider.Meta().(*Config)
|
||||
|
||||
found, err := config.clientCompute.SslCertificates.Get(
|
||||
config.Project, rs.Primary.ID).Do()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if found.Name != rs.Primary.ID {
|
||||
return fmt.Errorf("Certificate not found")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccComputeSslCertificate_basic = `
|
||||
resource "google_compute_ssl_certificate" "foobar" {
|
||||
name = "terraform-test"
|
||||
description = "very descriptive"
|
||||
private_key = "${file("~/cert/example.key")}"
|
||||
certificate = "${file("~/cert/example.crt")}"
|
||||
}
|
||||
`
|
|
@ -0,0 +1,47 @@
|
|||
---
|
||||
layout: "google"
|
||||
page_title: "Google: google_compute_ssl_certificate"
|
||||
sidebar_current: "docs-google-compute-ssl-certificate"
|
||||
description: |-
|
||||
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
||||
---
|
||||
|
||||
# google\_compute\_ssl\_certificate
|
||||
|
||||
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
||||
For more information see
|
||||
[the official documentation](https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates) and
|
||||
[API](https://cloud.google.com/compute/docs/reference/latest/sslCertificates).
|
||||
|
||||
|
||||
## Example Usage
|
||||
|
||||
```
|
||||
resource "google_compute_ssl_certificate" "default" {
|
||||
name = "my-certificate"
|
||||
description = "a description"
|
||||
private_key = "${file("path/to/private.key")}"
|
||||
certificate = "${file("path/to/certificate.crt")}"
|
||||
}
|
||||
```
|
||||
|
||||
## Argument Reference
|
||||
|
||||
The following arguments are supported:
|
||||
|
||||
* `name` - (Required) A unique name for the resource, required by GCE.
|
||||
Changing this forces a new resource to be created.
|
||||
* `description` - (Optional) An optional description of this resource.
|
||||
Changing this forces a new resource to be created.
|
||||
* `private_key` - (Required) Write only private key in PEM format.
|
||||
Changing this forces a new resource to be created.
|
||||
* `description` - (Required) A local certificate file in PEM format. The chain
|
||||
may be at most 5 certs long, and must include at least one intermediate cert.
|
||||
Changing this forces a new resource to be created.
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
The following attributes are exported:
|
||||
|
||||
* `self_link` - The URI of the created resource.
|
||||
* `id` - A unique ID assigned by GCE.
|
|
@ -65,6 +65,10 @@
|
|||
<a href="/docs/providers/google/r/compute_route.html">google_compute_route</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-google-compute-ssl-certificate") %>>
|
||||
<a href="/docs/providers/google/r/compute_ssl_certificate.html">google_compute_ssl_certificate</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-google-compute-target-pool") %>>
|
||||
<a href="/docs/providers/google/r/compute_target_pool.html">google_compute_target_pool</a>
|
||||
</li>
|
||||
|
|
Loading…
Reference in New Issue