diff --git a/CHANGELOG.md b/CHANGELOG.md index a085de9e..ea9c480a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,8 @@ - ## 1.19.23 (Unreleased) + ## 1.19.24 (Unreleased) +## 1.19.23 (November 27, 2023) +NOTES: +- ADD SCS Security ip. + ## 1.19.22 (November 24, 2023) NOTES: - The routing table now supports import. diff --git a/baiducloud/common_test.go b/baiducloud/common_test.go index 6af72494..49388261 100644 --- a/baiducloud/common_test.go +++ b/baiducloud/common_test.go @@ -40,6 +40,7 @@ const ( BaiduCloudTestResourceTypeNameRdsSecurityIp = BaiduCloudTestResourceTypeName + "-" + "rds-security-ip" BaiduCloudTestResourceTypeNameRouteRule = BaiduCloudTestResourceTypeName + "-" + "route-rule" BaiduCloudTestResourceTypeNameScs = BaiduCloudTestResourceTypeName + "-" + "scs" + BaiduCloudTestResourceTypeNameScsSecurityIp = BaiduCloudTestResourceTypeName + "-" + "scs-security-ip" BaiduCloudTestResourceTypeNameSecurityGroup = BaiduCloudTestResourceTypeName + "-" + "security-group" BaiduCloudTestResourceTypeNameSecurityGroupRule = BaiduCloudTestResourceTypeName + "-" + "security-group-rule" BaiduCloudTestResourceTypeNameSnapshot = BaiduCloudTestResourceTypeName + "-" + "snapshot" diff --git a/baiducloud/data_source_baiducloud_scs_security_ips.go b/baiducloud/data_source_baiducloud_scs_security_ips.go new file mode 100644 index 00000000..64601513 --- /dev/null +++ b/baiducloud/data_source_baiducloud_scs_security_ips.go @@ -0,0 +1,98 @@ +/* +Use this data source to query SCS security ips. + +Example Usage + +```hcl +data "baiducloud_scs_security_ips" "default" { + instance_id = "scs-xxxxx" +} + +output "security_ips" { + value = "${data.baiducloud_scs.default.security_ips}" +} +``` +*/ +package baiducloud + +import ( + "github.com/baidubce/bce-sdk-go/services/scs" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + + "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/connectivity" +) + +func dataSourceBaiduCloudScsSecurityIps() *schema.Resource { + return &schema.Resource{ + Read: dataSourceBaiduCloudScsSecurityIpsRead, + + Schema: map[string]*schema.Schema{ + "instance_id": { + Type: schema.TypeString, + Description: "ID of the instance", + Required: true, + ForceNew: true, + }, + "security_ips": { + Type: schema.TypeList, + Description: "security_ips", + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "ip": { + Type: schema.TypeString, + Description: "securityIp", + Computed: true, + }, + }, + }, + }, + }, + } +} + +func dataSourceBaiduCloudScsSecurityIpsRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceID := d.Get("instance_id").(string) + action := "Query SCS SecurityIp instanceID is " + instanceID + + raw, err := client.WithScsClient(func(scsClient *scs.Client) (interface{}, error) { + return scsClient.GetSecurityIp(instanceID) + }) + + addDebug(action, raw) + + if err != nil { + if NotFoundError(err) { + d.SetId("") + return nil + } + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ips", action, BCESDKGoERROR) + } + + securityIpsResult, _ := raw.(*scs.GetSecurityIpResult) + securityIps := make([]map[string]interface{}, 0) + for _, ip := range securityIpsResult.SecurityIps { + ipMap := make(map[string]interface{}) + ipMap["ip"] = ip + securityIps = append(securityIps, ipMap) + } + addDebug(action, securityIps) + + FilterDataSourceResult(d, &securityIps) + + if err := d.Set("security_ips", securityIps); err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ips", action, BCESDKGoERROR) + } + + d.SetId(resource.UniqueId()) + + if v, ok := d.GetOk("output_file"); ok && v.(string) != "" { + if err := writeToFile(v.(string), securityIps); err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ips", action, BCESDKGoERROR) + } + } + return nil +} diff --git a/baiducloud/data_source_baiducloud_scs_security_ips_test.go b/baiducloud/data_source_baiducloud_scs_security_ips_test.go new file mode 100644 index 00000000..3c1b2554 --- /dev/null +++ b/baiducloud/data_source_baiducloud_scs_security_ips_test.go @@ -0,0 +1,66 @@ +package baiducloud + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + testAccScsSecurityIpDataSourceName = "data.baiducloud_scs_security_ips.default" + testAccScsSecurityIpDataSourceAttrKeyPrefix = "security_ips.0." +) + +//lintignore:AT003 +func TestAccBaiduCloudScsSecurityIpDataSource(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccScsSecurityIpDataSourceConfig(), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccScsSecurityIpDataSourceName), + resource.TestCheckResourceAttrSet(testAccScsSecurityIpDataSourceName, testAccScsSecurityIpDataSourceAttrKeyPrefix+"ip"), + ), + }, + }, + }) +} + +func testAccScsSecurityIpDataSourceConfig() string { + return fmt.Sprintf(` +data "baiducloud_scs_security_ips" "default" { + instance_id = "scs-bj-hzsywuljybfy" +} +`) +} + +func testAccScsSecurityIpFullConfig() string { + return fmt.Sprintf(` + +resource "baiducloud_scs" "default" { + instance_name = "scs-test" + billing = { + payment_timing = "Postpaid" + } + purchase_count = 1 + port = 6379 + engine_version = "3.2" + node_type = "cache.n1.micro" + cluster_type = "master_slave" + replication_num = 1 + shard_num = 1 + proxy_num = 0 +} + +data "baiducloud_scs_security_ips" "default" { + instance_id = baiducloud_scs.default.id + +} + +`) +} diff --git a/baiducloud/provider.go b/baiducloud/provider.go index 9e97beaf..77c3bb56 100644 --- a/baiducloud/provider.go +++ b/baiducloud/provider.go @@ -203,6 +203,7 @@ func Provider() terraform.ResourceProvider { "baiducloud_cfc_function": dataSourceBaiduCloudCFCFunction(), "baiducloud_scs_specs": dataSourceBaiduCloudScsSpecs(), "baiducloud_scss": dataSourceBaiduCloudScss(), + "baiducloud_scs_security_ips": dataSourceBaiduCloudScsSecurityIps(), "baiducloud_cce_versions": dataSourceBaiduCloudCceKubernetesVersion(), "baiducloud_cce_container_net": dataSourceBaiduCloudCceContainerNet(), "baiducloud_cce_cluster_nodes": dataSourceBaiduCloudCCEClusterNodes(), @@ -271,6 +272,7 @@ func Provider() terraform.ResourceProvider { "baiducloud_cfc_version": resourceBaiduCloudCFCVersion(), "baiducloud_cfc_trigger": resourceBaiduCloudCFCTrigger(), "baiducloud_scs": resourceBaiduCloudScs(), + "baiducloud_scs_security_ip": resourceBaiduCloudScsSecurityIp(), "baiducloud_cce_cluster": resourceBaiduCloudCCECluster(), "baiducloud_ccev2_cluster": resourceBaiduCloudCCEv2Cluster(), "baiducloud_ccev2_instance": resourceBaiduCloudCCEv2Instance(), diff --git a/baiducloud/resource_baiducloud_scs_security_ip.go b/baiducloud/resource_baiducloud_scs_security_ip.go new file mode 100644 index 00000000..84e1b98f --- /dev/null +++ b/baiducloud/resource_baiducloud_scs_security_ip.go @@ -0,0 +1,234 @@ +/* +Use this resource to get information about a SCS Security Ip. + +~> **NOTE:** The terminate operation of scs instance does NOT take effect immediately,maybe takes for several minites. + +Example Usage + +```hcl +resource "baiducloud_scs_security_ip" "default" { + instance_id = "scs-xxxxx" + security_ips = [192.168.0.8] +} +``` + +Import + +SCS Security Ip. can be imported, e.g. + +```hcl +$ terraform import baiducloud_scs_security_ip.default id +``` +*/ +package baiducloud + +import ( + "github.com/baidubce/bce-sdk-go/services/scs" + "time" + + "github.com/baidubce/bce-sdk-go/bce" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-baiducloud/baiducloud/connectivity" +) + +func resourceBaiduCloudScsSecurityIp() *schema.Resource { + return &schema.Resource{ + Create: resourceBaiduCloudScsSecurityIpCreate, + Read: resourceBaiduCloudScsSecurityIpRead, + Update: resourceBaiduCloudScsSecurityIpUpdate, + Delete: resourceBaiduCloudScsSecurityIpDelete, + + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(20 * time.Minute), + Update: schema.DefaultTimeout(30 * time.Minute), + Delete: schema.DefaultTimeout(20 * time.Minute), + }, + + Schema: map[string]*schema.Schema{ + "instance_id": { + Type: schema.TypeString, + Description: "ID of the instance", + Required: true, + ForceNew: true, + }, + "security_ips": { + Type: schema.TypeSet, + Description: "securityIps", + Optional: true, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + } +} + +func resourceBaiduCloudScsSecurityIpCreate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceIdArg := d.Get("instance_id").(string) + + updateSecurityArgs, err := buildBaiduCloudScsSecurityIpArgs(d, meta) + + if err != nil { + return WrapError(err) + } + + action := "Create Scs SecurityIp instance id is" + instanceIdArg + addDebug(action, updateSecurityArgs) + + err = resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError { + _, err := client.WithScsClient(func(scsClient *scs.Client) (interface{}, error) { + + return nil, scsClient.AddSecurityIp(instanceIdArg, updateSecurityArgs) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + d.SetId(instanceIdArg) + return nil + }) + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ip", action, BCESDKGoERROR) + } + + return resourceBaiduCloudScsSecurityIpRead(d, meta) +} + +func resourceBaiduCloudScsSecurityIpRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceID := d.Id() + action := "Query Scs SecurityIp instanceID is " + instanceID + + raw, err := client.WithScsClient(func(scsClient *scs.Client) (interface{}, error) { + return scsClient.GetSecurityIp(instanceID) + }) + + addDebug(action, raw) + + if err != nil { + if NotFoundError(err) { + d.SetId("") + return nil + } + return WrapErrorf(err, DefaultErrorMsg, "bbaiducloud_scs_security_ip", action, BCESDKGoERROR) + } + + result, _ := raw.(*scs.GetSecurityIpResult) + + d.Set("security_ips", result.SecurityIps) + + return nil +} + +func resourceBaiduCloudScsSecurityIpUpdate(d *schema.ResourceData, meta interface{}) error { + + if !d.HasChange("security_ips") { + return resourceBaiduCloudScsSecurityIpRead(d, meta) + } + + client := meta.(*connectivity.BaiduClient) + instanceID := d.Id() + + updateSecurityArgs, err := buildBaiduCloudScsSecurityIpArgs(d, meta) + + if err != nil { + return WrapError(err) + } + + action := "Update Scs SecurityIp instance id is" + instanceID + addDebug(action, updateSecurityArgs) + + err = resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError { + _, err := client.WithScsClient(func(scsClient *scs.Client) (interface{}, error) { + oldIps, e := scsClient.GetSecurityIp(instanceID) + if e != nil { + addDebug("Update Scs SecurityIp : Get Old Ips instanceId is "+instanceID, e) + return nil, e + } + deleteRequest := &scs.SecurityIpArgs{} + deleteRequest.SecurityIps = oldIps.SecurityIps + deleteRequest.ClientToken = buildClientToken() + e = scsClient.DeleteSecurityIp(instanceID, deleteRequest) + if e != nil { + addDebug("Update Scs SecurityIp : Delete Old Ips instanceId is "+instanceID, e) + return nil, e + } + return nil, scsClient.AddSecurityIp(instanceID, updateSecurityArgs) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + return nil + }) + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ip", action, BCESDKGoERROR) + } + + return resourceBaiduCloudScsSecurityIpRead(d, meta) +} + +func resourceBaiduCloudScsSecurityIpDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*connectivity.BaiduClient) + + instanceId := d.Id() + + action := "Delete Scs SecurityIp instance id is" + instanceId + + request, err := buildBaiduCloudScsSecurityIpArgs(d, meta) + addDebug(action, "") + + err = resource.Retry(d.Timeout(schema.TimeoutDelete), func() *resource.RetryError { + _, err := client.WithScsClient(func(scsClient *scs.Client) (interface{}, error) { + + return nil, scsClient.DeleteSecurityIp(instanceId, request) + }) + if err != nil { + if IsExceptedErrors(err, []string{bce.EINTERNAL_ERROR}) { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + addDebug(action, err) + return nil + }) + + if err != nil { + return WrapErrorf(err, DefaultErrorMsg, "baiducloud_scs_security_ip", action, BCESDKGoERROR) + } + + return nil +} + +func buildBaiduCloudScsSecurityIpArgs(d *schema.ResourceData, meta interface{}) (*scs.SecurityIpArgs, error) { + request := &scs.SecurityIpArgs{} + + if securityIps, ok := d.GetOk("security_ips"); ok { + + ips := make([]string, 0) + for _, ip := range securityIps.(*schema.Set).List() { + ips = append(ips, ip.(string)) + } + request.SecurityIps = ips + } + + request.ClientToken = buildClientToken() + + return request, nil + +} diff --git a/baiducloud/resource_baiducloud_scs_security_ip_test.go b/baiducloud/resource_baiducloud_scs_security_ip_test.go new file mode 100644 index 00000000..1fa1267b --- /dev/null +++ b/baiducloud/resource_baiducloud_scs_security_ip_test.go @@ -0,0 +1,151 @@ +package baiducloud + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "testing" +) + +const ( + testAccScsSecurityIpResourceType = "baiducloud_scs_security_ip" + testAccScsSecurityIpResourceName = testAccScsSecurityIpResourceType + "." + BaiduCloudTestResourceName +) + +func TestAccBaiduCloudScsSecurityIp(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + + Steps: []resource.TestStep{ + { + Config: testAccScsSecurityIpConfig(BaiduCloudTestResourceTypeNameScsSecurityIp), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccScsSecurityIpResourceName), + resource.TestCheckResourceAttr(testAccScsSecurityIpResourceName, "instance_id", "scs-BIFDrIl9"), + ), + }, + }, + }) +} + +func TestAccBaiduCloudScsSecurityNilIp(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + + Steps: []resource.TestStep{ + { + Config: testAccScsSecurityNilIpConfig(BaiduCloudTestResourceTypeNameScsSecurityIp), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccScsSecurityIpResourceName), + resource.TestCheckResourceAttrSet(testAccScsSecurityIpResourceName, "instance_id"), + ), + }, + }, + }) +} + +func TestAccBaiduCloudScsSecurityMultiIp(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + + Steps: []resource.TestStep{ + { + Config: testAccScsSecurityMultiIpConfig(BaiduCloudTestResourceTypeNameScsSecurityIp), + Check: resource.ComposeTestCheckFunc( + testAccCheckBaiduCloudDataSourceId(testAccScsSecurityIpResourceName), + resource.TestCheckResourceAttrSet(testAccScsSecurityIpResourceName, "instance_id"), + ), + }, + }, + }) +} + +func testAccScsSecurityIpConfig(name string) string { + return fmt.Sprintf(` +variable "name" { + default = "%s" +} +resource "baiducloud_scs_security_ip" "default" { + instance_id = "scs-bj-hzsywuljybfy" + security_ips = ["192.168.3.5"] +} +`, name) +} + +func testAccScsSecurityNilIpConfig(name string) string { + return fmt.Sprintf(` +variable "name" { + default = "%s" +} +resource "baiducloud_scs_security_ip" "default" { + instance_id = "scs-bj-hzsywuljybfy" +} +`, name) +} + +func testAccScsSecurityMultiIpConfig(name string) string { + return fmt.Sprintf(` +variable "name" { + default = "%s" +} +resource "baiducloud_scs_security_ip" "default" { + instance_id = "scs-bj-hzsywuljybfy" + security_ips = ["192.168.3.5","192.168.3.6","192.168.3.7"] +} +`, name) +} + +func testAccScsSecurityMultiIpFullConfig(name string) string { + return fmt.Sprintf(` +resource "baiducloud_scs" "default" { + instance_name = "%s" + billing = { + payment_timing = "Postpaid" + } + purchase_count = 1 + port = 6379 + engine_version = "3.2" + node_type = "cache.n1.micro" + cluster_type = "master_slave" + replication_num = 1 + shard_num = 2 + proxy_num = 0 +} + +resource "baiducloud_scs_security_ip" "default" { + instance_id = baiducloud_scs.default.instance_id + security_ips = ["192.168.3.5","192.168.3.6","192.168.3.7"] +} +`, name) +} + +func testAccScsSecurityNilIpFullConfig(name string) string { + return fmt.Sprintf(` +resource "baiducloud_scs" "default" { + instance_name = "%s" + billing = { + payment_timing = "Postpaid" + } + purchase_count = 1 + port = 6379 + engine_version = "3.2" + node_type = "cache.n1.micro" + cluster_type = "master_slave" + replication_num = 1 + shard_num = 2 + proxy_num = 0 +} + +resource "baiducloud_scs_security_ip" "default" { + instance_id = baiducloud_scs.default.instance_id +} +`, name) +} diff --git a/website/docs/d/scs_security_ips.html.markdown b/website/docs/d/scs_security_ips.html.markdown new file mode 100644 index 00000000..fd150fe6 --- /dev/null +++ b/website/docs/d/scs_security_ips.html.markdown @@ -0,0 +1,38 @@ +--- +layout: "baiducloud" +page_title: "BaiduCloud: baiducloud_scs_security_ips" +sidebar_current: "docs-baiducloud-datasource-scs_security_ips" +description: |- + Use this data source to query SCS security ips. +--- + +# baiducloud_scs_security_ips + +Use this data source to query SCS security ips. + +## Example Usage + +```hcl +data "baiducloud_scs_security_ips" "default" { + instance_id = "scs-xxxxx" +} + +output "security_ips" { + value = "${data.baiducloud_scs.default.security_ips}" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `instance_id` - (Required, ForceNew) ID of the instance + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `security_ips` - security_ips + * `ip` - securityIp + + diff --git a/website/docs/r/scs_security_ip.html.markdown b/website/docs/r/scs_security_ip.html.markdown new file mode 100644 index 00000000..2d6715b2 --- /dev/null +++ b/website/docs/r/scs_security_ip.html.markdown @@ -0,0 +1,39 @@ +--- +layout: "baiducloud" +page_title: "BaiduCloud: baiducloud_scs_security_ip" +sidebar_current: "docs-baiducloud-resource-scs_security_ip" +description: |- + Use this resource to get information about a SCS Security Ip. +--- + +# baiducloud_scs_security_ip + +Use this resource to get information about a SCS Security Ip. + +~> **NOTE:** The terminate operation of scs instance does NOT take effect immediately,maybe takes for several minites. + +## Example Usage + +```hcl +resource "baiducloud_scs_security_ip" "default" { + instance_id = "scs-xxxxx" + security_ips = [192.168.0.8] +} +``` + +## Argument Reference + +The following arguments are supported: + +* `instance_id` - (Required, ForceNew) ID of the instance +* `security_ips` - (Optional) securityIps + + +## Import + +SCS Security Ip. can be imported, e.g. + +```hcl +$ terraform import baiducloud_scs_security_ip.default id +``` +