From 80a12ea636fd6ddea18c20cd77487b5f254506d8 Mon Sep 17 00:00:00 2001 From: "evgeniy.michurin" Date: Thu, 7 Dec 2023 15:56:10 +0400 Subject: [PATCH 1/2] feat(CLOUDDEV-374): lb allowed cidrs --- docs/data-sources/lblistener.md | 1 + docs/data-sources/loadbalancerv2.md | 1 - docs/resources/lblistener.md | 2 ++ docs/resources/loadbalancerv2.md | 2 -- .../data_source_edgecenter_lblistener.go | 25 ++++++++----- .../data_source_edgecenter_loadbalancerv2.go | 13 ------- edgecenter/resource_edgecenter_lblistener.go | 25 +++++++++++++ .../resource_edgecenter_loadbalancerv2.go | 36 ------------------- .../data_source_edgecenter_lblistener_test.go | 1 + .../edgecenter_lblistener/resource.tf | 1 + go.mod | 2 +- go.sum | 4 +-- 12 files changed, 49 insertions(+), 64 deletions(-) diff --git a/docs/data-sources/lblistener.md b/docs/data-sources/lblistener.md index 610cb7a5..b58b1fe2 100644 --- a/docs/data-sources/lblistener.md +++ b/docs/data-sources/lblistener.md @@ -54,6 +54,7 @@ output "view" { ### Read-Only +- `allowed_cidrs` (List of String) The allowed CIDRs for listener. - `id` (String) The ID of this resource. - `operating_status` (String) The current operational status of the load balancer. - `pool_count` (Number) Number of pools associated with the load balancer. diff --git a/docs/data-sources/loadbalancerv2.md b/docs/data-sources/loadbalancerv2.md index 256a5a05..80488550 100644 --- a/docs/data-sources/loadbalancerv2.md +++ b/docs/data-sources/loadbalancerv2.md @@ -56,7 +56,6 @@ output "view" { - `id` (String) The ID of this resource. - `metadata_read_only` (List of Object) A list of read-only metadata items, e.g. tags. (see [below for nested schema](#nestedatt--metadata_read_only)) -- `security_group_id` (String) Load balancer security group ID - `vip_address` (String) Load balancer IP address - `vip_port_id` (String) Attached reserved IP. diff --git a/docs/resources/lblistener.md b/docs/resources/lblistener.md index 53770418..bf73e05d 100644 --- a/docs/resources/lblistener.md +++ b/docs/resources/lblistener.md @@ -30,6 +30,7 @@ resource "edgecenter_lblistener" "listener" { name = "test" protocol = "TCP" protocol_port = 36621 + allowed_cidrs = ["127.0.0.0/24", "192.168.0.0/24"] loadbalancer_id = edgecenter_loadbalancerv2.lb.id } ``` @@ -46,6 +47,7 @@ resource "edgecenter_lblistener" "listener" { ### Optional +- `allowed_cidrs` (List of String) The allowed CIDRs for listener. - `insert_x_forwarded` (Boolean) Insert *-forwarded headers - `last_updated` (String) The timestamp of the last update (use with update context). - `project_id` (Number) The uuid of the project. Either 'project_id' or 'project_name' must be specified. diff --git a/docs/resources/loadbalancerv2.md b/docs/resources/loadbalancerv2.md index 690dc3f5..0bec66c0 100644 --- a/docs/resources/loadbalancerv2.md +++ b/docs/resources/loadbalancerv2.md @@ -44,7 +44,6 @@ resource "edgecenter_loadbalancerv2" "lb" { - `project_name` (String) The name of the project. Either 'project_id' or 'project_name' must be specified. - `region_id` (Number) The uuid of the region. Either 'region_id' or 'region_name' must be specified. - `region_name` (String) The name of the region. Either 'region_id' or 'region_name' must be specified. -- `security_group` (String) Creates a new security group with the specified name - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts)) - `vip_network_id` (String) Attaches the created network. - `vip_port_id` (String) Attaches the created reserved IP. @@ -54,7 +53,6 @@ resource "edgecenter_loadbalancerv2" "lb" { - `id` (String) The ID of this resource. - `metadata_read_only` (List of Object) A list of read-only metadata items, e.g. tags. (see [below for nested schema](#nestedatt--metadata_read_only)) -- `security_group_id` (String) Load balancer security group ID - `vip_address` (String) Load balancer IP address diff --git a/edgecenter/data_source_edgecenter_lblistener.go b/edgecenter/data_source_edgecenter_lblistener.go index 3ef96f4b..98239763 100644 --- a/edgecenter/data_source_edgecenter_lblistener.go +++ b/edgecenter/data_source_edgecenter_lblistener.go @@ -74,6 +74,12 @@ func dataSourceLBListener() *schema.Resource { Computed: true, Description: "The current provisioning status of the load balancer.", }, + "allowed_cidrs": { + Type: schema.TypeList, + Elem: &schema.Schema{Type: schema.TypeString}, + Computed: true, + Description: "The allowed CIDRs for listener.", + }, }, } } @@ -102,10 +108,10 @@ func dataSourceLBListenerRead(_ context.Context, d *schema.ResourceData, m inter } var found bool - var lb listeners.Listener + var listener listeners.Listener for _, l := range ls { if l.Name == name { - lb = l + listener = l found = true break } @@ -115,16 +121,17 @@ func dataSourceLBListenerRead(_ context.Context, d *schema.ResourceData, m inter return diag.Errorf("lb listener with name %s not found", name) } - d.SetId(lb.ID) - d.Set("name", lb.Name) - d.Set("protocol", lb.Protocol.String()) - d.Set("protocol_port", lb.ProtocolPort) - d.Set("pool_count", lb.PoolCount) - d.Set("operating_status", lb.OperationStatus.String()) - d.Set("provisioning_status", lb.ProvisioningStatus.String()) + d.SetId(listener.ID) + d.Set("name", listener.Name) + d.Set("protocol", listener.Protocol.String()) + d.Set("protocol_port", listener.ProtocolPort) + d.Set("pool_count", listener.PoolCount) + d.Set("operating_status", listener.OperationStatus.String()) + d.Set("provisioning_status", listener.ProvisioningStatus.String()) d.Set("loadbalancer_id", lbID) d.Set("project_id", d.Get("project_id").(int)) d.Set("region_id", d.Get("region_id").(int)) + d.Set("allowed_cidrs", listener.AllowedCIDRs) log.Println("[DEBUG] Finish LBListener reading") diff --git a/edgecenter/data_source_edgecenter_loadbalancerv2.go b/edgecenter/data_source_edgecenter_loadbalancerv2.go index 9e275685..7515fefa 100644 --- a/edgecenter/data_source_edgecenter_loadbalancerv2.go +++ b/edgecenter/data_source_edgecenter_loadbalancerv2.go @@ -68,11 +68,6 @@ func dataSourceLoadBalancerV2() *schema.Resource { Computed: true, Description: "Attached reserved IP.", }, - "security_group_id": { - Type: schema.TypeString, - Computed: true, - Description: "Load balancer security group ID", - }, "metadata_read_only": { Type: schema.TypeList, Computed: true, @@ -171,14 +166,6 @@ func dataSourceLoadBalancerV2Read(_ context.Context, d *schema.ResourceData, m i return diag.FromErr(err) } - sgInfo, err := loadbalancers.ListCustomSecurityGroup(client, d.Id()).Extract() - if err != nil { - return diag.FromErr(err) - } - if len(sgInfo) > 0 { - d.Set("security_group_id", sgInfo[0].ID) - } - log.Println("[DEBUG] Finish LoadBalancer reading") return diags diff --git a/edgecenter/resource_edgecenter_lblistener.go b/edgecenter/resource_edgecenter_lblistener.go index eb1a0819..a57d0a7a 100644 --- a/edgecenter/resource_edgecenter_lblistener.go +++ b/edgecenter/resource_edgecenter_lblistener.go @@ -141,6 +141,12 @@ func resourceLbListener() *schema.Resource { Optional: true, Description: "List of secret identifiers used for Server Name Indication (SNI).", }, + "allowed_cidrs": { + Type: schema.TypeList, + Elem: &schema.Schema{Type: schema.TypeString}, + Optional: true, + Description: "The allowed CIDRs for listener.", + }, "last_updated": { Type: schema.TypeString, Optional: true, @@ -203,6 +209,14 @@ func resourceLBListenerCreate(ctx context.Context, d *schema.ResourceData, m int return diag.Errorf("wrong protocol") } + allowedCIRDsRaw := d.Get("allowed_cidrs").([]interface{}) + if len(allowedCIRDsRaw) > 0 { + opts.AllowedCIDRs = make([]string, len(allowedCIRDsRaw)) + for i, s := range allowedCIRDsRaw { + opts.AllowedCIDRs[i] = s.(string) + } + } + results, err := listeners.Create(client, opts).Extract() if err != nil { return diag.FromErr(err) @@ -255,6 +269,7 @@ func resourceLBListenerRead(_ context.Context, d *schema.ResourceData, m interfa d.Set("provisioning_status", lb.ProvisioningStatus.String()) d.Set("secret_id", lb.SecretID) d.Set("sni_secret_id", lb.SNISecretID) + d.Set("allowed_cidrs", lb.AllowedCIDRs) fields := []string{"project_id", "region_id", "loadbalancer_id", "insert_x_forwarded"} revertState(d, &fields) @@ -304,6 +319,16 @@ func resourceLBListenerUpdate(ctx context.Context, d *schema.ResourceData, m int changed = true } + if d.HasChange("allowed_cidrs") { + allowedCIDRsRaw := d.Get("allowed_cidrs").([]interface{}) + allowedCIDRs := make([]string, len(allowedCIDRsRaw)) + for i, s := range allowedCIDRsRaw { + allowedCIDRs[i] = s.(string) + } + opts.AllowedCIDRs = allowedCIDRs + changed = true + } + if changed { _, err = listeners.Update(client, d.Id(), opts).Extract() if err != nil { diff --git a/edgecenter/resource_edgecenter_loadbalancerv2.go b/edgecenter/resource_edgecenter_loadbalancerv2.go index e7a58306..c6456b36 100644 --- a/edgecenter/resource_edgecenter_loadbalancerv2.go +++ b/edgecenter/resource_edgecenter_loadbalancerv2.go @@ -10,7 +10,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/Edge-Center/edgecentercloud-go/edgecenter/loadbalancer/v1/loadbalancers" - "github.com/Edge-Center/edgecentercloud-go/edgecenter/securitygroup/v1/securitygroups" "github.com/Edge-Center/edgecentercloud-go/edgecenter/task/v1/tasks" "github.com/Edge-Center/edgecentercloud-go/edgecenter/utils" "github.com/Edge-Center/edgecentercloud-go/edgecenter/utils/metadata" @@ -113,16 +112,6 @@ func resourceLoadBalancerV2() *schema.Resource { Computed: true, Description: "The timestamp of the last update (use with update context).", }, - "security_group": { - Type: schema.TypeString, - Optional: true, - Description: "Creates a new security group with the specified name", - }, - "security_group_id": { - Type: schema.TypeString, - Description: "Load balancer security group ID", - Computed: true, - }, "metadata_map": { Type: schema.TypeMap, Optional: true, @@ -210,31 +199,6 @@ func resourceLoadBalancerV2Create(ctx context.Context, d *schema.ResourceData, m d.SetId(lbID.(string)) - securityGroup := d.Get("security_group").(string) - if securityGroup != "" { - if err := loadbalancers.CreateCustomSecurityGroup(client, d.Id()).ExtractErr(); err != nil { - return diag.FromErr(err) - } - - sgInfo, err := loadbalancers.ListCustomSecurityGroup(client, d.Id()).Extract() - if err != nil { - return diag.FromErr(err) - } - - if len(sgInfo) > 0 { - sgID := sgInfo[0].ID - d.Set("security_group_id", sgID) - clientSG, err := CreateClient(provider, d, SecurityGroupPoint, VersionPointV1) - if err != nil { - return diag.FromErr(err) - } - _, err = securitygroups.Update(clientSG, sgID, securitygroups.UpdateOpts{Name: securityGroup}).Extract() - if err != nil { - return diag.FromErr(err) - } - } - } - resourceLoadBalancerV2Read(ctx, d, m) log.Printf("[DEBUG] Finish LoadBalancer creating (%s)", lbID) diff --git a/edgecenter/test/data_source_edgecenter_lblistener_test.go b/edgecenter/test/data_source_edgecenter_lblistener_test.go index 90a2ec3a..52ec72e2 100644 --- a/edgecenter/test/data_source_edgecenter_lblistener_test.go +++ b/edgecenter/test/data_source_edgecenter_lblistener_test.go @@ -36,6 +36,7 @@ func TestAccLBListenerDataSource(t *testing.T) { Name: lbListenerTestName, ProtocolPort: 80, Protocol: types.ProtocolTypeHTTP, + AllowedCIDRs: []string{"127.0.0.0/24"}, }}, } diff --git a/examples/resources/edgecenter_lblistener/resource.tf b/examples/resources/edgecenter_lblistener/resource.tf index 7d456474..ef63f0a8 100644 --- a/examples/resources/edgecenter_lblistener/resource.tf +++ b/examples/resources/edgecenter_lblistener/resource.tf @@ -15,5 +15,6 @@ resource "edgecenter_lblistener" "listener" { name = "test" protocol = "TCP" protocol_port = 36621 + allowed_cidrs = ["127.0.0.0/24", "192.168.0.0/24"] loadbalancer_id = edgecenter_loadbalancerv2.lb.id } \ No newline at end of file diff --git a/go.mod b/go.mod index fe83cfcb..456331a3 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/Edge-Center/edgecenter-dns-sdk-go v0.1.0 github.com/Edge-Center/edgecenter-storage-sdk-go v0.2.0 github.com/Edge-Center/edgecentercdn-go v0.1.4 - github.com/Edge-Center/edgecentercloud-go v0.1.10 + github.com/Edge-Center/edgecentercloud-go v0.1.11 github.com/hashicorp/go-cty v1.4.1-0.20200723130312-85980079f637 github.com/hashicorp/terraform-plugin-sdk/v2 v2.29.0 github.com/mitchellh/mapstructure v1.5.0 diff --git a/go.sum b/go.sum index 9031f562..6041bcde 100644 --- a/go.sum +++ b/go.sum @@ -8,8 +8,8 @@ github.com/Edge-Center/edgecenter-storage-sdk-go v0.2.0 h1:1aPDpywWbaF7VEjP/GjVo github.com/Edge-Center/edgecenter-storage-sdk-go v0.2.0/go.mod h1:TcWO0BPvDsE6AGlPBqpKCZhoQ70rRlqmm85J32qcL8I= github.com/Edge-Center/edgecentercdn-go v0.1.4 h1:Jt8f+CSriwVQ/KAb+a+v1dDNChtHjlpilgJOX8mOSx0= github.com/Edge-Center/edgecentercdn-go v0.1.4/go.mod h1:RwEyxwPAmxor1mZKUTa2bIU2p5qM6kcAofUkaE4O1V4= -github.com/Edge-Center/edgecentercloud-go v0.1.10 h1:+mtt9/n4RBTKZwF0N5xlvCNTE74R+Qk29Na+zZgy/Vk= -github.com/Edge-Center/edgecentercloud-go v0.1.10/go.mod h1:kmXGtx0lL1ib+SPfJe/uIAyDHamquAvqiftoLSyhxF8= +github.com/Edge-Center/edgecentercloud-go v0.1.11 h1:00h5o/71lEoSdU1B4AWmviuOfO28P6nsRP+afjIsW80= +github.com/Edge-Center/edgecentercloud-go v0.1.11/go.mod h1:kmXGtx0lL1ib+SPfJe/uIAyDHamquAvqiftoLSyhxF8= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 h1:KLq8BE0KwCL+mmXnjLWEAOYO+2l2AE4YMmqG1ZpZHBs= github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= From a7118cc63461e84e5d6c4a36eb6a5fbb82c31858 Mon Sep 17 00:00:00 2001 From: "evgeniy.michurin" Date: Thu, 7 Dec 2023 16:44:42 +0400 Subject: [PATCH 2/2] feat(CLOUDDEV-374): lb allowed cidrs --- edgecenter/test/data_source_edgecenter_lblistener_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/edgecenter/test/data_source_edgecenter_lblistener_test.go b/edgecenter/test/data_source_edgecenter_lblistener_test.go index 52ec72e2..2f7d3092 100644 --- a/edgecenter/test/data_source_edgecenter_lblistener_test.go +++ b/edgecenter/test/data_source_edgecenter_lblistener_test.go @@ -4,6 +4,7 @@ package edgecenter_test import ( "fmt" + "strconv" "testing" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" @@ -73,6 +74,7 @@ func TestAccLBListenerDataSource(t *testing.T) { testAccCheckResourceExists(resourceName), resource.TestCheckResourceAttr(resourceName, "name", lbListenerTestName), resource.TestCheckResourceAttr(resourceName, "id", listener.ID), + resource.TestCheckResourceAttr(resourceName, "allowed_cidrs.#", strconv.Itoa(len(listener.AllowedCIDRs))), ), }, },