diff --git a/.github/actions/acc_test/action.yaml b/.github/actions/acc_test/action.yaml index 857f3e35..ff8b1602 100644 --- a/.github/actions/acc_test/action.yaml +++ b/.github/actions/acc_test/action.yaml @@ -94,11 +94,6 @@ runs: fi echo "::endgroup::" - # Install latest version of Terraform - - uses: hashicorp/setup-terraform@v4 - with: - terraform_wrapper: false - - name: Setup JAVA uses: actions/setup-java@v5 with: diff --git a/.github/actions/clean_up/README.md b/.github/actions/clean_up/README.md deleted file mode 100644 index c3484cf2..00000000 --- a/.github/actions/clean_up/README.md +++ /dev/null @@ -1 +0,0 @@ -# acceptance test action diff --git a/.github/actions/clean_up/action.yaml b/.github/actions/clean_up/action.yaml deleted file mode 100644 index 1cea3615..00000000 --- a/.github/actions/clean_up/action.yaml +++ /dev/null @@ -1,168 +0,0 @@ -name: CleanUp Project Resources -description: "Acceptance Testing CleanUp" - -inputs: - project_id: - description: "STACKIT project ID for tests" - required: true - - region: - description: "STACKIT region for tests" - default: 'eu01' - required: true - - tf_resource_prefix: - description: "prefix in resource names" - default: 'tf-acc-' - required: true - - service_account_json_content: - description: "STACKIT service account JSON file contents" - required: true - default: '' - - service_account_json_content_b64: - description: "STACKIT service account JSON file contents" - required: true - default: '' - - list_only: - description: "only list resources, DO NOT delete" - required: true - default: 'true' - - log_level: - description: "Log Level" - required: true - default: 'warning' - -outputs: - cli-version: - description: "stackit cli version" - value: ${{ steps.stackit_version.outputs.version }} - -runs: - using: "composite" - steps: - - name: Install needed tools - shell: bash - run: | - echo "::group::apt install" - set -e - apt-get -y -qq update >apt_update.log 2>apt_update_err.log - if [ $? -ne 0 ]; then - cat apt_update.log apt_update_err.log - fi - apt-get -y -qq install curl gnupg jq >apt_get.log 2>apt_get_err.log - if [ $? -ne 0 ]; then - cat apt_get.log apt_get_err.log - fi - echo "::endgroup::" - - echo "::group::apt add source" - curl https://packages.stackit.cloud/keys/key.gpg | gpg --dearmor -o /usr/share/keyrings/stackit.gpg - echo "deb [signed-by=/usr/share/keyrings/stackit.gpg] https://packages.stackit.cloud/apt/cli stackit main" | tee -a /etc/apt/sources.list.d/stackit.list - echo "::endgroup::" - - echo "::group::apt install stackit cli" - apt-get -y -qq update >apt_update.log 2>apt_update_err.log - if [ $? -ne 0 ]; then - cat apt_update.log apt_update_err.log - fi - apt-get -y -qq install stackit >apt_get.log 2>apt_get_err.log - if [ $? -ne 0 ]; then - cat apt_get.log apt_get_err.log - fi - echo "::endgroup::" - - - name: Check stackit cli version - id: stackit_version - run: | - set -e - VERSION=$(stackit --version | grep "Version:" | cut -d " " -f 2) - echo "stackit cli version: ${VERSION}" - echo "version=${VERSION}" >> $GITHUB_OUTPUT - shell: bash - - - name: Creating service_account file from json input - if: inputs.service_account_json_content != '' - shell: bash - run: | - echo "::group::create service account file" - set -e - set -o pipefail - - echo "${{ inputs.service_account_json_content }}" > .svc_acc.json - echo "::endgroup::" - - - name: Creating service_account file from base64 json input - if: inputs.service_account_json_content_b64 != '' - shell: bash - run: | - echo "::group::create service account file" - set -e - set -o pipefail - - echo "${{ inputs.service_account_json_content_b64 }}" | base64 -d > .svc_acc.json - echo "::endgroup::" - - - name: Check service account file exists - shell: bash - run: | - set -e - if [[ ! -s .svc_acc.json ]]; then - echo "ERROR: service account file missing or empty" - exit 1 - fi - - - name: Retrieve resources - run: | - echo "::group::retrieve resources" - set -e - echo "authenticating api" - STACKIT_SERVICE_ACCOUNT_KEY_PATH="${PWD}/.svc_acc.json" - export STACKIT_SERVICE_ACCOUNT_KEY_PATH - stackit auth activate-service-account --service-account-key-path .svc_acc.json - - echo "SQL Server Flex resources:" - stackit --verbosity ${{ inputs.log_level }} --project-id "${{ inputs.project_id }}" beta sqlserverflex instance list --output-format json | jq -r '.[] | select(.name | startswith("${{ inputs.tf_resource_prefix }}"))' - - echo "PostgreSQL Flex resources:" - stackit --verbosity ${{ inputs.log_level }} --project-id "${{ inputs.project_id }}" postgresflex instance list --output-format json | jq -r '.[] | select(.name | startswith("${{ inputs.tf_resource_prefix }}"))' - - echo "::endgroup::" - shell: bash - - - name: Delete SQL Server Flex resources - if: ${{ inputs.list_only != 'true' }} - run: | - echo "::group::delete SQL Server Flex resources" - set -e - stackit --verbosity ${{ inputs.log_level }} auth activate-service-account --service-account-key-path .svc_acc.json - for s in $(stackit --verbosity ${{ inputs.log_level }} --project-id ${{ inputs.project_id }} beta sqlserverflex instance list --output-format json | jq -r '.[] | select(.name | startswith("${{ inputs.tf_resource_prefix }}")) | .id'); do stackit --verbosity ${{ inputs.log_level }} -y --project-id ${{ inputs.project_id }} beta sqlserverflex instance delete $s; done - echo "::endgroup::" - shell: bash - - - name: Skip Delete SQL Server Flex resources - if: ${{ inputs.list_only == 'true' }} - run: | - set -e - echo "Skip deleting: list only mode" - shell: bash - - - name: Delete PostgreSQL Flex resources - if: ${{ inputs.list_only != 'true' }} - run: | - echo "::group::delete PostgreSQL Flex resources" - set -e - stackit auth activate-service-account --service-account-key-path .svc_acc.json - for s in $(stackit --verbosity ${{ inputs.log_level }} --project-id ${{ inputs.project_id }} postgresflex instance list --output-format json | jq -r '.[] | select(.name | startswith("${{ inputs.tf_resource_prefix }}")) | .id'); do stackit --verbosity ${{ inputs.log_level }} -y --project-id ${{ inputs.project_id }} postgresflex instance delete $s; done - echo "::endgroup::" - shell: bash - - - name: Skip Delete PostgreSQL Flex resources - if: ${{ inputs.list_only == 'true' }} - run: | - set -e - echo "Skip deleting: list only mode" - shell: bash diff --git a/.github/workflows/ci_new.yaml b/.github/workflows/ci_new.yaml index 08239560..9ff6a379 100644 --- a/.github/workflows/ci_new.yaml +++ b/.github/workflows/ci_new.yaml @@ -28,7 +28,7 @@ jobs: config: if: ${{ github.event_name != 'schedule' }} name: Check GoReleaser config - runs-on: stackit-docker + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v6 @@ -40,7 +40,7 @@ jobs: prepare: name: Prepare GO cache - runs-on: stackit-docker + runs-on: ubuntu-latest permissions: actions: read # Required to identify workflow run. checks: write # Required to add status summary. @@ -102,7 +102,7 @@ jobs: needs: - config - prepare - runs-on: stackit-docker + runs-on: ubuntu-latest permissions: actions: read # Required to identify workflow run. checks: write # Required to add status summary. @@ -185,7 +185,7 @@ jobs: testing: name: CI run tests - runs-on: stackit-docker + runs-on: ubuntu-latest needs: - config - prepare @@ -278,7 +278,7 @@ jobs: main: if: ${{ github.event_name != 'schedule' }} name: CI run build and linting - runs-on: stackit-docker + runs-on: ubuntu-latest needs: - config - prepare @@ -329,7 +329,7 @@ jobs: code_coverage: name: "Code coverage report" if: github.event_name == 'pull_request' # Do not run when workflow is triggered by push to main branch - runs-on: stackit-docker + runs-on: ubuntu-latest needs: - main - prepare diff --git a/.github/workflows/clean_up.yaml b/.github/workflows/clean_up.yaml deleted file mode 100644 index 4a5b54be..00000000 --- a/.github/workflows/clean_up.yaml +++ /dev/null @@ -1,45 +0,0 @@ -name: TF Acceptance Test CleanUp - -on: - workflow_dispatch: - inputs: - list_only: - description: "only list resources" - type: boolean - default: true - required: true - - res_prefix: - description: "resource name prefix" - type: string - default: 'tf-acc-' - required: true - - log_level: - description: 'Log Level' - required: true - default: 'warning' - type: choice - options: - - info - - warning - - debug - - error - -jobs: - clean: - name: Clean up - runs-on: stackit-docker - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Clean - uses: ./.github/actions/clean_up - with: - project_id: ${{ vars.TF_ACC_PROJECT_ID }} - region: 'eu01' - tf_resource_prefix: ${{ inputs.res_prefix }} - service_account_json_content_b64: "${{ secrets.TF_ACC_SERVICE_ACCOUNT_JSON_B64 }}" - list_only: ${{ inputs.list_only }} - log_level: ${{ inputs.log_level }} diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 633953f4..8a277b91 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -4,10 +4,9 @@ run-name: Publish by @${{ github.actor }} on: workflow_dispatch: - push: tags: - - 'v*' + - 'v0.*' env: GO_VERSION: "1.25" @@ -17,6 +16,7 @@ env: jobs: config: name: Check GoReleaser config + if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - name: Checkout @@ -29,12 +29,13 @@ jobs: publish: name: "Publish provider" + if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') needs: config runs-on: ubuntu-latest permissions: actions: read # Required to identify workflow run. checks: write # Required to add status summary. - contents: write # Required to checkout repository. + contents: read # Required to checkout repository. pull-requests: write # Required to add PR comment. steps: - name: Install needed tools @@ -44,8 +45,6 @@ jobs: - name: Checkout uses: actions/checkout@v6 - with: - fetch-tags: true - name: Setup Go uses: actions/setup-go@v6 @@ -83,7 +82,7 @@ jobs: gpg --import ~/private.key.pem rm ~/private.key.pem - - name: Run GoReleaser + - name: Run GoReleaser with SNAPSHOT if: github.event_name == 'workflow_dispatch' id: goreleaser env: @@ -91,8 +90,7 @@ jobs: GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} uses: goreleaser/goreleaser-action@v7 with: -# args: release --skip publish --clean --snapshot - args: release --skip publish --clean + args: release --skip publish --clean --snapshot - name: Run GoReleaser if: github.event_name != 'workflow_dispatch' @@ -108,15 +106,9 @@ jobs: run: | echo "${{ secrets.PUBLIC_KEY_PEM }}" >public_key.pem - - name: Determine version - id: get_version - run: | - set -e - VERSION=$(jq -r .version < dist/metadata.json) - echo "version=${VERSION}" >> "$GITHUB_OUTPUT" - - name: Prepare provider directory structure run: | + VERSION=$(jq -r .version < dist/metadata.json) go run generator/main.go \ publish \ --namespace=mhenselin \ @@ -125,7 +117,7 @@ jobs: --domain=tfregistry.sysops.stackit.rocks \ --gpgFingerprint="${{ secrets.GPG_FINGERPRINT }}" \ --gpgPubKeyFile=public_key.pem \ - --version=${{ steps.get_version.outputs.version }} + --version=${VERSION} - name: Prepare documentation nav file run: | @@ -150,7 +142,6 @@ jobs: run: | set -e ssh -o StrictHostKeyChecking=no ubuntu@${{ vars.DOCS_SERVER_IP }} 'rm -rf /srv/www/docs' - echo "${{ steps.get_version.outputs.version }}" >docs/_version.txt - # echo "${{ github.ref_name }}" >docs/_version.txt + echo "${{ github.ref_name }}" >docs/_version.txt scp -o StrictHostKeyChecking=no -r docs ubuntu@${{ vars.DOCS_SERVER_IP }}:/srv/www/ scp -o StrictHostKeyChecking=no nav.md ubuntu@${{ vars.DOCS_SERVER_IP }}:/srv/www/ diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d2dec624..79547c9a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -16,14 +16,14 @@ permissions: jobs: goreleaser: - runs-on: stackit-docker + runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 with: # Allow goreleaser to access older tag information. fetch-depth: 0 - - uses: actions/setup-go@v6 + - uses: https://code.forgejo.org/actions/setup-go@v6 with: go-version-file: "go.mod" cache: true diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 67c33d1b..c629eab0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -8,13 +8,13 @@ on: jobs: renovate: name: Renovate - runs-on: stackit-docker + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v6 - name: Self-hosted Renovate - uses: renovatebot/github-action@v46.1.5 + uses: renovatebot/github-action@v46.1.4 with: configurationFile: .github/renovate.json # token: ${{ secrets.RENOVATE_TOKEN }} diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 32b39b56..6198123e 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -20,7 +20,7 @@ permissions: jobs: stale: name: "Stale" - runs-on: stackit-docker + runs-on: ubuntu-latest timeout-minutes: 10 steps: - name: "Mark old PRs as stale" diff --git a/.github/workflows/tf-acc-test.yaml b/.github/workflows/tf-acc-test.yaml index 473ad815..75a35382 100644 --- a/.github/workflows/tf-acc-test.yaml +++ b/.github/workflows/tf-acc-test.yaml @@ -13,19 +13,17 @@ on: inputs: enable_debug: description: "enable terraform debug logs" - type: boolean - default: false + default: 'false' required: true test_timeout_string: description: "string that determines the timeout (default: 45m)" - type: string default: '90m' required: true jobs: acc_test: name: Acceptance Tests - runs-on: stackit-docker + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v6 @@ -59,3 +57,4 @@ jobs: tf_acc_kek_key_ring_id: ${{ vars.TF_ACC_KEK_KEY_RING_ID }} tf_acc_kek_key_version: ${{ vars.TF_ACC_KEK_KEY_VERSION }} tf_acc_kek_service_account: ${{ vars.TF_ACC_KEK_SERVICE_ACCOUNT }} + tf_debug: ${{ inputs.enable_debug }} diff --git a/README.md b/README.md index b90466b9..ab79f28e 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ terraform { required_providers { stackitprivatepreview = { source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - version = ">= 0.1.0" + version = "= 0.0.5-alpha" } } } @@ -38,6 +38,7 @@ Check one of the examples in the [examples](examples/) folder. To authenticate, you will need a [service account](https://docs.stackit.cloud/platform/access-and-identity/service-accounts/). Create it in the [STACKIT Portal](https://portal.stackit.cloud/) and assign the necessary permissions to it, e.g. `project.owner`. There are multiple ways to authenticate: - Key flow (recommended) +- Token flow (is scheduled for deprecation and will be removed on December 17, 2025.) When setting up authentication, the provider will always try to use the key flow first and search for credentials in several locations, following a specific order: @@ -51,6 +52,7 @@ When setting up authentication, the provider will always try to use the key flow ```json { + "STACKIT_SERVICE_ACCOUNT_TOKEN": "foo_token", "STACKIT_SERVICE_ACCOUNT_KEY_PATH": "path/to/sa_key.json" } ``` @@ -69,41 +71,35 @@ To configure the key flow, follow this steps: 1. Create a service account key: - - Use the [STACKIT Portal](https://portal.stackit.cloud/): go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key. For more details, see [Create a service account key](https://docs.stackit.cloud/platform/access-and-identity/service-accounts/how-tos/manage-service-account-keys/) +- Use the [STACKIT Portal](https://portal.stackit.cloud/): go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key. For more details, see [Create a service account key](https://docs.stackit.cloud/platform/access-and-identity/service-accounts/how-tos/manage-service-account-keys/) 2. Save the content of the service account key by copying it and saving it in a JSON file. The expected format of the service account key is a **JSON** with the following structure: - ```json - { - "id": "uuid", - "publicKey": "public key", - "createdAt": "2023-08-24T14:15:22Z", - "validUntil": "2023-08-24T14:15:22Z", - "keyType": "USER_MANAGED", - "keyOrigin": "USER_PROVIDED", - "keyAlgorithm": "RSA_2048", - "active": true, - "credentials": { - "kid": "string", - "iss": "my-sa@sa.stackit.cloud", - "sub": "uuid", - "aud": "string", - (optional) "privateKey": "private key when generated by the SA service" - } - } - ``` +```json +{ + "id": "uuid", + "publicKey": "public key", + "createdAt": "2023-08-24T14:15:22Z", + "validUntil": "2023-08-24T14:15:22Z", + "keyType": "USER_MANAGED", + "keyOrigin": "USER_PROVIDED", + "keyAlgorithm": "RSA_2048", + "active": true, + "credentials": { + "kid": "string", + "iss": "my-sa@sa.stackit.cloud", + "sub": "uuid", + "aud": "string", + (optional) "privateKey": "private key when generated by the SA service" + } +} +``` 3. Configure the service account key for authentication in the provider by following one of the alternatives below: - setting the fields in the provider block: `service_account_key` or `service_account_key_path` - ```hcl - provider "stackitprivatepreview" { - default_region = "eu01" - service_account_key_path = "../service_account.json" - } - ``` - setting the environment variable: `STACKIT_SERVICE_ACCOUNT_KEY_PATH` or `STACKIT_SERVICE_ACCOUNT_KEY` - ensure the set the service account key in `STACKIT_SERVICE_ACCOUNT_KEY` is correctly formatted. Use e.g. `$ export STACKIT_SERVICE_ACCOUNT_KEY=$(cat ./service-account-key.json)` @@ -115,6 +111,16 @@ To configure the key flow, follow this steps: > - setting the environment variable: `STACKIT_PRIVATE_KEY_PATH` or `STACKIT_PRIVATE_KEY` > - setting `STACKIT_PRIVATE_KEY_PATH` in the credentials file (see above) +### Token flow + +> Is scheduled for deprecation and will be removed on December 17, 2025. + +Using this flow is less secure since the token is long-lived. You can provide the token in several ways: + +1. Setting the field `service_account_token` in the provider +2. Setting the environment variable `STACKIT_SERVICE_ACCOUNT_TOKEN` +3. Setting it in the credentials file (see above) + ## Backend configuration To keep track of your terraform state, you can configure an [S3 backend](https://developer.hashicorp.com/terraform/language/settings/backends/s3) using [STACKIT Object Storage](https://docs.stackit.cloud/products/storage/object-storage). @@ -144,6 +150,62 @@ terraform { Note: AWS specific checks must be skipped as they do not work on STACKIT. For details on what those validations do, see [here](https://developer.hashicorp.com/terraform/language/settings/backends/s3#configuration). +## Opting into Beta Resources + +To use beta resources in the STACKIT Terraform provider, follow these steps: + +1. **Provider Configuration Option** + + Set the `enable_beta_resources` option in the provider configuration. This is a boolean attribute that can be either `true` or `false`. + + ```hcl + provider "stackit" { + default_region = "eu01" + enable_beta_resources = true + } + ``` + +2. **Environment Variable** + + Set the `STACKIT_TF_ENABLE_BETA_RESOURCES` environment variable to `"true"` or `"false"`. Other values will be ignored and will produce a warning. + + ```sh + export STACKIT_TF_ENABLE_BETA_RESOURCES=true + ``` + +> **Note**: The environment variable takes precedence over the provider configuration option. This means that if the `STACKIT_TF_ENABLE_BETA_RESOURCES` environment variable is set to a valid value (`"true"` or `"false"`), it will override the `enable_beta_resources` option specified in the provider configuration. + +For more details, please refer to the [beta resources configuration guide](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources). + +## Opting into Experiments + +Experiments are features that are even less mature and stable than Beta Resources. While there is some assumed stability in beta resources, will have to expect breaking changes while using experimental resources. Experimental Resources do not come with any support or warranty. + +To enable experiments set the experiments field in the provider definition: + +```hcl +provider "stackit" { + default_region = "eu01" + experiments = ["iam", "routing-tables", "network"] +} +``` + +### Available Experiments + +#### `iam` + +Enables IAM management features in the Terraform provider. The underlying IAM API is expected to undergo a redesign in the future, which leads to it being considered experimental. + +#### `routing-tables` + +This feature enables experimental routing table capabilities in the Terraform Provider, available only to designated SNAs at this time. + +#### `network` + +The `stackit_network` provides the fields `region` and `routing_table_id` when the experiment flag `network` is set. +The underlying API is not stable yet and could change in the future. +If you don't need these fields, don't set the experiment flag `network`, to use the stable api. + ## Acceptance Tests > [!WARNING] diff --git a/sample/alpha-from-registry/key.tf b/sample/alpha-from-registry/key.tf deleted file mode 100644 index 8be28ac7..00000000 --- a/sample/alpha-from-registry/key.tf +++ /dev/null @@ -1,38 +0,0 @@ -resource "stackit_kms_keyring" "mshalpha-keyring" { - project_id = var.project_id - display_name = "msh-alpha-tests" - description = "This is a test keyring for private endpoints" -} - -resource "stackit_kms_key" "mshalpha-key01" { - project_id = var.project_id - keyring_id = stackit_kms_keyring.mshalpha-keyring.keyring_id - display_name = "mshalpha-key01" - protection = "software" - algorithm = "aes_256_gcm" - purpose = "symmetric_encrypt_decrypt" - access_scope = "SNA" -} - -output "keyid" { - value = stackit_kms_key.mshalpha-key01.key_id -} - -# (because stackit_kms_key.key001 is not in configuration) -resource "stackit_kms_key" "key001" { - access_scope = "SNA" - algorithm = "aes_256_gcm" - display_name = "msh-key-sna01" - keyring_id = stackit_kms_keyring.keyring001.keyring_id - project_id = var.project_id - protection = "software" - purpose = "symmetric_encrypt_decrypt" -} - -# stackit_kms_keyring.keyring001 will be destroyed -# (because stackit_kms_keyring.keyring001 is not in configuration) -resource "stackit_kms_keyring" "keyring001" { - description = "This is a test keyring for private endpoints" - display_name = "msh-keyring-sna01" - project_id = var.project_id -} diff --git a/sample/alpha-from-registry/postresql.tf b/sample/alpha-from-registry/postresql.tf deleted file mode 100644 index 0e728f81..00000000 --- a/sample/alpha-from-registry/postresql.tf +++ /dev/null @@ -1,96 +0,0 @@ - -data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 2 - ram = 4 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} - -resource "stackitprivatepreview_postgresflexalpha_instance" "msh-alpha-sna-enc" { - project_id = var.project_id - name = "msh-alpha-sna-enc" - backup_schedule = "0 0 * * *" - retention_days = 45 - flavor_id = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id - replicas = 1 - storage = { - performance_class = "premium-perf2-stackit" - size = 10 - } - encryption = { - kek_key_id = stackit_kms_key.mshalpha-key01.key_id - kek_key_ring_id = stackit_kms_keyring.mshalpha-keyring.keyring_id - kek_key_version = 1 - service_account = var.sa_email - } - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19", "170.85.2.177/32"] - access_scope = "SNA" - } - version = 17 -} - -resource "stackitprivatepreview_postgresflexalpha_instance" "msh-alpha-nosna-noenc" { - project_id = var.project_id - name = "msh-alpha-nosna-enc" - backup_schedule = "0 0 * * *" - retention_days = 45 - flavor_id = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id - replicas = 1 - storage = { - performance_class = "premium-perf2-stackit" - size = 10 - } - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19", "170.85.2.177/32"] - access_scope = "PUBLIC" - } - version = 16 -} - -resource "stackitprivatepreview_postgresflexalpha_user" "ptlsdbadminuser" { - project_id = var.project_id - instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id - name = var.db_admin_username - roles = ["createdb", "login"] - # roles = ["createdb", "login", "createrole"] -} - -resource "stackitprivatepreview_postgresflexalpha_user" "ptlsdbuser" { - project_id = var.project_id - instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id - name = var.db_username - roles = ["login"] - # roles = ["createdb", "login", "createrole"] -} - -resource "stackitprivatepreview_postgresflexalpha_database" "example" { - count = 5 - depends_on = [stackitprivatepreview_postgresflexalpha_user.ptlsdbadminuser] - project_id = var.project_id - instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id - name = "${var.db_name}${count.index}" - owner = var.db_admin_username -} - -# data "stackitprivatepreview_postgresflexalpha_instance" "datapsql" { -# project_id = var.project_id -# instance_id = var.instance_id -# region = "eu01" -# } - -# output "psql_instance_id" { -# value = data.stackitprivatepreview_postgresflexalpha_instance.datapsql.instance_id -# } - -output "psql_user_password" { - value = stackitprivatepreview_postgresflexalpha_user.ptlsdbuser.password - sensitive = true -} - -# output "psql_user_conn" { -# value = stackitprivatepreview_postgresflexalpha_user.ptlsdbuser.connection_string -# sensitive = true -# } diff --git a/sample/alpha-from-registry/providers.tf b/sample/alpha-from-registry/providers.tf deleted file mode 100644 index 66756cd7..00000000 --- a/sample/alpha-from-registry/providers.tf +++ /dev/null @@ -1,24 +0,0 @@ - -terraform { - required_providers { - stackit = { - source = "registry.terraform.io/stackitcloud/stackit" - version = "~> 0.70" - } - stackitprivatepreview = { - source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - version = ">=0.1.0" - } - } -} - -provider "stackit" { - default_region = "eu01" - enable_beta_resources = true - service_account_key_path = "../service_account.json" -} - -provider "stackitprivatepreview" { - default_region = "eu01" - service_account_key_path = "../service_account.json" -} diff --git a/sample/alpha-from-registry/sqlserver.tf b/sample/alpha-from-registry/sqlserver.tf deleted file mode 100644 index 2bf17a9e..00000000 --- a/sample/alpha-from-registry/sqlserver.tf +++ /dev/null @@ -1,101 +0,0 @@ -# resource "stackit_kms_keyring" "keyring001" { -# project_id = var.project_id -# display_name = "msh-keyring-sna01" -# description = "This is a test keyring for private endpoints" -# } -# -# resource "stackit_kms_key" "key001" { -# project_id = var.project_id -# keyring_id = stackit_kms_keyring.keyring001.keyring_id -# display_name = "msh-key-sna01" -# protection = "software" -# algorithm = "aes_256_gcm" -# purpose = "symmetric_encrypt_decrypt" -# access_scope = "SNA" -# } - -data "stackitprivatepreview_sqlserverflexbeta_flavor" "sqlserver_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 4 - ram = 16 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} - -resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-sna-001" { - project_id = var.project_id - name = "msh-sna-001" - backup_schedule = "0 3 * * *" - retention_days = 31 - flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id - storage = { - class = "premium-perf2-stackit" - size = 50 - } - version = 2022 - encryption = { - kek_key_version = 1 - kek_key_id = var.key_id - kek_key_ring_id = var.keyring_id - service_account = var.sa_email - } - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19"] - access_scope = "SNA" - } -} - -#resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-nosna-001" { -# project_id = var.project_id -# name = "msh-nosna-001" -# backup_schedule = "0 3 * * *" -# retention_days = 31 -# flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id -# storage = { -# class = "premium-perf2-stackit" -# size = 50 -# } -# version = 2022 -# # encryption = { -# # #key_id = stackit_kms_key.key.key_id -# # #keyring_id = stackit_kms_keyring.keyring.keyring_id -# # #key_version = 1 -# # #key_id = var.key_id -# # # key with scope public -# # key_id = "fe039bcf-8d7b-431a-801d-9e81371a6b7b" -# # keyring_id = var.keyring_id -# # key_version = var.key_version -# # service_account = var.sa_email -# # } -# network = { -# acl = ["0.0.0.0/0", "193.148.160.0/19"] -# access_scope = "PUBLIC" -# } -#} - -# data "stackitprivatepreview_sqlserverflexbeta_instance" "test" { -# project_id = var.project_id -# instance_id = var.instance_id -# region = "eu01" -# } - -# output "test" { -# value = data.stackitprivatepreview_sqlserverflexbeta_instance.test -# } - -resource "stackitprivatepreview_sqlserverflexbeta_user" "ptlsdbadminuser" { - project_id = var.project_id - instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-sna-001.instance_id - username = var.db_admin_username - #roles = ["##STACKIT_LoginManager##", "##STACKIT_DatabaseManager##"] - roles = ["##STACKIT_LoginManager##"] -} - -resource "stackitprivatepreview_sqlserverflexbeta_user" "ptlsdbuser" { - project_id = var.project_id - instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-sna-001.instance_id - username = var.db_username - roles = ["##STACKIT_LoginManager##"] -} - diff --git a/sample/kms/kms.tf b/sample/kms/kms.tf deleted file mode 100644 index 01b1d46c..00000000 --- a/sample/kms/kms.tf +++ /dev/null @@ -1,57 +0,0 @@ -resource "stackit_kms_keyring" "keyring001" { - project_id = var.project_id - display_name = "msh-keyring-sna01" - description = "This is a test keyring for private endpoints" -} - -resource "stackit_kms_key" "key001" { - project_id = var.project_id - keyring_id = stackit_kms_keyring.keyring001.keyring_id - display_name = "msh-key-sna01" - protection = "software" - algorithm = "aes_256_gcm" - purpose = "symmetric_encrypt_decrypt" - access_scope = "SNA" -} - - -# data "stackitprivatepreview_sqlserverflexalpha_instance" "test" { -# project_id = var.project_id -# instance_id = var.instance_id -# region = "eu01" -# } - -output "key_ring_id" { - value = stackit_kms_keyring.keyring001.id -} - -resource "stackit_kms_keyring" "keyring001yy" { - project_id = var.project_id - display_name = "msh-kr-sna01" - description = "This is a test keyring for private endpoints" -} - -resource "stackit_kms_key" "key001yy" { - project_id = var.project_id - keyring_id = stackit_kms_keyring.keyring001yy.keyring_id - display_name = "msh-k-001" - protection = "software" - algorithm = "aes_256_gcm" - purpose = "symmetric_encrypt_decrypt" - access_scope = "SNA" -} - - -# data "stackitprivatepreview_sqlserverflexalpha_instance" "test" { -# project_id = var.project_id -# instance_id = var.instance_id -# region = "eu01" -# } - -output "key_ring_idxx" { - value = stackit_kms_keyring.keyring001yy.id -} - -output "key_id" { - value = stackit_kms_key.key001yy.id -} diff --git a/sample/kms/providers.tf b/sample/kms/providers.tf deleted file mode 100644 index 1e7fe4f5..00000000 --- a/sample/kms/providers.tf +++ /dev/null @@ -1,25 +0,0 @@ - -terraform { - required_providers { - stackit = { - source = "registry.terraform.io/stackitcloud/stackit" - version = "~> 0.70" - } - # stackitprivatepreview = { - # source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - # version = "= 0.0.2-alpha" - # } - } -} - -provider "stackit" { - default_region = "eu01" - enable_beta_resources = true - service_account_key_path = "../service_account.json" -} - -# provider "stackitprivatepreview" { -# default_region = "eu01" -# enable_beta_resources = true -# service_account_key_path = "../service_account.json" -# } diff --git a/sample/pg_import/outputs.tf b/sample/pg_import/outputs.tf deleted file mode 100644 index d9edf19a..00000000 --- a/sample/pg_import/outputs.tf +++ /dev/null @@ -1,4 +0,0 @@ -# -# output "postgres_flavor" { -# value = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id -# } diff --git a/sample/pg_import/postresql.tf b/sample/pg_import/postresql.tf deleted file mode 100644 index 1d8d478d..00000000 --- a/sample/pg_import/postresql.tf +++ /dev/null @@ -1,45 +0,0 @@ - -data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 2 - ram = 4 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} - -resource "stackitprivatepreview_postgresflexalpha_instance" "import_for_deletion" { - project_id = var.project_id - name = "mshpetest2" - backup_schedule = "0 0 * * *" - retention_days = 45 - flavor_id = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id - replicas = 1 - storage = { - # class = "premium-perf2-stackit" - performance_class = "premium-perf2-stackit" - size = 10 - } - encryption = { - # key_id = stackit_kms_key.key.key_id - # keyring_id = stackit_kms_keyring.keyring.keyring_id - kek_key_id = var.key_id - kek_key_ring_id = var.keyring_id - kek_key_version = var.key_version - service_account = var.sa_email - } - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19", "170.85.2.177/32"] - access_scope = "PUBLIC" - } - version = 14 -} - -import { - to = stackitprivatepreview_postgresflexalpha_instance.import_for_deletion - identity = { - project_id = var.project_id - region = "eu01" - instance_id = "d52b5d4c-be3f-4c14-a107-330dab99fd2e" - } -} diff --git a/sample/pg_import/providers.tf b/sample/pg_import/providers.tf deleted file mode 100644 index 5a54a129..00000000 --- a/sample/pg_import/providers.tf +++ /dev/null @@ -1,25 +0,0 @@ - -terraform { - required_providers { - # stackit = { - # source = "registry.terraform.io/stackitcloud/stackit" - # version = "~> 0.70" - # } - stackitprivatepreview = { - source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - version = "> 0.0" - } - } -} - -# provider "stackit" { -# default_region = "eu01" -# enable_beta_resources = true -# service_account_key_path = "./service_account.json" -# } - -provider "stackitprivatepreview" { - default_region = "eu01" - enable_beta_resources = true - service_account_key_path = "../service_account.json" -} diff --git a/sample/pg_import/variables.tf.example b/sample/pg_import/variables.tf.example deleted file mode 100644 index 51a70be4..00000000 --- a/sample/pg_import/variables.tf.example +++ /dev/null @@ -1,11 +0,0 @@ -variable "project_id" { - default = "" -} - -variable "sa_email" { - default = "" -} - -variable "db_username" { - default = "" -} diff --git a/sample/pg_instance/outputs.tf b/sample/pg_instance/outputs.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/sample/pg_instance/postresql.tf b/sample/pg_instance/postresql.tf deleted file mode 100644 index 0f3f73ac..00000000 --- a/sample/pg_instance/postresql.tf +++ /dev/null @@ -1,17 +0,0 @@ - -data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 2 - ram = 4 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} -data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor2"{ - project_id = var.project_id - region = "eu01" - cpu = 2 - ram = 4 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} diff --git a/sample/pg_instance/providers.tf b/sample/pg_instance/providers.tf deleted file mode 100644 index f69b01a1..00000000 --- a/sample/pg_instance/providers.tf +++ /dev/null @@ -1,25 +0,0 @@ - -terraform { - required_providers { - # stackit = { - # source = "registry.terraform.io/stackitcloud/stackit" - # version = "~> 0.70" - # } - stackitprivatepreview = { - source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - version = "> 0.0" - } - } -} - -# provider "stackit" { -# default_region = "eu01" -# enable_beta_resources = true -# service_account_key_path = "./service_account.json" -# } - -provider "stackitprivatepreview" { - default_region = "eu01" - enable_beta_resources = true - service_account_key_path = "/home/henselinm/Development/PTLS/terraform-provider-stackit-MSH/sample/pg_instance/service_account.json" -} diff --git a/sample/pg_instance/variables.tf.example b/sample/pg_instance/variables.tf.example deleted file mode 100644 index 51a70be4..00000000 --- a/sample/pg_instance/variables.tf.example +++ /dev/null @@ -1,11 +0,0 @@ -variable "project_id" { - default = "" -} - -variable "sa_email" { - default = "" -} - -variable "db_username" { - default = "" -} diff --git a/sample/sqlserver_beta/flavor.tf b/sample/sqlserver_beta/flavor.tf deleted file mode 100644 index df6f3305..00000000 --- a/sample/sqlserver_beta/flavor.tf +++ /dev/null @@ -1,13 +0,0 @@ -# -# data "stackitprivatepreview_sqlserverflexalpha_flavor" "sqlserver_flavor" { -# project_id = var.project_id -# region = "eu01" -# cpu = 4 -# ram = 16 -# node_type = "Single" -# storage_class = "premium-perf2-stackit" -# } -# -# output "sqlserver_flavor" { -# value = data.stackitprivatepreview_sqlserverflexalpha_flavor.sqlserver_flavor.flavor_id -# } diff --git a/sample/sqlserver_beta/postgres.tf b/sample/sqlserver_beta/postgres.tf deleted file mode 100644 index 0f45ff66..00000000 --- a/sample/sqlserver_beta/postgres.tf +++ /dev/null @@ -1,9 +0,0 @@ - -data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 2 - ram = 4 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} diff --git a/sample/sqlserver_beta/providers.tf b/sample/sqlserver_beta/providers.tf deleted file mode 100644 index 233d4df2..00000000 --- a/sample/sqlserver_beta/providers.tf +++ /dev/null @@ -1,25 +0,0 @@ - -terraform { - required_providers { - # stackit = { - # source = "registry.terraform.io/stackitcloud/stackit" - # version = "~> 0.70" - # } - stackitprivatepreview = { - source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview" - version = "> 0.0" - } - } -} - -# provider "stackit" { -# default_region = "eu01" -# enable_beta_resources = true -# service_account_key_path = "../service_account.json" -# } - -provider "stackitprivatepreview" { - default_region = "eu01" - enable_beta_resources = true - service_account_key_path = "../service_account.json" -} diff --git a/sample/sqlserver_beta/sqlserver.tf b/sample/sqlserver_beta/sqlserver.tf deleted file mode 100644 index 21bf7d23..00000000 --- a/sample/sqlserver_beta/sqlserver.tf +++ /dev/null @@ -1,116 +0,0 @@ -data "stackitprivatepreview_sqlserverflexbeta_flavor" "sqlserver_flavor" { - project_id = var.project_id - region = "eu01" - cpu = 4 - ram = 16 - node_type = "Single" - storage_class = "premium-perf2-stackit" -} - -data "stackitprivatepreview_sqlserverflexbeta_flavor" "sqlserver_flavor_2" { - project_id = var.project_id - region = "eu01" - cpu = 4 - ram = 32 - node_type = "Replica" - storage_class = "premium-perf2-stackit" -} - -resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-beta-nosna-001" { - project_id = var.project_id - name = "msh-beta-nosna-001-renamed" - backup_schedule = "0 3 * * *" - retention_days = 31 - flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id - storage = { - class = "premium-perf2-stackit" - size = 50 - } - version = 2022 - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19"] - access_scope = "PUBLIC" - } -} - -resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-beta-sna-001" { - project_id = var.project_id - name = "msh-beta-sna-001" - backup_schedule = "0 3 * * *" - retention_days = 31 - flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id - storage = { - class = "premium-perf2-stackit" - size = 5 - } - version = 2022 - encryption = { - #key_id = stackit_kms_key.key.key_id - #keyring_id = stackit_kms_keyring.keyring.keyring_id - #key_version = 1 - # key with scope public - kek_key_id = "fe039bcf-8d7b-431a-801d-9e81371a6b7b" - # key_id = var.key_id - kek_key_ring_id = var.keyring_id - kek_key_version = var.key_version - service_account = var.sa_email - } - network = { - acl = ["0.0.0.0/0", "193.148.160.0/19"] - access_scope = "SNA" - } -} - -resource "stackitprivatepreview_sqlserverflexbeta_user" "exampleuseruno" { - project_id = var.project_id - instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-beta-nosna-001.instance_id - username = "exampleuserdue" - roles = ["##STACKIT_ProcessManager##", "##STACKIT_LoginManager##", "##STACKIT_ServerManager##"] -} - -resource "stackitprivatepreview_sqlserverflexbeta_user" "exampleuser" { - project_id = var.project_id - instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-beta-nosna-001.instance_id - username = "exampleuser" - roles = ["##STACKIT_LoginManager##"] -} - - -resource "stackitprivatepreview_sqlserverflexbeta_database" "mshtest002" { - project_id = var.project_id - instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-beta-nosna-001.instance_id - name = "mshtest002" - # owner = "dbuser" - owner = stackitprivatepreview_sqlserverflexbeta_user.exampleuseruno.username -} - - -# data "stackitprivatepreview_sqlserverflexbeta_database" "example" { -# project_id = var.project_id -# region = "eu01" -# instance_id = "b3b63d0c-35bf-4804-84ea-5abec2a8ae58" -# database_name = "mshtest001" -# } - -# output "dbdetails" { -# value = data.stackitprivatepreview_sqlserverflexbeta_database.example -# } -# - - -# resource "stackitprivatepreview_sqlserverflexbeta_database" "mshtest" { -# project_id = var.project_id -# instance_id = "b3b63d0c-35bf-4804-84ea-5abec2a8ae58" -# name = "mshtest" -# owner = "dbuser" -# } -# -# import { -# to = stackitprivatepreview_sqlserverflexbeta_database.mshtest -# identity = { -# project_id = var.project_id -# region = "eu01" -# instance_id = "b3b63d0c-35bf-4804-84ea-5abec2a8ae58" -# database_name = "mshtest" -# } -# } diff --git a/sample/sqlserver_beta/variables.tf.example b/sample/sqlserver_beta/variables.tf.example deleted file mode 100644 index 51a70be4..00000000 --- a/sample/sqlserver_beta/variables.tf.example +++ /dev/null @@ -1,11 +0,0 @@ -variable "project_id" { - default = "" -} - -variable "sa_email" { - default = "" -} - -variable "db_username" { - default = "" -} diff --git a/stackit/internal/services/postgresflexalpha/database/resource.go b/stackit/internal/services/postgresflexalpha/database/resource.go index 457dc242..fc9390e3 100644 --- a/stackit/internal/services/postgresflexalpha/database/resource.go +++ b/stackit/internal/services/postgresflexalpha/database/resource.go @@ -209,8 +209,8 @@ func (r *databaseResource) Create( ) database, err := postgresflexalphaWait.GetDatabaseByIdWaitHandler(ctx, r.client.DefaultAPI, projectID, instanceID, region, databaseID). - SetTimeout(30 * time.Minute). - SetSleepBeforeWait(10 * time.Second). + SetTimeout(15 * time.Minute). + SetSleepBeforeWait(15 * time.Second). WaitWithContext(ctx) if err != nil { core.LogAndAddError( @@ -279,8 +279,8 @@ func (r *databaseResource) Read( ) databaseResp, err := postgresflexalphaWait.GetDatabaseByIdWaitHandler(ctx, r.client.DefaultAPI, projectID, instanceID, region, databaseID). - SetTimeout(30 * time.Minute). - SetSleepBeforeWait(10 * time.Second). + SetTimeout(15 * time.Minute). + SetSleepBeforeWait(15 * time.Second). WaitWithContext(ctx) if err != nil { core.LogAndAddError( @@ -386,8 +386,8 @@ func (r *databaseResource) Update( ctx = core.LogResponse(ctx) databaseResp, err := postgresflexalphaWait.GetDatabaseByIdWaitHandler(ctx, r.client.DefaultAPI, projectId, instanceId, region, databaseId). - SetTimeout(30 * time.Minute). - SetSleepBeforeWait(10 * time.Second). + SetTimeout(15 * time.Minute). + SetSleepBeforeWait(15 * time.Second). WaitWithContext(ctx) if err != nil { core.LogAndAddError(ctx, &resp.Diagnostics, "error updating database", err.Error()) diff --git a/stackit/internal/services/postgresflexalpha/instance/resource.go b/stackit/internal/services/postgresflexalpha/instance/resource.go index ad99978e..b6a6bfa7 100644 --- a/stackit/internal/services/postgresflexalpha/instance/resource.go +++ b/stackit/internal/services/postgresflexalpha/instance/resource.go @@ -208,7 +208,7 @@ func (r *instanceResource) Create( ) waitResp, err := wait.CreateInstanceWaitHandler(ctx, r.client.DefaultAPI, projectID, region, *instanceID). - SetTimeout(90 * time.Minute). + SetTimeout(30 * time.Minute). SetSleepBeforeWait(10 * time.Second). WaitWithContext(ctx) if err != nil { @@ -446,7 +446,7 @@ func (r *instanceResource) Update( region, instanceID, ). - SetTimeout(90 * time.Minute). + SetTimeout(30 * time.Minute). SetSleepBeforeWait(10 * time.Second). WaitWithContext(ctx) if err != nil { diff --git a/stackit/internal/services/postgresflexalpha/postgresflex_acc_test.go b/stackit/internal/services/postgresflexalpha/postgresflex_acc_test.go index 6c057cfb..874556e2 100644 --- a/stackit/internal/services/postgresflexalpha/postgresflex_acc_test.go +++ b/stackit/internal/services/postgresflexalpha/postgresflex_acc_test.go @@ -799,7 +799,7 @@ func testAccCheckPostgresFlexDestroy(s *terraform.State) error { testutils.ProjectId, testutils.Region, items[i].Id, - 30*time.Minute, + 15*time.Minute, 10*time.Second, ) if err != nil { diff --git a/stackit/internal/services/postgresflexalpha/user/resource.go b/stackit/internal/services/postgresflexalpha/user/resource.go index eb537a60..b7c79f6b 100644 --- a/stackit/internal/services/postgresflexalpha/user/resource.go +++ b/stackit/internal/services/postgresflexalpha/user/resource.go @@ -241,7 +241,7 @@ func (r *userResource) Create( ).SetSleepBeforeWait( 10 * time.Second, ).SetTimeout( - 30 * time.Minute, + 15 * time.Minute, ).WaitWithContext(ctx) if err != nil { @@ -322,7 +322,7 @@ func (r *userResource) Read( ).SetSleepBeforeWait( 10 * time.Second, ).SetTimeout( - 30 * time.Minute, + 15 * time.Minute, ).WaitWithContext(ctx) if err != nil { @@ -445,7 +445,7 @@ func (r *userResource) Update( ).SetSleepBeforeWait( 10 * time.Second, ).SetTimeout( - 30 * time.Minute, + 15 * time.Minute, ).WaitWithContext(ctx) if err != nil { diff --git a/stackit/internal/services/sqlserverflexbeta/database/resource.go b/stackit/internal/services/sqlserverflexbeta/database/resource.go index b8d07540..b8ed1cad 100644 --- a/stackit/internal/services/sqlserverflexbeta/database/resource.go +++ b/stackit/internal/services/sqlserverflexbeta/database/resource.go @@ -193,7 +193,6 @@ func (r *databaseResource) Create(ctx context.Context, req resource.CreateReques data.Owner.ValueString(), ). SetSleepBeforeWait(10 * time.Second). - SetTimeout(90 * time.Minute). WaitWithContext(ctx) if err != nil { core.LogAndAddError( @@ -254,9 +253,9 @@ func (r *databaseResource) Create(ctx context.Context, req resource.CreateReques region, databaseName, ).SetSleepBeforeWait( - 10 * time.Second, + 30 * time.Second, ).SetTimeout( - 90 * time.Minute, + 15 * time.Minute, ).WaitWithContext(ctx) if err != nil { core.LogAndAddError( diff --git a/stackit/internal/services/sqlserverflexbeta/instance/resource.go b/stackit/internal/services/sqlserverflexbeta/instance/resource.go index bb7e67b4..63bfb383 100644 --- a/stackit/internal/services/sqlserverflexbeta/instance/resource.go +++ b/stackit/internal/services/sqlserverflexbeta/instance/resource.go @@ -354,8 +354,8 @@ func (r *instanceResource) Update(ctx context.Context, req resource.UpdateReques waitResp, err := wait. UpdateInstanceWaitHandler(ctx, r.client.DefaultAPI, projectID, instanceID, region). - SetSleepBeforeWait(10 * time.Second). - SetTimeout(90 * time.Minute). + SetSleepBeforeWait(15 * time.Second). + SetTimeout(45 * time.Minute). WaitWithContext(ctx) if err != nil { core.LogAndAddError( @@ -416,10 +416,7 @@ func (r *instanceResource) Delete(ctx context.Context, req resource.DeleteReques ctx = core.LogResponse(ctx) - delResp, err := wait.DeleteInstanceWaitHandler(ctx, r.client.DefaultAPI, projectID, instanceID, region). - SetSleepBeforeWait(10 * time.Second). - SetTimeout(90 * time.Minute). - WaitWithContext(ctx) + delResp, err := wait.DeleteInstanceWaitHandler(ctx, r.client.DefaultAPI, projectID, instanceID, region).WaitWithContext(ctx) if err != nil { core.LogAndAddError( ctx, diff --git a/stackit/internal/services/sqlserverflexbeta/sqlserverflex_acc_test.go b/stackit/internal/services/sqlserverflexbeta/sqlserverflex_acc_test.go index 77955dd5..0d3d8c99 100644 --- a/stackit/internal/services/sqlserverflexbeta/sqlserverflex_acc_test.go +++ b/stackit/internal/services/sqlserverflexbeta/sqlserverflex_acc_test.go @@ -158,8 +158,7 @@ func TestAccInstance(t *testing.T) { PreConfig: func() { t.Logf("testing: %s - %s", t.Name(), "create and verify") }, - // empty refresh plan - ExpectNonEmptyPlan: false, + ExpectNonEmptyPlan: true, Config: testutils.StringFromTemplateMust( "testdata/instance_template.gompl", exData, diff --git a/stackit/internal/services/sqlserverflexbeta/user/resource.go b/stackit/internal/services/sqlserverflexbeta/user/resource.go index 363ce203..0c04f31b 100644 --- a/stackit/internal/services/sqlserverflexbeta/user/resource.go +++ b/stackit/internal/services/sqlserverflexbeta/user/resource.go @@ -308,7 +308,7 @@ func (r *userResource) Create( region, userId, ).SetSleepBeforeWait( - 10 * time.Second, + 90 * time.Second, ).SetTimeout( 90 * time.Minute, ).WaitWithContext(ctx) @@ -459,23 +459,23 @@ func (r *userResource) Delete( ctx = core.InitProviderContext(ctx) - projectID := model.ProjectId.ValueString() - instanceID := model.InstanceId.ValueString() - userID := model.UserId.ValueInt64() + projectId := model.ProjectId.ValueString() + instanceId := model.InstanceId.ValueString() + userId := model.UserId.ValueInt64() region := model.Region.ValueString() - ctx = tflog.SetField(ctx, "project_id", projectID) - ctx = tflog.SetField(ctx, "instance_id", instanceID) - ctx = tflog.SetField(ctx, "user_id", userID) + ctx = tflog.SetField(ctx, "project_id", projectId) + ctx = tflog.SetField(ctx, "instance_id", instanceId) + ctx = tflog.SetField(ctx, "user_id", userId) ctx = tflog.SetField(ctx, "region", region) // Delete existing record set // err := r.client.DeleteUserRequest(ctx, projectId, region, instanceId, userId).Execute() - err := r.client.DefaultAPI.DeleteUserRequest(ctx, projectID, region, instanceID, userID).Execute() + err := r.client.DefaultAPI.DeleteUserRequest(ctx, projectId, region, instanceId, userId).Execute() if err != nil { var oapiErr *oapierror.GenericOpenAPIError ok := errors.As(err, &oapiErr) if !ok { - core.LogAndAddError(ctx, &resp.Diagnostics, "User Delete Error", fmt.Sprintf("error is no oapi error: %v", err)) + // TODO err handling return } @@ -487,14 +487,12 @@ func (r *userResource) Delete( // tflog.Warn(ctx, "[delete user] Wait handler got error 500") // return false, nil, nil default: - core.LogAndAddError(ctx, &resp.Diagnostics, "User Delete Error", fmt.Sprintf("Unexpected API error: %v", err)) + // TODO err handling return } } // Delete existing record set - _, err = sqlserverflexbetaWait.DeleteUserWaitHandler(ctx, r.client.DefaultAPI, projectID, region, instanceID, userID). - SetTimeout(90 * time.Minute). - SetSleepBeforeWait(10 * time.Second). + _, err = sqlserverflexbetaWait.DeleteUserWaitHandler(ctx, r.client.DefaultAPI, projectId, region, instanceId, userId). WaitWithContext(ctx) if err != nil { core.LogAndAddError(ctx, &resp.Diagnostics, "User Delete Error", fmt.Sprintf("Calling API: %v", err)) diff --git a/stackit/internal/wait/postgresflexalpha/wait.go b/stackit/internal/wait/postgresflexalpha/wait.go index 71877f76..00295c42 100644 --- a/stackit/internal/wait/postgresflexalpha/wait.go +++ b/stackit/internal/wait/postgresflexalpha/wait.go @@ -281,8 +281,8 @@ func GetDatabaseByIdWaitHandler( if databaseID > math.MaxInt32 { return false, nil, fmt.Errorf("databaseID too large for int32") } - dbID32 := int32(databaseID) //nolint:gosec // is checked above - s, err := a.GetDatabaseRequest(ctx, projectID, region, instanceID, dbID32).Execute() + dbId32 := int32(databaseID) //nolint:gosec // is checked above + s, err := a.GetDatabaseRequest(ctx, projectID, region, instanceID, dbId32).Execute() if err != nil { var oapiErr *oapierror.GenericOpenAPIError ok := errors.As(err, &oapiErr) @@ -290,7 +290,6 @@ func GetDatabaseByIdWaitHandler( return false, nil, fmt.Errorf("could not convert error to oapierror.GenericOpenAPIError") } switch oapiErr.StatusCode { - // TODO: work-around case http.StatusBadGateway, http.StatusGatewayTimeout, http.StatusServiceUnavailable: tflog.Warn( ctx, "api responded with 50[2,3,4] status", map[string]interface{}{ diff --git a/stackit/internal/wait/sqlserverflexbeta/wait.go b/stackit/internal/wait/sqlserverflexbeta/wait.go index e0830fac..18168968 100644 --- a/stackit/internal/wait/sqlserverflexbeta/wait.go +++ b/stackit/internal/wait/sqlserverflexbeta/wait.go @@ -89,16 +89,9 @@ func CreateInstanceWaitHandler( return false, nil, fmt.Errorf("could not convert error to oapierror.GenericOpenAPIError: %w", err) } switch oapiErr.StatusCode { - case http.StatusOK: - return false, nil, nil case http.StatusNotFound: return false, nil, nil default: - // TODO: work-around - if strings.Contains(err.Error(), "is not a valid InstanceEdition") { - tflog.Info(ctx, "API WORKAROUND", map[string]interface{}{"err": err}) - return false, nil, nil - } return false, nil, fmt.Errorf("api error: %w", err) } } @@ -264,6 +257,7 @@ func DeleteInstanceWaitHandler( return true, nil, nil }, ) + handler.SetTimeout(30 * time.Minute) return handler } @@ -405,5 +399,7 @@ func DeleteUserWaitHandler( } }, ) + handler.SetTimeout(15 * time.Minute) + handler.SetSleepBeforeWait(15 * time.Second) return handler }