stackit-dev-tools/terraform-provider-stackitprivatepreview
2
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
terraform-provider-stackitp.../stackit/internal/services/sqlserverflex/user/resource.go
Vicente Pinto 93fe2fe89f
IaaS Release (#543) 
* IaaS Volume (#541)

* Onboard IaaS Volume

* Labels mapping

* Add acceptance test

* Remove source field

* Fix lint

* Add examples and docs

* Fix lint

* Fix lint

* Fix lint

* Volume source field (#542)

* Onboard IaaS Volume

* Labels mapping

* Add acceptance test

* Remove source field

* Fix lint

* Add examples and docs

* Fix lint

* Fix lint

* Fix lint

* Add source field supoort

* Fix labels and source mapping

* Remove unecessary source mapping

* Move methods to conversion pkg

* Revert change

* Update stackit/internal/services/iaas/volume/datasource.go

Co-authored-by: João Palet <joao.palet@outlook.com>

* Update stackit/internal/services/iaas/volume/resource.go

Co-authored-by: João Palet <joao.palet@outlook.com>

* Update stackit/internal/services/iaas/volume/resource.go

Co-authored-by: João Palet <joao.palet@outlook.com>

* Update stackit/internal/services/iaas/volume/resource.go

Co-authored-by: João Palet <joao.palet@outlook.com>

* Changes after review

* Change after revie

---------

Co-authored-by: João Palet <joao.palet@outlook.com>

* Onboard IaaS security groups (#545)

* onboard iaas security group

* add examples and generate docs

* fix linter issues

* fix deletion

* Update stackit/internal/services/iaas/securitygroup/resource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* rename data source example file

* update docs

* remove field

* remove field

* remove plan modifier from the name field

* refactor labels in mapFields

* change function from utils to conversion

* remove rules from the security group

* update docs

* add security group acceptance test

* add plan modifiers to stateful field

* sort imports

* change stateful description

---------

Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>
Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* IaaS Server baseline configuration (#546)

* Server resource schema

* Implemente CRUD methods and unit testsg

* Bug fixes

* Bug fix

* Make variable private

* Remove delete_on_termination and update descriptions

* Add security_group field to initial networking

* Add examples and acc test

* Generate docs

* Fix lint

* Fix lint issue

* Fix unit test

* Update desc

* Gen docs

* Onboard IaaS network interface (#544)

* implement network interface

* handle labels

* add CIDR validation

* fix linter issues and generate docs

* remove computed from the allowed addresses and fix the conditions

* Update stackit/internal/services/iaas/networkinterface/resource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* Update stackit/internal/services/iaas/networkinterface/datasource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* apply code review changes

* remove status from schema

* remove unnecessary GET call

* Update stackit/internal/services/iaas/networkinterface/resource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* Update stackit/internal/services/iaas/networkinterface/resource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* rename nic_security to security

* add beta markdown description

* use existing validateIP function

* use utils function for the options listing

* refactor labels

* change function from utils to conversion

* make allowed addresses a list of strings

* add acceptance test for network interfaces

* fix acceptance test

* rename security_groups as security_group_ids

* extend descriptions

* fix acc test

---------

Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>
Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* rename volume data source example (#552)

Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>

* add requires replace to ipv4 and ipv6 fields (#549)

Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>
Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* Server resource improvements (#548)

* Improvements to server resource

* Fix example

* Remove useStateForUnknown

* Update SDK modules

* Update iaasalpha moduel (#555)

* Remove initial networking field (#556)

* Server attachment resources (#557)

* Server attachemnt resources

* Add examples

* Update volume datasource example

* Fix linting issues

* Fix linting

* Fix examples formatting

* Update go.mod

* Revert iaas to v0.11

* Onboard iaas public ip (#551)

* onboard public ip

* onboard public ip

* add public ip acceptance test

* Update examples/data-sources/stackit_public_ip/data-source.tf

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* add plan modifier to IP

* change type in the volume data source

* add network_interface field to public ip resource

* rename network_interface to network_interface_id

* remove obsolete checks

* extend unit tests

* add network_interface_id in example

* extend unit test

* extend acceptance test

* sort imports

---------

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* Add labels to network, network are and network area route resources (#559)

* Fix network_interface example

* Extend network, network area and network area route with labels

* Revert iaas to v0.11.0

---------

Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com>

* Onboard iaas security group rule (#553)

* onboard security group rule

* add security group rule to acceptance test

* change type in examples

* fix acc test issues

* extend example with objects

* remove obsolete field from acceptance test

* remove unnecessary plan modifier

* adapt schema fields

* adapt schema fields

* add requires replace to all fields

* extend descriptions with protocol limitations

* rename subfield protocol to number

* add requires replace to objects

* make icmp_parameters fields required

* add empty field checks for nested objects

* make max and min fields required in the port_range object

* make number field computed in the protocol object

* add UseStateForUnknown in protocol number

* remove obsolete unit test

* add checks for empty protocol and adapt unit test

* add atLeastOneOf validation in protocol fields

* fix linter issues

* Add project existence check before deleting SNA (#561)

* add project list check and error in network area deletion

* Update stackit/internal/services/iaas/networkarea/resource.go

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

---------

Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com>

* Example server use cases and other fixes (#560)

* Add example usage to server resource

* Update examples

* Fix beta warning

* Update docs and examples

* Remove size from example

* Fix server description, fix security group rule error message

* Other fixes

* remove field from datasource

---------

Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com>

* Security group rule fixes (#562)

* Add example usage to server resource

* Update examples

* Fix beta warning

* Update docs and examples

* Remove size from example

* Fix server description, fix security group rule error message

* Other fixes

* Fixes to sec group rule

* Fix lint

* Change after review

---------

Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com>

* Fix server example (#565)

* Fix server example

* Fixes to examples, add CIDR validation to nic

* Migrate iaasalpha to iaas (#568)

* Migrate iaasalpha to iaas

* Fix lint

* Update example

* Improvements to security group rule (#569)

* Improvements to security group rule

* Fix lint

* Fix example and remove computed from description

* Fix formatting

* Update description

---------

Co-authored-by: João Palet <joao.palet@outlook.com>
Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com>
Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>
2024-10-18 16:37:41 +01:00

453 lines
15 KiB
Go
Raw Blame History

package sqlserverflex
import (
"context"
"fmt"
"net/http"
"strings"
"github.com/hashicorp/terraform-plugin-framework-validators/setvalidator"
"github.com/hashicorp/terraform-plugin-framework/schema/validator"
"github.com/hashicorp/terraform-plugin-log/tflog"
"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/conversion"
"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/core"
"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/validate"
"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
"github.com/hashicorp/terraform-plugin-framework/attr"
"github.com/hashicorp/terraform-plugin-framework/path"
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/setplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/stackitcloud/stackit-sdk-go/core/config"
"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
"github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex"
)
// Ensure the implementation satisfies the expected interfaces.
var (
_ resource.Resource = &userResource{}
_ resource.ResourceWithConfigure = &userResource{}
_ resource.ResourceWithImportState = &userResource{}
)
type Model struct {
Id types.String `tfsdk:"id"` // needed by TF
UserId types.String `tfsdk:"user_id"`
InstanceId types.String `tfsdk:"instance_id"`
ProjectId types.String `tfsdk:"project_id"`
Username types.String `tfsdk:"username"`
Roles types.Set `tfsdk:"roles"`
Password types.String `tfsdk:"password"`
Host types.String `tfsdk:"host"`
Port types.Int64 `tfsdk:"port"`
}
// NewUserResource is a helper function to simplify the provider implementation.
func NewUserResource() resource.Resource {
return &userResource{}
}
// userResource is the resource implementation.
type userResource struct {
client *sqlserverflex.APIClient
}
// Metadata returns the resource type name.
func (r *userResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
resp.TypeName = req.ProviderTypeName + "_sqlserverflex_user"
}
// Configure adds the provider configured client to the resource.
func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
// Prevent panic if the provider has not been configured.
if req.ProviderData == nil {
return
}
providerData, ok := req.ProviderData.(core.ProviderData)
if !ok {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error configuring API client", fmt.Sprintf("Expected configure type stackit.ProviderData, got %T", req.ProviderData))
return
}
var apiClient *sqlserverflex.APIClient
var err error
if providerData.SQLServerFlexCustomEndpoint != "" {
apiClient, err = sqlserverflex.NewAPIClient(
config.WithCustomAuth(providerData.RoundTripper),
config.WithEndpoint(providerData.SQLServerFlexCustomEndpoint),
)
} else {
apiClient, err = sqlserverflex.NewAPIClient(
config.WithCustomAuth(providerData.RoundTripper),
config.WithRegion(providerData.Region),
)
}
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error configuring API client", fmt.Sprintf("Configuring client: %v. This is an error related to the provider configuration, not to the resource configuration", err))
return
}
r.client = apiClient
tflog.Info(ctx, "SQLServer Flex user client configured")
}
// Schema defines the schema for the resource.
func (r *userResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
descriptions := map[string]string{
"main": "SQLServer Flex user resource schema. Must have a `region` specified in the provider configuration.",
"id": "Terraform's internal resource ID. It is structured as \"`project_id`,`instance_id`,`user_id`\".",
"user_id": "User ID.",
"instance_id": "ID of the SQLServer Flex instance.",
"project_id": "STACKIT project ID to which the instance is associated.",
"username": "Username of the SQLServer Flex instance.",
"roles": "Database access levels for the user. Possible values: [`##STACKIT_LoginManager##`, `##STACKIT_DatabaseManager##`]",
"password": "Password of the user account.",
}
resp.Schema = schema.Schema{
Description: descriptions["main"],
Attributes: map[string]schema.Attribute{
"id": schema.StringAttribute{
Description: descriptions["id"],
Computed: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.UseStateForUnknown(),
},
},
"user_id": schema.StringAttribute{
Description: descriptions["user_id"],
Computed: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.UseStateForUnknown(),
},
Validators: []validator.String{
validate.NoSeparator(),
},
},
"instance_id": schema.StringAttribute{
Description: descriptions["instance_id"],
Required: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
stringplanmodifier.UseStateForUnknown(),
},
Validators: []validator.String{
validate.UUID(),
validate.NoSeparator(),
},
},
"project_id": schema.StringAttribute{
Description: descriptions["project_id"],
Required: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
stringplanmodifier.UseStateForUnknown(),
},
Validators: []validator.String{
validate.UUID(),
validate.NoSeparator(),
},
},
"username": schema.StringAttribute{
Description: descriptions["username"],
Required: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
stringplanmodifier.UseStateForUnknown(),
},
},
"roles": schema.SetAttribute{
Description: descriptions["roles"],
ElementType: types.StringType,
Optional: true,
PlanModifiers: []planmodifier.Set{
setplanmodifier.RequiresReplace(),
},
Validators: []validator.Set{
setvalidator.ValueStringsAre(
stringvalidator.OneOf("##STACKIT_LoginManager##", "##STACKIT_DatabaseManager##"),
),
},
},
"password": schema.StringAttribute{
Description: descriptions["password"],
Computed: true,
Sensitive: true,
},
"host": schema.StringAttribute{
Computed: true,
},
"port": schema.Int64Attribute{
Computed: true,
},
},
}
}
// Create creates the resource and sets the initial Terraform state.
func (r *userResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { // nolint:gocritic // function signature required by Terraform
var model Model
diags := req.Plan.Get(ctx, &model)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
projectId := model.ProjectId.ValueString()
instanceId := model.InstanceId.ValueString()
ctx = tflog.SetField(ctx, "project_id", projectId)
ctx = tflog.SetField(ctx, "instance_id", instanceId)
var roles []string
if !(model.Roles.IsNull() || model.Roles.IsUnknown()) {
diags = model.Roles.ElementsAs(ctx, &roles, false)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
}
// Generate API request body from model
payload, err := toCreatePayload(&model, roles)
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", fmt.Sprintf("Creating API payload: %v", err))
return
}
// Create new user
userResp, err := r.client.CreateUser(ctx, projectId, instanceId).CreateUserPayload(*payload).Execute()
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", fmt.Sprintf("Calling API: %v", err))
return
}
if userResp == nil || userResp.Item == nil || userResp.Item.Id == nil || *userResp.Item.Id == "" {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", "API didn't return user Id. A user might have been created")
return
}
userId := *userResp.Item.Id
ctx = tflog.SetField(ctx, "user_id", userId)
// Map response body to schema
err = mapFieldsCreate(userResp, &model)
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", fmt.Sprintf("Processing API payload: %v", err))
return
}
// Set state to fully populated data
diags = resp.State.Set(ctx, model)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
tflog.Info(ctx, "SQLServer Flex user created")
}
// Read refreshes the Terraform state with the latest data.
func (r *userResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { // nolint:gocritic // function signature required by Terraform
var model Model
diags := req.State.Get(ctx, &model)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
projectId := model.ProjectId.ValueString()
instanceId := model.InstanceId.ValueString()
userId := model.UserId.ValueString()
ctx = tflog.SetField(ctx, "project_id", projectId)
ctx = tflog.SetField(ctx, "instance_id", instanceId)
ctx = tflog.SetField(ctx, "user_id", userId)
recordSetResp, err := r.client.GetUser(ctx, projectId, instanceId, userId).Execute()
if err != nil {
oapiErr, ok := err.(*oapierror.GenericOpenAPIError) //nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
if ok && oapiErr.StatusCode == http.StatusNotFound {
resp.State.RemoveResource(ctx)
return
}
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading user", fmt.Sprintf("Calling API: %v", err))
return
}
// Map response body to schema
err = mapFields(recordSetResp, &model)
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading user", fmt.Sprintf("Processing API payload: %v", err))
return
}
// Set refreshed state
diags = resp.State.Set(ctx, model)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
tflog.Info(ctx, "SQLServer Flex user read")
}
// Update updates the resource and sets the updated Terraform state on success.
func (r *userResource) Update(ctx context.Context, _ resource.UpdateRequest, resp *resource.UpdateResponse) { // nolint:gocritic // function signature required by Terraform
// Update shouldn't be called
core.LogAndAddError(ctx, &resp.Diagnostics, "Error updating user", "User can't be updated")
}
// Delete deletes the resource and removes the Terraform state on success.
func (r *userResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { // nolint:gocritic // function signature required by Terraform
// Retrieve values from plan
var model Model
diags := req.State.Get(ctx, &model)
resp.Diagnostics.Append(diags...)
if resp.Diagnostics.HasError() {
return
}
projectId := model.ProjectId.ValueString()
instanceId := model.InstanceId.ValueString()
userId := model.UserId.ValueString()
ctx = tflog.SetField(ctx, "project_id", projectId)
ctx = tflog.SetField(ctx, "instance_id", instanceId)
ctx = tflog.SetField(ctx, "user_id", userId)
// Delete existing record set
err := r.client.DeleteUser(ctx, projectId, instanceId, userId).Execute()
if err != nil {
core.LogAndAddError(ctx, &resp.Diagnostics, "Error deleting user", fmt.Sprintf("Calling API: %v", err))
return
}
tflog.Info(ctx, "SQLServer Flex user deleted")
}
// ImportState imports a resource into the Terraform state on success.
// The expected format of the resource import identifier is: project_id,zone_id,record_set_id
func (r *userResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
idParts := strings.Split(req.ID, core.Separator)
if len(idParts) != 3 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" {
core.LogAndAddError(ctx, &resp.Diagnostics,
"Error importing user",
fmt.Sprintf("Expected import identifier with format [project_id],[instance_id],[user_id], got %q", req.ID),
)
return
}
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), idParts[1])...)
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), idParts[2])...)
core.LogAndAddWarning(ctx, &resp.Diagnostics,
"SQLServer Flex user imported with empty password",
"The user password is not imported as it is only available upon creation of a new user. The password field will be empty.",
)
tflog.Info(ctx, "SQLServer Flex user state imported")
}
func mapFieldsCreate(userResp *sqlserverflex.CreateUserResponse, model *Model) error {
if userResp == nil || userResp.Item == nil {
return fmt.Errorf("response is nil")
}
if model == nil {
return fmt.Errorf("model input is nil")
}
user := userResp.Item
if user.Id == nil {
return fmt.Errorf("user id not present")
}
userId := *user.Id
idParts := []string{
model.ProjectId.ValueString(),
model.InstanceId.ValueString(),
userId,
}
model.Id = types.StringValue(
strings.Join(idParts, core.Separator),
)
model.UserId = types.StringValue(userId)
model.Username = types.StringPointerValue(user.Username)
if user.Password == nil {
return fmt.Errorf("user password not present")
}
model.Password = types.StringValue(*user.Password)
if user.Roles != nil {
roles := []attr.Value{}
for _, role := range *user.Roles {
roles = append(roles, types.StringValue(role))
}
rolesSet, diags := types.SetValue(types.StringType, roles)
if diags.HasError() {
return fmt.Errorf("failed to map roles: %w", core.DiagsToError(diags))
}
model.Roles = rolesSet
}
if model.Roles.IsNull() || model.Roles.IsUnknown() {
model.Roles = types.SetNull(types.StringType)
}
model.Host = types.StringPointerValue(user.Host)
model.Port = types.Int64PointerValue(user.Port)
return nil
}
func mapFields(userResp *sqlserverflex.GetUserResponse, model *Model) error {
if userResp == nil || userResp.Item == nil {
return fmt.Errorf("response is nil")
}
if model == nil {
return fmt.Errorf("model input is nil")
}
user := userResp.Item
var userId string
if model.UserId.ValueString() != "" {
userId = model.UserId.ValueString()
} else if user.Id != nil {
userId = *user.Id
} else {
return fmt.Errorf("user id not present")
}
idParts := []string{
model.ProjectId.ValueString(),
model.InstanceId.ValueString(),
userId,
}
model.Id = types.StringValue(
strings.Join(idParts, core.Separator),
)
model.UserId = types.StringValue(userId)
model.Username = types.StringPointerValue(user.Username)
if user.Roles != nil {
roles := []attr.Value{}
for _, role := range *user.Roles {
roles = append(roles, types.StringValue(role))
}
rolesSet, diags := types.SetValue(types.StringType, roles)
if diags.HasError() {
return fmt.Errorf("failed to map roles: %w", core.DiagsToError(diags))
}
model.Roles = rolesSet
}
if model.Roles.IsNull() || model.Roles.IsUnknown() {
model.Roles = types.SetNull(types.StringType)
}
model.Host = types.StringPointerValue(user.Host)
model.Port = types.Int64PointerValue(user.Port)
return nil
}
func toCreatePayload(model *Model, roles []string) (*sqlserverflex.CreateUserPayload, error) {
if model == nil {
return nil, fmt.Errorf("nil model")
}
return &sqlserverflex.CreateUserPayload{
Username: conversion.StringValueToPointer(model.Username),
Roles: &roles,
}, nil
}
Reference in a new issue View git blame Copy permalink