enhance generation check by moving schemas to separate files

frankgreco · Jan 6, 2022 · 0952ccf · 0952ccf
1 parent 0658deb
commit 0952ccf
Show file tree

Hide file tree

Showing 10 changed files with 328 additions and 288 deletions.
diff --git a/Makefile b/Makefile
@@ -38,7 +38,7 @@ fmt:
 define docs-generate-sum
 	rm -f $@; \
 	( \
-		find internal/provider examples -type f -not -ipath '*terraform*' -print0 | xargs -0 sha256sum; \
+		find templates internal/provider examples -name '*schema_*' -o -path '*examples*' -not -path '*.terraform*' -not -path 'examples/guides/*/provider.tf' -type f -o -path '*templates*' -type f | xargs sha256sum; \
 	) | sort -k 2 > $@
 endef
 

diff --git a/docs-generate.sum b/docs-generate.sum
@@ -1,14 +1,14 @@
 f741a688e5973f20960b5de956c20a096d66cd50281f0261c59beb8826b419d3  examples/guides/firewall/main.tf
-eab1a030f9c109d699a611e154f311dbf86809cb8183f030f7461b317817885f  examples/guides/firewall/provider.tf
+b866dbd54e08d98fa109ee5b9eaf68dae55b5eacfec9108e99b43b834077cd55  examples/guides/firewall/terraform.tfstate
+ed086d1f8ac60aaa6ef423096591c4683bfdf990145e52151067ff0d8e80c25f  examples/guides/firewall/terraform.tfstate.backup
 eda7df5a60670b66c70593ed249e00c2fa8c5689b1c4f968b4f4935e698b4a4e  examples/provider/provider.tf
 b4adaf9436fc082f07eff9034c2c2724690f878dede27f67ea9cee2670f9c781  examples/provider/variables.tf
 7a5b822b354000fc42a33422d9cb1a5876c48e85ba8cae1b1c7634aeda2a90a8  examples/resources/edge_firewall_address_group/resource.tf
 9504ac84127e30cf43b7d70f778cd2381f9a50e4f5e5af738a6cc3c723be994b  examples/resources/edge_firewall_port_group/resource.tf
 b1f2408d091ce25db324114e0f39d31e2c6d3951224b40ad36c8a95fec0f96bb  examples/resources/edge_firewall_ruleset/resource.tf
 8d60606a0462636c3aee7b4124b512b2b508fbb64cc7ffcbceaed096c69b4891  examples/resources/edge_firewall_ruleset_attachment/resource.tf
-b2420f099cf97751d48792aba9eb1100af5b96004f9d1a89c09f66878fc5cf88  internal/provider/data_interface_ethernet.go
-7b2a75eebbabb42c7c882cfdc52df88dd7ce584f882633e3438b965f3808f628  internal/provider/provider.go
-0bc5533d48fcc9ea468717a7fdf9315452a1cb1fcffcbedb199c991d0b09dd09  internal/provider/resource_firewall_address_group.go
-b37b3f5d2f78559d49bf87b17f017f0ac6a1efd2dc94e5b06f61d424bc91d74a  internal/provider/resource_firewall_port_group.go
-8d5cce735e7fe51a4e806b4342db39d59c599e95120ea25d94f29b805eaef2b2  internal/provider/resource_firewall_ruleset.go
-0d6acb6d48a3def6e2fd18e11998264895a395eb6d754be1184d36a28506d72f  internal/provider/resource_firewall_ruleset_attachment.go
+99ce1fa0ad604f1968423cb2a64f20d57355f672a3f84d2eb203a185ad151d1f  internal/provider/schema_firewall_address_group.go
+f9e8a309f8e515c9860c2bcf7c42bc6faad8a22e73cee177a320ef0007d85646  internal/provider/schema_firewall_port_group.go
+039e78b2514628316d094d0938cb186825816aedd2abe23b86a03dd69988bf2a  internal/provider/schema_firewall_ruleset.go
+3b354ebd52c954994208fc87ebf44117f81547d1d70eff0fde65a84c1f3253c5  internal/provider/schema_firewall_ruleset_attachment.go
+cc1e815020918c121b4cf145865aacaeada4c32d278fcab44a3b6b76759e5ce6  templates/guides/firewall.md.tmpl
diff --git a/internal/provider/resource_firewall_address_group.go b/internal/provider/resource_firewall_address_group.go
@@ -4,46 +4,18 @@ import (
 	"context"
 
 	"github.com/frankgreco/edge-sdk-go/types"
-	"github.com/frankgreco/terraform-helpers/validators"
 	"github.com/mattbaird/jsonpatch"
 
 	"terraform-provider-edge/internal/utils"
 
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
-	tfftypes "github.com/hashicorp/terraform-plugin-framework/types"
 )
 
 type resourceFirewallAddressGroupType struct{}
 
 func (r resourceFirewallAddressGroupType) GetSchema(_ context.Context) (tfsdk.Schema, diag.Diagnostics) {
-	return tfsdk.Schema{
-		Description: "A logical grouping of addresses.",
-		Attributes: map[string]tfsdk.Attribute{
-			"name": {
-				Type:          tfftypes.StringType,
-				Required:      true,
-				PlanModifiers: []tfsdk.AttributePlanModifier{tfsdk.RequiresReplace()},
-				Description:   "A unique, human readable name for this address group.",
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoWhitespace(),
-				},
-			},
-			"description": {
-				Type:        tfftypes.StringType,
-				Optional:    true,
-				Description: "A human readable description for this address group.",
-			},
-			"cidrs": {
-				Type:        tfftypes.ListType{ElemType: tfftypes.StringType},
-				Optional:    true,
-				Description: "A non-overlapping list of cidrs.",
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoOverlappingCIDRs(),
-				},
-			},
-		},
-	}, nil
+	return schemaFirewallAddressGroup(), nil
 }
 
 func (r resourceFirewallAddressGroupType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) {

diff --git a/internal/provider/resource_firewall_port_group.go b/internal/provider/resource_firewall_port_group.go
@@ -4,70 +4,18 @@ import (
 	"context"
 
 	"github.com/frankgreco/edge-sdk-go/types"
-	"github.com/frankgreco/terraform-helpers/validators"
 	"github.com/mattbaird/jsonpatch"
 
 	"terraform-provider-edge/internal/utils"
 
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
-	tfftypes "github.com/hashicorp/terraform-plugin-framework/types"
 )
 
 type resourceFirewallPortGroupType struct{}
 
 func (r resourceFirewallPortGroupType) GetSchema(_ context.Context) (tfsdk.Schema, diag.Diagnostics) {
-	return tfsdk.Schema{
-		Description: "A logical grouping of ports.",
-		Attributes: map[string]tfsdk.Attribute{
-			"name": {
-				Type:          tfftypes.StringType,
-				Required:      true,
-				PlanModifiers: []tfsdk.AttributePlanModifier{tfsdk.RequiresReplace()},
-				Description:   "A unique, human readable name for this port group.",
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoWhitespace(),
-				},
-			},
-			"description": {
-				Type:        tfftypes.StringType,
-				Optional:    true,
-				Description: "A human readable description for this port group.",
-			},
-			"port_ranges": {
-				Attributes: tfsdk.ListNestedAttributes(map[string]tfsdk.Attribute{
-					"from": {
-						Type:     tfftypes.NumberType,
-						Required: true,
-						Validators: []tfsdk.AttributeValidator{
-							validators.Range(float64(1), float64(65535.0)),
-							validators.Compare(validators.ComparatorLessThan, "to"),
-						},
-					},
-					"to": {
-						Type:     tfftypes.NumberType,
-						Required: true,
-						Validators: []tfsdk.AttributeValidator{
-							validators.Range(float64(1), float64(65535.0)),
-						},
-					},
-				}, tfsdk.ListNestedAttributesOptions{}),
-				Optional:    true,
-				Description: "A list of port ranges.",
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoOverlap(),
-				},
-			},
-			"ports": {
-				Type:        tfftypes.ListType{ElemType: tfftypes.NumberType},
-				Optional:    true,
-				Description: "A list of port numbers.",
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoOverlap(),
-				},
-			},
-		},
-	}, nil
+	return schemaFirewallPortGroup(), nil
 }
 
 func (r resourceFirewallPortGroupType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) {

diff --git a/internal/provider/resource_firewall_ruleset.go b/internal/provider/resource_firewall_ruleset.go
@@ -6,184 +6,16 @@ import (
 	"terraform-provider-edge/internal/utils"
 
 	"github.com/frankgreco/edge-sdk-go/types"
-	"github.com/frankgreco/terraform-helpers/validators"
+	"github.com/mattbaird/jsonpatch"
+
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
-	tftypes "github.com/hashicorp/terraform-plugin-framework/types"
-	"github.com/mattbaird/jsonpatch"
 )
 
 type resourceFirewallRulesetType struct{}
 
 func (r resourceFirewallRulesetType) GetSchema(_ context.Context) (tfsdk.Schema, diag.Diagnostics) {
-	port := tfsdk.Attribute{
-		Attributes: tfsdk.SingleNestedAttributes(map[string]tfsdk.Attribute{
-			"from": {
-				Type:     tftypes.NumberType,
-				Required: true,
-				Validators: []tfsdk.AttributeValidator{
-					validators.Range(float64(1), float64(65535.0)),
-					validators.Compare(validators.ComparatorLessThanEqual, "to"),
-				},
-			},
-			"to": {
-				Type:     tftypes.NumberType,
-				Required: true,
-				Validators: []tfsdk.AttributeValidator{
-					validators.Range(float64(1), float64(65535.0)),
-				},
-			},
-		}),
-		Optional:    true,
-		Description: "A port range. Conflicts with `port_group`.",
-		Validators: []tfsdk.AttributeValidator{
-			validators.ConflictsWith("port_group"),
-		},
-	}
-
-	portGroup := tfsdk.Attribute{
-		Type:        tftypes.StringType,
-		Optional:    true,
-		Description: "The port group this rule applies to. If not provided, all ports will be matched. Conflicts with `port`.",
-		Validators: []tfsdk.AttributeValidator{
-			validators.ConflictsWith("port"),
-		},
-	}
-
-	address := tfsdk.Attribute{
-		Type:        tftypes.StringType,
-		Optional:    true,
-		Description: "The cidr this rule applies to. If not provided, it is treated as `0.0.0.0/0`. Conflicts with `address_group`.",
-		Validators: []tfsdk.AttributeValidator{
-			validators.Cidr(),
-			validators.ConflictsWith("address_group"),
-		},
-	}
-
-	addressGroup := tfsdk.Attribute{
-		Type:        tftypes.StringType,
-		Optional:    true,
-		Description: "The address group this rule applies to. If not provided, all addresses will be matched. Conflicts with `address`.",
-		Validators: []tfsdk.AttributeValidator{
-			validators.ConflictsWith("address"),
-		},
-	}
-
-	return tfsdk.Schema{
-		Description: "A grouping of firewall rules. The firewall is not enforced unless attached to an interface which can be done with the `firewall_ruleset_attachment` resource.",
-		Attributes: map[string]tfsdk.Attribute{
-			"name": {
-				Description: "A unique, human readable name for this ruleset.",
-				Type:        tftypes.StringType,
-				Required:    true,
-				Validators: []tfsdk.AttributeValidator{
-					validators.NoWhitespace(),
-				},
-				PlanModifiers: []tfsdk.AttributePlanModifier{tfsdk.RequiresReplace()},
-			},
-			"description": {
-				Description: "A human readable description for this ruleset.",
-				Type:        tftypes.StringType,
-				Optional:    true,
-			},
-			"default_action": {
-				Description: "The default action to take if traffic is not matched by one of the rules in the ruleset. Must be one of `reject`, `drop`, `accept`.",
-				Type:        tftypes.StringType,
-				Required:    true,
-				Validators: []tfsdk.AttributeValidator{
-					validators.StringInSlice(true, "reject", "drop", "accept"),
-				},
-			},
-		},
-		Blocks: map[string]tfsdk.Block{
-			"rule": {
-				Validators: []tfsdk.AttributeValidator{
-					validators.Unique("priority"),
-				},
-				NestingMode: tfsdk.BlockNestingModeSet,
-				Attributes: map[string]tfsdk.Attribute{
-					"priority": {
-						Type:        tftypes.NumberType,
-						Required:    true,
-						Description: "The priority of this rule. The higher the priority, the higher the precedence.",
-					},
-					"description": {
-						Type:        tftypes.StringType,
-						Optional:    true,
-						Description: "A human readable description for this rule.",
-					},
-					"action": {
-						Type:        tftypes.StringType,
-						Required:    true,
-						Description: "The action to take on traffic that matches this rule. Must be one of `reject`, `drop`, `accept`.",
-						Validators: []tfsdk.AttributeValidator{
-							validators.StringInSlice(true, "drop", "reject", "accept"),
-						},
-					},
-					"protocol": {
-						Type:        tftypes.StringType,
-						Optional:    true,
-						Description: "The protocol this rule applies to. If not specified, this rule applies to all protcols. Must be one of `tcp`, `udp`, `tcp_udp`.",
-						Validators: []tfsdk.AttributeValidator{
-							validators.StringInSlice(true, "tcp", "udp", "tcp_udp", "all", "*"),
-						},
-					},
-					"state": {
-						Description: "This describes the connection state of a packet.",
-						Attributes: tfsdk.SingleNestedAttributes(map[string]tfsdk.Attribute{
-							"established": {
-								Type:        tftypes.BoolType,
-								Optional:    true,
-								Description: "Match packets that are part of a two-way connection.",
-							},
-							"new": {
-								Type:        tftypes.BoolType,
-								Optional:    true,
-								Description: "Match packets creating a new connection.",
-							},
-							"related": {
-								Type:        tftypes.BoolType,
-								Optional:    true,
-								Description: "Match packets related to established connections.",
-							},
-							"invalid": {
-								Type:        tftypes.BoolType,
-								Optional:    true,
-								Description: "Match packets that cannot be identified.",
-							},
-						}),
-						Optional: true,
-					},
-					"destination": {
-						Description: "Details about the traffic's destination. If not specified, all sources will be evaluated.",
-						Attributes: tfsdk.SingleNestedAttributes(map[string]tfsdk.Attribute{
-							"address":       address,
-							"port":          port,
-							"address_group": addressGroup,
-							"port_group":    portGroup,
-						}),
-						Optional: true,
-						// Need a validator to ensure address conflicts with address_group and port conflicts with port_group.
-					},
-					"source": {
-						Description: "Details about the traffic's source. If not specified, all sources will be evaluated.",
-						Attributes: tfsdk.SingleNestedAttributes(map[string]tfsdk.Attribute{
-							"address":       address,
-							"port":          port,
-							"address_group": addressGroup,
-							"port_group":    portGroup,
-							"mac": {
-								Type:     tftypes.StringType,
-								Optional: true,
-							},
-						}),
-						Optional: true,
-						// Need a validator to ensure address conflicts with address_group and port conflicts with port_group.
-					},
-				},
-			},
-		},
-	}, nil
+	return schemaFirewallRuleset(), nil
 }
 
 func (r resourceFirewallRulesetType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) {

diff --git a/internal/provider/resource_firewall_ruleset_attachment.go b/internal/provider/resource_firewall_ruleset_attachment.go
@@ -10,38 +10,12 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
-	tfftypes "github.com/hashicorp/terraform-plugin-framework/types"
 )
 
 type resourceFirewallRulesetAttachmentType struct{}
 
 func (r resourceFirewallRulesetAttachmentType) GetSchema(_ context.Context) (tfsdk.Schema, diag.Diagnostics) {
-	return tfsdk.Schema{
-		Description: "Attach a firewall ruleset to inbound, outbound, and local traffic.",
-		Attributes: map[string]tfsdk.Attribute{
-			"interface": {
-				Type:          tfftypes.StringType,
-				Required:      true,
-				PlanModifiers: []tfsdk.AttributePlanModifier{tfsdk.RequiresReplace()},
-				Description:   "The interface to attach firewall rules to.",
-			},
-			"in": {
-				Type:        tfftypes.StringType,
-				Optional:    true,
-				Description: "Match inbound packets.",
-			},
-			"out": {
-				Type:        tfftypes.StringType,
-				Optional:    true,
-				Description: "Match outbound packets.",
-			},
-			"local": {
-				Type:        tfftypes.StringType,
-				Optional:    true,
-				Description: "Match local packets.",
-			},
-		},
-	}, nil
+	return schemaFirewallRulesetAttachment(), nil
 }
 
 func (r resourceFirewallRulesetAttachmentType) NewResource(_ context.Context, p tfsdk.Provider) (tfsdk.Resource, diag.Diagnostics) {