Support for creation and deletion of auth zones

README.md

@@ -54,7 +54,7 @@ $ make testacc
 * Creation & Deletion of Network in NIOS appliance
 * Allocation & Deallocation of IP from a Network
 * Association & Disassociation of IP Address for a VM
-* Creation and Deletion of A, CNAME, Host, and Ptr records
+* Creation and Deletion of A, CNAME, Host, Zones and Ptr records
 
 ### Data Source
 * Supports Data Source for Network

go.mod

@@ -4,5 +4,5 @@ go 1.12
 
 require (
 	github.com/hashicorp/terraform v0.12.9
-	github.com/infobloxopen/infoblox-go-client v0.8.1-0.20190830062100-dd50c409ab6d
+	github.com/infobloxopen/infoblox-go-client v1.1.1-0.20201120132302-107472b6d379
 )

go.sum

@@ -176,6 +176,10 @@ github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/infobloxopen/infoblox-go-client v0.8.1-0.20190830062100-dd50c409ab6d h1:oFAo63W76GKVRa6AWa5AFKFsJlUhkBtoXV89WDHPj3A=
 github.com/infobloxopen/infoblox-go-client v0.8.1-0.20190830062100-dd50c409ab6d/go.mod h1:BXiw7S2b9qJoM8MS40vfgCNB2NLHGusk1DtO16BD9zI=
+github.com/infobloxopen/infoblox-go-client v1.1.0 h1:fw8q8USnngsoZxLploJ0LomBN+1SAhSyEjUZrSibKX4=
+github.com/infobloxopen/infoblox-go-client v1.1.0/go.mod h1:BXiw7S2b9qJoM8MS40vfgCNB2NLHGusk1DtO16BD9zI=
+github.com/infobloxopen/infoblox-go-client v1.1.1-0.20201120132302-107472b6d379 h1:KgMxhxbwMHyb7rjeFVCCxP98ipFmJ75bdKSb7OMnxpk=
+github.com/infobloxopen/infoblox-go-client v1.1.1-0.20201120132302-107472b6d379/go.mod h1:BXiw7S2b9qJoM8MS40vfgCNB2NLHGusk1DtO16BD9zI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=

infoblox/provider.go

@@ -70,6 +70,7 @@ func Provider() terraform.ResourceProvider {
 			"infoblox_a_record":       resourceARecord(),
 			"infoblox_cname_record":   resourceCNAMERecord(),
 			"infoblox_ptr_record":     resourcePTRRecord(),
+			"infoblox_zone_auth":      resourceZoneAuth(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"infoblox_network":      dataSourceNetwork(),

infoblox/resource_infoblox_zone_auth.go

@@ -0,0 +1,140 @@
+package infoblox
+
+import (
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	ibclient "github.com/infobloxopen/infoblox-go-client"
+)
+
+func resourceZoneAuth() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceZoneAuthCreate,
+		Read:   resourceZoneAuthGet,
+		Update: resourceZoneAuthUpdate,
+		Delete: resourceZoneAuthDelete,
+
+		Schema: map[string]*schema.Schema{
+
+			"fqdn": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "The fqdn of the auth zone to create.",
+			},
+
+			"dns_view": &schema.Schema{
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "default",
+				Description: "Dns View under which the zone has been created.",
+			},
+
+			"tenant_id": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "Unique identifier of your tenant in cloud.",
+			},
+		},
+	}
+}
+
+func resourceZoneAuthCreate(d *schema.ResourceData, m interface{}) error {
+	log.Printf("[DEBUG] %s: Beginning to create auth zone from  required network block", resourceZoneAuthIDString(d))
+
+	fqdn := d.Get("fqdn").(string)
+	tenantID := d.Get("tenant_id").(string)
+	connector := m.(*ibclient.Connector)
+
+	ea := make(ibclient.EA)
+
+	objMgr := ibclient.NewObjectManager(connector, "Terraform", tenantID)
+
+	ZoneAuth, err := objMgr.CreateZoneAuth(fqdn, ea)
+
+	if err != nil {
+		return fmt.Errorf("Error creating auth zone (%s): %s", fqdn, err)
+	}
+
+	d.SetId(ZoneAuth.Ref)
+
+	log.Printf("[DEBUG] %s: Creation of auth zone complete", resourceZoneAuthIDString(d))
+
+	return nil
+	return resourceZoneAuthGet(d, m)
+}
+
+func resourceZoneAuthGet(d *schema.ResourceData, m interface{}) error {
+
+	log.Printf("[DEBUG] %s: Beginning to Get auth zone", resourceZoneAuthIDString(d))
+
+	fqdn := d.Get("fqdn").(string)
+	tenantID := d.Get("tenant_id").(string)
+	connector := m.(*ibclient.Connector)
+
+	objMgr := ibclient.NewObjectManager(connector, "Terraform", tenantID)
+
+	obj, err := objMgr.GetZoneAuthByRef(d.Id())
+	if err != nil {
+		return fmt.Errorf("Getting auth zone failed from dns view (%s) : %s", fqdn, err)
+	}
+	d.SetId(obj.Ref)
+
+	log.Printf("[DEBUG] %s: Completed reading required auth zone ", resourceZoneAuthIDString(d))
+	return nil
+}
+
+func resourceZoneAuthUpdate(d *schema.ResourceData, m interface{}) error {
+	return fmt.Errorf("Updating an auth zone is not supported")
+}
+
+func resourceZoneAuthDelete(d *schema.ResourceData, m interface{}) error {
+
+	log.Printf("[DEBUG] %s: Beginning Deletion of auth zone", resourceZoneAuthIDString(d))
+
+	fqdn := d.Get("fqdn").(string)
+	tenantID := d.Get("tenant_id").(string)
+	connector := m.(*ibclient.Connector)
+
+	objMgr := ibclient.NewObjectManager(connector, "Terraform", tenantID)
+
+	zaList, err := objMgr.GetZoneAuth()
+	if err != nil {
+		return fmt.Errorf("Getting a list of all current AuthZones failed")
+	}
+
+	if hasSubdomain(ibclient.ZoneAuth{Fqdn: fqdn}, zaList) {
+		return fmt.Errorf("Cannot delete an AuthZone that has a sub-domain: %s", fqdn)
+	}
+
+	_, err = objMgr.DeleteZoneAuth(d.Id())
+	if err != nil {
+		return fmt.Errorf("Deletion of auth zone failed from dns view(%s) : %s", fqdn, err)
+	}
+	d.SetId("")
+
+	log.Printf("[DEBUG] %s: Deletion of auth zone complete", resourceZoneAuthIDString(d))
+	return nil
+}
+
+type resourceZoneAuthIDStringInterface interface {
+	Id() string
+}
+
+func resourceZoneAuthIDString(d resourceZoneAuthIDStringInterface) string {
+	id := d.Id()
+	if id == "" {
+		id = "<new resource>"
+	}
+	return fmt.Sprintf("infoblox_auth_zone (ID = %s)", id)
+}
+
+func hasSubdomain(target ibclient.ZoneAuth, list []ibclient.ZoneAuth) bool {
+	for _, za := range list {
+		if za.Fqdn != target.Fqdn && strings.Contains(za.Fqdn, target.Fqdn) {
+			return true
+		}
+	}
+	return false
+}

infoblox/resource_infoblox_zone_auth_test.go

@@ -0,0 +1,145 @@
+package infoblox
+
+import (
+	"fmt"
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+	ibclient "github.com/infobloxopen/infoblox-go-client"
+)
+
+func TestAccResourceZoneAuth(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckZoneAuthDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testStep1CreateSingleZone,
+				Check: resource.ComposeTestCheckFunc(
+					testAccZoneAuthExists(t, "infoblox_zone_auth.acctest", "aaa.com", "default", "test"),
+				),
+			},
+			resource.TestStep{
+				Config: testStep2CreateASubDomain,
+				Check: resource.ComposeTestCheckFunc(
+					testAccZoneAuthExists(t, "infoblox_zone_auth.acctest", "aaa.com", "default", "test"),
+					testAccZoneAuthExists(t, "infoblox_zone_auth.sub_acctest", "sub.aaa.com", "default", "test"),
+				),
+			},
+			// We expect this step to fail as you can't delete a domain with sub-domains
+			resource.TestStep{
+				Config:      testStep3DeleteParentZone,
+				ExpectError: regexp.MustCompile("Cannot delete an AuthZone that has a sub-domain"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccZoneAuthExists(t, "infoblox_zone_auth.acctest", "aaa.com", "default", "test"),
+					testAccZoneAuthExists(t, "infoblox_zone_auth.sub_acctest", "sub.aaa.com", "default", "test"),
+				),
+			},
+			// This final step is to remove the sub-domain so that the state can be cleaned properly
+			resource.TestStep{
+				Config: testStep4DeleteSubDomain,
+				Check: resource.ComposeTestCheckFunc(
+					testAccZoneAuthExists(t, "infoblox_zone_auth.acctest", "aaa.com", "default", "test"),
+				),
+			},
+		},
+	})
+}
+
+var testStep1CreateSingleZone = fmt.Sprintf(`
+	resource "infoblox_zone_auth" "acctest" {
+		fqdn = "acctest.com"
+		dns_view="default"
+		tenant_id="test"
+	}
+`)
+
+var testStep2CreateASubDomain = fmt.Sprintf(`
+	resource "infoblox_zone_auth" "acctest" {
+		fqdn = "acctest.com"
+		dns_view="default"
+		tenant_id="test"
+	}
+
+	resource "infoblox_zone_auth" "sub_acctest" {
+		fqdn = "sub.acctest.com"
+		dns_view="default"
+		tenant_id="test"
+	}
+`)
+
+var testStep3DeleteParentZone = fmt.Sprintf(`
+	resource "infoblox_zone_auth" "sub_acctest" {
+		fqdn = "sub.acctest.com"
+		dns_view="default"
+		tenant_id="test"
+	}
+`)
+
+var testStep4DeleteSubDomain = fmt.Sprintf(`
+	resource "infoblox_zone_auth" "acctest" {
+		fqdn = "acctest.com"
+		dns_view="default"
+		tenant_id="test"
+	}
+`)
+
+func testAccCheckZoneAuthDestroy(s *terraform.State) error {
+	meta := testAccProvider.Meta()
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "resource_a_record" {
+			continue
+		}
+		Connector := meta.(*ibclient.Connector)
+		objMgr := ibclient.NewObjectManager(Connector, "terraform_test", "test")
+		_, err := objMgr.GetZoneAuthByRef(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("Error:%s - record not found", err)
+		}
+	}
+	return nil
+}
+
+func testAccZoneAuthExists(t *testing.T, n string, fqdn string, dns_view string, tenant_id string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found:%s", n)
+		}
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No ID i set")
+		}
+		meta := testAccProvider.Meta()
+		Connector := meta.(*ibclient.Connector)
+		objMgr := ibclient.NewObjectManager(Connector, "terraform_test", "test")
+
+		_, err := objMgr.GetZoneAuthByRef(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("Error:%s - record not found", err)
+		}
+
+		return nil
+	}
+}
+
+func TestHasSubdomain(t *testing.T) {
+	main := ibclient.ZoneAuth{Fqdn: "aaa.com"}
+	subdomain := ibclient.ZoneAuth{Fqdn: "test.aaa.com"}
+	other := ibclient.ZoneAuth{Fqdn: "foo.com"}
+
+	list := []ibclient.ZoneAuth{main, subdomain, other}
+
+	if hasSubdomain(main, list) == false {
+		fmt.Printf("'%s' has not been identified as having a subdomain", main.Fqdn)
+		t.Fail()
+	}
+
+	if hasSubdomain(other, list) == true {
+		fmt.Printf("'%s' has been identified incorrectly as having a subdomain", other.Fqdn)
+		t.Fail()
+	}
+}