Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(cae): add new resource to manage certificate #6207

Merged
merged 1 commit into from
Jan 20, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 66 additions & 0 deletions docs/resources/cae_certificate.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
---
subcategory: "Cloud Application Engine (CAE)"
layout: "huaweicloud"
page_title: "HuaweiCloud: huaweicloud_cae_certificate"
description: |-
Manages a certificate resource within HuaweiCloud.
---

# huaweicloud_cae_certificate

Manages a certificate resource within HuaweiCloud.

## Example Usage

```hcl
variable "environment_id" {}
variable "certificate_name" {}
variable "certificate_content" {}
variable "certificate_private_key" {}

resource "huaweicloud_cae_certificate" "test" {
environment_id = var.environment_id
name = var.certificate_name
crt = var.certificate_content
key = var.certificate_private_key
}
```

## Argument Reference

The following arguments are supported:

* `region` - (Optional, String, ForceNew) Specifies the region in which to create the resource.
If omitted, the provider-level region will be used.
Changing this creates a new resource.

* `environment_id` - (Required, String, ForceNew) Specifies the ID of the CAE environment.
Changing this creates a new resource.

* `name` - (Required, String, ForceNew) Specifies the name of the certificate.
Changing this creates a new resource.
The maximum length of the name is `64` characters, only lowercase letters, digits, hyphens (-) and dots (.) are
allowed.
The name must start and end with a lowercase letter or a digit.

* `crt` - (Required, String) Specifies the content of the certificate.
Base64 format corresponding to PEM encoding.

* `key` - (Required, String) Specifies the private key of the certificate.
Base64 format corresponding to PEM encoding.

## Attribute Reference

In addition to all arguments above, the following attributes are exported:

* `id` - The resource ID.

* `created_at` - The creation time of the certificate, in RFC3339 format.

## Import

The certificate resource can be imported using `environment_id` and `name`, separated by a slash (/), e.g.

```bash
$ terraform import huaweicloud_cae_certificate.test <environment_id>/<name>
```
1 change: 1 addition & 0 deletions huaweicloud/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -1433,6 +1433,7 @@ func Provider() *schema.Provider {
"huaweicloud_bcs_instance": bcs.ResourceInstance(),

"huaweicloud_cae_application": cae.ResourceApplication(),
"huaweicloud_cae_certificate": cae.ResourceCertificate(),
"huaweicloud_cae_component": cae.ResourceComponent(),
"huaweicloud_cae_component_configurations": cae.ResourceComponentConfigurations(),
"huaweicloud_cae_component_deployment": cae.ResourceComponentDeployment(),
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
package cae

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"

"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/cae"
)

func getCertificateFunc(cfg *config.Config, state *terraform.ResourceState) (interface{}, error) {
client, err := cfg.NewServiceClient("cae", acceptance.HW_REGION_NAME)
if err != nil {
return nil, fmt.Errorf("error creating CAE client: %s", err)
}

environmentId := state.Primary.Attributes["environment_id"]
return cae.GetCertificateById(client, environmentId, state.Primary.ID)
}

func TestAccCertificate_basic(t *testing.T) {
var (
obj interface{}

name = acceptance.RandomAccResourceNameWithDash()

rName = "huaweicloud_cae_certificate.test"
rc = acceptance.InitResourceCheck(
rName,
&obj,
getCertificateFunc,
)
)

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acceptance.TestAccPreCheck(t)
acceptance.TestAccPreCheckCaeEnvironment(t)
acceptance.TestAccPreCheckCertificateWithoutRootCA(t)
},
ProviderFactories: acceptance.TestAccProviderFactories,
CheckDestroy: rc.CheckResourceDestroy(),
Steps: []resource.TestStep{
{
Config: testAccCertificate_basic(name, acceptance.HW_CERTIFICATE_CONTENT, acceptance.HW_CERTIFICATE_PRIVATE_KEY),
Check: resource.ComposeTestCheckFunc(
rc.CheckResourceExists(),
resource.TestCheckResourceAttr(rName, "environment_id", acceptance.HW_CAE_ENVIRONMENT_ID),
resource.TestCheckResourceAttr(rName, "name", name),
resource.TestCheckResourceAttr(rName, "crt", acceptance.HW_CERTIFICATE_CONTENT),
resource.TestCheckResourceAttr(rName, "key", acceptance.HW_CERTIFICATE_PRIVATE_KEY),
),
},
{
Config: testAccCertificate_basic(name, acceptance.HW_NEW_CERTIFICATE_CONTENT, acceptance.HW_NEW_CERTIFICATE_PRIVATE_KEY),
Check: resource.ComposeTestCheckFunc(
rc.CheckResourceExists(),
resource.TestCheckResourceAttr(rName, "crt", acceptance.HW_NEW_CERTIFICATE_CONTENT),
resource.TestCheckResourceAttr(rName, "key", acceptance.HW_NEW_CERTIFICATE_PRIVATE_KEY),
),
},
{
ResourceName: rName,
ImportState: true,
ImportStateVerify: true,
ImportStateIdFunc: testAccCertificateImportStateFunc(rName),
},
},
})
}

func testAccCertificate_basic(name, content, privateKey string) string {
return fmt.Sprintf(`

resource "huaweicloud_cae_certificate" "test" {
environment_id = "%[1]s"
name = "%[2]s"

# Base64 format corresponding to PEM encoding.
crt = "%[3]s"
key = "%[4]s"
}
`, acceptance.HW_CAE_ENVIRONMENT_ID, name, content, privateKey)
}

func testAccCertificateImportStateFunc(name string) resource.ImportStateIdFunc {
return func(s *terraform.State) (string, error) {
rs, ok := s.RootModule().Resources[name]
if !ok {
return "", fmt.Errorf("resource (%s) not found: %s", name, rs)
}

var (
environmentId = rs.Primary.Attributes["environment_id"]
certificateName = rs.Primary.Attributes["name"]
)
if environmentId == "" || certificateName == "" {
return "", fmt.Errorf("some import IDs are missing, want '<environment_id>/<name>', but got '%s/%s'",
environmentId, certificateName)
}

return fmt.Sprintf("%s/%s", environmentId, certificateName), nil
}
}
Loading
Loading