From e60517e6c5024b07fb6d634bd7f468933dd1496d Mon Sep 17 00:00:00 2001 From: Aditya Saha Date: Fri, 12 Apr 2024 15:52:21 -0400 Subject: [PATCH] Update schema Also update cert handling. --- .../loadbalancer/datasource_loadbalancer.go | 53 +++++++------------ digitalocean/loadbalancer/loadbalancer.go | 28 +++++++--- .../loadbalancer/resource_loadbalancer.go | 9 ++-- 3 files changed, 46 insertions(+), 44 deletions(-) diff --git a/digitalocean/loadbalancer/datasource_loadbalancer.go b/digitalocean/loadbalancer/datasource_loadbalancer.go index 188fb58ac..e373416a7 100644 --- a/digitalocean/loadbalancer/datasource_loadbalancer.go +++ b/digitalocean/loadbalancer/datasource_loadbalancer.go @@ -250,48 +250,45 @@ func DataSourceDigitalOceanLoadbalancer() *schema.Resource { }, "type": { Type: schema.TypeString, - Optional: true, Computed: true, Description: "the type of the load balancer (GLOBAL or REGIONAL)", }, "domains": { Type: schema.TypeSet, - Optional: true, Computed: true, - MinItems: 1, Description: "the list of domains required to ingress traffic to global load balancer", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.NoZeroValues, - Description: "domain name", + Type: schema.TypeString, + Computed: true, + Description: "domain name", }, "is_managed": { Type: schema.TypeBool, - Optional: true, - Default: false, + Computed: true, Description: "flag indicating if domain is managed by DigitalOcean", }, "certificate_id": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.NoZeroValues, - Description: "certificate ID for TLS handshaking", + Type: schema.TypeString, + Computed: true, + Description: "certificate ID for TLS handshaking", + }, + "certificate_name": { + Type: schema.TypeString, + Computed: true, + Description: "name of certificate required for TLS handshaking", }, "verification_error_reasons": { Type: schema.TypeList, Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, - Optional: true, Description: "list of domain verification errors", }, "ssl_validation_error_reasons": { Type: schema.TypeList, Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, - Optional: true, Description: "list of domain SSL validation errors", }, }, @@ -299,38 +296,29 @@ func DataSourceDigitalOceanLoadbalancer() *schema.Resource { }, "glb_settings": { Type: schema.TypeList, - Optional: true, Computed: true, - MaxItems: 1, Description: "configuration options for global load balancer", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "target_protocol": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - "http", - "https", - }, false), + Type: schema.TypeString, + Computed: true, Description: "target protocol rules", }, "target_port": { - Type: schema.TypeInt, - Required: true, - ValidateFunc: validation.IntInSlice([]int{80, 443}), - Description: "target port rules", + Type: schema.TypeInt, + Computed: true, + Description: "target port rules", }, "cdn": { Type: schema.TypeList, - Optional: true, - MaxItems: 1, + Computed: true, Description: "CDN specific configurations", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "is_enabled": { Type: schema.TypeBool, - Optional: true, - Default: false, + Computed: true, Description: "cache enable flag", }, }, @@ -342,7 +330,6 @@ func DataSourceDigitalOceanLoadbalancer() *schema.Resource { "target_load_balancer_ids": { Type: schema.TypeSet, Elem: &schema.Schema{Type: schema.TypeString}, - Optional: true, Computed: true, Description: "list of load balancer IDs to put behind a global load balancer", }, @@ -451,7 +438,7 @@ func dataSourceDigitalOceanLoadbalancerRead(ctx context.Context, d *schema.Resou return diag.Errorf("[DEBUG] Error setting Load Balancer firewall - error: %#v", err) } - domains, err := flattenDomains(foundLoadbalancer.Domains) + domains, err := flattenDomains(client, foundLoadbalancer.Domains) if err != nil { return diag.Errorf("[DEBUG] Error building Load Balancer domains - error: %#v", err) } diff --git a/digitalocean/loadbalancer/loadbalancer.go b/digitalocean/loadbalancer/loadbalancer.go index ff4e0b51d..145f7ff18 100644 --- a/digitalocean/loadbalancer/loadbalancer.go +++ b/digitalocean/loadbalancer/loadbalancer.go @@ -257,7 +257,7 @@ func flattenForwardingRules(client *godo.Client, rules []godo.ForwardingRule) ([ return result, nil } -func expandDomains(config []interface{}) ([]*godo.LBDomain, error) { +func expandDomains(client *godo.Client, config []interface{}) ([]*godo.LBDomain, error) { domains := make([]*godo.LBDomain, 0, len(config)) for _, rawDomain := range config { @@ -268,10 +268,16 @@ func expandDomains(config []interface{}) ([]*godo.LBDomain, error) { r.IsManaged = v.(bool) } - if v, ok := domain["certificate_id"]; ok { - r.CertificateID = v.(string) + if v, ok := domain["certificate_name"]; ok { + certName := v.(string) + if certName != "" { + cert, err := certificate.FindCertificateByName(client, certName) + if err != nil { + return nil, err + } + r.CertificateID = cert.ID + } } - domains = append(domains, r) } @@ -297,7 +303,7 @@ func expandGLBSettings(config []interface{}) *godo.GLBSettings { return glbSettings } -func flattenDomains(domains []*godo.LBDomain) ([]map[string]interface{}, error) { +func flattenDomains(client *godo.Client, domains []*godo.LBDomain) ([]map[string]interface{}, error) { if len(domains) == 0 { return nil, nil } @@ -312,9 +318,19 @@ func flattenDomains(domains []*godo.LBDomain) ([]map[string]interface{}, error) r["verification_error_reasons"] = (*domain).VerificationErrorReasons r["ssl_validation_error_reasons"] = (*domain).SSLValidationErrorReasons + if domain.CertificateID != "" { + // When the certificate type is lets_encrypt, the certificate + // ID will change when it's renewed, so we have to rely on the + // certificate name as the primary identifier instead. + cert, _, err := client.Certificates.Get(context.Background(), domain.CertificateID) + if err != nil { + return nil, err + } + r["certificate_id"] = cert.Name + r["certificate_name"] = cert.Name + } result = append(result, r) } - return result, nil } diff --git a/digitalocean/loadbalancer/resource_loadbalancer.go b/digitalocean/loadbalancer/resource_loadbalancer.go index 8f2c47d0f..091bce1e3 100644 --- a/digitalocean/loadbalancer/resource_loadbalancer.go +++ b/digitalocean/loadbalancer/resource_loadbalancer.go @@ -462,24 +462,23 @@ func resourceDigitalOceanLoadBalancerV0() *schema.Resource { Default: false, Description: "flag indicating if domain is managed by DigitalOcean", }, - "certificate_id": { + "certificate_name": { Type: schema.TypeString, Optional: true, + Computed: true, ValidateFunc: validation.NoZeroValues, - Description: "certificate ID for TLS handshaking", + Description: "name of certificate required for TLS handshaking", }, "verification_error_reasons": { Type: schema.TypeList, Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, - Optional: true, Description: "list of domain verification errors", }, "ssl_validation_error_reasons": { Type: schema.TypeList, Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, - Optional: true, Description: "list of domain SSL validation errors", }, }, @@ -632,7 +631,7 @@ func buildLoadBalancerRequest(client *godo.Client, d *schema.ResourceData) (*god } if v, ok := d.GetOk("domains"); ok { - domains, err := expandDomains(v.(*schema.Set).List()) + domains, err := expandDomains(client, v.(*schema.Set).List()) if err != nil { return nil, err }