feat: Add resource/datasource ovh_ip_firewall

Author: Arthur Amstutz

ovh/data_ip_firewall.go

@@ -0,0 +1,68 @@
+package ovh
+
+import (
+	"context"
+	"fmt"
+	"net/url"
+
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+)
+
+var _ datasource.DataSourceWithConfigure = (*ipFirewallDataSource)(nil)
+
+func NewIpFirewallDataSource() datasource.DataSource {
+	return &ipFirewallDataSource{}
+}
+
+type ipFirewallDataSource struct {
+	config *Config
+}
+
+func (d *ipFirewallDataSource) Metadata(ctx context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_ip_firewall"
+}
+
+func (d *ipFirewallDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	config, ok := req.ProviderData.(*Config)
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Data Source Configure Type",
+			fmt.Sprintf("Expected *Config, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+		return
+	}
+
+	d.config = config
+}
+
+func (d *ipFirewallDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = IpFirewallDataSourceSchema(ctx)
+}
+
+func (d *ipFirewallDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	var data IpFirewallModel
+
+	// Read Terraform configuration data into the model
+	resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
+
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Read API call logic
+	endpoint := "/ip/" + url.PathEscape(data.Ip.ValueString()) + "/firewall/" + url.PathEscape(data.IpOnFirewall.ValueString())
+	if err := d.config.OVHClient.Get(endpoint, &data); err != nil {
+		resp.Diagnostics.AddError(
+			fmt.Sprintf("Error calling Get %s", endpoint),
+			err.Error(),
+		)
+		return
+	}
+
+	// Save data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}

ovh/data_ip_firewall_gen.go

@@ -0,0 +1,42 @@
+package ovh
+
+import (
+	"fmt"
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+func TestAccIPFirewall_data(t *testing.T) {
+	ip := os.Getenv("OVH_IP_TEST")
+	testAccIPFirewallConfig := fmt.Sprintf(`
+		resource "ovh_ip_firewall" "firewall" {
+			ip             = "%s"
+			ip_on_firewall = "%s"
+		}
+
+		data "ovh_ip_firewall" "firewall_data" {
+			ip             = ovh_ip_firewall.firewall.ip
+			ip_on_firewall = ovh_ip_firewall.firewall.ip_on_firewall
+		}
+	`, ip, ip)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:                 func() { testAccPreCheckIp(t) },
+		ProtoV6ProviderFactories: testAccProtoV6ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccIPFirewallConfig,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(
+						"data.ovh_ip_firewall.firewall_data", "ip_on_firewall", ip),
+					resource.TestCheckResourceAttr(
+						"data.ovh_ip_firewall.firewall_data", "state", "ok"),
+					resource.TestCheckResourceAttr(
+						"data.ovh_ip_firewall.firewall_data", "enabled", "false"),
+				),
+			},
+		},
+	})
+}

ovh/data_ip_firewall_test.go

@@ -141,6 +141,7 @@ func (p *OvhProvider) DataSources(_ context.Context) []func() datasource.DataSou
 		NewCloudProjectDatabaseIPRestrictionsDataSource,
 		NewDedicatedServerSpecificationsHardwareDataSource,
 		NewDomainZoneDnssecDataSource,
+		NewIpFirewallDataSource,
 	}
 }
 
@@ -149,6 +150,7 @@ func (p *OvhProvider) Resources(_ context.Context) []func() resource.Resource {
 	return []func() resource.Resource{
 		NewCloudProjectAlertingResource,
 		NewDomainZoneDnssecResource,
+		NewIpFirewallResource,
 		NewIploadbalancingUdpFrontendResource,
 	}
 }

ovh/provider_new.go

@@ -0,0 +1,183 @@
+package ovh
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-framework/path"
+	"github.com/hashicorp/terraform-plugin-framework/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry"
+)
+
+var (
+	_ resource.ResourceWithConfigure   = (*ipFirewallResource)(nil)
+	_ resource.ResourceWithImportState = (*ipFirewallResource)(nil)
+)
+
+func NewIpFirewallResource() resource.Resource {
+	return &ipFirewallResource{}
+}
+
+type ipFirewallResource struct {
+	config *Config
+}
+
+func (r *ipFirewallResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
+	resp.TypeName = req.ProviderTypeName + "_ip_firewall"
+}
+
+func (d *ipFirewallResource) Configure(_ context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
+	if req.ProviderData == nil {
+		return
+	}
+
+	config, ok := req.ProviderData.(*Config)
+	if !ok {
+		resp.Diagnostics.AddError(
+			"Unexpected Resource Configure Type",
+			fmt.Sprintf("Expected *Config, got: %T. Please report this issue to the provider developers.", req.ProviderData),
+		)
+		return
+	}
+
+	d.config = config
+}
+
+func (d *ipFirewallResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
+	resp.Schema = IpFirewallResourceSchema(ctx)
+}
+
+func (r *ipFirewallResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) {
+	splits := strings.Split(req.ID, "/")
+	if len(splits) < 2 {
+		resp.Diagnostics.AddError("Given ID is malformed", "ID must be formatted like the following: <ip>/<ipOnFirewall>")
+		return
+	}
+
+	ip := strings.Join(splits[0:len(splits)-1], "/")
+	ipOnFirewall := splits[len(splits)-1]
+
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("ip"), ip)...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("ip_on_firewall"), ipOnFirewall)...)
+}
+
+func (r *ipFirewallResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) {
+	var data, responseData IpFirewallModel
+
+	// Read Terraform plan data into the model
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	endpoint := "/ip/" + url.PathEscape(data.Ip.ValueString()) + "/firewall"
+	if err := r.config.OVHClient.Post(endpoint, data.ToCreate(), &responseData); err != nil {
+		resp.Diagnostics.AddError(
+			fmt.Sprintf("Error calling Post %s", endpoint),
+			err.Error(),
+		)
+		return
+	}
+
+	responseData.MergeWith(&data)
+
+	// Save data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &responseData)...)
+}
+
+func (r *ipFirewallResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) {
+	var data, responseData IpFirewallModel
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	endpoint := "/ip/" + url.PathEscape(data.Ip.ValueString()) + "/firewall/" + url.PathEscape(data.IpOnFirewall.ValueString())
+
+	if err := r.config.OVHClient.Get(endpoint, &responseData); err != nil {
+		resp.Diagnostics.AddError(
+			fmt.Sprintf("Error calling Get %s", endpoint),
+			err.Error(),
+		)
+		return
+	}
+
+	data.MergeWith(&responseData)
+
+	// Save updated data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}
+
+func (r *ipFirewallResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) {
+	var data, planData, responseData IpFirewallModel
+
+	// Read Terraform plan data into the model
+	resp.Diagnostics.Append(req.Plan.Get(ctx, &planData)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Update resource
+	endpoint := "/ip/" + url.PathEscape(data.Ip.ValueString()) + "/firewall/" + url.PathEscape(data.IpOnFirewall.ValueString())
+	if err := r.config.OVHClient.Put(endpoint, planData.ToUpdate(), nil); err != nil {
+		resp.Diagnostics.AddError(
+			fmt.Sprintf("Error calling Put %s", endpoint),
+			err.Error(),
+		)
+		return
+	}
+
+	// Read updated resource
+	err := retry.RetryContext(ctx, time.Minute, func() *retry.RetryError {
+		if err := r.config.OVHClient.Get(endpoint, &responseData); err != nil {
+			return retry.NonRetryableError(err)
+		}
+
+		if responseData.State.ValueString() == "ok" {
+			return nil
+		}
+
+		return retry.RetryableError(errors.New("waiting for state to be OK"))
+	})
+	if err != nil {
+		resp.Diagnostics.AddError("Failed to get updated resource", err.Error())
+		return
+	}
+
+	responseData.MergeWith(&planData)
+
+	// Save updated data into Terraform state
+	resp.Diagnostics.Append(resp.State.Set(ctx, &responseData)...)
+}
+
+func (r *ipFirewallResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) {
+	var data IpFirewallModel
+
+	// Read Terraform prior state data into the model
+	resp.Diagnostics.Append(req.State.Get(ctx, &data)...)
+
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	// Delete API call logic
+	endpoint := "/ip/" + url.PathEscape(data.Ip.ValueString()) + "/firewall/" + url.PathEscape(data.IpOnFirewall.ValueString())
+	if err := r.config.OVHClient.Delete(endpoint, nil); err != nil {
+		resp.Diagnostics.AddError(
+			fmt.Sprintf("Error calling Delete %s", endpoint),
+			err.Error(),
+		)
+	}
+}