Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support path-only when referencing ssl certificate in compute_target_https_proxy #210

Merged

Conversation

rosbo
Copy link
Contributor

@rosbo rosbo commented Jul 17, 2017

issue #47

  • Added support for both full url and path-only when referencing ssl certificate in * compute_target_https_proxy. This means both https://www.googleapis.com/compute/v1/projects/MY-PROJECT/global/sslCertificates/MY_CERT and projects/MY-PROJECT/global/sslCertificates/MY_CERT are valid.
  • Simplified the read/update logic for ssl certificate since a proxy must have exactly one ssl certificate.
  • Added more assertions to acceptance test
  • Added schema validation of ssl certificate field

cc/ @danawillow @rileykarson

Copy link
Contributor

@danawillow danawillow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall, just a few things.

make testacc TEST=./google TESTARGS='-run=TestAccComputeTargetHttpsProxy'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./google -v -run=TestAccComputeTargetHttpsProxy -timeout 120m
=== RUN   TestAccComputeTargetHttpsProxy_basic
--- PASS: TestAccComputeTargetHttpsProxy_basic (86.83s)
=== RUN   TestAccComputeTargetHttpsProxy_update
--- PASS: TestAccComputeTargetHttpsProxy_update (109.60s)
=== RUN   TestAccComputeTargetHttpsProxy_invalidCertificate
--- PASS: TestAccComputeTargetHttpsProxy_invalidCertificate (0.01s)
PASS
ok  	github.com/terraform-providers/terraform-provider-google/google	196.585s

@rileykarson want to do a quick check on the validate/statefunc stuff since you've done a lot of thinking around those?

for k, _ := range _newMap {
sslCertificates = append(sslCertificates, k)
}
// Exactly one ssl certificate must be specified.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you confirm that the API call actually fails if more than one is specified? If it silently lets it go through, we might be breaking people with this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The google cloud documentation for this resource is misleading, it says "Currently, exactly one SSL certificate must be specified." but you can specify more than one and it works. I sent feedback to that team to fix their documentation.

I updated the code, Terraform documentation and the test to confirm we can support more than one ssl certificate.


cert_ref := &compute.TargetHttpsProxiesSetSslCertificatesRequest{
SslCertificates: sslCertificates,
SslCertificates: certs,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be simplified a bit to

SslCertificates: []string{d.Get("ssl_certificates.0")}

Copy link
Contributor Author

@rosbo rosbo Jul 18, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not applicable anymore.

CheckDestroy: testAccCheckComputeTargetHttpsProxyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: `
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you separate this config into a separate var at the bottom with the rest?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

}
func testAccComputeTargetHttpsProxy_basic1(id string) string {
return fmt.Sprintf(`
resource "google_compute_target_https_proxy" "foobar" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's nice to keep these all the way to the left- it's not really necessary, just makes it easier to copy and paste

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

Copy link
Collaborator

@rileykarson rileykarson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Concerning Validate and State funcs: LGTM - I spotted a minor nit in the schema fields, but the ValidateFunc and StateFunc both look good.

ValidateFunc: validateRegexp(sslCertificateRegex),
StateFunc: toCanonicalSslCertificate,
},
MinItems: 1,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor nit: having Required set implicitly sets MinItems to 1.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

value := v.(string)

m := regexp.MustCompile(sslCertificateRegex).FindStringSubmatch(value)
if m == nil {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm just curious - will m ever be nil? I think our ValidateFunc makes sure that we will always see matches here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should never be nil. Removed this line.

@rosbo rosbo force-pushed the https_proxy_malformed_ssl_certificate_url branch from 84b1304 to 71211fb Compare July 18, 2017 20:24
@danawillow
Copy link
Contributor

Looks good, thanks! Merge at will.

@rosbo rosbo merged commit d9abcd8 into hashicorp:master Jul 19, 2017
@rosbo rosbo deleted the https_proxy_malformed_ssl_certificate_url branch July 19, 2017 20:49
negz pushed a commit to negz/terraform-provider-google that referenced this pull request Oct 17, 2017
chrisst pushed a commit to chrisst/terraform-provider-google that referenced this pull request Nov 9, 2018
luis-silva pushed a commit to luis-silva/terraform-provider-google that referenced this pull request May 21, 2019
@ghost
Copy link

ghost commented Mar 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants