* feat(acme): implement CRUD API for proxmox cluster ACME plugins
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement acme_plugins data source
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement acme_plugin data source
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement plugin resource creation
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement plugin resource read
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement plugin resource update
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement plugin resource deletion
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat(acme): implement plugin resource import
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* docs(acme): generate documentation
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: apply suggestions from code review
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* refactor: extract common fields into BasePluginData
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: restrict plugin resource to type=dns only
because type=standalone is not configurable and always enabled by
default.
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: remove unused 'nodes' property
https://github.com/bpg/terraform-provider-proxmox/pull/1479/files#r1710916265
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: remove "delete" property
https://github.com/bpg/terraform-provider-proxmox/pull/1479/files#r1710908809
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* feat: implement attribute deletion
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: ignore empty lines in dns plugin data
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: partial revert of code review suggestions
Joining the values with a string literal would produce \\n instead of \n
and splitting at \\n doesn't match a newline.
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* refactor: extract acme plugin models into separate file
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
* fix: format disable parameter as int
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
---------
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* feat(acme): implement CRUD API for proxmox cluster ACME
* feat(acme): implement acme_accounts data source
* feat(acme): implement acme_account data source
* fix(acme): wait for task status on account creation
* feat(acme): implement account resource creation
* feat(acme): implement account read
* fix(acme): wait for task status on account update
* feat(acme): implement account update
* fix(acme): wait for task status on account deletion
* feat(acme): implement account deletion
* feat(acme): implement account import
* feat(acme): provide correctly typed API response for `account` field
* feat(acme): implement account schema for acme_account data source
* fix(acme): read `location` into state in acme_account resource
* fix(acme): ensure `name` of acme_account resource can't be changed
* docs(acme): generate documentation
* feat(acme): read back ACME account details from API
* Revert "fix(acme): ensure `name` of acme_account resource can't be changed"
* fix(acme): provide default for acme account name
* fix(acme): acme account name can't be changed
* chore(acme): update resource doc to clarify PVE auth requirements
* chore(acme): add `created_at` attr to the resource, sort model fields & schema attributes alphabetically
---------
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* feat(nodes): Initial support to manage APT repositories
> Summary
This commit implements initial support for managing APT repositories
which is (currently) limited to…
- …adding "standard" repositories to allow to configure it.
- toggling the activation status (enabled/disabled) of any configured
repository.
+ !WARNING!
+ Note that deleting or modifying a repository in any other way is
+ (sadly) not possible (yet?)!
+ The limited functionality is due to the (current) capabilities of
+ the Proxmox VE APT repository API [1] itself.
>> Why are there two resources for one API entity?
Even though an APT repository should be seen as a single API entity, it
was required to implement standard repositories as dedicated
`proxmox_virtual_environment_apt_standard_repository`. This is because
standard repositories must be configured (added) first to the default
source list files because their activation status can be toggled. This
is handled by the HTTP `PUT` request, but the modifying request is
`POST` which would require two calls within the same Terraform execution
cycle. I tried to implement it in a single resource and it worked out
mostly after some handling some edges cases, but in the end there were
still too many situations an edge cases where it might break due to
Terraform state drifts between states. In the end the dedicated
resources are way cleaner and easier to use without no complexity and
conditional attribute juggling for practitioners.
>> Other "specialties"
Unfortunately the Proxmox VE API responses to HTTP `GET` requests with
four larger arrays which are, more or less, kind of connected to each
other, but they also somehow stand on their own. This means that there
is a `files` array that contains the `repositories` again which again
contains all repositories with their metadata of every source file. On
the other hand available standard repositories are listed in the
`standard-repos` array, but their activation status is only stored when
they have already been added through a `PUT` request. The `infos` array
is more less useless.
So in order to get the required data and store them in the state the
`importFromAPI` methods of the models must loop through all the
deep-nested arrays and act based on specific attributes like a matching
file path, comparing it to the activation status and so on.
In the end the implementation is really stable after testing it with all
possible conditions and state combinations.
@bpg if you'd like me to create a small data logic flow chart to make it
easier to understand some parts of the code let me know. I can make my
local notes "shareable" which I created to not loose track of the logic.
>> What is the way to manage the activation status of a "standard" repository?
Because the two resources are modular and scoped they can be simply
combined to manage an APT "standard" repository, e.g. toggling its
activation status. The following examples are also included in the
documentations.
```hcl
// This resource ensure that the "no-subscription" standard repository
// is added to the source list.
// It represents the `PUT` API request.
resource "proxmox_virtual_environment_apt_standard_repository" "example" {
handle = "no-subscription"
node = "pve"
}
// This resource allows to actually modify the activation status of the
// standard repository as it represents the `POST`.
// Using the values from the dedicated standard repository resource
// makes sure that Terraform correctly resolves dependency order.
resource "proxmox_virtual_environment_apt_repository" "example" {
enabled = true
file_path = proxmox_virtual_environment_apt_standard_repository.example.file_path
index = proxmox_virtual_environment_apt_standard_repository.example.index
node = proxmox_virtual_environment_apt_standard_repository.example.node
}
```
[1]: https://pve.proxmox.com/pve-docs/api-viewer/#/nodes/{node}/apt/repositories
---------
Signed-off-by: Sven Greb <development@svengreb.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
This commit implements the `next-id` and `notify` PVE API cluster
options.
The `next-id` attribute allows to control the range for the next free
VM ID. It is implemented as object and can be used in the
`proxmox_virtual_environment_cluster_options` resource and can be used
like this:
```terraform
resource "proxmox_virtual_environment_cluster_options" "options" {
next_id = {
lower = 200
upper = 299
}
}
```
Note that the minimum and maximum values are unfortunately not
documented in the PVE API explorer but can be found in the web UI where
the form fields have validations!
The `notify` PVE API attribute is also an object that has all the PVE
API fields:
```terraform
resource "proxmox_virtual_environment_cluster_options" "options" {
notify = {
ha_fencing_mode = "never"
ha_fencing_target = "default-matcher"
package_updates = "always"
package_updates_target = "default-matcher"
package_replication = "always"
package_replication_target = "default-matcher"
}
}
```terraform
Note that the "fencing" attribute names have been adjusted to better
reflect their meaning since they are scoped to the Proxmox VE HA fencing
feature [1]. All attributes with the `_target` suffix are names for the
Proxmox VE notifications matchers [2].
[1]: https://pve.proxmox.com/wiki/Fencing
[2]: https://pve.proxmox.com/pve-docs/chapter-notifications.html#notification_matchers
---------
Signed-off-by: Sven Greb <development@svengreb.de>
* feat(cluster): Implement initial support for "hardware mappings"
Right now it is alredy possible to use a mapped resource [1], but there
is no dedicated `proxmox_virtual_environment_cluster_hardware_mapping`
resource but this step must still be done manually (or automated through
other ways that interact with the Proxmox API).
This commit implements support for "hardware mapping" resources and data
sources for the, currently, available bus types PCI and USB, based on
the Proxmox VE API documentations [2].
There are some "specialities" in these resources and data sources:
1. The Proxmox VE API attribute, but this implementations names it
"comment" since this naming is generally across the Proxmox VE web UI
and API documentations. This still follows the Terraform
"best practices" [3] as it improves the user experience by matching
the field name to the naming used in the human-facing interfaces.
2. Like in point 1, the name of the attribute of "node checks
diagnostics" for USB hardware mappings is "errors" in the Proxmox VE
API while it is "checks" for hardware mappings of type PCI.
The second naming pattern is also generally used across the
Proxmox VE web UI and API documentations, including the "check_node"
attribute that is also implemented in the
"proxmox_virtual_environment_hardware_mappings" data source.
Therefore, this implementation named both attributes "checks" which
still follows the Terraform "best practices" [3] as it improves the
user experience by matching the field name to the naming used in the
human-facing interfaces.
3. This implmenetation comes with the "unique" feature of allowing
comments (named "descriptions" by the Proxmox VE API) for an entry in
a device map which is not possible through the web UI at all but only
adding a comment for the whole mapping entry instead.
Note that this implementation also adds another point in the
"Known Issues" documentation since it is only possible to map a
PCI/USB device using the `root` PAM account, but this is still better
than having to manually configure it through the web UI or by
interacting with the Proxmox VE API on other ways.
[1]: https://github.com/bpg/terraform-provider-proxmox/pull/500
[2]: https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/mapping/pci
[3]: https://developer.hashicorp.com/terraform/plugin/best-practices/hashicorp-provider-design-principles#resource-and-attribute-schema-should-closely-match-the-underlying-api
Signed-off-by: Sven Greb <development@svengreb.de>
* fix linter
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
---------
Signed-off-by: Sven Greb <development@svengreb.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* fix(provider): User-settable VLAN ID and name
By default resource `proxmox_virtual_environment_network_linux_vlan`
uses `name` to determine both the actual raw device for VLAN and
VLAN ID.
Since ifupdown2 (manually installed on PVE6, installed by default
since PVE7), it is possible to have VLAN name not tied to VLAN ID.
Make `interface` and `vlan` configurable by user.
* fix: update schema to ensure the correct docs generation.
---------
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* chore: fix a pair of typos in comments
* feat(api): list High Availability groups
* New clients created for HA and HA groups (via
`Cluster().HA().Groups()`)
* `List(ctx)` method that lists the cluster's High Availability groups
* feat(ha): added the `proxmox_virtual_environment_hagroups` data source
* This data source returns the list of HA groups in its value's
`group_ids` field
* fix(api): changed incorrect copy-pasted error message
* feat(api): get a HA group's full information
* Added a `Get()` method to the HA group client, which fetches a
single group's information based on its identifier.
* feat(ha): added the `proxmox_virtual_environment_hagroup` data source
* This data source can read information about a single Proxmox High
Availabillity group from the cluster.
* chore(ha): fixed linter error
* test(ha): added schema tests for the HA groups data sources
* fix(ha): use -1 as a node's priority when no priority is defined
* It used to default to 0, which is a valid value for priorities.
* chore(ha): converted the `hagroups` datasource to the Terraform plugin SDK
* chore(refactoring): common definition for `id` attributes
* chore(ha): ported the HA group datasource to the Terraform plugin framework
* feat(ha): return HA group identifiers as a set rather than a list
* docs(ha): added examples for the hagroups/hagroup datasources
* docs(ha): added documentation for the hagroup{,s} datasources
* chore(ha): fixed linter errors
* chore(ha): workaround for the linter's split personality disorder
* fix(ha): fixed reading the restricted flag
* chore(refactoring): use `ExpandPath` for paths to the HA groups API
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* feat: CustomBool to Terraform attribute value conversion method
* chore(refactoring): use `CustomBool` for boolean fields in the API data
* chore(refactoring): renamed "members" to "nodes" in the HA group datasource
* fix: typo in comment
* chore(refactoring): split HA group API data and added the update request body
* fix(api): fixed copy-pasted error message
* feat(api): method to create/update a HA group
* feat(api): HA group deletion method
* fix(api): made the digest optional for HA groups
* feat(ha): added unimplemented hagroup resource
* fix(ha): fixed copy-pasted comment
* feat(ha): schema definition for the HA group resource
* feat: helper function that converts string attr values to string pointers
* fix(ha): ensure node priorities are <= 1000 in HA groups
* fix(ha): add the digest attribute to the schema
* feat(ha): model definition for the HA group resource
* fix(api): fixed incorrect error message
* fix(api): fixed HA group creation / update
* I had somehow misunderstood the Proxmox API doc and thought creation
and update went through the same endpoint. This has been fixed by
adding separate data structures and separate methods for both
actions.
* feat: Terraform/Proxmox API conversion utilities
* chore(refactoring): HA group model and reading code moved to separate file
* feat(ha): HA group creation
* fix(api): renamed method (missed during previous refactor)
* feat(ha): `Read()` method implemented for the `hagroup` resource
* chore(refactoring): more consistent variable naming
* fix(ha): fixed the behaviour of `Read()` when the resource is deleted externally
* feat(ha): implement HA group deletion
* feat(ha): HA group update implemented
* fix(ha): prevent empty or untrimmed HA group comments
* feat(ha): HA group import
* docs(ha): HA group resource examples
* docs(ha): generated documentation for the `hagroup` resource
* chore(ha): fixed linter errors
* chore(refactoring): updated the code based on changes to the datasource PR
* fix(api): fixed boolean fields in the HA group create/update structures
* fix(ha): removed digest from the HA group resource and datasource
* The digest is generated by Proxmox from the *whole* HA groups
configuration, so any update to one group causes changes in all
other groups.
* Because of that, using it causes failures when updating two or more
HA groups.
* It is also a pretty useless value to have in the datasource, as it
is global and not actually related to the individual data items
* chore(refactoring): removed obsolete type conversion code
* chore(refactoring): use `ExpandPath` in the HA groups API client
* feat(ha): custom type for HA resource states
* feat(ha): custom type for HA resource types
* fix(api): fixed JSON decoding for HA resource states and types
* Values were being decoded directly from the raw bytes.
* Added tests for JSON marshaling/unmarshaling
* feat(api): custom type for HA resource identifiers
* Structure with a type and name
* Conversion to/from strings
* Marshaling to/Unmarshaling from JSON
* URL encoding
* feat(api): list and get HA resources
* feat(ha): HA resources list datasource
* feat(ha): added method that converts HA resource data to Terraform values
* fix(api): HA resource max relocation/restarts are optional
* feat(ha): Terraform validator for HA resource IDs
* feat(ha): HA resource datasource
* chore(refactoring): moved HA resource model to separate file
* feat(api): data structures for HA resource creation and update
* feat(api): HA resource creation, update and deletion
* fix(api): incorrect mapping in common HA resource data
* feat: utility function to create attribute validators based on parse functions
* feat: validators for HA resource identifiers, states and types
* fix(api): incorrect comment for the update request body
* feat(ha): Terraform resource for Proxmox HA resources
* chore(reafactoring): removed old HA resource ID validator
* docs: examples related to HA resources added
* docs: added documentation related to HA resources management
* fix: update doc generation, fix minor typos
* fix: rename & split utils package, replace `iota`
---------
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
