mirror of
https://github.com/bpg/terraform-provider-proxmox.git
synced 2025-07-05 05:24:01 +00:00
98e1cff7fe
* refactoring existing cluster / firewall API for better composition * add basic security groups API fix linter errors * add rules API * fix after renaming resourceVirtualEnvironmentClusterIPSet * fix linter errors * make linter happy * even more refactoring * tidy up datasources * in refactoring spree * update examples * fix firewall resource/datasource & client error handling * add ipset(s) datasource * update docs * add security group resource with rules * docs * fix security group update, TODO: rule update * fix after rebase * add rule update, extract common rule schema, refactor group * fix linter errors * bump linter for ci * make alias and ipset reusable * make security group reusable * refactor datasources * add security group datasources * fix linter errors * update docs TODO: documentation for group datasources * add sg docs, update doc index * minor cleanup * fix examples & tests * stub for firewall-level options and rules * extract firewall interface * add firewall options and rules on the cluster level TODO: issues with rule list management * refactor all resources format AGAIN, now more flat, without complex subresources * sort out hierarchy of APIs and remove duplication in API wrappers * bring back security group * finally, working rules * restore cluster firewall option * add containers support * add options * move rules back under security group, update docs * fix vm_id / container_id attrs * add examples * cleanup * more cleanup Release-As: 0.17.0-rc1
120 lines
2.8 KiB
Go
120 lines
2.8 KiB
Go
/*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
package firewall
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
|
|
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
|
|
|
|
"github.com/bpg/terraform-provider-proxmox/proxmox/cluster/firewall"
|
|
)
|
|
|
|
const (
|
|
mkSecurityGroupName = "name"
|
|
mkSecurityGroupComment = "comment"
|
|
mkRules = "rules"
|
|
)
|
|
|
|
func SecurityGroupSchema() map[string]*schema.Schema {
|
|
return map[string]*schema.Schema{
|
|
mkSecurityGroupName: {
|
|
Type: schema.TypeString,
|
|
Description: "Security group name",
|
|
Required: true,
|
|
},
|
|
mkSecurityGroupComment: {
|
|
Type: schema.TypeString,
|
|
Description: "Security group comment",
|
|
Computed: true,
|
|
},
|
|
mkRules: {
|
|
Type: schema.TypeList,
|
|
Description: "List of rules",
|
|
Computed: true,
|
|
Elem: &schema.Resource{Schema: RuleSchema()},
|
|
},
|
|
}
|
|
}
|
|
|
|
func SecurityGroupRead(ctx context.Context, api firewall.SecurityGroup, d *schema.ResourceData) diag.Diagnostics {
|
|
var diags diag.Diagnostics
|
|
|
|
name := d.Get(mkSecurityGroupName).(string)
|
|
|
|
allGroups, err := api.ListGroups(ctx)
|
|
if err != nil {
|
|
return diag.FromErr(err)
|
|
}
|
|
|
|
for _, v := range allGroups {
|
|
if v.Group == name {
|
|
err = d.Set(mkSecurityGroupName, v.Group)
|
|
diags = append(diags, diag.FromErr(err)...)
|
|
err = d.Set(mkSecurityGroupComment, v.Comment)
|
|
diags = append(diags, diag.FromErr(err)...)
|
|
break
|
|
}
|
|
}
|
|
|
|
// rules := d.Get(mkRules).([]interface{})
|
|
// ruleIDs, err := fw.ListGroupRules(ctx, name)
|
|
// if err != nil {
|
|
// if strings.Contains(err.Error(), "no such security group") {
|
|
// d.SetId("")
|
|
// return nil
|
|
// }
|
|
// return diag.FromErr(err)
|
|
// }
|
|
// for _, id := range ruleIDs {
|
|
// ruleMap := map[string]interface{}{}
|
|
// err = readGroupRule(ctx, fw, name, id.Pos, ruleMap)
|
|
// if err != nil {
|
|
// diags = append(diags, diag.FromErr(err)...)
|
|
// } else {
|
|
// rules = append(rules, ruleMap)
|
|
// }
|
|
// }
|
|
|
|
// if diags.HasError() {
|
|
// return diags
|
|
// }
|
|
|
|
// err = d.Set(mkRules, rules)
|
|
// diags = append(diags, diag.FromErr(err)...)
|
|
|
|
d.SetId(name)
|
|
|
|
return diags
|
|
}
|
|
|
|
// func readGroupRule(
|
|
// ctx context.Context,
|
|
// fw firewall.API,
|
|
// group string,
|
|
// pos int,
|
|
// ruleMap map[string]interface{},
|
|
// ) error {
|
|
// rule, err := fw.GetGroupRule(ctx, group, pos)
|
|
// if err != nil {
|
|
// if strings.Contains(err.Error(), "no such security group") {
|
|
// return nil
|
|
// }
|
|
// return fmt.Errorf("error reading rule %d for group %s: %w", pos, group, err)
|
|
// }
|
|
//
|
|
// baseRuleToMap(&rule.BaseRule, ruleMap)
|
|
//
|
|
// // pos in the map should be int!
|
|
// ruleMap[mkRulePos] = pos
|
|
// ruleMap[mkRuleAction] = rule.Action
|
|
// ruleMap[mkRuleType] = rule.Type
|
|
//
|
|
// return nil
|
|
// }
|