Add TLSA records

hashicorp · Dec 12, 2024 · 0b5eb50 · 0b5eb50
1 parent b9cda59
commit 0b5eb50
Showing 7 changed files with 996 additions and 0 deletions.
diff --git a/internal/services/dns/dns_tlsa_record_data_source.go b/internal/services/dns/dns_tlsa_record_data_source.go
@@ -0,0 +1,147 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package dns
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/go-azure-helpers/lang/pointer"
+	"github.com/hashicorp/go-azure-helpers/lang/response"
+	"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
+	"github.com/hashicorp/go-azure-sdk/resource-manager/dns/2023-07-01-preview/recordsets"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/dns/validate"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
+)
+
+var (
+	_ sdk.DataSource = DnsTLSARecordDataResource{}
+)
+
+type DnsTLSARecordDataResource struct{}
+
+func (DnsTLSARecordDataResource) ModelObject() interface{} {
+	return &DnsTLSARecordDataSourceModel{}
+}
+
+func (d DnsTLSARecordDataResource) IDValidationFunc() pluginsdk.SchemaValidateFunc {
+	return validate.ValidateRecordTypeID(recordsets.RecordTypeTLSA)
+}
+
+func (DnsTLSARecordDataResource) ResourceType() string {
+	return "azurerm_dns_tlsa_record"
+}
+
+type DnsTLSARecordDataSourceModel struct {
+	Name              string                        `tfschema:"name"`
+	ResourceGroupName string                        `tfschema:"resource_group_name"`
+	ZoneName          string                        `tfschema:"zone_name"`
+	Ttl               int64                         `tfschema:"ttl"`
+	Record            []DnsTLSARecordResourceRecord `tfschema:"record"`
+	Tags              map[string]string             `tfschema:"tags"`
+	Fqdn              string                        `tfschema:"fqdn"`
+}
+
+func (DnsTLSARecordDataResource) Arguments() map[string]*pluginsdk.Schema {
+	return map[string]*pluginsdk.Schema{
+		"name": {
+			Type:     pluginsdk.TypeString,
+			Required: true,
+		},
+
+		"resource_group_name": commonschema.ResourceGroupNameForDataSource(),
+
+		"zone_name": {
+			Type:     pluginsdk.TypeString,
+			Required: true,
+		},
+	}
+}
+
+func (DnsTLSARecordDataResource) Attributes() map[string]*pluginsdk.Schema {
+	return map[string]*pluginsdk.Schema{
+		"record": {
+			Type:     pluginsdk.TypeSet,
+			Computed: true,
+			Elem: &pluginsdk.Resource{
+				Schema: map[string]*pluginsdk.Schema{
+					"matching_type": {
+						Type:     pluginsdk.TypeInt,
+						Computed: true,
+					},
+
+					"selector": {
+						Type:     pluginsdk.TypeInt,
+						Computed: true,
+					},
+
+					"usage": {
+						Type:     pluginsdk.TypeInt,
+						Computed: true,
+					},
+
+					"cert_association_data": {
+						Type:     pluginsdk.TypeString,
+						Computed: true,
+					},
+				},
+			},
+			Set: resourceDnsTLSARecordHash,
+		},
+
+		"ttl": {
+			Type:     pluginsdk.TypeInt,
+			Computed: true,
+		},
+
+		"fqdn": {
+			Type:     pluginsdk.TypeString,
+			Computed: true,
+		},
+
+		"tags": commonschema.TagsDataSource(),
+	}
+}
+
+func (DnsTLSARecordDataResource) Read() sdk.ResourceFunc {
+	return sdk.ResourceFunc{
+		Timeout: 5 * time.Minute,
+		Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
+			var state DnsTLSARecordDataSourceModel
+			if err := metadata.Decode(&state); err != nil {
+				return err
+			}
+
+			client := metadata.Client.Dns.RecordSets
+			subscriptionId := metadata.Client.Account.SubscriptionId
+
+			id := recordsets.NewRecordTypeID(subscriptionId, state.ResourceGroupName, state.ZoneName, recordsets.RecordTypeTLSA, state.Name)
+
+			resp, err := client.Get(ctx, id)
+			if err != nil {
+				if response.WasNotFound(resp.HttpResponse) {
+					return fmt.Errorf("record %s not found", id)
+				}
+				return fmt.Errorf("retrieving %s: %+v", id, err)
+			}
+
+			if model := resp.Model; model != nil {
+				if props := model.Properties; props != nil {
+					state.Ttl = pointer.From(props.TTL)
+					state.Fqdn = pointer.From(props.Fqdn)
+
+					state.Record = flattenAzureRmDnsTLSARecords(props.TLSARecords)
+
+					state.Tags = pointer.From(props.Metadata)
+
+				}
+			}
+			metadata.SetID(id)
+
+			return metadata.Encode(&state)
+		},
+	}
+}
diff --git a/internal/services/dns/dns_tlsa_record_data_source_test.go b/internal/services/dns/dns_tlsa_record_data_source_test.go
@@ -0,0 +1,46 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package dns_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check"
+)
+
+type DnsTLSARecordDataSource struct{}
+
+func TestAccDataSourceDnsTLSARecord_basic(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azurerm_dns_tlsa_record", "test")
+	r := DnsTLSARecordDataSource{}
+
+	data.DataSourceTest(t, []acceptance.TestStep{
+		{
+			Config: r.basic(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).Key("name").Exists(),
+				check.That(data.ResourceName).Key("resource_group_name").Exists(),
+				check.That(data.ResourceName).Key("zone_name").Exists(),
+				check.That(data.ResourceName).Key("record.#").HasValue("2"),
+				check.That(data.ResourceName).Key("ttl").Exists(),
+				check.That(data.ResourceName).Key("fqdn").Exists(),
+				check.That(data.ResourceName).Key("tags.%").HasValue("0"),
+			),
+		},
+	})
+}
+
+func (DnsTLSARecordDataSource) basic(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%s
+
+data "azurerm_dns_tlsa_record" "test" {
+  name                = azurerm_dns_tlsa_record.test.name
+  resource_group_name = azurerm_resource_group.test.name
+  zone_name           = azurerm_dns_zone.test.name
+}
+`, DnsTLSARecordResource{}.basic(data))
+}