Skip to content

Commit

Permalink
revert changes as they're a breaking change and fields will need to b…
Browse files Browse the repository at this point in the history 
…e added instead (#6600) (#12638)

Signed-off-by: Modular Magician <[email protected]>

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
@modular-magician @megan07
modular-magician authored and megan07 committed Sep 23, 2022
1 parent 12fc5e0 commit f92e180
Show file tree
Hide file tree
Showing 6 changed files with 98 additions and 76 deletions.
3 changes: 3 additions & 0 deletions .changelog/6600.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:none

```
49 changes: 38 additions & 11 deletions google/resource_certificate_manager_certificate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,21 +184,22 @@ certificates before they expire remains the user's responsibility.`,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"pem_certificate": {
"certificate_pem": {
Type: schema.TypeString,
Required: true,
Description: `The certificate chain in PEM-encoded form.
Leaf certificate comes first, followed by intermediate ones if any.`,
Sensitive: true,
},
"pem_private_key": {
"private_key_pem": {
Type: schema.TypeString,
Required: true,
Description: `The private key of the leaf certificate in PEM-encoded form.`,
Sensitive: true,
},
},
},
Sensitive: true,
ExactlyOneOf: []string{"self_managed", "managed"},
},
"project": {
Expand Down Expand Up @@ -340,6 +341,9 @@ func resourceCertificateManagerCertificateRead(d *schema.ResourceData, meta inte
if err := d.Set("scope", flattenCertificateManagerCertificateScope(res["scope"], d, config)); err != nil {
return fmt.Errorf("Error reading Certificate: %s", err)
}
if err := d.Set("self_managed", flattenCertificateManagerCertificateSelfManaged(res["selfManaged"], d, config)); err != nil {
return fmt.Errorf("Error reading Certificate: %s", err)
}
if err := d.Set("managed", flattenCertificateManagerCertificateManaged(res["managed"], d, config)); err != nil {
return fmt.Errorf("Error reading Certificate: %s", err)
}
Expand Down Expand Up @@ -499,6 +503,29 @@ func flattenCertificateManagerCertificateScope(v interface{}, d *schema.Resource
return v
}

func flattenCertificateManagerCertificateSelfManaged(v interface{}, d *schema.ResourceData, config *Config) interface{} {
if v == nil {
return nil
}
original := v.(map[string]interface{})
if len(original) == 0 {
return nil
}
transformed := make(map[string]interface{})
transformed["certificate_pem"] =
flattenCertificateManagerCertificateSelfManagedCertificatePem(original["certificatePem"], d, config)
transformed["private_key_pem"] =
flattenCertificateManagerCertificateSelfManagedPrivateKeyPem(original["privateKeyPem"], d, config)
return []interface{}{transformed}
}
func flattenCertificateManagerCertificateSelfManagedCertificatePem(v interface{}, d *schema.ResourceData, config *Config) interface{} {
return v
}

func flattenCertificateManagerCertificateSelfManagedPrivateKeyPem(v interface{}, d *schema.ResourceData, config *Config) interface{} {
return v
}

func flattenCertificateManagerCertificateManaged(v interface{}, d *schema.ResourceData, config *Config) interface{} {
if v == nil {
return nil
Expand Down Expand Up @@ -620,28 +647,28 @@ func expandCertificateManagerCertificateSelfManaged(v interface{}, d TerraformRe
original := raw.(map[string]interface{})
transformed := make(map[string]interface{})

transformedPemCertificate, err := expandCertificateManagerCertificateSelfManagedPemCertificate(original["pem_certificate"], d, config)
transformedCertificatePem, err := expandCertificateManagerCertificateSelfManagedCertificatePem(original["certificate_pem"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPemCertificate); val.IsValid() && !isEmptyValue(val) {
transformed["pemCertificate"] = transformedPemCertificate
} else if val := reflect.ValueOf(transformedCertificatePem); val.IsValid() && !isEmptyValue(val) {
transformed["certificatePem"] = transformedCertificatePem
}

transformedPemPrivateKey, err := expandCertificateManagerCertificateSelfManagedPemPrivateKey(original["pem_private_key"], d, config)
transformedPrivateKeyPem, err := expandCertificateManagerCertificateSelfManagedPrivateKeyPem(original["private_key_pem"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedPemPrivateKey); val.IsValid() && !isEmptyValue(val) {
transformed["pemPrivateKey"] = transformedPemPrivateKey
} else if val := reflect.ValueOf(transformedPrivateKeyPem); val.IsValid() && !isEmptyValue(val) {
transformed["privateKeyPem"] = transformedPrivateKeyPem
}

return transformed, nil
}

func expandCertificateManagerCertificateSelfManagedPemCertificate(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
func expandCertificateManagerCertificateSelfManagedCertificatePem(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
return v, nil
}

func expandCertificateManagerCertificateSelfManagedPemPrivateKey(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
func expandCertificateManagerCertificateSelfManagedPrivateKeyPem(v interface{}, d TerraformResourceData, config *Config) (interface{}, error) {
return v, nil
}

Expand Down
35 changes: 27 additions & 8 deletions google/resource_certificate_manager_certificate_generated_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
)

func TestAccCertificateManagerCertificate_certificateManagerSelfManagedCertificateExample(t *testing.T) {
func TestAccCertificateManagerCertificate_certificateManagerCertificateBasicExample(t *testing.T) {
t.Parallel()

context := map[string]interface{}{
Expand All @@ -36,29 +36,48 @@ func TestAccCertificateManagerCertificate_certificateManagerSelfManagedCertifica
CheckDestroy: testAccCheckCertificateManagerCertificateDestroyProducer(t),
Steps: []resource.TestStep{
{
Config: testAccCertificateManagerCertificate_certificateManagerSelfManagedCertificateExample(context),
Config: testAccCertificateManagerCertificate_certificateManagerCertificateBasicExample(context),
},
{
ResourceName: "google_certificate_manager_certificate.default",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"self_managed", "name"},
ImportStateVerifyIgnore: []string{"name", "managed.0.dns_authorizations"},
},
},
})
}

func testAccCertificateManagerCertificate_certificateManagerSelfManagedCertificateExample(context map[string]interface{}) string {
func testAccCertificateManagerCertificate_certificateManagerCertificateBasicExample(context map[string]interface{}) string {
return Nprintf(`
resource "google_certificate_manager_certificate" "default" {
name = "tf-test-self-managed-cert%{random_suffix}"
name = "tf-test-dns-cert%{random_suffix}"
description = "The default cert"
scope = "EDGE_CACHE"
self_managed {
pem_certificate = file("test-fixtures/certificatemanager/cert.pem")
pem_private_key = file("test-fixtures/certificatemanager/private-key.pem")
managed {
domains = [
google_certificate_manager_dns_authorization.instance.domain,
google_certificate_manager_dns_authorization.instance2.domain,
]
dns_authorizations = [
google_certificate_manager_dns_authorization.instance.id,
google_certificate_manager_dns_authorization.instance2.id,
]
}
}
resource "google_certificate_manager_dns_authorization" "instance" {
name = "tf-test-dns-auth%{random_suffix}"
description = "The default dnss"
domain = "subdomain%{random_suffix}.hashicorptest.com"
}
resource "google_certificate_manager_dns_authorization" "instance2" {
name = "tf-test-dns-auth2%{random_suffix}"
description = "The default dnss"
domain = "subdomain2%{random_suffix}.hashicorptest.com"
}
`, context)
}

Expand Down
19 changes: 0 additions & 19 deletions google/test-fixtures/certificatemanager/cert.pem
View file

This file was deleted.

28 changes: 0 additions & 28 deletions google/test-fixtures/certificatemanager/private-key.pem
View file

This file was deleted.

40 changes: 30 additions & 10 deletions website/docs/r/certificate_manager_certificate.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,27 +24,46 @@ Certificate represents a HTTP-reachable backend for a Certificate.



~> **Warning:** All arguments including `self_managed` will be stored in the raw
~> **Warning:** All arguments including `self_managed.certificate_pem` and `self_managed.private_key_pem` will be stored in the raw
state as plain-text. [Read more about sensitive data in state](https://www.terraform.io/language/state/sensitive-data).

<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=certificate_manager_self_managed_certificate&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=certificate_manager_certificate_basic&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Certificate Manager Self Managed Certificate
## Example Usage - Certificate Manager Certificate Basic


```hcl
resource "google_certificate_manager_certificate" "default" {
name = "self-managed-cert"
name = "dns-cert"
description = "The default cert"
scope = "EDGE_CACHE"
self_managed {
pem_certificate = file("test-fixtures/certificatemanager/cert.pem")
pem_private_key = file("test-fixtures/certificatemanager/private-key.pem")
managed {
domains = [
google_certificate_manager_dns_authorization.instance.domain,
google_certificate_manager_dns_authorization.instance2.domain,
]
dns_authorizations = [
google_certificate_manager_dns_authorization.instance.id,
google_certificate_manager_dns_authorization.instance2.id,
]
}
}
resource "google_certificate_manager_dns_authorization" "instance" {
name = "dns-auth"
description = "The default dnss"
domain = "subdomain.hashicorptest.com"
}
resource "google_certificate_manager_dns_authorization" "instance2" {
name = "dns-auth2"
description = "The default dnss"
domain = "subdomain2.hashicorptest.com"
}
```

## Argument Reference
Expand Down Expand Up @@ -84,7 +103,6 @@ The following arguments are supported:
Certificate data for a SelfManaged Certificate.
SelfManaged Certificates are uploaded by the user. Updating such
certificates before they expire remains the user's responsibility.
**Note**: This property is sensitive and will not be displayed in the plan.
Structure is [documented below](#nested_self_managed).

* `managed` -
Expand All @@ -100,14 +118,16 @@ The following arguments are supported:

<a name="nested_self_managed"></a>The `self_managed` block supports:

* `pem_certificate` -
* `certificate_pem` -
(Required)
The certificate chain in PEM-encoded form.
Leaf certificate comes first, followed by intermediate ones if any.
**Note**: This property is sensitive and will not be displayed in the plan.

* `pem_private_key` -
* `private_key_pem` -
(Required)
The private key of the leaf certificate in PEM-encoded form.
**Note**: This property is sensitive and will not be displayed in the plan.

<a name="nested_managed"></a>The `managed` block supports:

Expand Down

0 comments on commit f92e180

Please sign in to comment.