add enterprise_project_id to secgroup

docs/resources/networking_secgroup.md

@@ -32,6 +32,8 @@ The following arguments are supported:
     egress security rules. This is `false` by default. See the below note
     for more information.
 
+* `enterprise_project_id` - (Optional) The enterprise project id of the security group. Changing this creates a new security group.
+
 ## Attributes Reference
 
 The following attributes are exported:

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/hashicorp/errwrap v1.0.0
 	github.com/hashicorp/go-cleanhttp v0.5.1
 	github.com/hashicorp/terraform-plugin-sdk v1.13.0
-	github.com/huaweicloud/golangsdk v0.0.0-20201021110706-4cb6032799d8
+	github.com/huaweicloud/golangsdk v0.0.0-20201027014306-5ff7dac952b3
 	github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/smartystreets/goconvey v0.0.0-20190222223459-a17d461953aa // indirect

go.sum

@@ -129,8 +129,8 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS
 github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
 github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ=
 github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
-github.com/huaweicloud/golangsdk v0.0.0-20201021110706-4cb6032799d8 h1:x028T/6qFLr/WXVVqHShpnIgFz9U8NmfjZVag3zvFF8=
-github.com/huaweicloud/golangsdk v0.0.0-20201021110706-4cb6032799d8/go.mod h1:fcOI5u+0f62JtJd7zkCch/Z57BNC6bhqb32TKuiF4r0=
+github.com/huaweicloud/golangsdk v0.0.0-20201027014306-5ff7dac952b3 h1:OM0O1p/gea9E3fQGca1gBrM/f10IZQ38w4MGhupar8c=
+github.com/huaweicloud/golangsdk v0.0.0-20201027014306-5ff7dac952b3/go.mod h1:fcOI5u+0f62JtJd7zkCch/Z57BNC6bhqb32TKuiF4r0=
 github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a h1:FyS/ubzBR5xJlnJGRTwe7GUHpJOR4ukYK3y+LFNffuA=
 github.com/jen20/awspolicyequivalence v0.0.0-20170831201602-3d48364a137a/go.mod h1:uoIMjNxUfXi48Ci40IXkPRbghZ1vbti6v9LCbNqRgHY=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=

huaweicloud/config.go

@@ -529,6 +529,10 @@ func (c *Config) NetworkingV1Client(region string) (*golangsdk.ServiceClient, er
 	return c.NewServiceClient("vpc", region)
 }
 
+func (c *Config) SecurityGroupV1Client(region string) (*golangsdk.ServiceClient, error) {
+	return c.NewServiceClient("security_group", region)
+}
+
 func (c *Config) NetworkingV2Client(region string) (*golangsdk.ServiceClient, error) {
 	return c.NewServiceClient("networkv2", region)
 }

huaweicloud/endpoints.go

@@ -121,6 +121,10 @@ var allServiceCatalog = map[string]ServiceCatalog{
 		Version:          "v2.0",
 		WithOutProjectID: true,
 	},
+	"security_group": ServiceCatalog{
+		Name:    "vpc",
+		Version: "v1",
+	},
 	"natv2": ServiceCatalog{
 		Name:             "nat",
 		Version:          "v2.0",

huaweicloud/endpoints_test.go

@@ -581,6 +581,16 @@ func TestAccServiceEndpoints_Network(t *testing.T) {
 	actualURL = serviceClient.ResourceBaseURL()
 	compareURL(expectedURL, actualURL, "nat", "v2", t)
 
+	// test endpoint of secgroup v1
+	serviceClient, err = nil, nil
+	serviceClient, err = config.SecurityGroupV1Client(OS_REGION_NAME)
+	if err != nil {
+		t.Fatalf("Error creating HuaweiCloud security_group v1 client: %s", err)
+	}
+	expectedURL = fmt.Sprintf("https://vpc.%s.%s/v1/%s/", OS_REGION_NAME, config.Cloud, config.TenantID)
+	actualURL = serviceClient.ResourceBaseURL()
+	compareURL(expectedURL, actualURL, "vpc", "v1", t)
+
 	// test endpoint of loadElasticLoadBalancer v1.0
 	serviceClient, err = nil, nil
 	serviceClient, err = config.elasticLBClient(OS_REGION_NAME)

huaweicloud/resource_huaweicloud_networking_secgroup_v2.go

@@ -9,6 +9,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 
 	"github.com/huaweicloud/golangsdk"
+	"github.com/huaweicloud/golangsdk/openstack/networking/v1/security/securitygroups"
 	"github.com/huaweicloud/golangsdk/openstack/networking/v2/extensions/security/groups"
 	"github.com/huaweicloud/golangsdk/openstack/networking/v2/extensions/security/rules"
 )
@@ -43,6 +44,12 @@ func ResourceNetworkingSecGroupV2() *schema.Resource {
 				Optional: true,
 				Computed: true,
 			},
+			"enterprise_project_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				Computed: true,
+			},
 			"tenant_id": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -61,33 +68,37 @@ func ResourceNetworkingSecGroupV2() *schema.Resource {
 func resourceNetworkingSecGroupV2Create(d *schema.ResourceData, meta interface{}) error {
 
 	config := meta.(*Config)
-	networkingClient, err := config.NetworkingV2Client(GetRegion(d, config))
+	networkingClient, err := config.SecurityGroupV1Client(GetRegion(d, config))
 	if err != nil {
 		return fmt.Errorf("Error creating HuaweiCloud networking client: %s", err)
 	}
 
-	opts := groups.CreateOpts{
-		Name:        d.Get("name").(string),
-		Description: d.Get("description").(string),
-		TenantID:    d.Get("tenant_id").(string),
+	opts := securitygroups.CreateOpts{
+		Name:                d.Get("name").(string),
+		EnterpriseProjectId: GetEnterpriseProjectID(d, config),
 	}
 
 	log.Printf("[DEBUG] Create HuaweiCloud Neutron Security Group: %#v", opts)
 
-	security_group, err := groups.Create(networkingClient, opts).Extract()
+	security_group, err := securitygroups.Create(networkingClient, opts).Extract()
 	if err != nil {
 		return err
 	}
 
 	// Delete the default security group rules if it has been requested.
 	deleteDefaultRules := d.Get("delete_default_rules").(bool)
 	if deleteDefaultRules {
-		security_group, err := groups.Get(networkingClient, security_group.ID).Extract()
+		networkingClient_del, err := config.NetworkingV2Client(GetRegion(d, config))
+		if err != nil {
+			return fmt.Errorf("Error creating HuaweiCloud networking client: %s", err)
+		}
+
+		security_group, err := groups.Get(networkingClient_del, security_group.ID).Extract()
 		if err != nil {
 			return err
 		}
 		for _, rule := range security_group.Rules {
-			if err := rules.Delete(networkingClient, rule.ID).ExtractErr(); err != nil {
+			if err := rules.Delete(networkingClient_del, rule.ID).ExtractErr(); err != nil {
 				return fmt.Errorf(
 					"There was a problem deleting a default security group rule: %s", err)
 			}
@@ -98,28 +109,39 @@ func resourceNetworkingSecGroupV2Create(d *schema.ResourceData, meta interface{}
 
 	d.SetId(security_group.ID)
 
+	description := d.Get("description").(string)
+	networkingClient_des, err := config.NetworkingV2Client(GetRegion(d, config))
+	if err != nil {
+		return fmt.Errorf("Error creating HuaweiCloud networking client: %s", err)
+	}
+	updateOpts := groups.UpdateOpts{
+		Description: &description,
+	}
+
+	_, err = groups.Update(networkingClient_des, d.Id(), updateOpts).Extract()
+
 	return resourceNetworkingSecGroupV2Read(d, meta)
 }
 
 func resourceNetworkingSecGroupV2Read(d *schema.ResourceData, meta interface{}) error {
 	log.Printf("[DEBUG] Retrieve information about security group: %s", d.Id())
 
 	config := meta.(*Config)
-	networkingClient, err := config.NetworkingV2Client(GetRegion(d, config))
+	networkingClient, err := config.SecurityGroupV1Client(GetRegion(d, config))
 	if err != nil {
 		return fmt.Errorf("Error creating HuaweiCloud networking client: %s", err)
 	}
 
-	security_group, err := groups.Get(networkingClient, d.Id()).Extract()
+	security_group, err := securitygroups.Get(networkingClient, d.Id()).Extract()
 
 	if err != nil {
 		return CheckDeleted(d, err, "HuaweiCloud Neutron Security group")
 	}
 
 	d.Set("description", security_group.Description)
-	d.Set("tenant_id", security_group.TenantID)
 	d.Set("name", security_group.Name)
 	d.Set("region", GetRegion(d, config))
+	d.Set("enterprise_project_id", security_group.EnterpriseProjectId)
 
 	return nil
 }
@@ -141,7 +163,8 @@ func resourceNetworkingSecGroupV2Update(d *schema.ResourceData, meta interface{}
 
 	if d.HasChange("description") {
 		update = true
-		updateOpts.Description = d.Get("description").(string)
+		description := d.Get("description").(string)
+		updateOpts.Description = &description
 	}
 
 	if update {
@@ -159,7 +182,7 @@ func resourceNetworkingSecGroupV2Delete(d *schema.ResourceData, meta interface{}
 	log.Printf("[DEBUG] Destroy security group: %s", d.Id())
 
 	config := meta.(*Config)
-	networkingClient, err := config.NetworkingV2Client(GetRegion(d, config))
+	networkingClient, err := config.SecurityGroupV1Client(GetRegion(d, config))
 	if err != nil {
 		return fmt.Errorf("Error creating HuaweiCloud networking client: %s", err)
 	}
@@ -186,7 +209,7 @@ func waitForSecGroupDelete(networkingClient *golangsdk.ServiceClient, secGroupId
 	return func() (interface{}, string, error) {
 		log.Printf("[DEBUG] Attempting to delete HuaweiCloud Security Group %s.\n", secGroupId)
 
-		r, err := groups.Get(networkingClient, secGroupId).Extract()
+		r, err := securitygroups.Get(networkingClient, secGroupId).Extract()
 		if err != nil {
 			if _, ok := err.(golangsdk.ErrDefault404); ok {
 				log.Printf("[DEBUG] Successfully deleted HuaweiCloud Neutron Security Group %s", secGroupId)
@@ -195,7 +218,7 @@ func waitForSecGroupDelete(networkingClient *golangsdk.ServiceClient, secGroupId
 			return r, "ACTIVE", err
 		}
 
-		err = groups.Delete(networkingClient, secGroupId).ExtractErr()
+		err = securitygroups.Delete(networkingClient, secGroupId).ExtractErr()
 		if err != nil {
 			if _, ok := err.(golangsdk.ErrDefault404); ok {
 				log.Printf("[DEBUG] Successfully deleted HuaweiCloud Neutron Security Group %s", secGroupId)

huaweicloud/resource_huaweicloud_networking_secgroup_v2_test.go

@@ -22,22 +22,43 @@ func TestAccNetworkingV2SecGroup_basic(t *testing.T) {
 				Config: testAccNetworkingV2SecGroup_basic,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckNetworkingV2SecGroupExists(
-						"huaweicloud_networking_secgroup_v2.secgroup_1", &security_group),
-					testAccCheckNetworkingV2SecGroupRuleCount(&security_group, 2),
+						"huaweicloud_networking_secgroup.secgroup_1", &security_group),
+					testAccCheckNetworkingV2SecGroupRuleCount(&security_group, 6),
 				),
 			},
 			{
-				ResourceName:      "huaweicloud_networking_secgroup_v2.secgroup_1",
+				ResourceName:      "huaweicloud_networking_secgroup.secgroup_1",
 				ImportState:       true,
 				ImportStateVerify: true,
 			},
 			{
 				Config: testAccNetworkingV2SecGroup_update,
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrPtr(
-						"huaweicloud_networking_secgroup_v2.secgroup_1", "id", &security_group.ID),
+						"huaweicloud_networking_secgroup.secgroup_1", "id", &security_group.ID),
 					resource.TestCheckResourceAttr(
-						"huaweicloud_networking_secgroup_v2.secgroup_1", "name", "security_group_2"),
+						"huaweicloud_networking_secgroup.secgroup_1", "name", "security_group_2"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccNetworkingV2SecGroup_withEpsId(t *testing.T) {
+	var security_group groups.SecGroup
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheckEpsID(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckNetworkingV2SecGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccNetworkingV2SecGroup_epsId(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckNetworkingV2SecGroupExists(
+						"huaweicloud_networking_secgroup.secgroup_1", &security_group),
+					resource.TestCheckResourceAttr(
+						"huaweicloud_networking_secgroup.secgroup_1", "enterprise_project_id", OS_ENTERPRISE_PROJECT_ID),
 				),
 			},
 		},
@@ -56,7 +77,7 @@ func TestAccNetworkingV2SecGroup_noDefaultRules(t *testing.T) {
 				Config: testAccNetworkingV2SecGroup_noDefaultRules,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckNetworkingV2SecGroupExists(
-						"huaweicloud_networking_secgroup_v2.secgroup_1", &security_group),
+						"huaweicloud_networking_secgroup.secgroup_1", &security_group),
 					testAccCheckNetworkingV2SecGroupRuleCount(&security_group, 0),
 				),
 			},
@@ -76,7 +97,7 @@ func TestAccNetworkingV2SecGroup_timeout(t *testing.T) {
 				Config: testAccNetworkingV2SecGroup_timeout,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckNetworkingV2SecGroupExists(
-						"huaweicloud_networking_secgroup_v2.secgroup_1", &security_group),
+						"huaweicloud_networking_secgroup.secgroup_1", &security_group),
 				),
 			},
 		},
@@ -91,7 +112,7 @@ func testAccCheckNetworkingV2SecGroupDestroy(s *terraform.State) error {
 	}
 
 	for _, rs := range s.RootModule().Resources {
-		if rs.Type != "huaweicloud_networking_secgroup_v2" {
+		if rs.Type != "huaweicloud_networking_secgroup" {
 			continue
 		}
 
@@ -149,29 +170,39 @@ func testAccCheckNetworkingV2SecGroupRuleCount(
 }
 
 const testAccNetworkingV2SecGroup_basic = `
-resource "huaweicloud_networking_secgroup_v2" "secgroup_1" {
+resource "huaweicloud_networking_secgroup" "secgroup_1" {
   name = "security_group"
   description = "terraform security group acceptance test"
 }
 `
 
+func testAccNetworkingV2SecGroup_epsId() string {
+	return fmt.Sprintf(`
+	resource "huaweicloud_networking_secgroup" "secgroup_1" {
+	  name = "security_group"
+	  description = "terraform security group acceptance test"
+	  enterprise_project_id = "%s"
+	}
+	`, OS_ENTERPRISE_PROJECT_ID)
+}
+
 const testAccNetworkingV2SecGroup_update = `
-resource "huaweicloud_networking_secgroup_v2" "secgroup_1" {
+resource "huaweicloud_networking_secgroup" "secgroup_1" {
   name = "security_group_2"
   description = "terraform security group acceptance test"
 }
 `
 
 const testAccNetworkingV2SecGroup_noDefaultRules = `
-resource "huaweicloud_networking_secgroup_v2" "secgroup_1" {
+resource "huaweicloud_networking_secgroup" "secgroup_1" {
 	name = "security_group_1"
 	description = "terraform security group acceptance test"
 	delete_default_rules = true
 }
 `
 
 const testAccNetworkingV2SecGroup_timeout = `
-resource "huaweicloud_networking_secgroup_v2" "secgroup_1" {
+resource "huaweicloud_networking_secgroup" "secgroup_1" {
   name = "security_group"
   description = "terraform security group acceptance test"