feat: data source security group (#346)

scaleway/data_source_account_ssh_key.go

@@ -22,7 +22,7 @@ func dataSourceScalewayAccountSSHKey() *schema.Resource {
 				Type:         schema.TypeString,
 				Optional:     true,
 				Computed:     true,
-				Description:  "The name of the SSH key",
+				Description:  "The ID of the SSH key",
 				ValidateFunc: validationUUIDorUUIDWithLocality(),
 			},
 			"public_key": {

scaleway/data_source_helpers.go

@@ -0,0 +1,73 @@
+package scaleway
+
+// source: https://github.com/terraform-providers/terraform-provider-google/blob/master/google/datasource_helpers.go
+
+import "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+
+// datasourceSchemaFromResourceSchema is a recursive func that
+// converts an existing Resource schema to a Datasource schema.
+// All schema elements are copied, but certain attributes are ignored or changed:
+// - all attributes have Computed = true
+// - all attributes have ForceNew, Required = false
+// - Validation funcs and attributes (e.g. MaxItems) are not copied
+func datasourceSchemaFromResourceSchema(rs map[string]*schema.Schema) map[string]*schema.Schema {
+	ds := make(map[string]*schema.Schema, len(rs))
+	for k, v := range rs {
+		dv := &schema.Schema{
+			Computed:    true,
+			ForceNew:    false,
+			Required:    false,
+			Description: v.Description,
+			Type:        v.Type,
+		}
+
+		switch v.Type {
+		case schema.TypeSet:
+			dv.Set = v.Set
+			fallthrough
+		case schema.TypeList:
+			// List & Set types are generally used for 2 cases:
+			// - a list/set of simple primitive values (e.g. list of strings)
+			// - a sub resource
+			if elem, ok := v.Elem.(*schema.Resource); ok {
+				// handle the case where the Element is a sub-resource
+				dv.Elem = &schema.Resource{
+					Schema: datasourceSchemaFromResourceSchema(elem.Schema),
+				}
+			} else {
+				// handle simple primitive case
+				dv.Elem = v.Elem
+			}
+
+		default:
+			// Elem of all other types are copied as-is
+			dv.Elem = v.Elem
+
+		}
+		ds[k] = dv
+
+	}
+	return ds
+}
+
+// fixDatasourceSchemaFlags is a convenience func that toggles the Computed,
+// Optional + Required flags on a schema element. This is useful when the schema
+// has been generated (using `datasourceSchemaFromResourceSchema` above for
+// example) and therefore the attribute flags were not set appropriately when
+// first added to the schema definition. Currently only supports top-level
+// schema elements.
+func fixDatasourceSchemaFlags(schema map[string]*schema.Schema, required bool, keys ...string) {
+	for _, v := range keys {
+		schema[v].Computed = false
+		schema[v].Optional = !required
+		schema[v].Required = required
+	}
+}
+
+func addRequiredFieldsToSchema(schema map[string]*schema.Schema, keys ...string) {
+	fixDatasourceSchemaFlags(schema, true, keys...)
+}
+
+func addOptionalFieldsToSchema(schema map[string]*schema.Schema, keys ...string) {
+	fixDatasourceSchemaFlags(schema, false, keys...)
+}

scaleway/data_source_instance_security_group.go

@@ -0,0 +1,61 @@
+package scaleway
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/scaleway/scaleway-sdk-go/api/instance/v1"
+)
+
+func dataSourceScalewayInstanceSecurityGroup() *schema.Resource {
+	// Generate datasource schema from resource
+	dsSchema := datasourceSchemaFromResourceSchema(resourceScalewayInstanceSecurityGroup().Schema)
+
+	// Set 'Optional' schema elements
+	addOptionalFieldsToSchema(dsSchema, "name", "organization_id", "zone")
+
+	dsSchema["name"].ConflictsWith = []string{"security_group_id"}
+	dsSchema["security_group_id"] = &schema.Schema{
+		Type:          schema.TypeString,
+		Optional:      true,
+		Description:   "The ID of the security group",
+		ValidateFunc:  validationUUIDorUUIDWithLocality(),
+		ConflictsWith: []string{"name"},
+	}
+
+	return &schema.Resource{
+		Read: dataSourceScalewayInstanceSecurityGroupRead,
+
+		Schema: dsSchema,
+	}
+}
+
+func dataSourceScalewayInstanceSecurityGroupRead(d *schema.ResourceData, m interface{}) error {
+	meta := m.(*Meta)
+	instanceApi, zone, err := getInstanceAPIWithZone(d, meta)
+	if err != nil {
+		return err
+	}
+
+	securityGroupID, ok := d.GetOk("security_group_id")
+	if !ok {
+		res, err := instanceApi.ListSecurityGroups(&instance.ListSecurityGroupsRequest{
+			Zone: zone,
+			Name: String(d.Get("name").(string)),
+		})
+		if err != nil {
+			return err
+		}
+		if len(res.SecurityGroups) == 0 {
+			return fmt.Errorf("no security group found with the name %s", d.Get("name"))
+		}
+		if len(res.SecurityGroups) > 1 {
+			return fmt.Errorf("%d security groups found with the same name %s", len(res.SecurityGroups), d.Get("name"))
+		}
+		securityGroupID = res.SecurityGroups[0].ID
+	}
+
+	d.SetId(newZonedId(zone, expandID(securityGroupID)))
+	d.Set("security_group_id", d.Id())
+	return resourceScalewayInstanceSecurityGroupRead(d, m)
+}

scaleway/data_source_instance_security_group_test.go

@@ -0,0 +1,59 @@
+package scaleway
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccScalewayDataSourceInstanceSecurityGroup_Basic(t *testing.T) {
+	securityGroupName := acctest.RandString(10)
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckScalewayInstanceSecurityGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: `
+resource "scaleway_instance_security_group" "main" {
+	name 	   = "` + securityGroupName + `"
+}
+
+data "scaleway_instance_security_group" "prod" {
+	name = "${scaleway_instance_security_group.main.name}"
+}
+
+data "scaleway_instance_security_group" "stg" {
+	security_group_id = "${scaleway_instance_security_group.main.id}"
+}`,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckScalewayInstanceSecurityGroupExists("data.scaleway_instance_security_group.prod"),
+					resource.TestCheckResourceAttr("data.scaleway_instance_security_group.prod", "name", securityGroupName),
+					testAccCheckScalewayInstanceSecurityGroupExists("data.scaleway_instance_security_group.stg"),
+					resource.TestCheckResourceAttr("data.scaleway_instance_security_group.stg", "name", securityGroupName),
+				),
+			},
+			{
+				Config: `
+resource "scaleway_instance_security_group" "main" {
+	name 	   = "` + securityGroupName + `"
+}
+
+data "scaleway_instance_security_group" "prod" {
+	security_group_id = "${scaleway_instance_security_group.main.id}"
+}
+
+data "scaleway_instance_security_group" "stg" {
+	name = "${scaleway_instance_security_group.main.name}"
+}`,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckScalewayInstanceSecurityGroupExists("data.scaleway_instance_security_group.prod"),
+					resource.TestCheckResourceAttr("data.scaleway_instance_security_group.prod", "name", securityGroupName),
+					testAccCheckScalewayInstanceSecurityGroupExists("data.scaleway_instance_security_group.stg"),
+					resource.TestCheckResourceAttr("data.scaleway_instance_security_group.stg", "name", securityGroupName),
+				),
+			},
+		},
+	})
+}

scaleway/provider.go

@@ -216,11 +216,12 @@ func Provider() terraform.ResourceProvider {
 		},
 
 		DataSourcesMap: map[string]*schema.Resource{
-			"scaleway_bootscript":      dataSourceScalewayBootscript(),
-			"scaleway_image":           dataSourceScalewayImage(),
-			"scaleway_security_group":  dataSourceScalewaySecurityGroup(),
-			"scaleway_volume":          dataSourceScalewayVolume(),
-			"scaleway_account_ssh_key": dataSourceScalewayAccountSSHKey(),
+			"scaleway_bootscript":              dataSourceScalewayBootscript(),
+			"scaleway_image":                   dataSourceScalewayImage(),
+			"scaleway_security_group":          dataSourceScalewaySecurityGroup(),
+			"scaleway_volume":                  dataSourceScalewayVolume(),
+			"scaleway_account_ssh_key":         dataSourceScalewayAccountSSHKey(),
+			"scaleway_instance_security_group": dataSourceScalewayInstanceSecurityGroup(),
 		},
 	}
 

website/docs/d/account_ssh_key.html.markdown

@@ -34,5 +34,5 @@ data "scaleway_account_ssh_key" "my_key" {
 
 In addition to all above arguments, the following attributes are exported:
 
-- `id` - The ID of the server.
+- `id` - The ID of the SSH public key.
 - `public_key` - The SSH public key string

website/docs/d/instance_security_group.html.markdown

@@ -0,0 +1,60 @@
+---
+layout: "scaleway"
+page_title: "Scaleway: scaleway_security_group"
+description: |-
+  Gets information about a Security Group.
+---
+
+# scaleway_security_group
+
+Gets information about a Security Group.
+
+## Example Usage
+
+```hcl
+// Get info by security group name
+data "scaleway_instance_security_group" "my_key" {
+  name  = "my-security-group-name"
+}
+
+// Get info by security group id
+data "scaleway_instance_security_group" "my_key" {
+  security_group_id = "11111111-1111-1111-1111-111111111111"
+}
+```
+
+## Argument Reference
+
+- `name` - (Optional) The security group name. Only one of `name` and `security_group_id` should be specified.
+
+- `security_group_id` - (Optional) The security group id. Only one of `name` and `security_group_id` should be specified.
+
+- `zone` - (Defaults to [provider](../index.html#zone) `zone`) The [zone](../guides/regions_and_zones.html#zones) in which the security group should be created.
+
+- `organization_id` - (Defaults to [provider](../index.html#organization_id) `organization_id`) The ID of the organization the security group is associated with.
+
+## Attributes Reference
+
+In addition to all above arguments, the following attributes are exported:
+
+- `id` - The ID of the security group.
+
+- `inbound_default_policy` - The default policy on incoming traffic. Possible values are: `accept` or `drop`.
+
+- `outbound_default_policy` - The default policy on outgoing traffic. Possible values are: `accept` or `drop`.
+
+- `inbound_rule` - A list of inbound rule to add to the security group. (Structure is documented below.)
+
+- `outbound_rule` - A list of outbound rule to add to the security group. (Structure is documented below.)
+
+The `inbound_rule` and `outbound_rule` block supports:
+
+- `action` - The action to take when rule match. Possible values are: `accept` or `drop`.
+
+- `protocol`- The protocol this rule apply to. Possible values are: `TCP`, `UDP`, `ICMP` or `ANY`.
+
+- `port`- The port this rule apply to. If no port is specified, rule will apply to all port.
+
+- `ip`- The ip this rule apply to.
+
+- `ip_range`- The ip range (e.g `192.168.1.0/24`) this rule apply to.

website/docs/r/instance_security_group.html.markdown

@@ -104,9 +104,9 @@ The following arguments are supported:
 
 - `outbound_rule` - (Optional) A list of outbound rule to add to the security group. (Structure is documented below.)
 
-- `zone` - (Defaults to [provider](../index.html#zone) `zone`) The [zone](../guides/regions_and_zones.html#zones) in which the server should be created.
+- `zone` - (Defaults to [provider](../index.html#zone) `zone`) The [zone](../guides/regions_and_zones.html#zones) in which the security group should be created.
 
-- `organization_id` - (Defaults to [provider](../index.html#organization_id) `organization_id`) The ID of the project the server is associated with.
+- `organization_id` - (Defaults to [provider](../index.html#organization_id) `organization_id`) The ID of the project the security group is associated with.
 
 
 The `inbound_rule` and `outbound_rule` block supports:

website/scaleway.erb

@@ -71,7 +71,7 @@
               <a href="/docs/providers/scaleway/d/image.html">scaleway_image</a>
             </li>
             <li>
-              <a href="/docs/providers/scaleway/d/security_group.html">scaleway_security_group</a>
+              <a href="/docs/providers/scaleway/d/instance_security_group.html">scaleway_instance_security_group</a>
             </li>
             <li>
               <a href="/docs/providers/scaleway/d/volume.html">scaleway_volume</a>
@@ -168,6 +168,16 @@
             </li>
           </ul>
         </li>
+
+        <li>
+          <a href="#">Deprecated Data Sources</a>
+          <ul class="nav">
+            <li>
+              <a href="/docs/providers/scaleway/d/security_group.html">scaleway_security_group</a>
+            </li>
+          </ul>
+        </li>
+
       </ul>
     </div>
   <% end %>