Merge branch 'master' into vapp-routing

# Conflicts:
#	CHANGELOG.md
#	go.mod
#	go.sum
#	vendor/github.com/vmware/go-vcloud-director/v2/govcd/vapp_network.go
#	vendor/modules.txt

CHANGELOG.md

@@ -1,16 +1,16 @@
 ## 2.9.0 (Unreleased)
 FEATURES:
 
-* **New Resource:** `resource/vcd_vapp_firewall_rules` vApp network firewall rules [GH-511]
-* **New Resource:** `resource/vcd_vapp_nat_rules` vApp network NAT rules [GH-518]
-* **New Resource:** `resource/vcd_vapp_static_routing` vApp network static routing rules [GH-520]
-
-FEATURES:
-
+* **New Resource**: `vcd_vm_affinity_rule` VM affinity and anti-affinity rules [GH-514]
+* **New Data Source**: `vcd_vm_affinity_rule` VM affinity and anti-affinity rules [GH-514]
+* **New Resource:** `vcd_org_group` Org Group management [GH-513]
 * Add support for SAML auth with Active Directory Federation Services (ADFS) as IdP using
   "/adfs/services/trust/13/usernamemixed" endpoint usin auth_type="saml_adfs". [GH-504]
 * Add support for LDAP authentication using auth_type="integrated". [GH-504]
 * **New Resource:** `vcd_org_group` Org Group management [GH-513]
+* **New Resource:** `resource/vcd_vapp_firewall_rules` vApp network firewall rules [GH-511]
+* **New Resource:** `resource/vcd_vapp_nat_rules` vApp network NAT rules [GH-518]
+* **New Resource:** `resource/vcd_vapp_static_routing` vApp network static routing rules [GH-520]
 
 IMPROVEMENTS:
 

scripts/staticcheck-config.sh

@@ -1,4 +1,4 @@
 export STATICCHECK_URL=https://github.com/dominikh/go-tools/releases/download
-export STATICCHECK_VERSION=2020.1.3
+export STATICCHECK_VERSION=2020.1.4
 export STATICCHECK_FILE=staticcheck_linux_amd64.tar.gz
 

vcd/datasource_test.go

@@ -75,9 +75,8 @@ data "{{.DataSourceName}}" "not-existing" {
 func getMandatoryDataSourceSchemaFields(dataSourceName string) []string {
 	var mandatoryFields []string
 	schema := globalDataSourceMap[dataSourceName]
-	_, filterFound := schema.Schema["filter"]
 	for fieldName, fieldSchema := range schema.Schema {
-		if fieldSchema.Required || (filterFound && fieldName == "name") {
+		if fieldSchema.Required || (len(fieldSchema.ExactlyOneOf) > 0 && fieldSchema.ExactlyOneOf[0] == fieldName) {
 			mandatoryFields = append(mandatoryFields, fieldName)
 		}
 	}

vcd/datasource_vcd_catalog.go

@@ -19,9 +19,10 @@ func datasourceVcdCatalog() *schema.Resource {
 					"level. Useful when connected as sysadmin working across different organizations",
 			},
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "Name of the catalog. (Optional if 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				Description:  "Name of the catalog. (Optional if 'filter' is used)",
+				ExactlyOneOf: []string{"name", "filter"},
 			},
 			"created": &schema.Schema{
 				Type:        schema.TypeString,

vcd/datasource_vcd_catalog_item.go

@@ -18,9 +18,10 @@ func datasourceVcdCatalogItem() *schema.Resource {
 				Description: "catalog containing the item",
 			},
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "Name of the item. It is optional when a filter is provided",
+				Type:         schema.TypeString,
+				Optional:     true,
+				Description:  "Name of the item. It is optional when a filter is provided",
+				ExactlyOneOf: []string{"name", "filter"},
 			},
 			"description": &schema.Schema{
 				Type:     schema.TypeString,

vcd/datasource_vcd_catalog_media.go

@@ -21,9 +21,10 @@ func datasourceVcdCatalogMedia() *schema.Resource {
 				Description: "catalog name where upload the Media file",
 			},
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "media name (Optional when 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "filter"},
+				Description:  "media name (Optional when 'filter' is used)",
 			},
 			"description": &schema.Schema{
 				Type:     schema.TypeString,

vcd/datasource_vcd_edgegateway.go

@@ -8,9 +8,10 @@ func datasourceVcdEdgeGateway() *schema.Resource {
 
 		Schema: map[string]*schema.Schema{
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "name of the edge gateway. (Optional when 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "filter"},
+				Description:  "name of the edge gateway. (Optional when 'filter' is used)",
 			},
 			"org": &schema.Schema{
 				Type:     schema.TypeString,

vcd/datasource_vcd_network_direct.go

@@ -7,9 +7,10 @@ func datasourceVcdNetworkDirect() *schema.Resource {
 		Read: datasourceVcdNetworkDirectRead,
 		Schema: map[string]*schema.Schema{
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "A unique name for this network (optional if 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "filter"},
+				Description:  "A unique name for this network (optional if 'filter' is used)",
 			},
 			"org": {
 				Type:     schema.TypeString,

vcd/datasource_vcd_network_isolated.go

@@ -9,9 +9,10 @@ func datasourceVcdNetworkIsolated() *schema.Resource {
 		Read: datasourceVcdNetworkIsolatedRead,
 		Schema: map[string]*schema.Schema{
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "A unique name for this network (optional if 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "filter"},
+				Description:  "A unique name for this network (optional if 'filter' is used)",
 			},
 			"org": {
 				Type:     schema.TypeString,

vcd/datasource_vcd_network_routed.go

@@ -9,9 +9,10 @@ func datasourceVcdNetworkRouted() *schema.Resource {
 		Read: datasourceVcdNetworkRoutedRead,
 		Schema: map[string]*schema.Schema{
 			"name": &schema.Schema{
-				Type:        schema.TypeString,
-				Optional:    true,
-				Description: "A unique name for this network (optional if 'filter' is used)",
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "filter"},
+				Description:  "A unique name for this network (optional if 'filter' is used)",
 			},
 			"org": {
 				Type:     schema.TypeString,

vcd/datasource_vcd_vm_affinity_rule.go

@@ -0,0 +1,66 @@
+package vcd
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+)
+
+func datasourceVcdVmAffinityRule() *schema.Resource {
+	return &schema.Resource{
+		Read: datasourceVcdVmAffinityRuleRead,
+		Schema: map[string]*schema.Schema{
+			"org": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				Description: "The name of organization to use, optional if defined at provider " +
+					"level. Useful when connected as sysadmin working across different organizations",
+			},
+			"vdc": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				ForceNew:    true,
+				Description: "The name of VDC to use, optional if defined at provider level",
+			},
+			"name": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				ExactlyOneOf: []string{"name", "rule_id"},
+				Description:  "VM affinity rule name. Used to retrieve a rule only when the name is unique",
+			},
+			"rule_id": &schema.Schema{
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "VM affinity rule ID. It's the preferred way of identifying a rule",
+			},
+			"polarity": &schema.Schema{
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "One of 'Affinity', 'Anti-Affinity'",
+			},
+			"required": &schema.Schema{
+				Type:     schema.TypeBool,
+				Computed: true,
+				Description: "True if this affinity rule is required. When a rule is mandatory, " +
+					"a host failover will not power on the VM if doing so would violate the rule",
+			},
+			"enabled": &schema.Schema{
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "True if this affinity rule is enabled",
+			},
+			"virtual_machine_ids": {
+				Type:        schema.TypeSet,
+				Computed:    true,
+				Description: "Set of VM IDs assigned to this rule",
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+		},
+	}
+}
+
+// datasourceVcdVmAffinityRuleRead reads a data source VM affinity rule
+func datasourceVcdVmAffinityRuleRead(d *schema.ResourceData, meta interface{}) error {
+	return genericVcdVmAffinityRuleRead(d, meta, "datasource")
+}

vcd/provider.go

@@ -51,46 +51,48 @@ var globalDataSourceMap = map[string]*schema.Resource{
 	"vcd_nsxv_ip_set":        datasourceVcdIpSet(),            // 2.6
 	"vcd_vapp_network":       datasourceVcdVappNetwork(),      // 2.7
 	"vcd_vapp_org_network":   datasourceVcdVappOrgNetwork(),   // 2.7
+	"vcd_vm_affinity_rule":   datasourceVcdVmAffinityRule(),   // 2.9
 }
 
 var globalResourceMap = map[string]*schema.Resource{
-	"vcd_network":             resourceVcdNetwork(),                  // 1.0 DEPRECATED: replaced by vcd_network_routed
-	"vcd_network_routed":      resourceVcdNetworkRouted(),            // 2.0
-	"vcd_network_direct":      resourceVcdNetworkDirect(),            // 2.0
-	"vcd_network_isolated":    resourceVcdNetworkIsolated(),          // 2.0
-	"vcd_vapp_network":        resourceVcdVappNetwork(),              // 2.1
-	"vcd_vapp":                resourceVcdVApp(),                     // 1.0
-	"vcd_firewall_rules":      resourceVcdFirewallRules(),            // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_firewall_rule
-	"vcd_dnat":                resourceVcdDNAT(),                     // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_dnat
-	"vcd_snat":                resourceVcdSNAT(),                     // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_snat
-	"vcd_edgegateway":         resourceVcdEdgeGateway(),              // 2.4
-	"vcd_edgegateway_vpn":     resourceVcdEdgeGatewayVpn(),           // 1.0
-	"vcd_vapp_vm":             resourceVcdVAppVm(),                   // 1.0
-	"vcd_org":                 resourceOrg(),                         // 2.0
-	"vcd_org_vdc":             resourceVcdOrgVdc(),                   // 2.2
-	"vcd_org_user":            resourceVcdOrgUser(),                  // 2.4
-	"vcd_catalog":             resourceVcdCatalog(),                  // 2.0
-	"vcd_catalog_item":        resourceVcdCatalogItem(),              // 2.0
-	"vcd_catalog_media":       resourceVcdCatalogMedia(),             // 2.0
-	"vcd_inserted_media":      resourceVcdInsertedMedia(),            // 2.1
-	"vcd_independent_disk":    resourceVcdIndependentDisk(),          // 2.1
-	"vcd_external_network":    resourceVcdExternalNetwork(),          // 2.2
-	"vcd_lb_service_monitor":  resourceVcdLbServiceMonitor(),         // 2.4
-	"vcd_lb_server_pool":      resourceVcdLBServerPool(),             // 2.4
-	"vcd_lb_app_profile":      resourceVcdLBAppProfile(),             // 2.4
-	"vcd_lb_app_rule":         resourceVcdLBAppRule(),                // 2.4
-	"vcd_lb_virtual_server":   resourceVcdLBVirtualServer(),          // 2.4
-	"vcd_nsxv_dnat":           resourceVcdNsxvDnat(),                 // 2.5
-	"vcd_nsxv_snat":           resourceVcdNsxvSnat(),                 // 2.5
-	"vcd_nsxv_firewall_rule":  resourceVcdNsxvFirewallRule(),         // 2.5
-	"vcd_nsxv_dhcp_relay":     resourceVcdNsxvDhcpRelay(),            // 2.6
-	"vcd_nsxv_ip_set":         resourceVcdIpSet(),                    // 2.6
-	"vcd_vm_internal_disk":    resourceVmInternalDisk(),              // 2.7
-	"vcd_vapp_org_network":    resourceVcdVappOrgNetwork(),           // 2.7
-	"vcd_org_group":           resourceVcdOrgGroup(),                 // 2.9
-	"vcd_vapp_firewall_rules": resourceVcdVappFirewallRules(),        // 2.9
-	"vcd_vapp_nat_rules":      resourceVcdVappNetworkNatRules(),      // 2.9
-	"vcd_vapp_static_routing": resourceVcdVappNetworkStaticRouting(), // 2.9
+
+	"vcd_network":             resourceVcdNetwork(),             // 1.0 DEPRECATED: replaced by vcd_network_routed
+	"vcd_network_routed":      resourceVcdNetworkRouted(),       // 2.0
+	"vcd_network_direct":      resourceVcdNetworkDirect(),       // 2.0
+	"vcd_network_isolated":    resourceVcdNetworkIsolated(),     // 2.0
+	"vcd_vapp_network":        resourceVcdVappNetwork(),         // 2.1
+	"vcd_vapp":                resourceVcdVApp(),                // 1.0
+	"vcd_firewall_rules":      resourceVcdFirewallRules(),       // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_firewall_rule
+	"vcd_dnat":                resourceVcdDNAT(),                // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_dnat
+	"vcd_snat":                resourceVcdSNAT(),                // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_snat
+	"vcd_edgegateway":         resourceVcdEdgeGateway(),         // 2.4
+	"vcd_edgegateway_vpn":     resourceVcdEdgeGatewayVpn(),      // 1.0
+	"vcd_vapp_vm":             resourceVcdVAppVm(),              // 1.0
+	"vcd_org":                 resourceOrg(),                    // 2.0
+	"vcd_org_vdc":             resourceVcdOrgVdc(),              // 2.2
+	"vcd_org_user":            resourceVcdOrgUser(),             // 2.4
+	"vcd_catalog":             resourceVcdCatalog(),             // 2.0
+	"vcd_catalog_item":        resourceVcdCatalogItem(),         // 2.0
+	"vcd_catalog_media":       resourceVcdCatalogMedia(),        // 2.0
+	"vcd_inserted_media":      resourceVcdInsertedMedia(),       // 2.1
+	"vcd_independent_disk":    resourceVcdIndependentDisk(),     // 2.1
+	"vcd_external_network":    resourceVcdExternalNetwork(),     // 2.2
+	"vcd_lb_service_monitor":  resourceVcdLbServiceMonitor(),    // 2.4
+	"vcd_lb_server_pool":      resourceVcdLBServerPool(),        // 2.4
+	"vcd_lb_app_profile":      resourceVcdLBAppProfile(),        // 2.4
+	"vcd_lb_app_rule":         resourceVcdLBAppRule(),           // 2.4
+	"vcd_lb_virtual_server":   resourceVcdLBVirtualServer(),     // 2.4
+	"vcd_nsxv_dnat":           resourceVcdNsxvDnat(),            // 2.5
+	"vcd_nsxv_snat":           resourceVcdNsxvSnat(),            // 2.5
+	"vcd_nsxv_firewall_rule":  resourceVcdNsxvFirewallRule(),    // 2.5
+	"vcd_nsxv_dhcp_relay":     resourceVcdNsxvDhcpRelay(),       // 2.6
+	"vcd_nsxv_ip_set":         resourceVcdIpSet(),               // 2.6
+	"vcd_vm_internal_disk":    resourceVmInternalDisk(),         // 2.7
+	"vcd_vapp_org_network":    resourceVcdVappOrgNetwork(),      // 2.7
+	"vcd_org_group":           resourceVcdOrgGroup(),            // 2.9
+	"vcd_vapp_firewall_rules": resourceVcdVappFirewallRules(),   // 2.9
+	"vcd_vapp_nat_rules":      resourceVcdVappNetworkNatRules(), // 2.9
+	"vcd_vm_affinity_rule":    resourceVcdVmAffinityRule(),      // 2.9
 }
 
 // Provider returns a terraform.ResourceProvider.

vcd/resource_vcd_network_routed.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"fmt"
 	"log"
-	"regexp"
 	"strings"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/hashcode"
@@ -402,20 +401,6 @@ func getStaticIpPool(network *govcd.OrgVDCNetwork) []map[string]interface{} {
 	return staticIpPool
 }
 
-// hasSameUuid compares two IDs (or HREF)
-// and returns true if the UUID part of the two input strings are the same.
-// This is useful when comparing a HREF to a ID, or a HREF from an admin path
-// to a HREF from a regular user path.
-func haveSameUuid(s1, s2 string) bool {
-	reUuid := regexp.MustCompile(`/([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})$`)
-	s1List := reUuid.FindAllStringSubmatch(s1, -1)
-	s2List := reUuid.FindAllStringSubmatch(s2, -1)
-	if len(s1List) > 0 && len(s1List[0]) > 0 && len(s2List) > 0 && len(s2List[0]) > 0 {
-		return s1List[0][1] == s2List[0][1]
-	}
-	return false
-}
-
 // getDhcpFromEdgeGateway examines the edge gateway for a DHCP service
 // that is registered to the given network HREF.
 // Returns an array of string maps suitable to be passed to d.Set("dhcp_pool", value)