Add implementation for vapp network static routing rules resource

CHANGELOG.md

@@ -10,6 +10,7 @@ FEATURES:
 * **New Resource:** `vcd_org_group` Org Group management [GH-513]
 * **New Resource:** `resource/vcd_vapp_firewall_rules` vApp network firewall rules [GH-511]
 * **New Resource:** `resource/vcd_vapp_nat_rules` vApp network NAT rules [GH-518]
+* **New Resource:** `resource/vcd_vapp_static_routing` vApp network static routing rules [GH-520]
 
 IMPROVEMENTS:
 

go.mod

@@ -9,6 +9,8 @@ require (
 	github.com/hashicorp/hcl/v2 v2.3.0 // indirect
 	github.com/hashicorp/terraform-config-inspect v0.0.0-20191212124732-c6ae6269b9d7 // indirect
 	github.com/hashicorp/terraform-plugin-sdk v1.8.0
-	github.com/vmware/go-vcloud-director/v2 v2.8.0-beta.1
+	github.com/vmware/go-vcloud-director/v2 v2.8.0-alpha.8
 	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 // indirect
 )
+
+replace github.com/vmware/go-vcloud-director/v2 => github.com/vbauzysvmware/go-vcloud-director/v2 v2.0.0-20200623143755-b94e1a4fcc78

go.sum

@@ -207,12 +207,12 @@ github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok=
 github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
+github.com/vbauzysvmware/go-vcloud-director/v2 v2.0.0-20200623143755-b94e1a4fcc78 h1:Wgg0VqoXMVj1fC1srPgLL+8Mjvsz5hp0GsQ+f6jXcZY=
+github.com/vbauzysvmware/go-vcloud-director/v2 v2.0.0-20200623143755-b94e1a4fcc78/go.mod h1:QARPFI5EJce4Cs9g0gL5mlHGhdN7C40CyOqvh7c+RrA=
 github.com/vmihailenco/msgpack v3.3.3+incompatible h1:wapg9xDUZDzGCNFlwc5SqI1rvcciqcxEHac4CYj89xI=
 github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk=
 github.com/vmihailenco/msgpack v4.0.1+incompatible h1:RMF1enSPeKTlXrXdOcqjFUElywVZjjC6pqse21bKbEU=
 github.com/vmihailenco/msgpack v4.0.1+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk=
-github.com/vmware/go-vcloud-director/v2 v2.8.0-beta.1 h1:hP7wb+9A9jPxL2MYWgQlwyB0bOGzRnqK2q7PL/sa8Vc=
-github.com/vmware/go-vcloud-director/v2 v2.8.0-beta.1/go.mod h1:QARPFI5EJce4Cs9g0gL5mlHGhdN7C40CyOqvh7c+RrA=
 github.com/zclconf/go-cty v1.0.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s=
 github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s=
 github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8=

vcd/provider.go

@@ -56,43 +56,44 @@ var globalDataSourceMap = map[string]*schema.Resource{
 
 var globalResourceMap = map[string]*schema.Resource{
 
-	"vcd_network":             resourceVcdNetwork(),             // 1.0 DEPRECATED: replaced by vcd_network_routed
-	"vcd_network_routed":      resourceVcdNetworkRouted(),       // 2.0
-	"vcd_network_direct":      resourceVcdNetworkDirect(),       // 2.0
-	"vcd_network_isolated":    resourceVcdNetworkIsolated(),     // 2.0
-	"vcd_vapp_network":        resourceVcdVappNetwork(),         // 2.1
-	"vcd_vapp":                resourceVcdVApp(),                // 1.0
-	"vcd_firewall_rules":      resourceVcdFirewallRules(),       // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_firewall_rule
-	"vcd_dnat":                resourceVcdDNAT(),                // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_dnat
-	"vcd_snat":                resourceVcdSNAT(),                // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_snat
-	"vcd_edgegateway":         resourceVcdEdgeGateway(),         // 2.4
-	"vcd_edgegateway_vpn":     resourceVcdEdgeGatewayVpn(),      // 1.0
-	"vcd_vapp_vm":             resourceVcdVAppVm(),              // 1.0
-	"vcd_org":                 resourceOrg(),                    // 2.0
-	"vcd_org_vdc":             resourceVcdOrgVdc(),              // 2.2
-	"vcd_org_user":            resourceVcdOrgUser(),             // 2.4
-	"vcd_catalog":             resourceVcdCatalog(),             // 2.0
-	"vcd_catalog_item":        resourceVcdCatalogItem(),         // 2.0
-	"vcd_catalog_media":       resourceVcdCatalogMedia(),        // 2.0
-	"vcd_inserted_media":      resourceVcdInsertedMedia(),       // 2.1
-	"vcd_independent_disk":    resourceVcdIndependentDisk(),     // 2.1
-	"vcd_external_network":    resourceVcdExternalNetwork(),     // 2.2
-	"vcd_lb_service_monitor":  resourceVcdLbServiceMonitor(),    // 2.4
-	"vcd_lb_server_pool":      resourceVcdLBServerPool(),        // 2.4
-	"vcd_lb_app_profile":      resourceVcdLBAppProfile(),        // 2.4
-	"vcd_lb_app_rule":         resourceVcdLBAppRule(),           // 2.4
-	"vcd_lb_virtual_server":   resourceVcdLBVirtualServer(),     // 2.4
-	"vcd_nsxv_dnat":           resourceVcdNsxvDnat(),            // 2.5
-	"vcd_nsxv_snat":           resourceVcdNsxvSnat(),            // 2.5
-	"vcd_nsxv_firewall_rule":  resourceVcdNsxvFirewallRule(),    // 2.5
-	"vcd_nsxv_dhcp_relay":     resourceVcdNsxvDhcpRelay(),       // 2.6
-	"vcd_nsxv_ip_set":         resourceVcdIpSet(),               // 2.6
-	"vcd_vm_internal_disk":    resourceVmInternalDisk(),         // 2.7
-	"vcd_vapp_org_network":    resourceVcdVappOrgNetwork(),      // 2.7
-	"vcd_org_group":           resourceVcdOrgGroup(),            // 2.9
-	"vcd_vapp_firewall_rules": resourceVcdVappFirewallRules(),   // 2.9
-	"vcd_vapp_nat_rules":      resourceVcdVappNetworkNatRules(), // 2.9
-	"vcd_vm_affinity_rule":    resourceVcdVmAffinityRule(),      // 2.9
+	"vcd_network":             resourceVcdNetwork(),                  // 1.0 DEPRECATED: replaced by vcd_network_routed
+	"vcd_network_routed":      resourceVcdNetworkRouted(),            // 2.0
+	"vcd_network_direct":      resourceVcdNetworkDirect(),            // 2.0
+	"vcd_network_isolated":    resourceVcdNetworkIsolated(),          // 2.0
+	"vcd_vapp_network":        resourceVcdVappNetwork(),              // 2.1
+	"vcd_vapp":                resourceVcdVApp(),                     // 1.0
+	"vcd_firewall_rules":      resourceVcdFirewallRules(),            // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_firewall_rule
+	"vcd_dnat":                resourceVcdDNAT(),                     // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_dnat
+	"vcd_snat":                resourceVcdSNAT(),                     // 1.0 DEPRECATED: Use only for non-advanced edge gateway. Replaced by vcd_nsxv_snat
+	"vcd_edgegateway":         resourceVcdEdgeGateway(),              // 2.4
+	"vcd_edgegateway_vpn":     resourceVcdEdgeGatewayVpn(),           // 1.0
+	"vcd_vapp_vm":             resourceVcdVAppVm(),                   // 1.0
+	"vcd_org":                 resourceOrg(),                         // 2.0
+	"vcd_org_vdc":             resourceVcdOrgVdc(),                   // 2.2
+	"vcd_org_user":            resourceVcdOrgUser(),                  // 2.4
+	"vcd_catalog":             resourceVcdCatalog(),                  // 2.0
+	"vcd_catalog_item":        resourceVcdCatalogItem(),              // 2.0
+	"vcd_catalog_media":       resourceVcdCatalogMedia(),             // 2.0
+	"vcd_inserted_media":      resourceVcdInsertedMedia(),            // 2.1
+	"vcd_independent_disk":    resourceVcdIndependentDisk(),          // 2.1
+	"vcd_external_network":    resourceVcdExternalNetwork(),          // 2.2
+	"vcd_lb_service_monitor":  resourceVcdLbServiceMonitor(),         // 2.4
+	"vcd_lb_server_pool":      resourceVcdLBServerPool(),             // 2.4
+	"vcd_lb_app_profile":      resourceVcdLBAppProfile(),             // 2.4
+	"vcd_lb_app_rule":         resourceVcdLBAppRule(),                // 2.4
+	"vcd_lb_virtual_server":   resourceVcdLBVirtualServer(),          // 2.4
+	"vcd_nsxv_dnat":           resourceVcdNsxvDnat(),                 // 2.5
+	"vcd_nsxv_snat":           resourceVcdNsxvSnat(),                 // 2.5
+	"vcd_nsxv_firewall_rule":  resourceVcdNsxvFirewallRule(),         // 2.5
+	"vcd_nsxv_dhcp_relay":     resourceVcdNsxvDhcpRelay(),            // 2.6
+	"vcd_nsxv_ip_set":         resourceVcdIpSet(),                    // 2.6
+	"vcd_vm_internal_disk":    resourceVmInternalDisk(),              // 2.7
+	"vcd_vapp_org_network":    resourceVcdVappOrgNetwork(),           // 2.7
+	"vcd_org_group":           resourceVcdOrgGroup(),                 // 2.9
+	"vcd_vapp_firewall_rules": resourceVcdVappFirewallRules(),        // 2.9
+	"vcd_vapp_nat_rules":      resourceVcdVappNetworkNatRules(),      // 2.9
+	"vcd_vapp_static_routing": resourceVcdVappNetworkStaticRouting(), // 2.9
+	"vcd_vm_affinity_rule":    resourceVcdVmAffinityRule(),           // 2.9
 }
 
 // Provider returns a terraform.ResourceProvider.

vcd/resource_vcd_vapp_static_routing.go

@@ -0,0 +1,211 @@
+package vcd
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/vmware/go-vcloud-director/v2/types/v56"
+	"log"
+)
+
+func resourceVcdVappNetworkStaticRouting() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceVappNetworkStaticRoutingCreate,
+		Delete: resourceVAppNetworkStaticRoutingDelete,
+		Read:   resourceVappNetworkStaticRoutingRead,
+		Update: resourceVappNetworkStaticRoutingUpdate,
+		Importer: &schema.ResourceImporter{
+			State: vappNetworkStaticRoutingImport,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"org": {
+				Type:     schema.TypeString,
+				Required: false,
+				Optional: true,
+				ForceNew: true,
+				Description: "The name of organization to use, optional if defined at provider " +
+					"level. Useful when connected as sysadmin working across different organizations",
+			},
+			"vdc": {
+				Type:        schema.TypeString,
+				Required:    false,
+				Optional:    true,
+				ForceNew:    true,
+				Description: "The name of VDC to use, optional if defined at provider level",
+			},
+			"vapp_id": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "vApp identifier",
+			},
+			"network_id": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "vApp network identifier",
+			},
+			"enabled": &schema.Schema{
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     true,
+				Description: "Enable or disable static Routing.",
+			},
+			"rule": &schema.Schema{
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"name": &schema.Schema{
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "Name for the static route.",
+						},
+						"network_cidr": &schema.Schema{
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "network specification in CIDR.",
+						},
+						"next_hop_ip": &schema.Schema{
+							Type:        schema.TypeString,
+							Required:    true,
+							Description: "IP Address of Next Hop router/gateway.",
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceVappNetworkStaticRoutingCreate(d *schema.ResourceData, meta interface{}) error {
+	return resourceVappNetworkStaticRoutingUpdate(d, meta)
+}
+
+func resourceVappNetworkStaticRoutingUpdate(d *schema.ResourceData, meta interface{}) error {
+	vcdClient := meta.(*VCDClient)
+
+	_, vdc, err := vcdClient.GetOrgAndVdcFromResource(d)
+	if err != nil {
+		return fmt.Errorf(errorRetrievingOrgAndVdc, err)
+	}
+
+	vappId := d.Get("vapp_id").(string)
+	vapp, err := vdc.GetVAppById(vappId, false)
+	if err != nil {
+		return fmt.Errorf("error finding vApp. %s", err)
+	}
+	vcdClient.lockParentVappWithName(d, vapp.VApp.Name)
+	defer vcdClient.unLockParentVappWithName(d, vapp.VApp.Name)
+
+	networkId := d.Get("network_id").(string)
+	staticRouting, err := expandVappNetworkStaticRouting(d)
+	if err != nil {
+		return fmt.Errorf("error expanding static routes: %s", err)
+	}
+	vappNetwork, err := vapp.UpdateNetworkStaticRouting(networkId, staticRouting, d.Get("enabled").(bool))
+	if err != nil {
+		log.Printf("[INFO] Error setting static routing: %s", err)
+		return fmt.Errorf("error setting static routing: %s", err)
+	}
+
+	d.SetId(vappNetwork.ID)
+
+	return resourceVappNetworkStaticRoutingRead(d, meta)
+}
+
+func resourceVAppNetworkStaticRoutingDelete(d *schema.ResourceData, meta interface{}) error {
+	vcdClient := meta.(*VCDClient)
+
+	_, vdc, err := vcdClient.GetOrgAndVdcFromResource(d)
+	if err != nil {
+		return fmt.Errorf(errorRetrievingOrgAndVdc, err)
+	}
+
+	vappId := d.Get("vapp_id").(string)
+	vapp, err := vdc.GetVAppById(vappId, false)
+	if err != nil {
+		return fmt.Errorf("error finding vApp. %s", err)
+	}
+
+	vcdClient.lockParentVappWithName(d, vapp.VApp.Name)
+	defer vcdClient.unLockParentVappWithName(d, vapp.VApp.Name)
+
+	err = vapp.RemoveAllNetworkStaticRoutes(d.Get("network_id").(string))
+	if err != nil {
+		log.Printf("[INFO] Error deleting static routes: %s", err)
+		return fmt.Errorf("error deleting static routes: %s", err)
+	}
+
+	return nil
+}
+
+func resourceVappNetworkStaticRoutingRead(d *schema.ResourceData, meta interface{}) error {
+	vcdClient := meta.(*VCDClient)
+
+	_, vdc, err := vcdClient.GetOrgAndVdcFromResource(d)
+	if err != nil {
+		return fmt.Errorf(errorRetrievingOrgAndVdc, err)
+	}
+
+	vappId := d.Get("vapp_id").(string)
+	vapp, err := vdc.GetVAppById(vappId, false)
+	if err != nil {
+		return fmt.Errorf("error finding vApp. %s", err)
+	}
+
+	vappNetwork, err := vapp.GetVappNetworkById(d.Get("network_id").(string), false)
+	if err != nil {
+		return fmt.Errorf("error finding vApp network. %s", err)
+	}
+
+	var rules []map[string]interface{}
+	if vappNetwork.Configuration.Features == nil || vappNetwork.Configuration.Features.StaticRoutingService == nil {
+		log.Print("no Static routes found.")
+		_ = d.Set("rule", nil)
+	}
+
+	for _, rule := range vappNetwork.Configuration.Features.StaticRoutingService.StaticRoute {
+		singleRule := make(map[string]interface{})
+
+		singleRule["name"] = rule.Name
+		singleRule["network_cidr"] = rule.Network
+		singleRule["next_hop_ip"] = rule.NextHopIP
+		rules = append(rules, singleRule)
+	}
+	_ = d.Set("enabled", vappNetwork.Configuration.Features.StaticRoutingService.IsEnabled)
+	_ = d.Set("rule", rules)
+	return nil
+}
+
+func expandVappNetworkStaticRouting(d *schema.ResourceData) ([]*types.StaticRoute, error) {
+	var staticRoutes []*types.StaticRoute
+	for _, singleRule := range d.Get("rule").([]interface{}) {
+		configuredRule := singleRule.(map[string]interface{})
+		rule := &types.StaticRoute{
+			Network:   configuredRule["network_cidr"].(string),
+			Name:      configuredRule["name"].(string),
+			NextHopIP: configuredRule["next_hop_ip"].(string),
+		}
+		staticRoutes = append(staticRoutes, rule)
+	}
+
+	return staticRoutes, nil
+}
+
+// vappNetworkStaticRoutingImport is responsible for importing the resource.
+// The following steps happen as part of import
+// 1. The user supplies `terraform import _resource_name_ _the_id_string_` command
+// 2. `_the_id_string_` contains a dot formatted path to resource as in the example below
+// 3. The functions splits the dot-formatted path and tries to lookup the object
+// 4. If the lookup succeeds it set's the ID field for `_resource_name_` resource in state file
+// (the resource must be already defined in .tf config otherwise `terraform import` will complain)
+// 5. `terraform refresh` is being implicitly launched. The Read method looks up all other fields
+// based on the known ID of object.
+//
+// Example resource name (_resource_name_): vcd_vapp_static_routing.my_existing_static_routing_rules
+// Example import path (_the_id_string_): org.my_existing_vdc.vapp_name.network_name or org.my_existing_vdc.vapp_id.network_id
+// Note: the separator can be changed using Provider.import_separator or variable VCD_IMPORT_SEPARATOR
+func vappNetworkStaticRoutingImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	return vappNetworkRuleImport(d, meta, "vcd_vapp_static_routing")
+}