Add mariadb_firewall_rule resource

hashicorp · Jun 23, 2019 · ca2681c · ca2681c
1 parent c5c02cd
commit ca2681c
Show file tree

Hide file tree

Showing 6 changed files with 420 additions and 0 deletions.
diff --git a/azurerm/config.go b/azurerm/config.go
@@ -188,6 +188,7 @@ type ArmClient struct {
 
 	// Databases
 	mariadbDatabasesClient                   mariadb.DatabasesClient
+	mariadbFirewallRulesClient               mariadb.FirewallRulesClient
 	mariadbServersClient                     mariadb.ServersClient
 	mysqlConfigurationsClient                mysql.ConfigurationsClient
 	mysqlDatabasesClient                     mysql.DatabasesClient
@@ -548,6 +549,10 @@ func (c *ArmClient) registerDatabases(endpoint, subscriptionId string, auth auto
 	c.configureClient(&mariadbDBClient.Client, auth)
 	c.mariadbDatabasesClient = mariadbDBClient
 
+	mariadbFWClient := mariadb.NewFirewallRulesClientWithBaseURI(endpoint, subscriptionId)
+	c.configureClient(&mariadbFWClient.Client, auth)
+	c.mariadbFirewallRulesClient = mariadbFWClient
+
 	mariadbServersClient := mariadb.NewServersClientWithBaseURI(endpoint, subscriptionId)
 	c.configureClient(&mariadbServersClient.Client, auth)
 	c.mariadbServersClient = mariadbServersClient

diff --git a/azurerm/provider.go b/azurerm/provider.go
@@ -334,6 +334,7 @@ func Provider() terraform.ResourceProvider {
 			"azurerm_management_group":                                   resourceArmManagementGroup(),
 			"azurerm_management_lock":                                    resourceArmManagementLock(),
 			"azurerm_mariadb_database":                                   resourceArmMariaDbDatabase(),
+			"azurerm_mariadb_firewall_rule":                              resourceArmMariaDBFirewallRule(),
 			"azurerm_mariadb_server":                                     resourceArmMariaDbServer(),
 			"azurerm_media_services_account":                             resourceArmMediaServicesAccount(),
 			"azurerm_metric_alertrule":                                   resourceArmMetricAlertRule(),

diff --git a/azurerm/resource_arm_mariadb_firewall_rule.go b/azurerm/resource_arm_mariadb_firewall_rule.go
@@ -0,0 +1,154 @@
+package azurerm
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/Azure/azure-sdk-for-go/services/mariadb/mgmt/2018-06-01/mariadb"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmMariaDBFirewallRule() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmMariaDBFirewallRuleCreateUpdate,
+		Read:   resourceArmMariaDBFirewallRuleRead,
+		Update: resourceArmMariaDBFirewallRuleCreateUpdate,
+		Delete: resourceArmMariaDBFirewallRuleDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupName(),
+
+			"server_name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"start_ip_address": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"end_ip_address": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func resourceArmMariaDBFirewallRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).mariadbFirewallRulesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	log.Printf("[INFO] preparing arguments for AzureRM MariaDB Firewall Rule creation.")
+
+	name := d.Get("name").(string)
+	resourceGroup := d.Get("resource_group_name").(string)
+	serverName := d.Get("server_name").(string)
+	startIPAddress := d.Get("start_ip_address").(string)
+	endIPAddress := d.Get("end_ip_address").(string)
+
+	if requireResourcesToBeImported && d.IsNewResource() {
+		existing, err := client.Get(ctx, resourceGroup, serverName, name)
+		if err != nil {
+			if !utils.ResponseWasNotFound(existing.Response) {
+				return fmt.Errorf("Error checking for presence of existing MariaDB Firewall Rule %q (resource group %q, server name %q): %v", name, resourceGroup, serverName, err)
+			}
+		}
+
+		if existing.ID != nil && *existing.ID != "" {
+			return tf.ImportAsExistsError("azurerm_mariadb_firewall_rule", *existing.ID)
+		}
+	}
+
+	properties := mariadb.FirewallRule{
+		FirewallRuleProperties: &mariadb.FirewallRuleProperties{
+			StartIPAddress: utils.String(startIPAddress),
+			EndIPAddress:   utils.String(endIPAddress),
+		},
+	}
+
+	future, err := client.CreateOrUpdate(ctx, resourceGroup, serverName, name, properties)
+	if err != nil {
+		return fmt.Errorf("Error issuing create/update request for MariaDB Firewall Rule %q (resource group %q, server name %q): %v", name, resourceGroup, serverName, err)
+	}
+
+	if err = future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("Error waiting onf create/update future for MariaDB Firewall Rule %q (resource group %q, server name %q): %v", name, resourceGroup, serverName, err)
+	}
+
+	read, err := client.Get(ctx, resourceGroup, serverName, name)
+	if err != nil {
+		return fmt.Errorf("Error issuing get request for MariaDB Firewall Rule %q (resource group %q, server name %q): %v", name, resourceGroup, serverName, err)
+	}
+	if read.ID == nil {
+		return fmt.Errorf("Cannot read MariaDB Firewall Rule %q (Gesource Group %q) ID", name, resourceGroup)
+	}
+
+	d.SetId(*read.ID)
+
+	return resourceArmMariaDBFirewallRuleRead(d, meta)
+}
+
+func resourceArmMariaDBFirewallRuleRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).mariadbFirewallRulesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	serverName := id.Path["servers"]
+	name := id.Path["firewallRules"]
+
+	resp, err := client.Get(ctx, resourceGroup, serverName, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			d.SetId("")
+			return nil
+		}
+		return fmt.Errorf("Error making Read request on Azure MariaDB Firewall Rule %q (Resource Group %q): %+v", name, resourceGroup, err)
+	}
+
+	d.Set("name", resp.Name)
+	d.Set("resource_group_name", resourceGroup)
+	d.Set("server_name", serverName)
+	d.Set("start_ip_address", resp.StartIPAddress)
+	d.Set("end_ip_address", resp.EndIPAddress)
+
+	return nil
+}
+
+func resourceArmMariaDBFirewallRuleDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).mariadbFirewallRulesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	serverName := id.Path["servers"]
+	name := id.Path["firewallRules"]
+
+	future, err := client.Delete(ctx, resourceGroup, serverName, name)
+	if err != nil {
+		return err
+	}
+
+	return future.WaitForCompletionRef(ctx, client.Client)
+}
diff --git a/azurerm/resource_arm_mariadb_firewall_rule_test.go b/azurerm/resource_arm_mariadb_firewall_rule_test.go
@@ -0,0 +1,175 @@
+package azurerm
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func TestAccAzureRMMariaDBFirewallRule_basic(t *testing.T) {
+	resourceName := "azurerm_mariadb_firewall_rule.test"
+	ri := tf.AccRandTimeInt()
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMMariaDBFirewallRuleDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMMariaDBFirewallRule_basic(ri, testLocation()),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMMariaDBFirewallRuleExists(resourceName),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccAzureRMMariaDBFirewallRule_requiresImport(t *testing.T) {
+	if !requireResourcesToBeImported {
+		t.Skip("Skipping since resources aren't required to be imported")
+		return
+	}
+
+	resourceName := "azurerm_mariadb_firewall_rule.test"
+	ri := tf.AccRandTimeInt()
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMMariaDBFirewallRuleDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMMariaDBFirewallRule_basic(ri, testLocation()),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMMariaDBFirewallRuleExists(resourceName),
+				),
+			},
+			{
+				Config:      testAccAzureRMMariaDBFirewallRule_requiresImport(ri, testLocation()),
+				ExpectError: testRequiresImportError("azurerm_mariadb_firewall_rule"),
+			},
+		},
+	})
+}
+
+func testCheckAzureRMMariaDBFirewallRuleExists(resourceName string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		// Ensure we have enough information in state to look up in API
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return fmt.Errorf("Not found: %s", resourceName)
+		}
+
+		name := rs.Primary.Attributes["name"]
+		serverName := rs.Primary.Attributes["server_name"]
+		resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"]
+		if !hasResourceGroup {
+			return fmt.Errorf("Bad: no resource group found in state for MariaDB Firewall Rule: %s", name)
+		}
+
+		client := testAccProvider.Meta().(*ArmClient).mariadbFirewallRulesClient
+		ctx := testAccProvider.Meta().(*ArmClient).StopContext
+
+		resp, err := client.Get(ctx, resourceGroup, serverName, name)
+		if err != nil {
+			if utils.ResponseWasNotFound(resp.Response) {
+				return fmt.Errorf("Bad: MariaDB Firewall Rule %q (server %q resource group: %q) does not exist", name, serverName, resourceGroup)
+			}
+			return fmt.Errorf("Bad: Get on mariadbFirewallRulesClient: %s", err)
+		}
+
+		return nil
+	}
+}
+
+func testCheckAzureRMMariaDBFirewallRuleDestroy(s *terraform.State) error {
+	client := testAccProvider.Meta().(*ArmClient).mariadbDatabasesClient
+	ctx := testAccProvider.Meta().(*ArmClient).StopContext
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "azurerm_mariadb_firewall_rule" {
+			continue
+		}
+
+		name := rs.Primary.Attributes["name"]
+		serverName := rs.Primary.Attributes["server_name"]
+		resourceGroup := rs.Primary.Attributes["resource_group_name"]
+
+		resp, err := client.Get(ctx, resourceGroup, serverName, name)
+
+		if err != nil {
+			if utils.ResponseWasNotFound(resp.Response) {
+				return nil
+			}
+
+			return fmt.Errorf("MariaDB Firewall Rule still exists:\n%#v", resp)
+		}
+	}
+
+	return nil
+}
+
+func testAccAzureRMMariaDBFirewallRule_basic(rInt int, location string) string {
+	return fmt.Sprintf(`
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_mariadb_server" "test" {
+  name                = "acctestmariadbsvr-%d"
+  location            = "${azurerm_resource_group.test.location}"
+  resource_group_name = "${azurerm_resource_group.test.name}"
+
+  sku {
+    name     = "GP_Gen5_2"
+    capacity = 2
+    tier     = "GeneralPurpose"
+    family   = "Gen5"
+  }
+
+  storage_profile {
+    storage_mb            = 51200
+    backup_retention_days = 7
+    geo_redundant_backup  = "Disabled"
+  }
+
+  administrator_login          = "acctestun"
+  administrator_login_password = "H@Sh1CoR3!"
+  version                      = "10.2"
+  ssl_enforcement              = "Enabled"
+}
+
+resource "azurerm_mariadb_firewall_rule" "test" {
+  name                = "acctestfwrule-%d"
+  resource_group_name = "${azurerm_resource_group.test.name}"
+  server_name         = "${azurerm_mariadb_server.test.name}"
+  start_ip_address    = "0.0.0.0"
+  end_ip_address      = "255.255.255.255"
+}
+`, rInt, location, rInt, rInt)
+}
+
+func testAccAzureRMMariaDBFirewallRule_requiresImport(rInt int, location string) string {
+	return fmt.Sprintf(`
+%s
+
+resource "azurerm_mariadb_firewall_rule" "import" {
+  name                = "${azurerm_mariadb_firewall_rule.test.name}"
+  resource_group_name = "${azurerm_mariadb_firewall_rule.test.resource_group_name}"
+  server_name         = "${azurerm_mariadb_firewall_rule.test.server_name}"
+  start_ip_address    = "${azurerm_mariadb_firewall_rule.test.start_ip_address}"
+  end_ip_address      = "${azurerm_mariadb_firewall_rule.test.end_ip_address}"
+}
+`, testAccAzureRMMariaDBFirewallRule_basic(rInt, location))
+}
diff --git a/website/azurerm.erb b/website/azurerm.erb
@@ -733,6 +733,10 @@
                   <a href="/docs/providers/azurerm/r/mariadb_database.html">azurerm_mariadb_database</a>
                 </li>
 
+                <li>
+                  <a href="/docs/providers/azurerm/r/mysql_firewall_rule.html">azurerm_mysql_firewall_rule</a>
+                </li>
+
                 <li>
                   <a href="/docs/providers/azurerm/r/mariadb_server.html">azurerm_mariadb_server</a>
                 </li>