Cloudstack security group #9103
Conversation
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
af29ade
to
ca5f595
Compare
|
Requires xanzy/go-cloudstack#62 |
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
ca5f595
to
215bdf5
Compare
There was a problem hiding this comment.
Thanks for the PR @mcanevet! Looks pretty decent, but there are a few things that we should try to improve before we merge this one.
Next to the inline comments I think we should also make this resource be able to update the security groups. The CloudStack API allows us to do so, so why not offer that to our users as well?
But if needed I can add the update part, so don't worry about that for now. And for the other comments, please let me know if you need help with anything or if you think otherwise!
Thanks!
| ForceNew: true, | ||
| }, | ||
|
|
||
| "ingress_rules": &schema.Schema{ |
There was a problem hiding this comment.
Wouldn't it be easier to call this just rules and then have a parameter in the schema called traffic_type?
Have a look at this one as an example: https://github.com/hashicorp/terraform/blob/master/builtin/providers/cloudstack/resource_cloudstack_network_acl_rule.go
This way we can have both ingress and egress rules making sure people can configure what they need.
| Optional: true, | ||
| Elem: &schema.Resource{ | ||
| Schema: map[string]*schema.Schema{ | ||
| "cidr": &schema.Schema{ |
There was a problem hiding this comment.
cidr should be called cidr_list to stay consistent throughout the CloudStack provider.
| ForceNew: true, | ||
| }, | ||
|
|
||
| "start_port": &schema.Schema{ |
There was a problem hiding this comment.
start_port and end_port could be done a bit nicer and more inline with the other firewall related resources, like so: https://github.com/hashicorp/terraform/blob/master/builtin/providers/cloudstack/resource_cloudstack_network_acl_rule.go#L71-L76
I understand this will make the code in the resource a little bit more complex/advanced, but it offers a much better UX and it then stay consistent.
|
|
||
| param.SetSecuritygroupid(d.Id()) | ||
|
|
||
| if cidr, ok := rule["cidr"]; ok { |
There was a problem hiding this comment.
You don't have to run all these tests (if ... ; ok) here as they are required parameters. So they are guaranteed to be here.
mcanevet
force-pushed
the
cloudstack_security_group
branch
8 times, most recently
from
082c6fa
to
b0d0b3a
Compare
|
@svanharmelen I think I addressed all your comments. |
|
@svanharmelen I still have to find out how to specify a SG as source or destination of the rule : xanzy/go-cloudstack#64 |
|
I'm a bit short on time, but I'll try to have a look before the end of the week... |
|
@svanharmelen I can make I'm wondering if |
|
Requires xanzy/go-cloudstack#65 |
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
019d40e
to
1e6792e
Compare
|
@svanharmelen could you please review this? |
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
1e6792e
to
9c747f4
Compare
|
@mcanevet I've been a little overloaded, but have reserved time for this tomorrow. Will update you as soon as I had a look... |
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
9c747f4
to
7fe731f
Compare
|
@svanharmelen I updated this PR. It now works with latest go-cloudstack |
|
@mcanevet I'm just about to merge this PR, but there are 2 remaining points of attention.
If you have issues writing the acceptance tests, that's no problem. In that case I will add them in a separate PR right after merging this one. But for the docs, I would very much like you to write (at least the initial) docs to describe how this resource works and what parameters it uses. Writing the docs is really easy and not much work. If you start by making a copy of the Once the docs are added, I'll merge this PR and (if needed) add any tests and tweaks in an additional PR. Thanks... |
mcanevet
force-pushed
the
cloudstack_security_group
branch
from
7fe731f
to
f80fb6d
Compare
|
@svanharmelen Documentation added. I never wrote acceptance tests for Terraform, so could you please do it for me for now? I'll try to learn how to do it for next time. |
|
@mcanevet again thanks for your PR and your patience 😉 I still think this PR needs some work to make to up to spec with the other CloudStack resources, but I'll add the missing stuff in a separate PR later today so that by the end of the day we have a shiny new resource which will be in the next TF release 🎉 Thanks again! |
|
@mcanevet are you available anywhere online to a have a quick chat? IRC maybe (#terraform-tool)? Or an open Slack or Gitter channel that I can join? I'm refactoring some stuff and would like to better understand how the |
|
@mcanevet I see there is a Gitter channel as well: https://gitter.im/hashicorp-terraform/Lobby |
|
@mcanevet not sure if you're getting updates from gitter, but I send you some updates about the progress... |
|
@svanharmelen yes I received an email from gitter with your comments. I'll try to take some time today to test your modifications |
* Add cloudstack_security_group resource * Update github.com/xanzy/go-cloudstack/cloudstack * Add support for security_group * Add documentation for cloudstack_security_group
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
No description provided.