Skip to content

Commit

Permalink
Merge branch 'master' into config-aggregator-terraform-changes
Browse files Browse the repository at this point in the history
  • Loading branch information
Ramya-c4 committed Sep 27, 2024
2 parents c9c67d1 + c0251dc commit d49a324
Show file tree
Hide file tree
Showing 8 changed files with 397 additions and 11 deletions.
4 changes: 4 additions & 0 deletions ibm/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -1410,6 +1410,9 @@ func Provider() *schema.Provider {
"ibm_resource_tag": globaltagging.ResourceIBMResourceTag(),
"ibm_resource_access_tag": globaltagging.ResourceIBMResourceAccessTag(),

// Added for Iam Access Tag
"ibm_iam_access_tag": globaltagging.ResourceIBMIamAccessTag(),

// Atracker
"ibm_atracker_target": atracker.ResourceIBMAtrackerTarget(),
"ibm_atracker_route": atracker.ResourceIBMAtrackerRoute(),
Expand Down Expand Up @@ -1899,6 +1902,7 @@ func Validator() validate.ValidatorDict {
"ibm_is_virtual_endpoint_gateway": vpc.ResourceIBMISEndpointGatewayValidator(),
"ibm_resource_tag": globaltagging.ResourceIBMResourceTagValidator(),
"ibm_resource_access_tag": globaltagging.ResourceIBMResourceAccessTagValidator(),
"ibm_iam_access_tag": globaltagging.ResourceIBMIamAccessTagValidator(),
"ibm_satellite_location": satellite.ResourceIBMSatelliteLocationValidator(),
"ibm_satellite_cluster": satellite.ResourceIBMSatelliteClusterValidator(),
"ibm_pi_volume": power.ResourceIBMPIVolumeValidator(),
Expand Down
173 changes: 173 additions & 0 deletions ibm/service/globaltagging/resource_ibm_iam_access_tag.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,173 @@
// Copyright IBM Corp. 2017, 2024 All Rights Reserved.
// Licensed under the Mozilla Public License v2.0

package globaltagging

import (
"context"
"encoding/json"
"fmt"
"log"

"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate"
"github.com/IBM/platform-services-go-sdk/globaltaggingv1"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func ResourceIBMIamAccessTag() *schema.Resource {
return &schema.Resource{
CreateContext: resourceIBMIamAccessTagCreate,
ReadContext: resourceIBMIamAccessTagRead,
DeleteContext: resourceIBMIamAccessTagDelete,
Importer: &schema.ResourceImporter{},

Schema: map[string]*schema.Schema{

"name": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validate.InvokeValidator("ibm_iam_access_tag", "name"),
Set: flex.ResourceIBMVPCHash,
Description: "Name of the access tag",
},
tagType: {
Type: schema.TypeString,
Computed: true,
Description: "Type of the tag(access)",
},
},
}
}

func ResourceIBMIamAccessTagValidator() *validate.ResourceValidator {

validateSchema := make([]validate.ValidateSchema, 0)

validateSchema = append(validateSchema,
validate.ValidateSchema{
Identifier: "name",
ValidateFunctionIdentifier: validate.ValidateRegexpLen,
Type: validate.TypeString,
Required: true,
Regexp: `^([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-]):([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-])$`,
MinValueLength: 1,
MaxValueLength: 128})

ibmIamAccessTagValidator := validate.ResourceValidator{ResourceName: "ibm_iam_access_tag", Schema: validateSchema}
return &ibmIamAccessTagValidator
}

func resourceIBMIamAccessTagCreate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {

gtClient, err := meta.(conns.ClientSession).GlobalTaggingAPIv1()
if err != nil {
tfErr := flex.TerraformErrorf(err, err.Error(), "ibm_iam_access_tag", "create")
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
return tfErr.GetDiag()
}

tagName := d.Get("name").(string)
add := make([]string, 0)
add = append(add, tagName)
accessTagType := "access"
createTagOptions := &globaltaggingv1.CreateTagOptions{
TagType: &accessTagType,
TagNames: add,
}
results, _, err := gtClient.CreateTagWithContext(context, createTagOptions)
if err != nil {
tfErr := flex.TerraformErrorf(err, err.Error(), "ibm_iam_access_tag", "create")
return tfErr.GetDiag()
}
if results != nil {
errMap := make([]globaltaggingv1.CreateTagResultsResultsItem, 0)
for _, res := range results.Results {
if res.IsError != nil && *res.IsError {
errMap = append(errMap, res)
}
}
if len(errMap) > 0 {
output, _ := json.MarshalIndent(errMap, "", " ")
return diag.FromErr(fmt.Errorf("Error while creating access tag(%s) : %s", tagName, string(output)))
}
}

d.SetId(tagName)
d.Set(tagType, accessTagType)

return nil
}

func resourceIBMIamAccessTagRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
tagName := d.Id()
gtClient, err := meta.(conns.ClientSession).GlobalTaggingAPIv1()
if err != nil {
tfErr := flex.TerraformErrorf(err, err.Error(), "ibm_iam_access_tag", "read")
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
return tfErr.GetDiag()
}
accessTagType := "access"
listTagsOptions := &globaltaggingv1.ListTagsOptions{
TagType: &accessTagType,
}
taggingResult, _, err := gtClient.ListTagsWithContext(context, listTagsOptions)
if err != nil {
tfErr := flex.TerraformErrorf(err, err.Error(), "ibm_iam_access_tag", "read")
return tfErr.GetDiag()
}

var taglist []string
for _, item := range taggingResult.Items {
taglist = append(taglist, *item.Name)
}
existingAccessTags := flex.NewStringSet(flex.ResourceIBMVPCHash, taglist)
if !existingAccessTags.Contains(tagName) {
d.SetId("")
return nil
}
d.Set("name", tagName)
d.Set(tagType, accessTagType)
return nil
}

func resourceIBMIamAccessTagDelete(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {

gtClient, err := meta.(conns.ClientSession).GlobalTaggingAPIv1()
if err != nil {
tfErr := flex.TerraformErrorf(err, err.Error(), "ibm_iam_access_tag", "update")
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
return tfErr.GetDiag()
}
tagName := d.Get("name").(string)
accessTagType := "access"

deleteTagOptions := &globaltaggingv1.DeleteTagOptions{
TagName: &tagName,
TagType: &accessTagType,
}

results, resp, err := gtClient.DeleteTagWithContext(context, deleteTagOptions)

if err != nil {
return diag.FromErr(fmt.Errorf("Error while deleting access tag calling api (%s) : %v\n%v", tagName, err, resp))
}
if results != nil {
errMap := make([]globaltaggingv1.DeleteTagResultsItem, 0)
for _, res := range results.Results {
if res.IsError != nil && *res.IsError {
errMap = append(errMap, res)
}
}
if len(errMap) > 0 {
output, _ := json.MarshalIndent(errMap, "", " ")
return diag.FromErr(fmt.Errorf("Error while deleting access tag in results (%s) : %s", tagName, string(output)))
}
}

d.SetId("")
return nil
}
147 changes: 147 additions & 0 deletions ibm/service/globaltagging/resource_ibm_iam_access_tag_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
// Copyright IBM Corp. 2017, 2024 All Rights Reserved.
// Licensed under the Mozilla Public License v2.0

package globaltagging_test

import (
"fmt"
"regexp"
"testing"

acc "github.com/IBM-Cloud/terraform-provider-ibm/ibm/acctest"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/conns"
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
"github.com/IBM/platform-services-go-sdk/globaltaggingv1"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
)

const (
iamAccessTagRegex = "^([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-]):([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-])$"
)

func TestAccIamAccessTag_Basic(t *testing.T) {
name := fmt.Sprintf("tf%d:iam-access%d", acctest.RandIntRange(10, 100), acctest.RandIntRange(10, 100))

resource.Test(t, resource.TestCase{
PreCheck: func() { acc.TestAccPreCheck(t) },
Providers: acc.TestAccProviders,
Steps: []resource.TestStep{

resource.TestStep{
Config: testAccCheckIamAccessTagCreate(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckIamAccessTagExists("ibm_iam_access_tag.tag"),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "id", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "name", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "tag_type", "access"),
),
},
},
})
}
func TestAccIamAccessTag_Usage(t *testing.T) {
name := fmt.Sprintf("tf%d:iam-access%d", acctest.RandIntRange(10, 100), acctest.RandIntRange(10, 100))
resource.Test(t, resource.TestCase{
PreCheck: func() { acc.TestAccPreCheck(t) },
Providers: acc.TestAccProviders,
Steps: []resource.TestStep{

resource.TestStep{
Config: testAccCheckIamAccessTagCreate(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckIamAccessTagExists("ibm_iam_access_tag.tag"),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "id", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "name", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "tag_type", "access"),
),
},
resource.TestStep{
Config: testAccCheckIamAccessTagUsage(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckIamAccessTagExists("ibm_iam_access_tag.tag"),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "id", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "name", name),
resource.TestCheckResourceAttr("ibm_iam_access_tag.tag", "tag_type", "access"),
testAccCheckResourceTagExists("ibm_resource_tag.tag"),
resource.TestCheckResourceAttr("ibm_resource_tag.tag", "tags.#", "1"),
resource.TestCheckResourceAttr("ibm_resource_tag.tag", "tags.0", name),
resource.TestCheckResourceAttr("ibm_resource_tag.tag", "tag_type", "access"),
),
},
},
})
}

func testAccCheckIamAccessTagExists(n string) resource.TestCheckFunc {
return func(s *terraform.State) error {
var tagName string
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}

iamAccessTagRegex, err := regexp.Compile(iamAccessTagRegex)
if err != nil {
return err
}

if iamAccessTagRegex.MatchString(rs.Primary.ID) {
tagName = rs.Primary.ID
}

gtClient, err := acc.TestAccProvider.Meta().(conns.ClientSession).GlobalTaggingAPIv1()
if err != nil {
return fmt.Errorf("Error getting global tagging client settings: %s", err)
}
accessTagType := "access"
listTagsOptions := &globaltaggingv1.ListTagsOptions{
TagType: &accessTagType,
}
taggingResult, _, err := gtClient.ListTags(listTagsOptions)
if err != nil {
return err
}

var taglist []string
for _, item := range taggingResult.Items {
taglist = append(taglist, *item.Name)
}
existingAccessTags := flex.NewStringSet(flex.ResourceIBMVPCHash, taglist)
if !existingAccessTags.Contains(tagName) {
return fmt.Errorf(
"Error on get of resource tags (%s) : %s", tagName, err)
}
return nil
}
}

func testAccCheckIamAccessTagCreate(name string) string {
return fmt.Sprintf(`
resource "ibm_iam_access_tag" "tag" {
name = "%s"
}
`, name)
}
func testAccCheckIamAccessTagUsage(name string) string {
resource_group_name := fmt.Sprintf("tf%d-iam-access%d", acctest.RandIntRange(10, 100), acctest.RandIntRange(10, 100))
return fmt.Sprintf(`
data "ibm_resource_group" "group" {
name = "Default"
}
resource "ibm_iam_access_tag" "tag" {
name = "%s"
}
resource "ibm_cd_toolchain" "cd_toolchain_instance" {
description = "Terraform test"
name = "%s-toolchain"
resource_group_id = data.ibm_resource_group.group.id
}
resource "ibm_resource_tag" "tag" {
resource_id = ibm_cd_toolchain.cd_toolchain_instance.crn
tags = [ibm_iam_access_tag.tag.name]
tag_type = "access"
}
`, name, resource_group_name)
}
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ func ResourceIBMResourceAccessTag() *schema.Resource {
Description: "Type of the tag(access)",
},
},
DeprecationMessage: "ibm_resource_access_tag has been deprecated. Use ibm_iam_access_tag instead.",
}
}

Expand Down
17 changes: 7 additions & 10 deletions ibm/service/globaltagging/resource_ibm_resource_tag_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,8 @@ func TestAccResourceTag_Basic(t *testing.T) {
ResourceName: "ibm_resource_tag.tag",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{
"replace"},
},
},
})
Expand Down Expand Up @@ -187,13 +189,11 @@ func testAccCheckResourceTagExists(n string) resource.TestCheckFunc {

func testAccCheckResourceTagCreate(name string, tagNames []string) string {
return fmt.Sprintf(`
resource "ibm_is_vpc" "vpc" {
name = "%s"
}
data "ibm_is_vpc" "test_vpc" {
name = ibm_is_vpc.vpc.name
resource "ibm_resource_instance" "resource_1" {
name = "%s"
service = "cloud-object-storage"
plan = "lite"
location = "global"
}
resource "ibm_resource_tag" "tag" {
Expand Down Expand Up @@ -249,14 +249,11 @@ func TestAccResourceTag_replace_Basic(t *testing.T) {

func testAccCheckResourceTagCreate_replace(name string) string {
return fmt.Sprintf(`
resource "ibm_resource_instance" "resource_1" {
name = "%s"
service = "cloud-object-storage"
plan = "lite"
location = "global"
}
resource "ibm_resource_tag" "tag" {
Expand Down
Loading

0 comments on commit d49a324

Please sign in to comment.