Merge pull request #1650 from tencentcloudstack/feat/vpn_ssl_client_status

support set vpn status

Author: tongyiming

.changelog/1650.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_vpn_gateway_ssl_client_cert
+```

.github/workflows/fmt.yml

@@ -20,6 +20,11 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
+      - name: Set up Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: 1.18
+
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v3
         with:

scripts/gofmtcheck.sh

@@ -2,6 +2,7 @@
 
 # Check gofmt
 echo "==> Checking that code complies with gofmt requirements..."
+echo $(go version)
 gofmt_files=$(gofmt -l `find tencentcloud -name '*.go' | grep -v vendor`)
 if [[ -n ${gofmt_files} ]]; then
     echo 'gofmt needs running on the following files:'

tencentcloud/provider.go

@@ -689,6 +689,7 @@ VPN Connections(VPN)
 	tencentcloud_vpn_ssl_client
 	tencentcloud_vpn_connection_reset
 	tencentcloud_vpn_customer_gateway_configuration_download
+	tencentcloud_vpn_gateway_ssl_client_cert
 
 MapReduce(EMR)
   Data Source
@@ -1424,6 +1425,7 @@ func Provider() terraform.ResourceProvider {
 			"tencentcloud_vpn_ssl_client":                              resourceTencentCloudVpnSslClient(),
 			"tencentcloud_vpn_connection_reset":                        resourceTencentCloudVpnConnectionReset(),
 			"tencentcloud_vpn_customer_gateway_configuration_download": resourceTencentCloudVpnCustomerGatewayConfigurationDownload(),
+			"tencentcloud_vpn_gateway_ssl_client_cert":                 resourceTencentCloudVpnGatewaySslClientCert(),
 			"tencentcloud_ha_vip":                                      resourceTencentCloudHaVip(),
 			"tencentcloud_ha_vip_eip_attachment":                       resourceTencentCloudHaVipEipAttachment(),
 			"tencentcloud_security_group":                              resourceTencentCloudSecurityGroup(),

tencentcloud/resource_tc_vpn_gateway_ssl_client_cert.go

@@ -0,0 +1,184 @@
+/*
+Provides a resource to create a vpc vpn_gateway_ssl_client_cert
+
+Example Usage
+
+```hcl
+resource "tencentcloud_vpn_gateway_ssl_client_cert" "vpn_gateway_ssl_client_cert" {
+  ssl_vpn_client_id = "vpnc-123456"
+  switch = "off"
+}
+```
+
+Import
+
+vpc vpn_gateway_ssl_client_cert can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert ssl_client_id
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	vpc "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc/v20170312"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudVpnGatewaySslClientCert() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudVpnGatewaySslClientCertCreate,
+		Read:   resourceTencentCloudVpnGatewaySslClientCertRead,
+		Update: resourceTencentCloudVpnGatewaySslClientCertUpdate,
+		Delete: resourceTencentCloudVpnGatewaySslClientCertDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"ssl_vpn_client_id": {
+				Required:    true,
+				Type:        schema.TypeString,
+				Description: "SSL-VPN-CLIENT Instance ID.",
+			},
+
+			"switch": {
+				Optional:     true,
+				Type:         schema.TypeString,
+				Default:      "on",
+				ValidateFunc: validateAllowedStringValue([]string{"on", "off"}),
+				Description:  "`on`: Enable, `off`: Disable.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudVpnGatewaySslClientCertCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_vpn_gateway_ssl_client_cert.create")()
+	defer inconsistentCheck(d, meta)()
+
+	sslVpnClientId := d.Get("ssl_vpn_client_id").(string)
+	d.SetId(sslVpnClientId)
+
+	return resourceTencentCloudVpnGatewaySslClientCertUpdate(d, meta)
+}
+
+func resourceTencentCloudVpnGatewaySslClientCertRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_vpn_gateway_ssl_client_cert.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := VpcService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	sslVpnClientId := d.Id()
+
+	_, vpnGatewaySslClientCert, err := service.DescribeVpnSslClientById(ctx, sslVpnClientId)
+	if err != nil {
+		return err
+	}
+
+	if vpnGatewaySslClientCert == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `VpnGatewaySslClientCert` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	if vpnGatewaySslClientCert.SslVpnClientId != nil {
+		_ = d.Set("ssl_vpn_client_id", vpnGatewaySslClientCert.SslVpnClientId)
+	}
+
+	if vpnGatewaySslClientCert.CertStatus != nil {
+		if *vpnGatewaySslClientCert.CertStatus == 1 {
+			_ = d.Set("switch", "on")
+		}
+		if *vpnGatewaySslClientCert.CertStatus == 2 {
+			_ = d.Set("switch", "off")
+		}
+	}
+
+	return nil
+}
+
+func resourceTencentCloudVpnGatewaySslClientCertUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_vpn_gateway_ssl_client_cert.update")()
+	defer inconsistentCheck(d, meta)()
+
+	var taskId *uint64
+
+	logId := getLogId(contextNil)
+
+	sslVpnClientId := d.Id()
+
+	certSwitch := d.Get("switch").(string)
+
+	if certSwitch == "on" {
+
+		var (
+			request = vpc.NewEnableVpnGatewaySslClientCertRequest()
+		)
+
+		request.SslVpnClientId = &sslVpnClientId
+
+		err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+			result, e := meta.(*TencentCloudClient).apiV3Conn.UseVpcClient().EnableVpnGatewaySslClientCert(request)
+			if e != nil {
+				return retryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			}
+			taskId = result.Response.TaskId
+			return nil
+		})
+		if err != nil {
+			log.Printf("[CRITAL]%s enable vpc vpnGatewaySslClientCert failed, reason:%+v", logId, err)
+			return err
+		}
+
+	} else {
+
+		var (
+			request = vpc.NewDisableVpnGatewaySslClientCertRequest()
+		)
+
+		request.SslVpnClientId = &sslVpnClientId
+
+		err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+			result, e := meta.(*TencentCloudClient).apiV3Conn.UseVpcClient().DisableVpnGatewaySslClientCert(request)
+			if e != nil {
+				return retryError(e)
+			} else {
+				log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+			}
+			taskId = result.Response.TaskId
+			return nil
+		})
+		if err != nil {
+			log.Printf("[CRITAL]%s disable vpc vpnGatewaySslClientCert failed, reason:%+v", logId, err)
+			return err
+		}
+	}
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	service := VpcService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	err := service.DescribeVpcTaskResult(ctx, helper.String(helper.UInt64ToStr(*taskId)))
+	if err != nil {
+		return err
+	}
+
+	return resourceTencentCloudVpnGatewaySslClientCertRead(d, meta)
+}
+
+func resourceTencentCloudVpnGatewaySslClientCertDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_vpn_gateway_ssl_client_cert.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_vpn_gateway_ssl_client_cert_test.go

@@ -0,0 +1,53 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccTencentCloudVpcVpnGatewaySslClientCertResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccVpcVpnGatewaySslClientCert,
+				Check:  resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert", "id")),
+			},
+			{
+				Config: testAccVpcVpnGatewaySslClientCertUpdate,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert", "id"),
+					resource.TestCheckResourceAttr("tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert", "switch", "on"),
+				),
+			},
+			{
+				ResourceName:      "tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+const testAccVpcVpnGatewaySslClientCert = `
+
+resource "tencentcloud_vpn_gateway_ssl_client_cert" "vpn_gateway_ssl_client_cert" {
+  ssl_vpn_client_id = "vpnc-52f5lnd5"
+  switch = "off"
+}
+
+`
+
+const testAccVpcVpnGatewaySslClientCertUpdate = `
+
+resource "tencentcloud_vpn_gateway_ssl_client_cert" "vpn_gateway_ssl_client_cert" {
+  ssl_vpn_client_id = "vpnc-52f5lnd5"
+  switch = "on"
+}
+
+`

website/docs/r/vpn_gateway_ssl_client_cert.html.markdown

@@ -0,0 +1,45 @@
+---
+subcategory: "VPN Connections(VPN)"
+layout: "tencentcloud"
+page_title: "TencentCloud: tencentcloud_vpn_gateway_ssl_client_cert"
+sidebar_current: "docs-tencentcloud-resource-vpn_gateway_ssl_client_cert"
+description: |-
+  Provides a resource to create a vpc vpn_gateway_ssl_client_cert
+---
+
+# tencentcloud_vpn_gateway_ssl_client_cert
+
+Provides a resource to create a vpc vpn_gateway_ssl_client_cert
+
+## Example Usage
+
+```hcl
+resource "tencentcloud_vpn_gateway_ssl_client_cert" "vpn_gateway_ssl_client_cert" {
+  ssl_vpn_client_id = "vpnc-123456"
+  switch            = "off"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `ssl_vpn_client_id` - (Required, String) SSL-VPN-CLIENT Instance ID.
+* `switch` - (Optional, String) `on`: Enable, `off`: Disable.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - ID of the resource.
+
+
+
+## Import
+
+vpc vpn_gateway_ssl_client_cert can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_vpn_gateway_ssl_client_cert.vpn_gateway_ssl_client_cert ssl_client_id
+```
+

website/tencentcloud.erb

@@ -2805,6 +2805,9 @@
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/vpn_gateway_route.html">tencentcloud_vpn_gateway_route</a>
                                 </li>
+                                <li>
+                                    <a href="/docs/providers/tencentcloud/r/vpn_gateway_ssl_client_cert.html">tencentcloud_vpn_gateway_ssl_client_cert</a>
+                                </li>
                                 <li>
                                     <a href="/docs/providers/tencentcloud/r/vpn_ssl_client.html">tencentcloud_vpn_ssl_client</a>
                                 </li>