Feat/ssl add param (#2421)

* feat: doc

* feat: doc

* feat: changelog

* feat: changelog

* feat: fix

* feat: fix

Author: WeiMengXS

.changelog/2421.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/tencentcloud_ssl_update_certificate_instance_operation: Support upload ca
+```

tencentcloud/resource_tc_ssl_update_certificate_instance_operation.go

@@ -12,15 +12,15 @@ import (
 
 func resourceTencentCloudSslUpdateCertificateInstanceOperation() *schema.Resource {
 	return &schema.Resource{
-		Create: resourceTencentCloudSslUpdateCertificateInstanceCreate,
-		Read:   resourceTencentCloudSslUpdateCertificateInstanceRead,
-		Delete: resourceTencentCloudSslUpdateCertificateInstanceDelete,
+		Create: resourceTencentCloudSslUpdateCertificateInstanceOperationCreate,
+		Read:   resourceTencentCloudSslUpdateCertificateInstanceOperationRead,
+		Delete: resourceTencentCloudSslUpdateCertificateInstanceOperationDelete,
 		Importer: &schema.ResourceImporter{
 			State: schema.ImportStatePassthrough,
 		},
 		Schema: map[string]*schema.Schema{
 			"certificate_id": {
-				Required:    true,
+				Optional:    true,
 				ForceNew:    true,
 				Type:        schema.TypeString,
 				Description: "Update new certificate ID.",
@@ -40,14 +40,14 @@ func resourceTencentCloudSslUpdateCertificateInstanceOperation() *schema.Resourc
 				Elem: &schema.Schema{
 					Type: schema.TypeString,
 				},
-				Description: "The resource type that needs to be deployed. The parameter value is optional: clb,cdn,waf,live,ddos,teo,apigateway,vod,tke,tcb.",
+				Description: "The resource type that needs to be deployed. The parameter value is optional: clb, cdn, waf, live, ddos, teo, apigateway, vod, tke, tcb.",
 			},
 
 			"resource_types_regions": {
 				Optional:    true,
 				ForceNew:    true,
 				Type:        schema.TypeList,
-				Description: "List of regions where cloud resources need to be deployed.",
+				Description: "List of regions where cloud resources need to be deploye.",
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"resource_type": {
@@ -66,11 +66,55 @@ func resourceTencentCloudSslUpdateCertificateInstanceOperation() *schema.Resourc
 					},
 				},
 			},
+
+			"certificate_public_key": {
+				Optional:    true,
+				ForceNew:    true,
+				Sensitive:   true,
+				Type:        schema.TypeString,
+				Description: "Certificate public key. If you upload the certificate public key, CertificateId does not need to be passed.",
+			},
+
+			"certificate_private_key": {
+				Optional:    true,
+				ForceNew:    true,
+				Sensitive:   true,
+				Type:        schema.TypeString,
+				Description: "Certificate private key. If you upload the certificate public key, CertificateId does not need to be passed.",
+			},
+
+			"expiring_notification_switch": {
+				Optional:    true,
+				ForceNew:    true,
+				Type:        schema.TypeInt,
+				Description: "Whether to ignore expiration reminders for old certificates 0: Do not ignore notifications. 1: Ignore the notification and ignore the OldCertificateId expiration reminder.",
+			},
+
+			"repeatable": {
+				Optional:    true,
+				ForceNew:    true,
+				Type:        schema.TypeBool,
+				Description: "Whether the same certificate is allowed to be uploaded repeatedly. If you choose to upload the certificate, you can configure this parameter.",
+			},
+
+			"allow_download": {
+				Optional:    true,
+				ForceNew:    true,
+				Type:        schema.TypeBool,
+				Description: "Whether to allow downloading, if you choose to upload the certificate, you can configure this parameter.",
+			},
+
+			"project_id": {
+				Optional:    true,
+				ForceNew:    true,
+				Type:        schema.TypeInt,
+				Description: "Project ID, if you choose to upload the certificate, you can configure this parameter.",
+			},
 		},
 	}
 }
 
-func resourceTencentCloudSslUpdateCertificateInstanceCreate(d *schema.ResourceData, meta interface{}) error {
+func resourceTencentCloudSslUpdateCertificateInstanceOperationCreate(d *schema.ResourceData, meta interface{}) error {
 	defer logElapsed("resource.tencentcloud_ssl_update_certificate_instance_operation.create")()
 	defer inconsistentCheck(d, meta)()
 
@@ -92,67 +136,93 @@ func resourceTencentCloudSslUpdateCertificateInstanceCreate(d *schema.ResourceDa
 	if v, ok := d.GetOk("resource_types"); ok {
 		resourceTypesSet := v.(*schema.Set).List()
 		for i := range resourceTypesSet {
-			resourceTypes := resourceTypesSet[i].(string)
-			request.ResourceTypes = append(request.ResourceTypes, &resourceTypes)
+			if resourceTypesSet[i] != nil {
+				resourceTypes := resourceTypesSet[i].(string)
+				request.ResourceTypes = append(request.ResourceTypes, &resourceTypes)
+			}
 		}
 	}
 
 	if v, ok := d.GetOk("resource_types_regions"); ok {
 		for _, item := range v.([]interface{}) {
-			resourceTypeRegions := ssl.ResourceTypeRegions{}
 			dMap := item.(map[string]interface{})
+			resourceTypeRegions := ssl.ResourceTypeRegions{}
 			if v, ok := dMap["resource_type"]; ok {
 				resourceTypeRegions.ResourceType = helper.String(v.(string))
 			}
 			if v, ok := dMap["regions"]; ok {
 				regionsSet := v.(*schema.Set).List()
 				for i := range regionsSet {
-					regions := regionsSet[i].(string)
-					resourceTypeRegions.Regions = append(resourceTypeRegions.Regions, &regions)
+					if regionsSet[i] != nil {
+						regions := regionsSet[i].(string)
+						resourceTypeRegions.Regions = append(resourceTypeRegions.Regions, &regions)
+					}
 				}
 			}
 			request.ResourceTypesRegions = append(request.ResourceTypesRegions, &resourceTypeRegions)
 		}
 	}
 
+	if v, ok := d.GetOk("certificate_public_key"); ok {
+		request.CertificatePublicKey = helper.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("certificate_private_key"); ok {
+		request.CertificatePrivateKey = helper.String(v.(string))
+	}
+
+	if v, _ := d.GetOkExists("expiring_notification_switch"); v != nil {
+		request.ExpiringNotificationSwitch = helper.IntUint64(v.(int))
+	}
+
+	if v, _ := d.GetOkExists("repeatable"); v != nil {
+		request.Repeatable = helper.Bool(v.(bool))
+	}
+
+	if v, _ := d.GetOkExists("allow_download"); v != nil {
+		request.AllowDownload = helper.Bool(v.(bool))
+	}
+
+	if v, _ := d.GetOkExists("project_id"); v != nil {
+		request.ProjectId = helper.IntUint64(v.(int))
+	}
+
 	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
 		result, e := meta.(*TencentCloudClient).apiV3Conn.UseSSLCertificateClient().UpdateCertificateInstance(request)
 		if e != nil {
 			return retryError(e)
 		} else {
 			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
 		}
-		if result.Response.DeployStatus == nil {
-			err := fmt.Errorf("api[%s] status is nil", request.GetAction())
-			return retryError(err)
+		response = result
+		if response == nil || response.Response == nil || response.Response.DeployRecordId == nil {
+			return resource.RetryableError(fmt.Errorf("operate ssl updateCertificateInstanceOperation response is null"))
 		}
-
-		if *result.Response.DeployStatus < 0 {
-			err := fmt.Errorf("status is %d, need retry", *result.Response.DeployStatus)
-			return retryError(err)
+		if *response.Response.DeployRecordId == uint64(0) {
+			return resource.RetryableError(fmt.Errorf("operate ssl updateCertificateInstanceOperation not done"))
 		}
-		response = result
 		return nil
 	})
+
 	if err != nil {
-		log.Printf("[CRITAL]%s operate ssl updateCertificateInstance failed, reason:%+v", logId, err)
+		log.Printf("[CRITAL]%s operate ssl updateCertificateInstanceOperation failed, reason:%+v", logId, err)
 		return err
 	}
 
 	deployRecordId = *response.Response.DeployRecordId
 	d.SetId(helper.UInt64ToStr(deployRecordId))
 
-	return resourceTencentCloudSslUpdateCertificateInstanceRead(d, meta)
+	return resourceTencentCloudSslUpdateCertificateInstanceOperationRead(d, meta)
 }
 
-func resourceTencentCloudSslUpdateCertificateInstanceRead(d *schema.ResourceData, meta interface{}) error {
+func resourceTencentCloudSslUpdateCertificateInstanceOperationRead(d *schema.ResourceData, meta interface{}) error {
 	defer logElapsed("resource.tencentcloud_ssl_update_certificate_instance_operation.read")()
 	defer inconsistentCheck(d, meta)()
 
 	return nil
 }
 
-func resourceTencentCloudSslUpdateCertificateInstanceDelete(d *schema.ResourceData, meta interface{}) error {
+func resourceTencentCloudSslUpdateCertificateInstanceOperationDelete(d *schema.ResourceData, meta interface{}) error {
 	defer logElapsed("resource.tencentcloud_ssl_update_certificate_instance_operation.delete")()
 	defer inconsistentCheck(d, meta)()
 

tencentcloud/resource_tc_ssl_update_certificate_instance_operation_test.go

@@ -1,12 +1,11 @@
 package tencentcloud
 
 import (
-	"testing"
-
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"testing"
 )
 
-func TestAccTencentCloudSslUpdateCertificateInstanceResource_basic(t *testing.T) {
+func TestAccTencentCloudSslUpdateCertificateInstanceOperationResource_basic(t *testing.T) {
 	t.Parallel()
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
@@ -15,22 +14,22 @@ func TestAccTencentCloudSslUpdateCertificateInstanceResource_basic(t *testing.T)
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccSslUpdateCertificateInstance,
+				Config: testAccSslUpdateCertificateInstanceOperation,
 				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "id"),
-					resource.TestCheckResourceAttr("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "certificate_id", "7REHyHM1"),
-					resource.TestCheckResourceAttr("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "old_certificate_id", "9D3qRt7r"),
-					resource.TestCheckResourceAttr("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "resource_types.0", "cdn"),
+					resource.TestCheckResourceAttr("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "certificate_id", "AMpBxwPq"),
+					resource.TestCheckResourceAttr("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "old_certificate_id", "AN1Gys3l"),
+					resource.TestCheckResourceAttrSet("tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance", "resource_types.0"),
 				),
 			},
 		},
 	})
 }
 
-const testAccSslUpdateCertificateInstance = `
+const testAccSslUpdateCertificateInstanceOperation = `
 
 resource "tencentcloud_ssl_update_certificate_instance_operation" "update_certificate_instance" {
-  certificate_id = "7REHyHM1"
-  old_certificate_id = "9D3qRt7r"
+  certificate_id = "AMpBxwPq"
+  old_certificate_id = "AN1Gys3l"
   resource_types = ["cdn"]
 }
 `

tencentcloud/services/ssl/resource_tc_ssl_update_certificate_instance_operation.md

@@ -9,11 +9,14 @@ resource "tencentcloud_ssl_update_certificate_instance_operation" "update_certif
   resource_types = ["cdn"]
 }
 ```
+Upload certificate
 
-Import
-
-ssl update_certificate_instance can be imported using the id, e.g.
-
+```hcl
+resource "tencentcloud_ssl_update_certificate_instance_operation" "update_certificate_instance" {
+  old_certificate_id = "xxx"
+  certificate_public_key = file("xxx.crt")
+  certificate_private_key= file("xxx.key")
+  repeatable= true
+  resource_types = ["cdn"]
+}
 ```
-terraform import tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance update_certificate_instance_id
-```

website/docs/r/ssl_update_certificate_instance_operation.html.markdown

@@ -21,14 +21,32 @@ resource "tencentcloud_ssl_update_certificate_instance_operation" "update_certif
 }
 ```
 
+### Upload certificate
+
+```hcl
+resource "tencentcloud_ssl_update_certificate_instance_operation" "update_certificate_instance" {
+  old_certificate_id      = "xxx"
+  certificate_public_key  = file("xxx.crt")
+  certificate_private_key = file("xxx.key")
+  repeatable              = true
+  resource_types          = ["cdn"]
+}
+```
+
 ## Argument Reference
 
 The following arguments are supported:
 
-* `certificate_id` - (Required, String, ForceNew) Update new certificate ID.
 * `old_certificate_id` - (Required, String, ForceNew) Update the original certificate ID.
-* `resource_types` - (Required, Set: [`String`], ForceNew) The resource type that needs to be deployed. The parameter value is optional: clb,cdn,waf,live,ddos,teo,apigateway,vod,tke,tcb.
-* `resource_types_regions` - (Optional, List, ForceNew) List of regions where cloud resources need to be deployed.
+* `resource_types` - (Required, Set: [`String`], ForceNew) The resource type that needs to be deployed. The parameter value is optional: clb, cdn, waf, live, ddos, teo, apigateway, vod, tke, tcb.
+* `allow_download` - (Optional, Bool, ForceNew) Whether to allow downloading, if you choose to upload the certificate, you can configure this parameter.
+* `certificate_id` - (Optional, String, ForceNew) Update new certificate ID.
+* `certificate_private_key` - (Optional, String, ForceNew) Certificate private key. If you upload the certificate public key, CertificateId does not need to be passed.
+* `certificate_public_key` - (Optional, String, ForceNew) Certificate public key. If you upload the certificate public key, CertificateId does not need to be passed.
+* `expiring_notification_switch` - (Optional, Int, ForceNew) Whether to ignore expiration reminders for old certificates 0: Do not ignore notifications. 1: Ignore the notification and ignore the OldCertificateId expiration reminder.
+* `project_id` - (Optional, Int, ForceNew) Project ID, if you choose to upload the certificate, you can configure this parameter.
+* `repeatable` - (Optional, Bool, ForceNew) Whether the same certificate is allowed to be uploaded repeatedly. If you choose to upload the certificate, you can configure this parameter.
+* `resource_types_regions` - (Optional, List, ForceNew) List of regions where cloud resources need to be deploye.
 
 The `resource_types_regions` object supports the following:
 
@@ -43,11 +61,3 @@ In addition to all arguments above, the following attributes are exported:
 
 
 
-## Import
-
-ssl update_certificate_instance can be imported using the id, e.g.
-
-```
-terraform import tencentcloud_ssl_update_certificate_instance_operation.update_certificate_instance update_certificate_instance_id
-```
-