feat: ssl-operation (#2174)

* feat: operation

* feat: changelog

* feat: changelog

* feat: e2e

---------

Co-authored-by: WeiMengXS <nickcchen@tencent.com>
Co-authored-by: andrewjiang <104899514+andrew-tx@users.noreply.github.com>

Author: 3 people

.changelog/2174.txt

@@ -0,0 +1,23 @@
+```release-note:new-resource
+tencentcloud_ssl_check_certificate_chain_operation
+```
+
+```release-note:new-resource
+tencentcloud_ssl_complete_certificate_operation
+```
+
+```release-note:new-resource
+tencentcloud_ssl_deploy_certificate_instance_operation
+```
+
+```release-note:new-resource
+tencentcloud_ssl_deploy_certificate_record_retry_operation
+```
+
+```release-note:new-resource
+tencentcloud_ssl_deploy_certificate_record_rollback_operation
+```
+
+```release-note:new-resource
+tencentcloud_ssl_download_certificate_operation
+```

tencentcloud/provider.go

@@ -921,6 +921,12 @@ SSL Certificates
     tencentcloud_ssl_certificate
     tencentcloud_ssl_pay_certificate
 	tencentcloud_ssl_free_certificate
+    tencentcloud_ssl_complete_certificate_operation
+    tencentcloud_ssl_check_certificate_chain_operation
+    tencentcloud_ssl_deploy_certificate_instance_operation
+    tencentcloud_ssl_deploy_certificate_record_retry_operation
+    tencentcloud_ssl_deploy_certificate_record_rollback_operation
+    tencentcloud_ssl_download_certificate_operation
 
 Secrets Manager(SSM)
   Data Source
@@ -3334,6 +3340,12 @@ func Provider() *schema.Provider {
 			"tencentcloud_cfw_nat_firewall_switch":                             resourceTencentCloudCfwNatFirewallSwitch(),
 			"tencentcloud_cfw_vpc_firewall_switch":                             resourceTencentCloudCfwVpcFirewallSwitch(),
 			"tencentcloud_cfw_edge_firewall_switch":                            resourceTencentCloudCfwEdgeFirewallSwitch(),
+			"tencentcloud_ssl_check_certificate_chain_operation":               resourceTencentCloudSslCheckCertificateChainOperation(),
+			"tencentcloud_ssl_complete_certificate_operation":                  resourceTencentCloudSslCompleteCertificateOperation(),
+			"tencentcloud_ssl_deploy_certificate_instance_operation":           resourceTencentCloudSslDeployCertificateInstanceOperation(),
+			"tencentcloud_ssl_deploy_certificate_record_retry_operation":       resourceTencentCloudSslDeployCertificateRecordRetryOperation(),
+			"tencentcloud_ssl_deploy_certificate_record_rollback_operation":    resourceTencentCloudSslDeployCertificateRecordRollbackOperation(),
+			"tencentcloud_ssl_download_certificate_operation":                  resourceTencentCloudSslDownloadCertificateOperation(),
 			"tencentcloud_cwp_license_order":                                   resourceTencentCloudCwpLicenseOrder(),
 			"tencentcloud_cwp_license_bind_attachment":                         resourceTencentCloudCwpLicenseBindAttachment(),
 		},

tencentcloud/resource_tc_ssl_check_certificate_chain_operation.go

@@ -0,0 +1,101 @@
+/*
+Provides a resource to create a ssl check_certificate_chain
+
+Example Usage
+
+```hcl
+resource "tencentcloud_ssl_check_certificate_chain_operation" "check_certificate_chain" {
+  certificate_chain = "-----BEGIN CERTIFICATE--·····---END CERTIFICATE-----"
+}
+```
+
+Import
+
+ssl check_certificate_chain can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_ssl_check_certificate_chain_operation.check_certificate_chain check_certificate_chain_id
+```
+*/
+package tencentcloud
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/hashicorp/go-uuid"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudSslCheckCertificateChainOperation() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudSslCheckCertificateChainCreate,
+		Read:   resourceTencentCloudSslCheckCertificateChainRead,
+		Delete: resourceTencentCloudSslCheckCertificateChainDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"certificate_chain": {
+				Required:    true,
+				ForceNew:    true,
+				Type:        schema.TypeString,
+				Description: "The certificate chain to check.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudSslCheckCertificateChainCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_check_certificate_chain_operation.create")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	var (
+		request = ssl.NewCheckCertificateChainRequest()
+	)
+	if v, ok := d.GetOk("certificate_chain"); ok {
+		request.CertificateChain = helper.String(v.(string))
+	}
+
+	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseSSLCertificateClient().CheckCertificateChain(request)
+		if e != nil {
+			return retryError(e)
+		}
+		if result != nil && result.Response != nil && !*result.Response.IsValid {
+			err := fmt.Errorf("[DEBUG]%s Certificate chain failed to check, IsValid [%v]\n", logId, *result.Response.IsValid)
+			return retryError(err)
+		}
+		log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s operate ssl checkCertificateChain failed, reason:%+v", logId, err)
+		return err
+	}
+	id, err := uuid.GenerateUUID()
+	if err != nil {
+		return err
+	}
+	d.SetId(id)
+	return resourceTencentCloudSslCheckCertificateChainRead(d, meta)
+}
+
+func resourceTencentCloudSslCheckCertificateChainRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_check_certificate_chain_operation.read")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}
+
+func resourceTencentCloudSslCheckCertificateChainDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_check_certificate_chain_operation.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_ssl_check_certificate_chain_operation_test.go

@@ -0,0 +1,101 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudSslCheckCertificateChainResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheckCommon(t, ACCOUNT_TYPE_SSL)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSslCheckCertificateChain,
+				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_ssl_check_certificate_chain_operation.check_certificate_chain", "id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_ssl_check_certificate_chain_operation.check_certificate_chain", "certificate_chain"),
+				),
+			},
+		},
+	})
+}
+
+const testAccSslCheckCertificateChain = `
+
+resource "tencentcloud_ssl_check_certificate_chain_operation" "check_certificate_chain" {
+  certificate_chain = <<EOT
+-----BEGIN CERTIFICATE-----
+MIIGgjCCBOqgAwIBAgIQD2LBHbHYKhfZEhJYSdrsXTANBgkqhkiG9w0BAQwFADBZ
+MQswCQYDVQQGEwJDTjElMCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywg
+SW5jLjEjMCEGA1UEAxMaVHJ1c3RBc2lhIFJTQSBEViBUTFMgQ0EgRzIwHhcNMjMw
+NzMxMDAwMDAwWhcNMjQwNzMwMjM1OTU5WjAeMRwwGgYDVQQDDBMqLm5pbmdoaHVh
+bmcub25saW5lMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndlStKT/
+V0EWn2Jigr6v1tqQ5F4oAZmJFVw7C+liE686l5X2TMp02/QSelR+s5qBSAUElzU5
+8egrptncR990pDUbiRRdWH44doPhPocHwiSD+Zr98Dn5NMKePrE2tvWnoR10yQa0
+NYjsQsZD6qyom5REWMOuqYr0dbqlel9xZ7USNwlpVakF6yBJYydqGFx6IH/fZXwy
+D7CHhbeDF79geAMS6AQIgHOPuLx0dirklcblXvdy66oa4Z6jwBpO+JvpeLtwen5Z
+oN13hqD7ioaC/9jZqyfwuOzX9RfvS0JYZnkxQt1nba+61oQWmFvsBTHz8kCr9DJE
+0xtstfQLL6w26wIDAQABo4IC/zCCAvswHwYDVR0jBBgwFoAUXzp8ERB+DGdxYdyL
+o7UAA2f1VxwwHQYDVR0OBBYEFP4NCzlvU5PKTQv5MXCTNjDQVmOlMA4GA1UdDwEB
+/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIxMCUwIwYIKwYBBQUHAgEWF2h0
+dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATB9BggrBgEFBQcBAQRxMG8w
+QgYIKwYBBQUHMAKGNmh0dHA6Ly9jcnQudHJ1c3QtcHJvdmlkZXIuY24vVHJ1c3RB
+c2lhUlNBRFZUTFNDQUcyLmNydDApBggrBgEFBQcwAYYdaHR0cDovL29jc3AudHJ1
+c3QtcHJvdmlkZXIuY24wMQYDVR0RBCowKIITKi5uaW5naGh1YW5nLm9ubGluZYIR
+bmluZ2hodWFuZy5vbmxpbmUwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AHb/
+iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABiarFhPIAAAQDAEcwRQIg
+WwhTfFhEP2pKTiVkM9arGgwSePt/Dswqy3lY+9F3I2QCIQCX94LGDvgTYVzc7If/
+6TsbOMiWpg1mbonvY85LnNFg3wB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k
+PTBI1/urAAABiarFhUcAAAQDAEcwRQIgFPP4Cpw1s/vl0oK8DTjz6eGxcH0N87R9
+pZKuvvpT9ZcCIQCUcpJxDO9UJRNZIG2tylnNLLNfNXHC2OL0jmWpsVKbCgB1AO7N
+0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABiarFhSAAAAQDAEYwRAIg
+YJRcpNtjIrudV+k8xu569wmMFFKiYU/OFQatMrdkgH0CIDQ/mm+YwUWM1ywDCqaK
+WXFEfSXBFnOraEM75z9DgxKkMA0GCSqGSIb3DQEBDAUAA4IBgQB4LMuyqbP9zBZN
+irjt1jtvEZX9U4gklvh2xWif6sYHJt4XtnrE9tgJ9Hcb3h7zZGPC/+FuZur13hIG
+j7tDOGnJJjOjDFFhqcaVcceVKwoif6bdVp82l4GniPYfyLrsrg01PKtgeYBiQeSG
+oDb5DMzGb/HsNCVFXQfmsvj/JArunSxUhHDnYiGWhWT86E7arrmQy4evNYQqf5Ah
+Lq2Tl6k7U1uem25dokLGeDTAOCfmDor9DbX9NqCDlM/SIyo/B+jfmtSkPwpywOn5
+be7+xFOFvHecatUDKdJq0I7f2KkFMD3E/xfCD5ZJ2ffyjafLnlAATW8O9cnVvHyS
+wboYkriXZV1ZGMc9sOskq9I0jtoSfMIpURjMfFtP02Y7KPnZffWk1+fDKu7qqyhf
+CYZuE2b3ytuJjJYbGsf2WwV2pf/CSZaKeuE/xzOCvS6Z2teeg6ZrSyJBHNfZHCxB
+qqD1ej+KL/mHbMEEH+RB5C5w8OD/7LkQlBqLSn/rB5Pts4A/oqA=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIFBzCCA++gAwIBAgIRALIM7VUuMaC/NDp1KHQ76aswDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yMjAxMTAwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFkxCzAJBgNVBAYTAkNOMSUwIwYDVQQKExxUcnVzdEFzaWEg
+VGVjaG5vbG9naWVzLCBJbmMuMSMwIQYDVQQDExpUcnVzdEFzaWEgUlNBIERWIFRM
+UyBDQSBHMjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKjGDe0GSaBs
+Yl/VhMaTM6GhfR1TAt4mrhN8zfAMwEfLZth+N2ie5ULbW8YvSGzhqkDhGgSBlafm
+qq05oeESrIJQyz24j7icGeGyIZ/jIChOOvjt4M8EVi3O0Se7E6RAgVYcX+QWVp5c
+Sy+l7XrrtL/pDDL9Bngnq/DVfjCzm5ZYUb1PpyvYTP7trsV+yYOCNmmwQvB4yVjf
+IIpHC1OcsPBntMUGeH1Eja4D+qJYhGOxX9kpa+2wTCW06L8T6OhkpJWYn5JYiht5
+8exjAR7b8Zi3DeG9oZO5o6Qvhl3f8uGU8lK1j9jCUN/18mI/5vZJ76i+hsgdlfZB
+Rh5lmAQjD80M9TY+oD4MYUqB5XrigPfFAUwXFGehhlwCVw7y6+5kpbq/NpvM5Ba8
+SeQYUUuMA8RXpTtGlrrTPqJryfa55hTuX/ThhX4gcCVkbyujo0CYr+Uuc14IOyNY
+1fD0/qORbllbgV41wiy/2ZUWZQUodqHWkjT1CwIMbQOY5jmrSYGBwwIDAQABo4IB
+JjCCASIwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYE
+FF86fBEQfgxncWHci6O1AANn9VccMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAE
+GzAZMA0GCysGAQQBsjEBAgIxMAgGBmeBDAECATBDBgNVHR8EPDA6MDigNqA0hjJo
+dHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNy
+bDA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9k
+b2NhLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHMUom5cxIje2IiFU7mOCsBr2F6CY
+eU5cyfQ/Aep9kAXYUDuWsaT85721JxeXFYkf4D/cgNd9+hxT8ZeDOJrn+ysqR7NO
+2K9AdqTdIY2uZPKmvgHOkvH2gQD6jc05eSPOwdY/10IPvmpgUKaGOa/tyygL8Og4
+3tYyoHipMMnS4OiYKakDJny0XVuchIP7ZMKiP07Q3FIuSS4omzR77kmc75/6Q9dP
+v4wa90UCOn1j6r7WhMmX3eT3Gsdj3WMe9bYD0AFuqa6MDyjIeXq08mVGraXiw73s
+Zale8OMckn/BU3O/3aFNLHLfET2H2hT6Wb3nwxjpLIfXmSVcVd8A58XH0g==
+-----END CERTIFICATE-----
+EOT
+}
+
+`

tencentcloud/resource_tc_ssl_complete_certificate_operation.go

@@ -0,0 +1,99 @@
+/*
+Provides a resource to create a ssl complete_certificate
+
+Example Usage
+
+```hcl
+resource "tencentcloud_ssl_complete_certificate_operation" "complete_certificate" {
+  certificate_id = "9Bfe1IBR"
+}
+```
+
+Import
+
+ssl complete_certificate can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_ssl_complete_certificate_operation.complete_certificate complete_certificate_id
+```
+*/
+package tencentcloud
+
+import (
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
+	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+)
+
+func resourceTencentCloudSslCompleteCertificateOperation() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudSslCompleteCertificateCreate,
+		Read:   resourceTencentCloudSslCompleteCertificateRead,
+		Delete: resourceTencentCloudSslCompleteCertificateDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"certificate_id": {
+				Required:    true,
+				ForceNew:    true,
+				Type:        schema.TypeString,
+				Description: "Certificate ID.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudSslCompleteCertificateCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_complete_certificate_operation.create")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	var (
+		request       = ssl.NewCompleteCertificateRequest()
+		response      = ssl.NewCompleteCertificateResponse()
+		certificateId string
+	)
+	if v, ok := d.GetOk("certificate_id"); ok {
+		request.CertificateId = helper.String(v.(string))
+	}
+
+	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseSSLCertificateClient().CompleteCertificate(request)
+		if e != nil {
+			return retryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		response = result
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s operate ssl completeCertificate failed, reason:%+v", logId, err)
+		return err
+	}
+	if response != nil && response.Response != nil && response.Response.CertificateId != nil {
+		certificateId = *response.Response.CertificateId
+	}
+	d.SetId(certificateId)
+
+	return resourceTencentCloudSslCompleteCertificateRead(d, meta)
+}
+
+func resourceTencentCloudSslCompleteCertificateRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_complete_certificate_operation.read")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}
+
+func resourceTencentCloudSslCompleteCertificateDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_ssl_complete_certificate_operation.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_ssl_complete_certificate_operation_test.go

@@ -0,0 +1,33 @@
+package tencentcloud
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccTencentCloudSslCompleteCertificateResource_basic(t *testing.T) {
+	t.Parallel()
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheckCommon(t, ACCOUNT_TYPE_SSL)
+		},
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSslCompleteCertificate,
+				Check: resource.ComposeTestCheckFunc(resource.TestCheckResourceAttrSet("tencentcloud_ssl_complete_certificate_operation.complete_certificate", "id"),
+					resource.TestCheckResourceAttr("tencentcloud_ssl_complete_certificate_operation.complete_certificate", "certificate_id", "709ahm2q"),
+				),
+			},
+		},
+	})
+}
+
+const testAccSslCompleteCertificate = `
+
+resource "tencentcloud_ssl_complete_certificate_operation" "complete_certificate" {
+  certificate_id = "709ahm2q"
+}
+
+`