Skip to content

Commit d81ea6d

Browse files
xinyuezhaoshrsrlhercot
authored
Add resource & data source for ESG and ESG selector (#286)
* Add data source & resource for ESG * Add data source & resource for ESG selector * Add doc for ESG & ESG selector * Add example for ESG & ESG selector * Removed old docs, fix examples and updated data source with setid * Update aci-go-client to v1.11.0 and fix some rebase issues. Co-authored-by: ssrish <[email protected]> Co-authored-by: Lionel Hercot <[email protected]>
1 parent 8662125 commit d81ea6d

File tree

674 files changed

+125711
-8
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

674 files changed

+125711
-8
lines changed

aci/data_source_aci_fvepselector.go

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
package aci
2+
3+
import (
4+
"fmt"
5+
6+
"github.com/ciscoecosystem/aci-go-client/client"
7+
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
8+
)
9+
10+
func dataSourceAciEndpointSecurityGroupSelector() *schema.Resource {
11+
return &schema.Resource{
12+
Read: dataSourceAciEndpointSecurityGroupSelectorRead,
13+
SchemaVersion: 1,
14+
Schema: AppendBaseAttrSchema(AppendNameAliasAttrSchema(map[string]*schema.Schema{
15+
"endpoint_security_group_dn": {
16+
Type: schema.TypeString,
17+
Required: true,
18+
},
19+
"annotation": {
20+
Type: schema.TypeString,
21+
Optional: true,
22+
Computed: true,
23+
},
24+
"match_expression": {
25+
Type: schema.TypeString,
26+
Optional: true,
27+
Computed: true,
28+
},
29+
"name": {
30+
Type: schema.TypeString,
31+
Required: true,
32+
},
33+
})),
34+
}
35+
}
36+
37+
func dataSourceAciEndpointSecurityGroupSelectorRead(d *schema.ResourceData, m interface{}) error {
38+
aciClient := m.(*client.Client)
39+
matchExpression := d.Get("matchExpression").(string)
40+
EndpointSecurityGroupDn := d.Get("endpoint_security_group_dn").(string)
41+
rn := fmt.Sprintf("epselector-[%s]", matchExpression)
42+
dn := fmt.Sprintf("%s/%s", EndpointSecurityGroupDn, rn)
43+
fvEPSelector, err := getRemoteEndpointSecurityGroupSelector(aciClient, dn)
44+
if err != nil {
45+
return err
46+
}
47+
d.SetId(dn)
48+
setEndpointSecurityGroupSelectorAttributes(fvEPSelector, d)
49+
return nil
50+
}

aci/data_source_aci_fvesg.go

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
package aci
2+
3+
import (
4+
"fmt"
5+
6+
"github.com/ciscoecosystem/aci-go-client/client"
7+
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
8+
)
9+
10+
func dataSourceAciEndpointSecurityGroup() *schema.Resource {
11+
return &schema.Resource{
12+
Read: dataSourceAciEndpointSecurityGroupRead,
13+
SchemaVersion: 1,
14+
Schema: AppendBaseAttrSchema(AppendNameAliasAttrSchema(map[string]*schema.Schema{
15+
"application_profile_dn": {
16+
Type: schema.TypeString,
17+
Required: true,
18+
},
19+
"annotation": {
20+
Type: schema.TypeString,
21+
Optional: true,
22+
Computed: true,
23+
},
24+
"flood_on_encap": {
25+
Type: schema.TypeString,
26+
Optional: true,
27+
Computed: true,
28+
},
29+
"match_t": {
30+
Type: schema.TypeString,
31+
Optional: true,
32+
Computed: true,
33+
},
34+
"name": {
35+
Type: schema.TypeString,
36+
Required: true,
37+
},
38+
"pc_enf_pref": {
39+
Type: schema.TypeString,
40+
Optional: true,
41+
Computed: true,
42+
},
43+
"pref_gr_memb": {
44+
Type: schema.TypeString,
45+
Optional: true,
46+
Computed: true,
47+
},
48+
"prio": {
49+
Type: schema.TypeString,
50+
Optional: true,
51+
Computed: true,
52+
},
53+
})),
54+
}
55+
}
56+
57+
func dataSourceAciEndpointSecurityGroupRead(d *schema.ResourceData, m interface{}) error {
58+
aciClient := m.(*client.Client)
59+
name := d.Get("name").(string)
60+
ApplicationProfileDn := d.Get("application_profile_dn").(string)
61+
rn := fmt.Sprintf("esg-%s", name)
62+
dn := fmt.Sprintf("%s/%s", ApplicationProfileDn, rn)
63+
fvESg, err := getRemoteEndpointSecurityGroup(aciClient, dn)
64+
if err != nil {
65+
return err
66+
}
67+
d.SetId(dn)
68+
setEndpointSecurityGroupAttributes(fvESg, d)
69+
return nil
70+
}

aci/provider.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -200,6 +200,8 @@ func Provider() terraform.ResourceProvider {
200200
"aci_l3out_static_route": resourceAciL3outStaticRoute(),
201201
"aci_l3out_static_route_next_hop": resourceAciL3outStaticRouteNextHop(),
202202
"aci_l3out_vpc_member": resourceAciL3outVPCMember(),
203+
"aci_endpoint_security_group_selector": resourceAciEndpointSecurityGroupSelector(),
204+
"aci_endpoint_security_group": resourceAciEndpointSecurityGroup(),
203205
},
204206

205207
DataSourcesMap: map[string]*schema.Resource{
@@ -351,6 +353,8 @@ func Provider() terraform.ResourceProvider {
351353
"aci_l3out_static_route": dataSourceAciL3outStaticRoute(),
352354
"aci_l3out_static_route_next_hop": dataSourceAciL3outStaticRouteNextHop(),
353355
"aci_l3out_vpc_member": dataSourceAciL3outVPCMember(),
356+
"aci_endpoint_security_group_selector": dataSourceAciEndpointSecurityGroupSelector(),
357+
"aci_endpoint_security_group": dataSourceAciEndpointSecurityGroup(),
354358
},
355359

356360
ConfigureFunc: configureClient,

aci/resource_aci_fvepselector.go

Lines changed: 188 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,188 @@
1+
package aci
2+
3+
import (
4+
"fmt"
5+
"log"
6+
7+
"github.com/ciscoecosystem/aci-go-client/client"
8+
"github.com/ciscoecosystem/aci-go-client/models"
9+
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
10+
)
11+
12+
func resourceAciEndpointSecurityGroupSelector() *schema.Resource {
13+
return &schema.Resource{
14+
Create: resourceAciEndpointSecurityGroupSelectorCreate,
15+
Update: resourceAciEndpointSecurityGroupSelectorUpdate,
16+
Read: resourceAciEndpointSecurityGroupSelectorRead,
17+
Delete: resourceAciEndpointSecurityGroupSelectorDelete,
18+
19+
Importer: &schema.ResourceImporter{
20+
State: resourceAciEndpointSecurityGroupSelectorImport,
21+
},
22+
23+
SchemaVersion: 1,
24+
Schema: AppendBaseAttrSchema(AppendNameAliasAttrSchema(map[string]*schema.Schema{
25+
"endpoint_security_group_dn": {
26+
Type: schema.TypeString,
27+
Required: true,
28+
ForceNew: true,
29+
},
30+
"match_expression": {
31+
Type: schema.TypeString,
32+
Required: true,
33+
ForceNew: true,
34+
},
35+
"name": {
36+
Type: schema.TypeString,
37+
Optional: true,
38+
Computed: true,
39+
},
40+
})),
41+
}
42+
}
43+
44+
func getRemoteEndpointSecurityGroupSelector(client *client.Client, dn string) (*models.EndpointSecurityGroupSelector, error) {
45+
fvEPSelectorCont, err := client.Get(dn)
46+
if err != nil {
47+
return nil, err
48+
}
49+
fvEPSelector := models.EndpointSecurityGroupSelectorFromContainer(fvEPSelectorCont)
50+
if fvEPSelector.DistinguishedName == "" {
51+
return nil, fmt.Errorf("EndpointSecurityGroupSelector %s not found", fvEPSelector.DistinguishedName)
52+
}
53+
return fvEPSelector, nil
54+
}
55+
56+
func setEndpointSecurityGroupSelectorAttributes(fvEPSelector *models.EndpointSecurityGroupSelector, d *schema.ResourceData) *schema.ResourceData {
57+
d.SetId(fvEPSelector.DistinguishedName)
58+
d.Set("description", fvEPSelector.Description)
59+
fvEPSelectorMap, _ := fvEPSelector.ToMap()
60+
d.Set("endpoint_security_group_dn", GetParentDn(fvEPSelector.DistinguishedName, fmt.Sprintf("/epselector-[%s]")))
61+
d.Set("annotation", fvEPSelectorMap["annotation"])
62+
d.Set("match_expression", fvEPSelectorMap["matchExpression"])
63+
d.Set("name", fvEPSelectorMap["name"])
64+
d.Set("name_alias", fvEPSelectorMap["nameAlias"])
65+
return d
66+
}
67+
68+
func resourceAciEndpointSecurityGroupSelectorImport(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
69+
log.Printf("[DEBUG] %s: Beginning Import", d.Id())
70+
aciClient := m.(*client.Client)
71+
dn := d.Id()
72+
fvEPSelector, err := getRemoteEndpointSecurityGroupSelector(aciClient, dn)
73+
if err != nil {
74+
return nil, err
75+
}
76+
schemaFilled := setEndpointSecurityGroupSelectorAttributes(fvEPSelector, d)
77+
log.Printf("[DEBUG] %s: Import finished successfully", d.Id())
78+
return []*schema.ResourceData{schemaFilled}, nil
79+
}
80+
81+
func resourceAciEndpointSecurityGroupSelectorCreate(d *schema.ResourceData, m interface{}) error {
82+
log.Printf("[DEBUG] EndpointSecurityGroupSelector: Beginning Creation")
83+
aciClient := m.(*client.Client)
84+
desc := d.Get("description").(string)
85+
matchExpression := d.Get("match_expression").(string)
86+
EndpointSecurityGroupDn := d.Get("endpoint_security_group_dn").(string)
87+
88+
fvEPSelectorAttr := models.EndpointSecurityGroupSelectorAttributes{}
89+
nameAlias := ""
90+
if NameAlias, ok := d.GetOk("name_alias"); ok {
91+
nameAlias = NameAlias.(string)
92+
}
93+
if Annotation, ok := d.GetOk("annotation"); ok {
94+
fvEPSelectorAttr.Annotation = Annotation.(string)
95+
} else {
96+
fvEPSelectorAttr.Annotation = "{}"
97+
}
98+
99+
if MatchExpression, ok := d.GetOk("match_expression"); ok {
100+
fvEPSelectorAttr.MatchExpression = MatchExpression.(string)
101+
}
102+
103+
if Name, ok := d.GetOk("name"); ok {
104+
fvEPSelectorAttr.Name = Name.(string)
105+
}
106+
fvEPSelector := models.NewEndpointSecurityGroupSelector(fmt.Sprintf("epselector-[%s]", matchExpression), EndpointSecurityGroupDn, desc, nameAlias, fvEPSelectorAttr)
107+
108+
err := aciClient.Save(fvEPSelector)
109+
if err != nil {
110+
return err
111+
}
112+
d.Partial(true)
113+
d.SetPartial("name")
114+
d.Partial(false)
115+
116+
d.SetId(fvEPSelector.DistinguishedName)
117+
log.Printf("[DEBUG] %s: Creation finished successfully", d.Id())
118+
return resourceAciEndpointSecurityGroupSelectorRead(d, m)
119+
}
120+
121+
func resourceAciEndpointSecurityGroupSelectorUpdate(d *schema.ResourceData, m interface{}) error {
122+
log.Printf("[DEBUG] EndpointSecurityGroupSelector: Beginning Update")
123+
aciClient := m.(*client.Client)
124+
desc := d.Get("description").(string)
125+
matchExpression := d.Get("match_expression").(string)
126+
EndpointSecurityGroupDn := d.Get("endpoint_security_group_dn").(string)
127+
fvEPSelectorAttr := models.EndpointSecurityGroupSelectorAttributes{}
128+
nameAlias := ""
129+
if NameAlias, ok := d.GetOk("name_alias"); ok {
130+
nameAlias = NameAlias.(string)
131+
}
132+
133+
if Annotation, ok := d.GetOk("annotation"); ok {
134+
fvEPSelectorAttr.Annotation = Annotation.(string)
135+
} else {
136+
fvEPSelectorAttr.Annotation = "{}"
137+
}
138+
139+
if MatchExpression, ok := d.GetOk("match_expression"); ok {
140+
fvEPSelectorAttr.MatchExpression = MatchExpression.(string)
141+
}
142+
143+
if Name, ok := d.GetOk("name"); ok {
144+
fvEPSelectorAttr.Name = Name.(string)
145+
}
146+
fvEPSelector := models.NewEndpointSecurityGroupSelector(fmt.Sprintf("epselector-[%s]", matchExpression), EndpointSecurityGroupDn, desc, nameAlias, fvEPSelectorAttr)
147+
148+
fvEPSelector.Status = "modified"
149+
err := aciClient.Save(fvEPSelector)
150+
if err != nil {
151+
return err
152+
}
153+
d.Partial(true)
154+
d.SetPartial("name")
155+
d.Partial(false)
156+
157+
d.SetId(fvEPSelector.DistinguishedName)
158+
log.Printf("[DEBUG] %s: Update finished successfully", d.Id())
159+
return resourceAciEndpointSecurityGroupSelectorRead(d, m)
160+
}
161+
162+
func resourceAciEndpointSecurityGroupSelectorRead(d *schema.ResourceData, m interface{}) error {
163+
log.Printf("[DEBUG] %s: Beginning Read", d.Id())
164+
aciClient := m.(*client.Client)
165+
dn := d.Id()
166+
fvEPSelector, err := getRemoteEndpointSecurityGroupSelector(aciClient, dn)
167+
if err != nil {
168+
d.SetId("")
169+
return err
170+
}
171+
setEndpointSecurityGroupSelectorAttributes(fvEPSelector, d)
172+
173+
log.Printf("[DEBUG] %s: Read finished successfully", d.Id())
174+
return nil
175+
}
176+
177+
func resourceAciEndpointSecurityGroupSelectorDelete(d *schema.ResourceData, m interface{}) error {
178+
log.Printf("[DEBUG] %s: Beginning Destroy", d.Id())
179+
aciClient := m.(*client.Client)
180+
dn := d.Id()
181+
err := aciClient.DeleteByDn(dn, "fvEPSelector")
182+
if err != nil {
183+
return err
184+
}
185+
log.Printf("[DEBUG] %s: Destroy finished successfully", d.Id())
186+
d.SetId("")
187+
return err
188+
}

0 commit comments

Comments
 (0)