Fix after review

ianton-ru · ianton-ru · commit 69c05651230e · 2024-09-25T13:02:11.000+02:00
diff --git a/internal/provider/clickhouse_cluster_resource.go b/internal/provider/clickhouse_cluster_resource.go
@@ -51,7 +51,7 @@ type clickhouseClusterModel struct {
 	// https://github.com/doublecloud/api/blob/main/doublecloud/v1/maintenance.proto
 	// MaintenanceWindow *maintenanceWindow          `tfsdk:"maintenance_window"`
 
-	CustomCertificate types.Object `tfsdk:"custom_certificate"`
+	CustomCertificate *clickhouseCustomCertificate `tfsdk:"custom_certificate"`
 }
 
 type clickhouseClusterResources struct {
@@ -112,6 +112,40 @@ func (m *clickhouseClusterResources) convert() (*clickhouse.ClusterResources, di
 	return &r, diags
 }
 
+type clickhouseCustomCertificate struct {
+	Certificate types.String `tfsdk:"certificate"`
+	Key         types.String `tfsdk:"key"`
+	RootCA      types.String `tfsdk:"root_ca"`
+}
+
+func (cc *clickhouseCustomCertificate) convert() (*clickhouse.CustomCertificate, diag.Diagnostics) {
+	res := clickhouse.CustomCertificate{
+		Enabled: false,
+	}
+
+	var diags diag.Diagnostics
+
+	if cc != nil {
+		if !cc.Certificate.IsNull() && !cc.Key.IsNull() {
+			res.Enabled = true
+			res.Certificate = &wrappers.BytesValue{Value: []byte(cc.Certificate.ValueString())}
+			res.Key = &wrappers.BytesValue{Value: []byte(cc.Key.ValueString())}
+			if !cc.RootCA.IsNull() {
+				res.RootCa = &wrappers.BytesValue{Value: []byte(cc.RootCA.ValueString())}
+			}
+		} else {
+			if cc.Certificate.IsNull() {
+				diags.AddError("missed certificate", "for custom certificate must be both certificate and key")
+			}
+			if cc.Key.IsNull() {
+				diags.AddError("missed certificate", "for custom certificate must be both certificate and key")
+			}
+		}
+	}
+
+	return &res, diags
+}
+
 type clickhouseClusterResourcesClickhouse struct {
 	ResourcePresetId    types.String `tfsdk:"resource_preset_id"`
 	MinResourcePresetId types.String `tfsdk:"min_resource_preset_id"`
@@ -575,6 +609,10 @@ func createClickhouseClusterRequest(m *clickhouseClusterModel) (*clickhouse.Crea
 	}
 	// TODO: mw
 
+	if m.CustomCertificate != nil {
+		diags.AddError("custom_certificate exists", "custom_certificate can't be applied during cluster creation")
+	}
+
 	return rq, diags
 }
 
@@ -672,20 +710,9 @@ func updateClickhouseCluster(m *clickhouseClusterModel) (*clickhouse.UpdateClust
 		rq.Access = access
 	}
 
-	cc := m.CustomCertificate.Attributes()
-	rq.CustomCertificate = &clickhouse.CustomCertificate{
-		Enabled: false,
-	}
-	certificate, certOk := cc["certificate"]
-	key, keyOk := cc["key"]
-	rq.CustomCertificate.Enabled = certOk && keyOk
-	if rq.CustomCertificate.Enabled {
-		rq.CustomCertificate.Certificate = &wrappers.BytesValue{Value: []byte(certificate.(types.String).ValueString())}
-		rq.CustomCertificate.Key = &wrappers.BytesValue{Value: []byte(key.(types.String).ValueString())}
-		if rootCa, ok := cc["root_ca"]; ok {
-			rq.CustomCertificate.RootCa = &wrappers.BytesValue{Value: []byte(rootCa.(types.String).ValueString())}
-		}
-	}
+	cc, d := m.CustomCertificate.convert()
+	rq.CustomCertificate = cc
+	diags.Append(d...)
 
 	return rq, diags
 }
@@ -779,10 +806,10 @@ func (m *clickhouseClusterModel) parse(rs *clickhouse.Cluster) diag.Diagnostics
 	}
 
 	oldKey := ""
-	if key, ok := m.CustomCertificate.Attributes()["key"]; ok {
-		oldKey = key.String()
+	if m.CustomCertificate != nil && !m.CustomCertificate.Key.IsNull() {
+		oldKey = m.CustomCertificate.Key.String()
 	}
-	m.CustomCertificate = parseClickhouseCustomCertificate(rs.GetCustomCertificate(), oldKey, diags).convert(diags)
+	m.CustomCertificate = parseClickhouseCustomCertificate(rs.GetCustomCertificate(), oldKey, diags).convert()
 
 	// parse MW
 	return diags
diff --git a/internal/provider/clickhouse_cluster_resource_test.go b/internal/provider/clickhouse_cluster_resource_test.go
@@ -10,7 +10,6 @@ import (
 	"text/template"
 
 	"github.com/doublecloud/go-genproto/doublecloud/clickhouse/v1"
-	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
 )
@@ -121,18 +120,24 @@ func TestAccClickhouseClusterResource(t *testing.T) {
 	}
 
 	m4 := m3
-	cc, _ := types.ObjectValue(map[string]attr.Type{
-		"certificate": types.StringType,
-		"key":         types.StringType,
-		"root_ca":     types.StringType,
-	},
-		map[string]attr.Value{
-			"certificate": types.StringValue(testAccClickhouseTLSCert),
-			"key":         types.StringValue(testAccClickhouseTLSKey),
-			"root_ca":     types.StringValue(testAccClickhouseTLSRootCA),
+	/*
+		cc, _ := types.ObjectValue(map[string]attr.Type{
+			"certificate": types.StringType,
+			"key":         types.StringType,
+			"root_ca":     types.StringType,
 		},
-	)
-	m4.CustomCertificate = cc
+			map[string]attr.Value{
+				"certificate": types.StringValue(testAccClickhouseTLSCert),
+				"key":         types.StringValue(testAccClickhouseTLSKey),
+				"root_ca":     types.StringValue(testAccClickhouseTLSRootCA),
+			},
+		)
+	*/
+	m4.CustomCertificate = &clickhouseCustomCertificate{
+		Certificate: types.StringValue(testAccClickhouseTLSCert),
+		Key:         types.StringValue(testAccClickhouseTLSKey),
+		RootCA:      types.StringValue(testAccClickhouseTLSRootCA),
+	}
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:                 func() { testAccPreCheck(t) },
@@ -159,6 +164,10 @@ func TestAccClickhouseClusterResource(t *testing.T) {
 					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.user", "admin"),
 					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.https_port", "8443"),
 					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.tcp_port_secure", "9440"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "connection_info.https_port_ctls", "0"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "connection_info.tcp_port_secure_ctls", "0"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.https_port_ctls", "0"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.tcp_port_secure_ctls", "0"),
 				),
 			},
 			// Update and Read testing
@@ -197,6 +206,10 @@ func TestAccClickhouseClusterResource(t *testing.T) {
 					resource.TestCheckResourceAttr(testAccClickhouseId, "custom_certificate.certificate", testAccClickhouseTLSCert),
 					resource.TestCheckResourceAttr(testAccClickhouseId, "custom_certificate.key", testAccClickhouseTLSKey),
 					resource.TestCheckResourceAttr(testAccClickhouseId, "custom_certificate.root_ca", testAccClickhouseTLSRootCA),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "connection_info.https_port_ctls", "8444"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "connection_info.tcp_port_secure_ctls", "9444"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.https_port_ctls", "8444"),
+					resource.TestCheckResourceAttr(testAccClickhouseId, "private_connection_info.tcp_port_secure_ctls", "9444"),
 				),
 			},
 			// Delete testing automatically occurs in TestCase
@@ -338,11 +351,11 @@ resource "doublecloud_clickhouse_cluster" "tf-acc-clickhouse" {
       ]
       {{- end}}
     }
-	{{- if not .CustomCertificate.IsNull }}
+	{{- if ne .CustomCertificate nil }}
 	custom_certificate {
-	  certificate = {{ .CustomCertificate.Attributes.certificate }}
-	  key = {{ .CustomCertificate.Attributes.key }}
-	  root_ca = {{ .CustomCertificate.Attributes.root_ca }}
+	  certificate = {{ .CustomCertificate.Certificate }}
+	  key = {{ .CustomCertificate.Key }}
+	  root_ca = {{ .CustomCertificate.RootCA }}
 	}
     {{- end}}
   }`
diff --git a/internal/provider/clickhouse_data_source.go b/internal/provider/clickhouse_data_source.go
@@ -89,24 +89,16 @@ type ClickhouseCustomCertificate struct {
 	RootCA      types.String `tfsdk:"root_ca"`
 }
 
-func (cc *ClickhouseCustomCertificate) convert(diags diag.Diagnostics) types.Object {
-	attrTypeMap := map[string]attr.Type{
-		"certificate": types.StringType,
-		"key":         types.StringType,
-		"root_ca":     types.StringType,
-	}
+func (cc *ClickhouseCustomCertificate) convert() *clickhouseCustomCertificate {
 	if cc == nil {
-		return types.ObjectNull(attrTypeMap)
+		return nil
 	}
-	res, d := types.ObjectValue(attrTypeMap,
-		map[string]attr.Value{
-			"certificate": cc.Certificate,
-			"key":         cc.Key,
-			"root_ca":     cc.RootCA,
-		},
-	)
-	diags.Append(d...)
-	return res
+	res := clickhouseCustomCertificate{
+		Certificate: cc.Certificate,
+		Key:         cc.Key,
+		RootCA:      cc.RootCA,
+	}
+	return &res
 }
 
 func (d *ClickhouseDataSource) Metadata(ctx context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
diff --git a/internal/provider/helpers.go b/internal/provider/helpers.go
@@ -162,7 +162,7 @@ func (*clickhouseCustomCertificateValidator) ValidateObject(ctx context.Context,
 	if (certificatePresent && !keyPresent) || (!certificatePresent && keyPresent) {
 		rsp.Diagnostics.Append(validatordiag.InvalidAttributeCombinationDiagnostic(
 			req.Path,
-			`Must be both attributea "certificate" and "key"`,
+			`Must be both attributes "certificate" and "key"`,
 		))
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -162,7 +162,7 @@ func (*clickhouseCustomCertificateValidator) ValidateObject(ctx context.Context,`
`162`	`162`	`if (certificatePresent && !keyPresent) \|\| (!certificatePresent && keyPresent) {`
`163`	`163`	`rsp.Diagnostics.Append(validatordiag.InvalidAttributeCombinationDiagnostic(`
`164`	`164`	`req.Path,`
`165`		- `Must be both attributea "certificate" and "key"`,
	`165`	+ `Must be both attributes "certificate" and "key"`,
`166`	`166`	`))`
`167`	`167`	`}`
`168`	`168`