Eginez/public buckets (#138)

* Changes to support public-buckets in terraform provider

* Fixes documentation for public-buckets terraform

* Fixing code review comments adding private bucket example

* Amending/simplifying documentation

Author: eginez

docs/examples/storage/object/README.md

@@ -0,0 +1,31 @@
+    #     ___  ____     _    ____ _     _____
+    #    / _ \|  _ \   / \  / ___| |   | ____|
+    #   | | | | |_) | / _ \| |   | |   |  _|
+    #   | |_| |  _ < / ___ | |___| |___| |___
+    #    \___/|_| \_/_/   \_\____|_____|_____|
+***
+## Creating buckets
+This example creates a single bucket inside a compartment
+
+### Using this example
+* Update env-vars with the required information. Most examples use the same set of environment variables so you only need to do this once.
+* Source env-vars
+  * `$ . env-vars`
+* Update `variables.tf` with your instance options.
+
+### Files in the configuration
+
+#### `env-vars`
+Is used to export the environmental variables used in the configuration. These are usually authentication related, be sure to exclude this file from your version control system. It's typical to keep this file outside of the configuration.
+
+Before you plan, apply, or destroy the configuration source the file -  
+`$ . env-vars`
+
+#### `variables.tf`
+Defines the variables used in the configuration
+
+#### `object.tf`
+Defines the buckets we are going to create
+
+#### `provider.tf`
+Specifies and passes authentication details to the OBMCS TF provider

docs/examples/storage/object/buckets.tf

@@ -0,0 +1,19 @@
+resource "baremetal_objectstorage_bucket" "t" {
+  compartment_id = "${var.compartment_ocid}"
+  name = "BucketOne"
+  access_type = "ObjectRead" // or NoPublicAccess
+  namespace = "${var.namespace_name}"
+  metadata = {
+    "foo" = "bar"
+  }
+}
+
+resource "baremetal_objectstorage_bucket" "t_private" {
+  compartment_id = "${var.compartment_ocid}"
+  name = "PrivateBucket"
+  //defaults to NoPublicAccess
+  namespace = "${var.namespace_name}"
+  metadata = {
+    "foo" = "bar"
+  }
+}

docs/examples/storage/object/env-vars

@@ -0,0 +1,10 @@
+### Authentication details
+export TF_VAR_tenancy_ocid="<tenancy OCID"
+export TF_VAR_user_ocid="<user OCID>"
+export TF_VAR_fingerprint="<PEM key fingerprint>"
+export TF_VAR_private_key_path="<path to the private key that matches the fingerprint above>"
+
+### Compartment
+export TF_VAR_compartment_ocid="<compartment OCID>"
+
+

docs/examples/storage/object/provider.tf

@@ -0,0 +1,6 @@
+provider "baremetal" {
+  tenancy_ocid = "${var.tenancy_ocid}"
+  user_ocid = "${var.user_ocid}"
+  fingerprint = "${var.fingerprint}"
+  private_key_path = "${var.private_key_path}"
+}

docs/examples/storage/object/variables.tf

@@ -0,0 +1,6 @@
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "namespace_name" {}
+variable "compartment_ocid" {}

docs/resources/objectstorage/bucket.md

@@ -10,6 +10,7 @@ Provides an Objectstorage resource.
 resource "baremetal_objectstorage_bucket" "t" {
   compartment_id = "compartment_id"
   name = "name"
+  access_type = "ObjectRead"
   namespace = "namespace"
   metadata = {
     "foo" = "bar"
@@ -25,6 +26,7 @@ The following arguments are supported:
 * `name` - (Required) The name of the bucket.
 * `namespace` - (Required) The namespace in which the bucket lives.
 * `metadata` - (Optional) Arbitrary string keys and values for user-defined metadata.
+* `access_type` - (Optional) Either "ObjectRead" or "NoPublicAccess". If not specified it defaults to "NoPublicAccess"
 
 ## Attributes Reference
 

helpers_objectstorage.go

@@ -2,7 +2,11 @@
 
 package main
 
-import "github.com/hashicorp/terraform/helper/schema"
+import (
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/MustWin/baremetal-sdk-go"
+	"github.com/hashicorp/terraform/helper/validation"
+)
 
 func resourceObjectStorageMapToMetadata(rm map[string]interface{}) map[string]string {
 	result := map[string]string{}
@@ -28,6 +32,15 @@ var bucketSchema = map[string]*schema.Schema{
 		Required: true,
 		Computed: false,
 	},
+	"access_type": {
+		Type:     schema.TypeString,
+		Computed: false,
+		Default: baremetal.NoPublicAccess,
+		Optional: true,
+		ValidateFunc: validation.StringInSlice([]string{
+			string(baremetal.NoPublicAccess),
+			string(baremetal.ObjectRead)}, true),
+	},
 	"metadata": {
 		Type:     schema.TypeMap,
 		Optional: true,

resource_obmcs_objectstorage_bucket.go

@@ -74,6 +74,7 @@ func (s *BucketResourceCrud) SetData() {
 	s.D.Set("metadata", s.Res.Metadata)
 	s.D.Set("created_by", s.Res.CreatedBy)
 	s.D.Set("time_created", s.Res.TimeCreated.String())
+	s.D.Set("accessType", s.Res.AccessType)
 }
 
 func (s *BucketResourceCrud) Create() (e error) {
@@ -86,6 +87,9 @@ func (s *BucketResourceCrud) Create() (e error) {
 		metadata := resourceObjectStorageMapToMetadata(rawMetadata.(map[string]interface{}))
 		opts.Metadata = metadata
 	}
+
+	accessType, _ := s.D.GetOk("access_type") //guaranteed to be there with Default value
+	opts.AccessType = baremetal.BucketAccessType(accessType.(string))
 	s.Res, e = s.Client.CreateBucket(compartmentID, name, baremetal.Namespace(namespace), opts)
 	return
 }
@@ -107,6 +111,8 @@ func (s *BucketResourceCrud) Update() (e error) {
 		opts.Metadata = metadata
 	}
 
+	accessType, _ := s.D.GetOk("access_type") //guaranteed to be there with Default value
+	opts.AccessType = baremetal.BucketAccessType(accessType.(string))
 	s.Res, e = s.Client.UpdateBucket(compartmentID, name, baremetal.Namespace(namespace), opts)
 	return
 }

resource_obmcs_objectstorage_bucket_test.go

@@ -24,6 +24,7 @@ type ResourceObjectstorageBucketTestSuite struct {
 	ResourceName string
 	Res          *baremetal.Bucket
 	Namespace    baremetal.Namespace
+	AccessType   baremetal.BucketAccessType
 }
 
 func (s *ResourceObjectstorageBucketTestSuite) SetupTest() {

resource_obmcs_objectstorage_object_test.go

@@ -44,6 +44,7 @@ func (s *ResourceObjectstorageObjectTestSuite) SetupTest() {
 		resource "baremetal_objectstorage_bucket" "t" {
 			compartment_id = "${var.compartment_id}"
 			name = "bucketID"
+			access_type="ObjectRead"
 			namespace = "${var.namespace}"
 			metadata = {
 				"foo" = "bar"