feat(instance_server): prevent usage of routed_ip_enabled as false (#2763)

* feat(instance_server): prevent usage of routed_ip_enabled as false

* feat(instance_ip): prevent usage of nat ips

* correct message

* add documentation link

* lint

Author: Codelax

internal/services/instance/ip.go

@@ -3,6 +3,7 @@ package instance
 import (
 	"context"
 
+	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	instanceSDK "github.com/scaleway/scaleway-sdk-go/api/instance/v1"
@@ -42,6 +43,18 @@ func ResourceIP() *schema.Resource {
 				Computed:    true,
 				Optional:    true,
 				Description: "The type of instance IP",
+				ValidateDiagFunc: func(i interface{}, path cty.Path) diag.Diagnostics {
+					if i.(string) == "nat" {
+						return diag.Diagnostics{{
+							Severity:      diag.Error,
+							Summary:       "NAT IPs are not supported anymore",
+							Detail:        "Remove explicit nat configuration, migrate to routed ips or downgrade terraform.\nLearn more about migration: https://www.scaleway.com/en/docs/compute/instances/how-to/migrate-routed-ips/",
+							AttributePath: path,
+						}}
+					}
+
+					return nil
+				},
 			},
 			"reverse": {
 				Type:        schema.TypeString,

internal/services/instance/ip_test.go

@@ -98,116 +98,6 @@ func TestAccIP_Tags(t *testing.T) {
 	})
 }
 
-func TestAccIP_RoutedMigrate(t *testing.T) {
-	tt := acctest.NewTestTools(t)
-	defer tt.Cleanup()
-
-	resource.ParallelTest(t, resource.TestCase{
-		ProviderFactories: tt.ProviderFactories,
-		CheckDestroy:      instancechecks.IsIPDestroyed(tt),
-		Steps: []resource.TestStep{
-			{
-				Config: `
-						resource "scaleway_instance_ip" "main" {
-							type = "nat"
-						}
-					`,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "nat"),
-				),
-			},
-			{
-				Config: `
-						resource "scaleway_instance_ip" "main" {
-							type = "nat"
-						}
-						resource "scaleway_instance_ip" "copy" {
-						}
-					`,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.copy"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "nat"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.copy", "type", "nat"),
-					resource.TestCheckResourceAttrPair("scaleway_instance_ip.main", "id", "scaleway_instance_ip.copy", "id"),
-				),
-				ResourceName: "scaleway_instance_ip.copy",
-				ImportState:  true,
-				ImportStateIdFunc: func(state *terraform.State) (string, error) {
-					return state.RootModule().Resources["scaleway_instance_ip.main"].Primary.ID, nil
-				},
-				ImportStatePersist: true,
-			},
-			{
-				Config: `
-						resource "scaleway_instance_ip" "main" {
-							type = "routed_ipv4"
-						}
-						resource "scaleway_instance_ip" "copy" {
-						}
-					`,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.copy"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "routed_ipv4"),
-					resource.TestCheckResourceAttrPair("scaleway_instance_ip.main", "id", "scaleway_instance_ip.copy", "id"),
-				),
-			},
-			{
-				// After the main IP migrated, we check that there is no ForceNew on the copy
-				// This check that the ip is not deleted if the migration is done outside terraform
-				RefreshState: true,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.copy"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "routed_ipv4"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.copy", "type", "routed_ipv4"),
-					resource.TestCheckResourceAttrPair("scaleway_instance_ip.main", "id", "scaleway_instance_ip.copy", "id"),
-				),
-			},
-		},
-	})
-}
-
-func TestAccIP_RoutedDowngrade(t *testing.T) {
-	tt := acctest.NewTestTools(t)
-	defer tt.Cleanup()
-
-	resource.ParallelTest(t, resource.TestCase{
-		ProviderFactories: tt.ProviderFactories,
-		CheckDestroy:      instancechecks.IsIPDestroyed(tt),
-		Steps: []resource.TestStep{
-			{
-				Config: `
-						resource "scaleway_instance_ip" "main" {
-							type = "routed_ipv4"
-						}
-					`,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "routed_ipv4"),
-					isIPValid("scaleway_instance_ip.main", "address"),
-					isIPCIDRValid("scaleway_instance_ip.main", "prefix"),
-				),
-			},
-			{
-				Config: `
-						resource "scaleway_instance_ip" "main" {
-							type = "nat"
-						}
-					`,
-				Check: resource.ComposeTestCheckFunc(
-					instancechecks.CheckIPExists(tt, "scaleway_instance_ip.main"),
-					resource.TestCheckResourceAttr("scaleway_instance_ip.main", "type", "nat"),
-					isIPValid("scaleway_instance_ip.main", "address"),
-					isIPCIDRValid("scaleway_instance_ip.main", "prefix"),
-				),
-			},
-		},
-	})
-}
-
 func TestAccIP_RoutedIPV6(t *testing.T) {
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()

internal/services/instance/server.go

@@ -229,6 +229,7 @@ func ResourceServer() *schema.Resource {
 			"ipv6_prefix_length": {
 				Type:        schema.TypeInt,
 				Computed:    true,
+				Deprecated:  "Please use a scaleway_instance_ip with a `routed_ipv6` type",
 				Description: "The IPv6 prefix length routed to the server.",
 			},
 			"enable_dynamic_ip": {
@@ -338,9 +339,25 @@ func ResourceServer() *schema.Resource {
 			},
 			"routed_ip_enabled": {
 				Type:        schema.TypeBool,
-				Description: "If server supports routed IPs, default to true if public_ips is used",
+				Description: "If server supports routed IPs, default to true",
 				Optional:    true,
 				Computed:    true,
+				ValidateDiagFunc: func(i interface{}, path cty.Path) diag.Diagnostics {
+					if i == nil {
+						return nil
+					}
+					if !i.(bool) {
+						return diag.Diagnostics{{
+							Severity:      diag.Error,
+							Summary:       "NAT IPs are not supported anymore",
+							Detail:        "Remove explicit disabling, enable it or downgrade terraform.\nLearn more about migration: https://www.scaleway.com/en/docs/compute/instances/how-to/migrate-routed-ips/",
+							AttributePath: path,
+						}}
+					}
+
+					return nil
+				},
+				Deprecated: "Routed IP is the default configuration, it should always be true",
 			},
 			"zone":            zonal.Schema(),
 			"organization_id": account.OrganizationIDSchema(),