-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resources for Custom TLS and Platform TLS products #364
Changes from 24 commits
94a4df6
1f75279
bfc483f
4f3f9a6
8a4ba5f
f47fa90
1b74e16
444c610
d2dcebb
73deb71
7594f3a
f9dc6d2
67499dd
b88fca1
31acfc6
1eb8f3a
e94768b
a917559
23f082d
a56c1a3
0d68aec
1e2e02e
a6a117a
12afcea
ecfcbbe
b14967f
9ff3b8f
faca4d9
255b34b
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -52,18 +52,20 @@ test-compile: | |
fi | ||
go test -c $(TEST) $(TESTARGS) | ||
|
||
dependencies: | ||
@echo "Download go.mod dependencies" | ||
@go mod download | ||
|
||
install-tools: dependencies | ||
BIN=$(CURDIR)/bin | ||
$(BIN)/%: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Does this need to be a dynamic target? Could the target still be named I feel like the dynamic target name (and specifically setting There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This was related to the same change as explained in the comment on That's the rationale anyway - I'm happy to change it to use a PHONY There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. OK that makes sense. I think avoiding reinstalling the tool every time is better any way and we can suffer not being on the bleeding edge all the time. |
||
@echo "Installing tools from tools/tools.go" | ||
@cat tools/tools.go | grep _ | awk -F '"' '{print $$2}' | xargs -tI {} go install {} | ||
@cat tools/tools.go | grep _ | awk -F '"' '{print $$2}' | GOBIN=$(BIN) xargs -tI {} go install {} | ||
|
||
# Inject ./bin into PATH to allow scripts/generate-docs.go to access local tfplugindocs binary | ||
generate-docs: $(BIN)/tfplugindocs | ||
PATH=$(PATH):$(BIN) go run scripts/generate-docs.go | ||
|
||
generate-docs: install-tools | ||
go run scripts/generate-docs.go | ||
validate-docs: $(BIN)/tfplugindocs | ||
$(BIN)/tfplugindocs validate | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Would this not also need There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't believe so, as it's calling the binary from its relative filepath instead of letting the shell look it up on the system Now you mention it, it could be cleaner to specify There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Just a heads up here - I've pushed in a change to avoid modifying |
||
|
||
validate-docs: install-tools | ||
tfplugindocs validate | ||
sweep: | ||
@echo "WARNING: This will destroy infrastructure. Use only in development accounts." | ||
go test ./fastly -v -sweep=ALL $(SWEEPARGS) -timeout 30m | ||
|
||
.PHONY: build test testacc vet fmt fmtcheck errcheck test-compile validate-docs generate-docs install-tools dependencies | ||
.PHONY: build test testacc vet fmt fmtcheck errcheck test-compile sweep validate-docs generate-docs |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_activation" | ||
sidebar_current: "docs-fastly-datasource-tls_activation" | ||
description: |- | ||
Get information on Fastly TLS Activation. | ||
--- | ||
|
||
# fastly_tls_activation | ||
|
||
Use this data source to get information on a TLS activation, including the certificate used, and the domain on which TLS was enabled. | ||
|
||
~> **Warning:** The data source's filters are applied using an **AND** boolean operator, so depending on the combination | ||
of filters, they may become mutually exclusive. The exception to this is `id` which must not be specified in combination | ||
with any of the others. | ||
|
||
~> **Note:** If more or less than a single match is returned by the search, Terraform will fail. Ensure that your search is specific enough to return a single key. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_activation" "example" { | ||
domain = "example.com" | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **certificate_id** (String) ID of the TLS Certificate used. | ||
- **configuration_id** (String) ID of the TLS Configuration used. | ||
- **domain** (String) Domain that TLS was enabled on. | ||
- **id** (String) Fastly Activation ID. Conflicts with all other filters. | ||
|
||
### Read-Only | ||
|
||
- **created_at** (String) Timestamp (GMT) when TLS was enabled. | ||
bengesoff marked this conversation as resolved.
Show resolved
Hide resolved
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_activation_ids" | ||
sidebar_current: "docs-fastly-datasource-tls_activation_ids" | ||
description: |- | ||
Get the list of TLS Activation identifiers in Fastly. | ||
--- | ||
|
||
# fastly_tls_activation_ids | ||
|
||
Use this data source to get the list of TLS Activation identifiers in Fastly. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
|
||
data "fastly_tls_activation_ids" "example" { | ||
certificate_id = fastly_tls_certificate.example.id | ||
} | ||
|
||
data "fastly_tls_activation" "example" { | ||
for_each = data.fastly_tls_activation_ids.example.ids | ||
id = each.value | ||
} | ||
|
||
output "activation_domains" { | ||
value = [for a in data.fastly_tls_activation.example : a.domain] | ||
} | ||
|
||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **certificate_id** (String) ID of TLS certificate used to filter activations | ||
- **id** (String) The ID of this resource. | ||
|
||
### Read-Only | ||
|
||
- **ids** (Set of String) List of IDs of the TLS Activations. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_certificate" | ||
sidebar_current: "docs-fastly-datasource-tls_certificate" | ||
description: |- | ||
Get information on Fastly TLS certificate. | ||
--- | ||
|
||
# fastly_tls_certificate | ||
|
||
Use this data source to get information of a TLS certificate for use with other resources. | ||
|
||
~> **Warning:** The data source's filters are applied using an **AND** boolean operator, so depending on the combination | ||
of filters, they may become mutually exclusive. The exception to this is `id` which must not be specified in combination | ||
with any of the others. | ||
|
||
~> **Note:** If more or less than a single match is returned by the search, Terraform will fail. Ensure that your search is specific enough to return a single key. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_certificate" "example" { | ||
name = "example.com" | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **domains** (Set of String) Domains that are listed in any certificates' Subject Alternative Names (SAN) list. | ||
- **id** (String) Unique ID assigned to certificate by Fastly | ||
- **issued_to** (String) The hostname for which a certificate was issued. | ||
- **issuer** (String) The certificate authority that issued the certificate. | ||
- **name** (String) Human-readable name used to identify the certificate. Defaults to the certificate's Common Name or first Subject Alternative Name entry. | ||
|
||
### Read-Only | ||
|
||
- **created_at** (String) Timestamp (GMT) when the certificate was created | ||
- **replace** (Boolean) A recommendation from Fastly indicating the key associated with this certificate is in need of rotation | ||
- **serial_number** (String) A value assigned by the issuer that is unique to a certificate | ||
- **signature_algorithm** (String) The algorithm used to sign the certificate | ||
- **updated_at** (String) Timestamp (GMT) when the certificate was last updated |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_certificate_ids" | ||
sidebar_current: "docs-fastly-datasource-tls_certificate_ids" | ||
description: |- | ||
Get IDs of available TLS certificates. | ||
--- | ||
|
||
# fastly_tls_certificate_ids | ||
|
||
Use this data source to get the IDs of available TLS certificates for use with other resources. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_certificate_ids" "example" {} | ||
|
||
resource "fastly_tls_activation" "example" { | ||
certificate_id = data.fastly_tls_certificate_ids.example.ids[0] | ||
// ... | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **id** (String) The ID of this resource. | ||
|
||
### Read-Only | ||
|
||
- **ids** (List of String) List of IDs corresponding to Custom TLS certificates. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_configuration" | ||
sidebar_current: "docs-fastly-datasource-tls_configuration" | ||
description: |- | ||
Get information on Fastly TLS configuration. | ||
--- | ||
|
||
# fastly_tls_configuration | ||
|
||
Use this data source to get the ID of a TLS configuration for use with other resources. | ||
|
||
~> **Warning:** The data source's filters are applied using an **AND** boolean operator, so depending on the combination | ||
of filters, they may become mutually exclusive. The exception to this is `id` which must not be specified in combination | ||
with any of the others. | ||
|
||
~> **Note:** If more or less than a single match is returned by the search, Terraform will fail. Ensure that your search is specific enough to return a single key. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_configuration" "example" { | ||
default = true | ||
} | ||
|
||
resource "fastly_tls_activation" "example" { | ||
configuration_id = data.fastly_tls_configuration.example.id | ||
// ... | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **default** (Boolean) Signifies whether Fastly will use this configuration as a default when creating a new TLS activation. | ||
- **http_protocols** (Set of String) HTTP protocols available on the TLS configuration. | ||
- **id** (String) ID of the TLS configuration obtained from the Fastly API or another data source. Conflicts with all the other filters. | ||
- **name** (String) Custom name of the TLS configuration. | ||
- **tls_protocols** (Set of String) TLS protocols available on the TLS configuration. | ||
- **tls_service** (String) Whether the configuration should support the `PLATFORM` or `CUSTOM` TLS service. | ||
|
||
### Read-Only | ||
|
||
- **created_at** (String) Timestamp (GMT) when the configuration was created. | ||
- **dns_records** (Set of Object) The available DNS addresses that can be used to enable TLS for a domain. DNS must be configured for a domain for TLS handshakes to succeed. If enabling TLS on an apex domain (e.g. `example.com`) you must create four A records (or four AAAA records for IPv6 support) using the displayed global A record's IP addresses with your DNS provider. For subdomains and wildcard domains (e.g. `www.example.com` or `*.example.com`) you will need to create a relevant CNAME record. (see [below for nested schema](#nestedatt--dns_records)) | ||
- **updated_at** (String) Timestamp (GMT) when the configuration was last updated. | ||
|
||
<a id="nestedatt--dns_records"></a> | ||
### Nested Schema for `dns_records` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Same issue as @Integralist raised previously (hashicorp/terraform-plugin-docs#28) - no description on nested schema. I've left it autogenerated because I didn't think the descriptions were too critical, it is reasonably self-explanatory what the fields are for, and it seemed easier to maintain by leaving it autogenerated with the rest of the docs. |
||
|
||
Read-Only: | ||
|
||
- **record_type** (String) | ||
- **record_value** (String) | ||
- **region** (String) |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_configuration_ids" | ||
sidebar_current: "docs-fastly-datasource-tls_configuration_ids" | ||
description: |- | ||
Get IDs of available TLS Configurations. | ||
--- | ||
|
||
# fastly_tls_configuration_ids | ||
|
||
Use this data source to get the IDs of available TLS configurations for use with other resources. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_configuration_ids" "example" {} | ||
|
||
resource "fastly_tls_activation" "example" { | ||
configuration_id = data.fastly_tls_configuration.example.ids[0] | ||
// ... | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **id** (String) The ID of this resource. | ||
|
||
### Read-Only | ||
|
||
- **ids** (List of String) List of IDs corresponding to available TLS configurations. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_platform_certificate" | ||
sidebar_current: "docs-fastly-datasource-tls_platform_certificate" | ||
description: |- | ||
Get information on Fastly Platform TLS certificate. | ||
--- | ||
|
||
# fastly_tls_platform_certificate | ||
|
||
Use this data source to get information of a Platform TLS certificate for use with other resources. | ||
|
||
~> **Warning:** The data source's filters are applied using an **AND** boolean operator, so depending on the combination | ||
of filters, they may become mutually exclusive. The exception to this is `id` which must not be specified in combination | ||
with any of the others. | ||
|
||
~> **Note:** If more or less than a single match is returned by the search, Terraform will fail. Ensure that your search is specific enough to return a single key. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_platform_certificate" "example" { | ||
domains = ["example.com"] | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **domains** (Set of String) Domains that are listed in any certificate's Subject Alternative Names (SAN) list. | ||
- **id** (String) Unique ID assigned to certificate by Fastly. Conflicts with all the other filters. | ||
|
||
### Read-Only | ||
|
||
- **configuration_id** (String) ID of TLS configuration used to terminate TLS traffic. | ||
- **created_at** (String) Timestamp (GMT) when the certificate was created. | ||
- **not_after** (String) Timestamp (GMT) when the certificate will expire. | ||
- **not_before** (String) Timestamp (GMT) when the certificate will become valid. | ||
- **replace** (Boolean) A recommendation from Fastly indicating the key associated with this certificate is in need of rotation. | ||
- **updated_at** (String) Timestamp (GMT) when the certificate was last updated. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
--- | ||
layout: "fastly" | ||
page_title: "Fastly: fastly_tls_platform_certificate_ids" | ||
sidebar_current: "docs-fastly-datasource-tls_platform_certificate_ids" | ||
description: |- | ||
Get IDs of available Platform TLS certificates. | ||
--- | ||
|
||
# fastly_tls_platform_certificate_ids | ||
|
||
Use this data source to get the IDs of available Platform TLS Certificates for use with other resources. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
data "fastly_tls_platform_certificate_ids" "example" {} | ||
|
||
data "fastly_tls_platform_certificate" "example" { | ||
id = data.fastly_tls_platform_certificate_ids.example.ids[0] | ||
} | ||
``` | ||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Optional | ||
|
||
- **id** (String) The ID of this resource. | ||
|
||
### Read-Only | ||
|
||
- **ids** (List of String) List of IDs corresponding to Platform TLS certificates. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any explanation you can give me for why these segments of the workflow have been deleted?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes this change tied in with some of the other changes relating to the way
tfplugindocs
was being installed. I think previously the makefile was installing the package toGOROOT
(i.e.~/go/pkg
and~/go/bin
), which would explain the steps in the workflow caching these directories.However when adapting the upstream docs generation changes I found that the output of the
tfplugindocs
tool was quite volatile, given its alpha status, and thought it made sense to use thevendor
style dependency management to pin in the exact version of the source code used to generate the docs and reduce disparity between all of the contributor's versions of it. In a similar vein I changed it to install the binary to a project-local./bin
directory to isolate it in case other terraform plugin projects were using different versions of it on anyone's machine. (I think you also made some very similar changes in parallel, e.g. adding atools.go
to allowgo mod
to find it, so I ended up merging my tweaks into that as well).Anyway long story short, with the source code being installed to
./vendor
and the compiledtfplugindocs
binary being installed to./bin
, I didn't see a need to manually cache the external globalGOROOT
directories as the GitHub workflow does. (Also it had stopped working for me when I removed themake dependencies
target, so I had to fix it somehow! 😉)Does this make sense do you think? Happy to jump on a call and discuss it further if you think that would be helpful
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No that's fine. Thanks for the background information 👍🏻