Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] App Mesh preview 04/2020: Route timeouts, virtual gateways #12750

Closed
wants to merge 16 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions GNUmakefile
Original file line number Diff line number Diff line change
Expand Up @@ -9,21 +9,21 @@ TEST_COUNT?=1
default: build

build: fmtcheck
go install
GO111MODULE=off go install

gen:
rm -f aws/internal/keyvaluetags/*_gen.go
go generate ./...
GO111MODULE=off go generate ./...

sweep:
@echo "WARNING: This will destroy infrastructure. Use only in development accounts."
go test $(SWEEP_DIR) -v -sweep=$(SWEEP) $(SWEEPARGS) -timeout 60m
GO111MODULE=off go test $(SWEEP_DIR) -v -sweep=$(SWEEP) $(SWEEPARGS) -timeout 60m

test: fmtcheck
go test $(TEST) $(TESTARGS) -timeout=120s -parallel=4
GO111MODULE=off go test $(TEST) $(TESTARGS) -timeout=120s -parallel=4

testacc: fmtcheck
TF_ACC=1 go test $(TEST) -v -count $(TEST_COUNT) -parallel 20 $(TESTARGS) -timeout 120m
GO111MODULE=off TF_ACC=1 go test $(TEST) -v -count $(TEST_COUNT) -parallel 20 $(TESTARGS) -timeout 120m

fmt:
@echo "==> Fixing source code with gofmt..."
Expand Down
6 changes: 3 additions & 3 deletions aws/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
"github.com/aws/aws-sdk-go/service/apigatewayv2"
"github.com/aws/aws-sdk-go/service/applicationautoscaling"
"github.com/aws/aws-sdk-go/service/applicationinsights"
"github.com/aws/aws-sdk-go/service/appmesh"
"github.com/aws/aws-sdk-go/service/appmeshpreview"
"github.com/aws/aws-sdk-go/service/appstream"
"github.com/aws/aws-sdk-go/service/appsync"
"github.com/aws/aws-sdk-go/service/athena"
Expand Down Expand Up @@ -192,7 +192,7 @@ type AWSClient struct {
apigatewayv2conn *apigatewayv2.ApiGatewayV2
appautoscalingconn *applicationautoscaling.ApplicationAutoScaling
applicationinsightsconn *applicationinsights.ApplicationInsights
appmeshconn *appmesh.AppMesh
appmeshconn *appmeshpreview.AppMeshPreview
appstreamconn *appstream.AppStream
appsyncconn *appsync.AppSync
athenaconn *athena.Athena
Expand Down Expand Up @@ -411,7 +411,7 @@ func (c *Config) Client() (interface{}, error) {
apigatewayv2conn: apigatewayv2.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["apigateway"])})),
appautoscalingconn: applicationautoscaling.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["applicationautoscaling"])})),
applicationinsightsconn: applicationinsights.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["applicationinsights"])})),
appmeshconn: appmesh.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["appmesh"])})),
appmeshconn: appmeshpreview.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["appmesh"])})),
appstreamconn: appstream.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["appstream"])})),
appsyncconn: appsync.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["appsync"])})),
athenaconn: athena.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["athena"])})),
Expand Down
31 changes: 9 additions & 22 deletions aws/resource_aws_acm_certificate_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@ package aws

import (
"fmt"
"os"
"regexp"
"strconv"
"strings"
"testing"

"os"
"regexp"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/acm"
"github.com/aws/aws-sdk-go/service/acmpca"
"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/terraform"
Expand Down Expand Up @@ -151,7 +151,7 @@ func TestAccAWSAcmCertificate_root(t *testing.T) {

func TestAccAWSAcmCertificate_privateCert(t *testing.T) {
certificateAuthorityResourceName := "aws_acmpca_certificate_authority.test"
resourceName := "aws_acm_certificate.cert"
resourceName := "aws_acm_certificate.test"
rName := acctest.RandomWithPrefix("tf-acc-test")

resource.ParallelTest(t, resource.TestCase{
Expand All @@ -162,8 +162,9 @@ func TestAccAWSAcmCertificate_privateCert(t *testing.T) {
{
Config: testAccAcmCertificateConfig_privateCert(rName),
Check: resource.ComposeTestCheckFunc(
testAccMatchResourceAttrRegionalARN(resourceName, "arn", "acm", regexp.MustCompile(`certificate/.+`)),
resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex),
resource.TestCheckResourceAttr(resourceName, "domain_name", fmt.Sprintf("%s.terraformtesting.com", rName)),
resource.TestCheckResourceAttr(resourceName, "domain_name", fmt.Sprintf("test.%s.com", rName)),
resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "0"),
resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"),
resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"),
Expand Down Expand Up @@ -607,23 +608,9 @@ resource "aws_acm_certificate" "cert" {
}

func testAccAcmCertificateConfig_privateCert(rName string) string {
return fmt.Sprintf(`
resource "aws_acmpca_certificate_authority" "test" {
permanent_deletion_time_in_days = 7
type = "ROOT"

certificate_authority_configuration {
key_algorithm = "RSA_4096"
signing_algorithm = "SHA512WITHRSA"

subject {
common_name = "terraformtesting.com"
}
}
}

resource "aws_acm_certificate" "cert" {
domain_name = "%s.terraformtesting.com"
return testAccAwsAcmpcaCertificateAuthorityConfigType(rName, acmpca.CertificateAuthorityTypeRoot) + fmt.Sprintf(`
resource "aws_acm_certificate" "test" {
domain_name = "test.%[1]s.com"
certificate_authority_arn = "${aws_acmpca_certificate_authority.test.arn}"
}
`, rName)
Expand Down
129 changes: 116 additions & 13 deletions aws/resource_aws_acmpca_certificate_authority_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,11 @@ import (
"log"
"regexp"
"testing"
"time"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/acmpca"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/terraform"
Expand Down Expand Up @@ -40,24 +42,45 @@ func testSweepAcmpcaCertificateAuthorities(region string) error {
return nil
}

var sweeperErrs *multierror.Error

for _, certificateAuthority := range certificateAuthorities {
arn := aws.StringValue(certificateAuthority.Arn)

if aws.StringValue(certificateAuthority.Status) == acmpca.CertificateAuthorityStatusActive {
log.Printf("[INFO] Disabling ACMPCA Certificate Authority: %s", arn)
_, err := conn.UpdateCertificateAuthority(&acmpca.UpdateCertificateAuthorityInput{
CertificateAuthorityArn: aws.String(arn),
Status: aws.String(acmpca.CertificateAuthorityStatusDisabled),
})
if isAWSErr(err, acmpca.ErrCodeResourceNotFoundException, "") {
continue
}
if err != nil {
sweeperErr := fmt.Errorf("error disabling ACMPCA Certificate Authority (%s): %w", arn, err)
log.Printf("[ERROR] %s", sweeperErr)
sweeperErrs = multierror.Append(sweeperErrs, sweeperErr)
continue
}
}

log.Printf("[INFO] Deleting ACMPCA Certificate Authority: %s", arn)
input := &acmpca.DeleteCertificateAuthorityInput{
_, err := conn.DeleteCertificateAuthority(&acmpca.DeleteCertificateAuthorityInput{
CertificateAuthorityArn: aws.String(arn),
PermanentDeletionTimeInDays: aws.Int64(int64(7)),
})
if isAWSErr(err, acmpca.ErrCodeResourceNotFoundException, "") {
continue
}

_, err := conn.DeleteCertificateAuthority(input)
if err != nil {
if isAWSErr(err, acmpca.ErrCodeResourceNotFoundException, "") {
continue
}
log.Printf("[ERROR] Failed to delete ACMPCA Certificate Authority (%s): %s", arn, err)
sweeperErr := fmt.Errorf("error deleting ACMPCA Certificate Authority (%s): %w", arn, err)
log.Printf("[ERROR] %s", sweeperErr)
sweeperErrs = multierror.Append(sweeperErrs, sweeperErr)
continue
}
}

return nil
return sweeperErrs.ErrorOrNil()
}

func TestAccAwsAcmpcaCertificateAuthority_Basic(t *testing.T) {
Expand Down Expand Up @@ -413,14 +436,15 @@ func TestAccAwsAcmpcaCertificateAuthority_Tags(t *testing.T) {
func TestAccAwsAcmpcaCertificateAuthority_Type_Root(t *testing.T) {
var certificateAuthority acmpca.CertificateAuthority
resourceName := "aws_acmpca_certificate_authority.test"
rName := acctest.RandomWithPrefix("tf-acc-test")

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsAcmpcaCertificateAuthorityDestroy,
Steps: []resource.TestStep{
{
Config: testAccAwsAcmpcaCertificateAuthorityConfigType(acmpca.CertificateAuthorityTypeRoot),
Config: testAccAwsAcmpcaCertificateAuthorityConfigType(rName, acmpca.CertificateAuthorityTypeRoot),
Check: resource.ComposeTestCheckFunc(
testAccCheckAwsAcmpcaCertificateAuthorityExists(resourceName, &certificateAuthority),
resource.TestCheckResourceAttr(resourceName, "type", acmpca.CertificateAuthorityTypeRoot),
Expand Down Expand Up @@ -496,6 +520,85 @@ func testAccCheckAwsAcmpcaCertificateAuthorityExists(resourceName string, certif
}
}

func testAccCheckAwsAcmpcaCertificateAuthorityActivateCA(certificateAuthority *acmpca.CertificateAuthority) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).acmpcaconn

arn := aws.StringValue(certificateAuthority.Arn)

getCsrResp, err := conn.GetCertificateAuthorityCsr(&acmpca.GetCertificateAuthorityCsrInput{
CertificateAuthorityArn: aws.String(arn),
})
if err != nil {
return fmt.Errorf("error getting ACMPCA Certificate Authority (%s) CSR: %s", arn, err)
}

issueCertResp, err := conn.IssueCertificate(&acmpca.IssueCertificateInput{
CertificateAuthorityArn: aws.String(arn),
Csr: []byte(aws.StringValue(getCsrResp.Csr)),
IdempotencyToken: aws.String(resource.UniqueId()),
SigningAlgorithm: certificateAuthority.CertificateAuthorityConfiguration.SigningAlgorithm,
TemplateArn: aws.String("arn:aws:acm-pca:::template/RootCACertificate/V1"),
Validity: &acmpca.Validity{
Type: aws.String(acmpca.ValidityPeriodTypeYears),
Value: aws.Int64(10),
},
})
if err != nil {
return fmt.Errorf("error issuing ACMPCA Certificate Authority (%s) Root CA certificate from CSR: %s", arn, err)
}

// Wait for certificate status to become ISSUED.
var getCertResp *acmpca.GetCertificateOutput
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
var err error
getCertResp, err = conn.GetCertificate(&acmpca.GetCertificateInput{
CertificateAuthorityArn: aws.String(arn),
CertificateArn: issueCertResp.CertificateArn,
})
if err != nil {
if isAWSErr(err, acmpca.ErrCodeRequestInProgressException, "Try again later") {
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
}
return nil
})
if isResourceTimeoutError(err) {
getCertResp, err = conn.GetCertificate(&acmpca.GetCertificateInput{
CertificateAuthorityArn: aws.String(arn),
CertificateArn: issueCertResp.CertificateArn,
})
}
if err != nil {
return fmt.Errorf("error getting ACMPCA Certificate Authority (%s) issued Root CA certificate: %s", arn, err)
}

_, err = conn.ImportCertificateAuthorityCertificate(&acmpca.ImportCertificateAuthorityCertificateInput{
CertificateAuthorityArn: aws.String(arn),
Certificate: []byte(aws.StringValue(getCertResp.Certificate)),
})
if err != nil {
return fmt.Errorf("error importing ACMPCA Certificate Authority (%s) Root CA certificate: %s", arn, err)
}

return err
}
}

func testAccCheckAwsAcmpcaCertificateAuthorityDisableCA(certificateAuthority *acmpca.CertificateAuthority) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).acmpcaconn

_, err := conn.UpdateCertificateAuthority(&acmpca.UpdateCertificateAuthorityInput{
CertificateAuthorityArn: certificateAuthority.Arn,
Status: aws.String(acmpca.CertificateAuthorityStatusDisabled),
})

return err
}
}

func listAcmpcaCertificateAuthorities(conn *acmpca.ACMPCA) ([]*acmpca.CertificateAuthority, error) {
certificateAuthorities := []*acmpca.CertificateAuthority{}
input := &acmpca.ListCertificateAuthoritiesInput{}
Expand Down Expand Up @@ -723,20 +826,20 @@ resource "aws_acmpca_certificate_authority" "test" {
}
`

func testAccAwsAcmpcaCertificateAuthorityConfigType(certificateAuthorityType string) string {
func testAccAwsAcmpcaCertificateAuthorityConfigType(rName, certificateAuthorityType string) string {
return fmt.Sprintf(`
resource "aws_acmpca_certificate_authority" "test" {
permanent_deletion_time_in_days = 7
type = %[1]q
type = %[2]q

certificate_authority_configuration {
key_algorithm = "RSA_4096"
signing_algorithm = "SHA512WITHRSA"

subject {
common_name = "terraformtesting.com"
common_name = "%[1]s.com"
}
}
}
`, certificateAuthorityType)
`, rName, certificateAuthorityType)
}
36 changes: 18 additions & 18 deletions aws/resource_aws_appmesh_mesh.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ import (
"time"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/appmesh"
appmesh "github.com/aws/aws-sdk-go/service/appmeshpreview"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
// "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
)

func resourceAwsAppmeshMesh() *schema.Resource {
Expand Down Expand Up @@ -76,7 +76,7 @@ func resourceAwsAppmeshMesh() *schema.Resource {
Computed: true,
},

"tags": tagsSchema(),
// "tags": tagsSchema(),
},
}
}
Expand All @@ -88,7 +88,7 @@ func resourceAwsAppmeshMeshCreate(d *schema.ResourceData, meta interface{}) erro
req := &appmesh.CreateMeshInput{
MeshName: aws.String(meshName),
Spec: expandAppmeshMeshSpec(d.Get("spec").([]interface{})),
Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().AppmeshTags(),
// Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().AppmeshTags(),
}

log.Printf("[DEBUG] Creating App Mesh service mesh: %#v", req)
Expand Down Expand Up @@ -132,15 +132,15 @@ func resourceAwsAppmeshMeshRead(d *schema.ResourceData, meta interface{}) error
return fmt.Errorf("error setting spec: %s", err)
}

tags, err := keyvaluetags.AppmeshListTags(conn, arn)
// tags, err := keyvaluetags.AppmeshListTags(conn, arn)

if err != nil {
return fmt.Errorf("error listing tags for App Mesh service mesh (%s): %s", arn, err)
}
// if err != nil {
// return fmt.Errorf("error listing tags for App Mesh service mesh (%s): %s", arn, err)
// }

if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil {
return fmt.Errorf("error setting tags: %s", err)
}
// if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil {
// return fmt.Errorf("error setting tags: %s", err)
// }

return nil
}
Expand All @@ -162,14 +162,14 @@ func resourceAwsAppmeshMeshUpdate(d *schema.ResourceData, meta interface{}) erro
}
}

arn := d.Get("arn").(string)
if d.HasChange("tags") {
o, n := d.GetChange("tags")
// arn := d.Get("arn").(string)
// if d.HasChange("tags") {
// o, n := d.GetChange("tags")

if err := keyvaluetags.AppmeshUpdateTags(conn, arn, o, n); err != nil {
return fmt.Errorf("error updating App Mesh service mesh (%s) tags: %s", arn, err)
}
}
// if err := keyvaluetags.AppmeshUpdateTags(conn, arn, o, n); err != nil {
// return fmt.Errorf("error updating App Mesh service mesh (%s) tags: %s", arn, err)
// }
// }

return resourceAwsAppmeshMeshRead(d, meta)
}
Expand Down
Loading