Merge remote-tracking branch 'upstream/master' into feature/tke_global_config

Author: ChrisdeR

CHANGELOG.md

@@ -1,4 +1,5 @@
-## 1.55.0 (Unreleased)
+## 1.55.1 (Unreleased)
+## 1.55.0 (March 26, 2021)
 
 FEATURES:
 
@@ -7,6 +8,13 @@ FEATURES:
 * **New Data Source**: `tencentcloud_ssm_secrets` 
 * **New Data Source**: `tencentcloud_ssm_secret_versions` 
 
+ENHANCEMENTS:
+
+* Resource: `tencentcloud_ssl_certificate` refactor logic with api3.0 .
+* Data Source: `tencentcloud_ssl_certificates` refactor logic with api3.0 .
+* Resource `tencentcloud_kubernetes_cluster` add `disaster_recover_group_ids` to set disaster recover group ID.
+* Resource `tencentcloud_kubernetes_scale_worker` add `disaster_recover_group_ids` to set disaster recover group ID.
+
 ## 1.54.1 (March 24, 2021)
 
 ENHANCEMENTS:
@@ -24,10 +32,10 @@ FEATURES:
 
 ENHANCEMENTS:
 
-* Resource `tencentcloud_kubernetes_cluster_attachment` add `unschedulable` to sets whether the joining node participates in the schedule.
-* Resource `tencentcloud_kubernetes_cluster` add `unschedulable` to sets whether the joining node participates in the schedule.
-* Resource `tencentcloud_kubernetes_node_pool` add `unschedulable` to sets whether the joining node participates in the schedule.
-* Resource `tencentcloud_kubernetes_scale_worker` add `unschedulable` to sets whether the joining node participates in the schedule.
+* Resource `tencentcloud_kubernetes_cluster_attachment` add `unschedulable` to set whether the joining node participates in the schedule.
+* Resource `tencentcloud_kubernetes_cluster` add `unschedulable` to set whether the joining node participates in the schedule.
+* Resource `tencentcloud_kubernetes_node_pool` add `unschedulable` to set whether the joining node participates in the schedule.
+* Resource `tencentcloud_kubernetes_scale_worker` add `unschedulable` to set whether the joining node participates in the schedule.
 
 ## 1.53.9 (March 19, 2021)
 

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/mattn/go-colorable v0.1.6 // indirect
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pkg/errors v0.9.1
-	github.com/tencentcloud/tencentcloud-sdk-go v1.0.119
+	github.com/tencentcloud/tencentcloud-sdk-go v1.0.123
 	github.com/yangwenmai/ratelimit v0.0.0-20180104140304-44221c2292e1
 	github.com/zclconf/go-cty v1.4.2 // indirect
 	golang.org/x/sys v0.0.0-20200523222454-059865788121 // indirect

go.sum

@@ -441,8 +441,8 @@ github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
 github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2 h1:Xr9gkxfOP0KQWXKNqmwe8vEeSUiUj4Rlee9CMVX2ZUQ=
 github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2/go.mod h1:yHp0ai0Z9gUljN3o0xMhYJnH/IcvkdTBOX2fmJ93JEM=
-github.com/tencentcloud/tencentcloud-sdk-go v1.0.119 h1:wjidEbe8rWoQNfUEzILykgi4SO1LYjC4tNRY7RN8chI=
-github.com/tencentcloud/tencentcloud-sdk-go v1.0.119/go.mod h1:asUz5BPXxgoPGaRgZaVm1iGcUAuHyYUo1nXqKa83cvI=
+github.com/tencentcloud/tencentcloud-sdk-go v1.0.123 h1:6yOMrmTuKtW1Y8VtWgN5Jt3jUcWnWtRX0gZfD1LxRcc=
+github.com/tencentcloud/tencentcloud-sdk-go v1.0.123/go.mod h1:asUz5BPXxgoPGaRgZaVm1iGcUAuHyYUo1nXqKa83cvI=
 github.com/tetafro/godot v0.3.7 h1:+mecr7RKrUKB5UQ1gwqEMn13sDKTyDR8KNIquB9mm+8=
 github.com/tetafro/godot v0.3.7/go.mod h1:/7NLHhv08H1+8DNj0MElpAACw1ajsCuf3TKNQxA5S+0=
 github.com/timakin/bodyclose v0.0.0-20190930140734-f7f2e9bca95e h1:RumXZ56IrCj4CL+g1b9OL/oH0QnsF976bC8xQFYUD5Q=

tencentcloud/connectivity/transport.go

@@ -10,7 +10,7 @@ import (
 	"time"
 )
 
-const ReqClient = "Terraform-v1.54.1"
+const ReqClient = "Terraform-v1.55.0"
 
 type LogRoundTripper struct {
 }

tencentcloud/data_source_tc_ssl_certificates.go

@@ -17,7 +17,9 @@ import (
 	"log"
 	"strconv"
 
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
 )
 
@@ -144,46 +146,42 @@ func dataSourceTencentCloudSslCertificatesRead(d *schema.ResourceData, m interfa
 		id = helper.String(raw.(string))
 	}
 
-	service := SslService{client: m.(*TencentCloudClient).apiV3Conn}
-
-	respCertificates, err := service.DescribeCertificates(ctx, id, name, certType)
+	sslService := SSLService{client: m.(*TencentCloudClient).apiV3Conn}
+	certificateList, err := GetCertificateList(ctx, sslService, id, name, certType)
 	if err != nil {
 		return err
 	}
 
-	certificates := make([]map[string]interface{}, 0, len(respCertificates))
-	ids := make([]string, 0, len(respCertificates))
-
-	for _, certificate := range respCertificates {
+	certificates := make([]map[string]interface{}, 0, len(certificateList))
+	ids := make([]string, 0, len(certificateList))
+	for _, certificate := range certificateList {
 		if nilNames := CheckNil(certificate, map[string]string{
-			"Id":            "id",
-			"Alias":         "name",
-			"CertType":      "type",
-			"ProjectId":     "project id",
-			"Cert":          "cert",
-			"ProductZhName": "product zh name",
-			"Domain":        "domain",
-			"Status":        "status",
-			"CertBeginTime": "begin time",
-			"CertEndTime":   "end time",
-			"InsertTime":    "create time",
+			"CertificateId":   "id",
+			"Alias":           "name",
+			"CertificateType": "type",
+			"ProjectId":       "project id",
+			"ProductZhName":   "product zh name",
+			"Domain":          "domain",
+			"Status":          "status",
+			"CertBeginTime":   "begin time",
+			"CertEndTime":     "end time",
+			"InsertTime":      "create time",
 		}); len(nilNames) > 0 {
 			return fmt.Errorf("certificate %v are nil", nilNames)
 		}
 
-		ids = append(ids, *certificate.Id)
+		ids = append(ids, *certificate.CertificateId)
 
 		projectId, err := strconv.Atoi(*certificate.ProjectId)
 		if err != nil {
 			return err
 		}
 
 		m := map[string]interface{}{
-			"id":              *certificate.Id,
+			"id":              *certificate.CertificateId,
 			"name":            *certificate.Alias,
-			"type":            *certificate.CertType,
+			"type":            *certificate.CertificateType,
 			"project_id":      projectId,
-			"cert":            *certificate.Cert,
 			"product_zh_name": *certificate.ProductZhName,
 			"domain":          *certificate.Domain,
 			"status":          *certificate.Status,
@@ -200,6 +198,26 @@ func dataSourceTencentCloudSslCertificatesRead(d *schema.ResourceData, m interfa
 			m["subject_names"] = subjectAltNames
 		}
 
+		describeRequest := ssl.NewDescribeCertificateDetailRequest()
+		describeRequest.CertificateId = certificate.CertificateId
+		var outErr, inErr error
+		var describeResponse *ssl.DescribeCertificateDetailResponse
+		outErr = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+			describeResponse, inErr = sslService.DescribeCertificateDetail(ctx, describeRequest)
+			if inErr != nil {
+				return retryError(inErr)
+			}
+			return nil
+		})
+		if outErr != nil {
+			log.Printf("[CRITAL]%s read certificate failed, reason: %v", logId, outErr)
+			return outErr
+		}
+
+		if describeResponse != nil && describeResponse.Response != nil {
+			m["cert"] = *describeResponse.Response.CertificatePublicKey
+		}
+
 		certificates = append(certificates, m)
 	}
 
@@ -216,3 +234,90 @@ func dataSourceTencentCloudSslCertificatesRead(d *schema.ResourceData, m interfa
 
 	return nil
 }
+
+func GetCertificateList(ctx context.Context, sslService SSLService, id, name, certType *string) (certificateList []*ssl.Certificates, errRet error) {
+	logId := getLogId(contextNil)
+
+	var (
+		outErr, inErr                        error
+		certificatesById, certificatesByName []*ssl.Certificates
+	)
+
+	if id == nil && name == nil {
+		describeRequest := ssl.NewDescribeCertificatesRequest()
+		describeRequest.CertificateType = certType
+		outErr = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+			certificateList, inErr = sslService.DescribeCertificates(ctx, describeRequest)
+			if inErr != nil {
+				return retryError(inErr)
+			}
+			return nil
+		})
+		if outErr != nil {
+			log.Printf("[CRITAL]%s read certificates failed, reason: %v", logId, outErr)
+			errRet = outErr
+			return
+		}
+		return
+	}
+
+	if id != nil {
+		describeRequest := ssl.NewDescribeCertificatesRequest()
+		describeRequest.CertificateType = certType
+		describeRequest.SearchKey = id
+		outErr = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+			certificatesById, inErr = sslService.DescribeCertificates(ctx, describeRequest)
+			if inErr != nil {
+				return retryError(inErr)
+			}
+			return nil
+		})
+		if outErr != nil {
+			log.Printf("[CRITAL]%s read certificates failed, reason: %v", logId, outErr)
+			errRet = outErr
+			return
+		}
+	}
+	if name != nil {
+		describeRequest := ssl.NewDescribeCertificatesRequest()
+		describeRequest.CertificateType = certType
+		describeRequest.SearchKey = name
+		outErr = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+			certificatesByName, inErr = sslService.DescribeCertificates(ctx, describeRequest)
+			if inErr != nil {
+				return retryError(inErr)
+			}
+			return nil
+		})
+		if outErr != nil {
+			log.Printf("[CRITAL]%s read certificates failed, reason: %v", logId, outErr)
+			errRet = outErr
+			return
+		}
+	}
+
+	certificateList = GetCommonCertificates(certificatesById, certificatesByName)
+	return
+}
+
+func GetCommonCertificates(certificatesById, certificatesByName []*ssl.Certificates) (result []*ssl.Certificates) {
+	if len(certificatesById) == 0 {
+		return certificatesByName
+	} else if len(certificatesByName) == 0 {
+		return certificatesById
+	}
+	certificateMap := make(map[string]bool)
+	for _, certificate := range certificatesById {
+		if _, ok := certificateMap[*certificate.CertificateId]; ok {
+			continue
+		}
+		certificateMap[*certificate.CertificateId] = true
+	}
+
+	for _, certificate := range certificatesByName {
+		if _, ok := certificateMap[*certificate.CertificateId]; ok {
+			result = append(result, certificate)
+		}
+	}
+	return
+}

tencentcloud/resource_tc_kubernetes_cluster.go

@@ -469,6 +469,14 @@ func TkeCvmCreateInfo() map[string]*schema.Schema {
 				"Windows example: The length of the name character is [2, 15], letters (capitalization is not restricted), numbers and dashes (-) are allowed, dots (.) are not supported, and not all numbers are allowed. " +
 				"Examples of other types (Linux, etc.): The character length is [2, 60], and multiple dots are allowed. There is a segment between the dots. Each segment allows letters (with no limitation on capitalization), numbers and dashes (-).",
 		},
+		"disaster_recover_group_ids": {
+			Type:        schema.TypeList,
+			ForceNew:    true,
+			Optional:    true,
+			MaxItems:    1,
+			Elem:        &schema.Schema{Type: schema.TypeString},
+			Description: "Disaster recover groups to which a CVM instance belongs. Only support maximum 1.",
+		},
 	}
 }
 
@@ -1105,6 +1113,15 @@ func tkeGetCvmRunInstancesPara(dMap map[string]interface{}, meta interface{},
 		}
 	}
 
+	if v, ok := dMap["disaster_recover_group_ids"]; ok {
+		disasterGroups := v.([]interface{})
+		request.DisasterRecoverGroupIds = make([]*string, 0, len(disasterGroups))
+		for i := range disasterGroups {
+			disasterGroup := disasterGroups[i].(string)
+			request.DisasterRecoverGroupIds = append(request.DisasterRecoverGroupIds, &disasterGroup)
+		}
+	}
+
 	if v, ok := dMap["enhanced_security_service"]; ok {
 
 		if request.EnhancedService == nil {