Merge pull request #1166 from yamamoto-febc/feature/webaccel-acl

ウェブアクセラレータ ACL機能

Author: lvctr

examples/website/r/webaccel_acl/webaccel_acl.tf

@@ -0,0 +1,15 @@
+data sakuracloud_webaccel "site" {
+  name = "your-site-name"
+  # or
+  # domain = "your-domain"
+}
+
+resource sakuracloud_webaccel_acl "acl" {
+  site_id = data.sakuracloud_webaccel.site.id
+
+  acl = join("\n", [
+    "deny 192.0.2.5/25",
+    "deny 198.51.100.0",
+    "allow all",
+  ])
+}

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/sacloud/iaas-service-go v1.10.0
 	github.com/sacloud/iso9660wrap v0.0.0-20171031075302-eda21f77f6a8
 	github.com/sacloud/packages-go v0.0.10
-	github.com/sacloud/webaccel-api-go v1.1.6
+	github.com/sacloud/webaccel-api-go v1.2.0
 	github.com/stretchr/testify v1.9.0
 	golang.org/x/text v0.14.0
 )

go.sum

@@ -174,24 +174,18 @@ github.com/sacloud/autoscaler v0.15.5 h1:CcrddQsRW0oAF5877bPuyiK1c6f6nEkb1ktKuq/
 github.com/sacloud/autoscaler v0.15.5/go.mod h1:xWwCzhvAoLkLUv5tyVEuhcI6DrobZcBGnsmuQ+ugnw4=
 github.com/sacloud/ftps v1.2.0 h1:7UlSWd7cnm1J+sANz7IiBV9ffVcS+4g6ZV5UHVVbvaw=
 github.com/sacloud/ftps v1.2.0/go.mod h1:h4awhOi3PEyhKLj1FpXjoVV5yVkmRUU+d5L95EwX2JU=
-github.com/sacloud/go-http v0.1.7 h1:oBnoTLTlu4afkRJHIQSV6NJMUfIR1S3rB/SQaGzL/3Q=
-github.com/sacloud/go-http v0.1.7/go.mod h1:WV31q5qAUt6Rs7dfqQfGyRprXhf91jS+41FofYHmxUI=
 github.com/sacloud/go-http v0.1.8 h1:ynreWA/vnM8G2ksbMlmefBHsXURKPz49qlPRqQ9IQdw=
 github.com/sacloud/go-http v0.1.8/go.mod h1:7TL7TN1fnPKHsMifIqURDkGujnKViCgEz5Ei/LQdFK8=
-github.com/sacloud/iaas-api-go v1.11.2 h1:2jQLPwGRK/sS9bjvjWFWk2AFToU2Zq2o+6JP5Uvhqu8=
-github.com/sacloud/iaas-api-go v1.11.2/go.mod h1:gjiuIY5c/7lj2LmFnVgyHcPMT17PysXpNPBrmVMV8dM=
 github.com/sacloud/iaas-api-go v1.12.0 h1:kqXFn3HzCiawlX6hVJb1GVqcSJqcmiGHB4Zp14sxiI8=
 github.com/sacloud/iaas-api-go v1.12.0/go.mod h1:SZLXeWOdXk3WReIS557sbU1gkOgrE4rseIBQV1B3b7o=
-github.com/sacloud/iaas-service-go v1.9.2 h1:IAWsIJ1F5txAS38lN4x/iBvQl1NCIo5owFs+hFqFUmc=
-github.com/sacloud/iaas-service-go v1.9.2/go.mod h1:SrH2+QeaYd4W85tAK4/u3A7WXkOlnpLlaI1SDmH7Hj4=
 github.com/sacloud/iaas-service-go v1.10.0 h1:OP0z0LLNLaNTmN1CtGpjQowD4SP1zn77z1Iku1D7l9Q=
 github.com/sacloud/iaas-service-go v1.10.0/go.mod h1:tfWGYP+JnELP4ASOhcjaSDYr31TKrlPbqQ3wplCj190=
 github.com/sacloud/iso9660wrap v0.0.0-20171031075302-eda21f77f6a8 h1:5piK7EELHKRxGqBjgVEHsdfsFwEzF/Kds/bMWLS6gCw=
 github.com/sacloud/iso9660wrap v0.0.0-20171031075302-eda21f77f6a8/go.mod h1:1jHHCa624cG5rODkWmourombJaNmkY9/SBHWhLJcg+w=
 github.com/sacloud/packages-go v0.0.10 h1:UiQGjy8LretewkRhsuna1TBM9Vz/l9FoYpQx+D+AOck=
 github.com/sacloud/packages-go v0.0.10/go.mod h1:f8QITBh9z4IZc4yE9j21Q8b0sXEMwRlRmhhjWeDVTYs=
-github.com/sacloud/webaccel-api-go v1.1.6 h1:OjAORCUzk3kYCXSPsHj7D0+wk9/ILzZsbqPTtk24j4A=
-github.com/sacloud/webaccel-api-go v1.1.6/go.mod h1:xzeJjXIBtkjWc75u5gihiScjBlEBhxfLL60bhsHJSB4=
+github.com/sacloud/webaccel-api-go v1.2.0 h1:eoiMNmz9bbeL3Ht1WPLKe2DbG7vH7Lb3a/jCmSjcKPs=
+github.com/sacloud/webaccel-api-go v1.2.0/go.mod h1:ZgTg5TldLf90RU9y3TnI0/luxERkJofk9+iLaupKB2E=
 github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/shivamMg/ppds v0.0.1 h1:idK2dpaen652zOO+OmcwmyoPNncBNqfHjF/14eS5JIk=
@@ -206,8 +200,6 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk=
@@ -230,8 +222,6 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@@ -245,8 +235,6 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
-golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
 golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -267,18 +255,15 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
 golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
-golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
 golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
+golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=

sakuracloud/provider.go

@@ -206,6 +206,7 @@ func Provider() *schema.Provider {
 			"sakuracloud_subnet":                resourceSakuraCloudSubnet(),
 			"sakuracloud_switch":                resourceSakuraCloudSwitch(),
 			"sakuracloud_vpc_router":            resourceSakuraCloudVPCRouter(),
+			"sakuracloud_webaccel_acl":          resourceSakuraCloudWebAccelACL(),
 			"sakuracloud_webaccel_certificate":  resourceSakuraCloudWebAccelCertificate(),
 		},
 	}

sakuracloud/resource_sakuracloud_webaccel_acl.go

@@ -0,0 +1,121 @@
+// Copyright 2016-2023 terraform-provider-sakuracloud authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sakuracloud
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/sacloud/webaccel-api-go"
+)
+
+func resourceSakuraCloudWebAccelACL() *schema.Resource {
+	return &schema.Resource{
+		CreateContext: resourceSakuraCloudWebAccelACLCreate,
+		ReadContext:   resourceSakuraCloudWebAccelACLRead,
+		UpdateContext: resourceSakuraCloudWebAccelACLUpdate,
+		DeleteContext: resourceSakuraCloudWebAccelACLDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+		Schema: map[string]*schema.Schema{
+			"site_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"acl": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func resourceSakuraCloudWebAccelACLCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, _, err := sakuraCloudClient(d, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	siteID := d.Get("site_id").(string)
+
+	_, err = webaccel.NewOp(client.webaccelClient).UpsertACL(ctx, siteID, d.Get("acl").(string))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(siteID)
+	return resourceSakuraCloudWebAccelACLRead(ctx, d, meta)
+}
+
+func resourceSakuraCloudWebAccelACLRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, _, err := sakuraCloudClient(d, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	siteID := d.Id()
+
+	acl, err := webaccel.NewOp(client.webaccelClient).ReadACL(ctx, siteID)
+	if err != nil {
+		return diag.Errorf("could not read SakuraCloud WebAccel ACL[%s]: %s", d.Id(), err)
+	}
+
+	if acl.ACL == "" {
+		d.SetId("")
+		return nil
+	}
+
+	return setWebAccelACLResourceData(d, client, acl)
+}
+
+func resourceSakuraCloudWebAccelACLUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, _, err := sakuraCloudClient(d, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	siteID := d.Id()
+
+	if d.HasChanges("acl") {
+		_, err := webaccel.NewOp(client.webaccelClient).UpsertACL(ctx, siteID, d.Get("acl").(string))
+		if err != nil {
+			return diag.FromErr(err)
+		}
+	}
+
+	return resourceSakuraCloudWebAccelACLRead(ctx, d, meta)
+}
+
+func resourceSakuraCloudWebAccelACLDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client, _, err := sakuraCloudClient(d, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	siteID := d.Get("site_id").(string)
+
+	if err := webaccel.NewOp(client.webaccelClient).DeleteACL(ctx, siteID); err != nil {
+		return diag.Errorf("deleting SakuraCloud WebAccel ACL[%s] is failed: %s", d.Id(), err)
+	}
+
+	d.SetId("")
+	return nil
+}
+
+func setWebAccelACLResourceData(d *schema.ResourceData, client *APIClient, data *webaccel.ACLResult) diag.Diagnostics {
+	d.Set("site_id", d.Id()) // nolint
+	d.Set("acl", data.ACL)   // nolint
+	return nil
+}

sakuracloud/resource_sakuracloud_webaccel_acl_test.go

@@ -0,0 +1,72 @@
+// Copyright 2016-2023 terraform-provider-sakuracloud authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sakuracloud
+
+import (
+	"fmt"
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAccResourceSakuraCloudWebAccelACL_basic(t *testing.T) {
+	envKeys := []string{
+		envWebAccelSiteName,
+	}
+	for _, k := range envKeys {
+		if os.Getenv(k) == "" {
+			t.Skipf("ENV %q is requilred. skip", k)
+			return
+		}
+	}
+
+	siteName := os.Getenv(envWebAccelSiteName)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy: func(*terraform.State) error {
+			return nil
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckSakuraCloudWebAccelACLConfig(siteName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("sakuracloud_webaccel_acl.foobar", "acl", "deny 192.0.2.5/25\ndeny 198.51.100.0\nallow all"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckSakuraCloudWebAccelACLConfig(siteName string) string {
+	tmpl := `
+data sakuracloud_webaccel "site" {
+  name = "%s"
+}
+resource sakuracloud_webaccel_acl "foobar" {
+  site_id = data.sakuracloud_webaccel.site.id
+
+  acl = join("\n", [
+    "deny 192.0.2.5/25",
+    "deny 198.51.100.0",
+    "allow all",
+  ])
+}
+`
+	return fmt.Sprintf(tmpl, siteName)
+}

website/docs/r/webaccel_acl.md

@@ -0,0 +1,45 @@
+---
+layout: "sakuracloud"
+page_title: "SakuraCloud: sakuracloud_webaccel_acl"
+subcategory: "WebAccelerator"
+description: |-
+  Manages a SakuraCloud WebAccelerator Site ACL.
+---
+
+# sakuracloud_webaccel_acl
+
+Manages a SakuraCloud sakuracloud_webaccel_acl.
+
+## Example Usage
+
+```hcl
+data sakuracloud_webaccel "site" {
+  name = "your-site-name"
+  # or
+  # domain = "your-domain"
+}
+
+resource sakuracloud_webaccel_acl "acl" {
+  site_id = data.sakuracloud_webaccel.site.id
+
+  acl = join("\n", [
+    "deny 192.0.2.5/25",
+    "deny 198.51.100.0",
+    "allow all",
+  ])
+}
+```
+
+## Argument Reference
+
+* `acl` - (Required) .
+* `site_id` - (Required) .
+
+
+
+## Attribute Reference
+
+* `id` - The id of the sakuracloud_webaccel_acl.
+
+
+