Giter Club home page Giter Club logo

terraform-provider-anypoint's Introduction

Terraform Provider Anypoint

This is the first terraform provider for anypoint platform! We aim to provide a sustainable tool to automate your actions in anypoint.

This project was initiated by Mulesoft's consultants and architects from the professional team. We welcome any volunteers interested in joining the initiative no matter where you're from !

How it works

This provider uses the anypoint platform APIs to perform actions for each one of the implemented resources.

alt text

We use the anypoint client library as an abstraction layer to perform actions on the platform.

For better maintainability and in order to speed up the development process, the anypoint client library is a library generated from OAS3 specifications written by the community.

The following image describes the delivery cycle:

alt text

The cycle is composed of 3 steps:

  1. Pick one resource and understand how it works using tools like Postman, anypoint's documentation and your favorite browser's inspector.
  2. Create the OAS3 specification. The specification should at least contain GET, POST and DELETE operations. The specification should be contributed here. Using the OAS spec, a go module will be generated and pushed here.

alt text 3. Implement the resource and related data sources in the provider using the generated library.

How to use

Run the following command to build the provider

go build -o terraform-provider-anypoint

N.B: As of Go 1.13 make sure that your GOPRIVATE environment variable includes github.com/salesforce

go env -w GOPRIVATE=github.com/salesforce

Test sample configuration

First, build and install the provider.

make install

Then, navigate inside the examples folder, and update your credentials in main.tf. Run the following command to initialize the workspace and apply the sample configuration.

terraform init && terraform apply

If you prefer to have your credentials in a separate file, create a params.tfvars.json file in the examples folder. Then add your parameters as shown in the example below:

{
  "client_id": "REMPLACE_HERE",
  "client_secret": "REMPLACE_HERE",
  "org_id": "REMPLACE_HERE"
}

Make sure to add the params file when you apply your terraform configuration as follow:

terraform init && terraform apply -var-file="params.tfvars.json"

Debugging mode

First build the project using

go build

You should have a new file terraform-provider-anypoint in the root of the project. To start the provider in debug mode execute the following:

dlv exec --headless ./terraform-provider-anypoint -- --debug

Once executed, connect your debugger (whether it's your IDE or the debugger client) to the debugger server. The following is an example of how to start a client debugger:

dlv connect 127.0.0.1:51495

Then have your client debugger continue execution (check the help for more info) then your provider should print something like:

TF_REATTACH_PROVIDERS='{"anypoint.mulesoft.com/automation/anypoint":{"Protocol":"grpc","Pid":69612,"Test":true,"Addr":{"Network":"unix","String":"/var/folders/yc/k0_j_x0945jdthsw7fzw5ysh0000gp/T/plugin598168131"}}}'

Now you can run terraform using the debugger, here's an example:

TF_REATTACH_PROVIDERS='{"anypoint.mulesoft.com/automation/anypoint":{"Protocol":"grpc","Pid":69612,"Test":true,"Addr":{"Network":"unix","String":"/var/folders/yc/k0_j_x0945jdthsw7fzw5ysh0000gp/T/plugin598168131"}}}' terraform apply --auto-approve -var-file="params.tfvars.json"

How to log

Use log package to log. Here's an exampe:

log.Println("[DEBUG] Something happened!")

Documentation

In order to generate a documentation, we use tfplugindocs.

Create Release

Follow documentation.

How to contribute

You can contribute by:

  • Testing the tool and letting us know of any problems you encounter.
  • Contributing specifications for resources here.
  • Contributing code in the provider itself here.

Credits

Made with love.

Disclaimer

This is an UNLICENSED software, please review the considerations. This is an open source project, it does not form part of the official MuleSoft product stack, and is therefore not included in MuleSoft support SLAs. Issues should be directed to the community, who will try to assist on a best endeavours basis. This application is distributed as is..

terraform-provider-anypoint's People

Contributors

fons-000 avatar munozmi avatar rforte-mule avatar rubycube avatar soufi avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

kokowaahmax mulesoft-anypoint rganatra kloudarchitect fons-000 bridgecrew-perf4 munozmi rajprins midair8 hsasagawa

terraform-provider-anypoint's Issues

Documentation: add examples

the examples folder should contain examples for each resource and data source.

Following the documentation here we should create examples accordingly.

DLB whitelisting

Hi,

  1. I observed adding any new IP's to "ip_whitelist" is deleting entire DLB and recreating instead of just adding one IP.

You can give a try and see terraform plan.

  1. There no changes to one of my load balancer, but i can see Modify status in audit logs.

Add Import Feature

Please add import resources. We have resources already deployed that we want to bring under state management. We can only do that with terraform import.

Provider crashes with latest changes

Getting this error after getting the latest commit.
Build of Nov 10 did not have this issue.

╷ │ Error: Request cancelled │ │ with data.anypoint_roles.roles[1], │ on data.tf line 150, in data "anypoint_roles" "roles": │ 150: data "anypoint_roles" "roles" { │ │ The plugin.(*GRPCProvider).ValidateDataResourceConfig request was cancelled.

`Stack trace from the terraform-provider-anypoint.exe plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x40 pc=0xdc2f68]

goroutine 126 [running]:
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.dataSourceRolesRead({0x112b448, 0xc000634d20}, 0x265119a0108?, {0xfb3d60?, 0xc0001a3d40?})
C:/Work/Workspace/CAT/terraform-provider-anypoint/anypoint/data_source_roles.go:147 +0x368
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0xc00051a8c0, {0x112b480, 0xc00012e060}, 0xd?, {0xfb3d60, 0xc0001a3d40})
C:/Users/miguel.munoz/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:724 +0x12e
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).ReadDataApply(0xc00051a8c0, {0x112b480, 0xc00012e060}, 0xc000263180, {0xfb3d60, 0xc0001a3d40})
C:/Users/miguel.munoz/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:943 +0x145
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadDataSource(0xc0005b2000, {0x112b3d8?, 0xc0001f1300?}, 0xc000388de0)
C:/Users/miguel.munoz/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:1179 +0x38f
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadDataSource(0xc0005be000, {0x112b480?, 0xc0007b1a70?}, 0xc0007248c0)
C:/Users/miguel.munoz/go/pkg/mod/github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:657 +0x41d
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadDataSource_Handler({0xf9db40?, 0xc0005be000}, {0x112b480, 0xc0007b1a70}, 0xc0006349c0, 0x0)
C:/Users/miguel.munoz/go/pkg/mod/github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:421 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0002aa700, {0x112eed8, 0xc0001a4340}, 0xc0002fb320, 0xc0005a02a0, 0x16c0f70, 0x0)
C:/Users/miguel.munoz/go/pkg/mod/google.golang.org/[email protected]/server.go:1283 +0xcfe
google.golang.org/grpc.(*Server).handleStream(0xc0002aa700, {0x112eed8, 0xc0001a4340}, 0xc0002fb320, 0x0)
C:/Users/miguel.munoz/go/pkg/mod/google.golang.org/[email protected]/server.go:1620 +0xa2f
google.golang.org/grpc.(*Server).serveStreams.func1.2()
C:/Users/miguel.munoz/go/pkg/mod/google.golang.org/[email protected]/server.go:922 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
C:/Users/miguel.munoz/go/pkg/mod/google.golang.org/[email protected]/server.go:920 +0x28a

Error: The terraform-provider-anypoint.exe plugin crashed!`

Team role error when no team specified

When the teams.csv file is empty or no teams are being added the following error is always shown

╷
│ Error: Insufficient roles blocks
│ 
│   on resources.tf line 85, in resource "anypoint_team_roles" "lvl1_teams_roles":
│   85: resource "anypoint_team_roles" "lvl1_teams_roles" {
│ 
│ At least 1 "roles" blocks are required.

To reproduce leave teams_lvl1.csv empty and run terraform plan.

Executing Apply with prod environments and roles

Production environments are destroyed/created on every apply execution

  # anypoint_env.envs[59] must be replaced
-/+ resource "anypoint_env" "envs" {
      - client_id       = "8a51a32c6ee7423b8bc1256a8dd97d66" -> null
      ~ id              = "1ecc22d6-d808-43e6-8cd1-551416ae9dff" -> (known after apply)
      - is_production   = true -> null # forces replacement
      + last_updated    = (known after apply)
        name            = "PROD"
      ~ organization_id = "4b03ccb7-1d72-4680-a774-9c2668f3192b" -> (known after apply)
        # (2 unchanged attributes hidden)
    }

In addition, roles has the same issue

      ~ roles { # forces replacement
          ~ context_params = { # forces replacement
              - "envId" = "16b85707-d072-4c99-ab98-99d1c5863bec" -> null
                # (1 unchanged element hidden)
            }
          ~ name           = "View Contracts" -> (known after apply)
          ~ role_id        = "1660b07a-8920-4091-8292-1f42f35e92e4" -> "861c23bb-c3e0-4ab9-b6b4-db2325a1bb1d" # forces replacement
        }

Group mappings getting replace on every plan/apply executing

When executing a plan or apply, group mappings are getting replaced every time regardless of changes to csv template or inputs. Using terraform 1.3.3

`Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place

Terraform will perform the following actions:

anypoint_team_group_mappings.lvl1_team_group_mappings[0] will be updated in-place

~ resource "anypoint_team_group_mappings" "lvl1_team_group_mappings" {
id = "98ebd64c-1bcb-4654-ae1a-6bd719df9422_a7e0e3f1-8231-441d-955a-f89541d977b2_groupmappings"
# (3 unchanged attributes hidden)

  ~ groupmappings {
      - provider_id         = "76489936-63d0-4693-8667-a2319c16ce21" -> null
        # (2 unchanged attributes hidden)
    }
}

Plan: 0 to add, 1 to change, 0 to destroy.`

IP Whitelist in DLBs has to be alphabetically ordered

The code below will create a DLB successfully:

variable "dlb_ip_whitelist" {
  default = [
      "100.120.0.0/24",
      "100.20.0.0/16",
      "130.4.90.0/24",
      "200.10.140.0/24",
      "150.250.0.0/16", # Out of alphabetical order
      "200.10.46.0/23"
  ]
}
resource "anypoint_dlb" "dlb" {
  org_id       = var.business_group_id
  vpc_id       = anypoint_vpc.vpc.id
  name         = "vpc-name-dlb-1"
  state        = var.dlb_state # "started"
  ip_whitelist = var.dlb_ip_whitelist
  http_mode    = var.dlb_http_mode # "off"
  tlsv1        = var.dlb_tlsv1 # false

  lifecycle {
    ignore_changes = [
      ssl_endpoints,
      state
    ]
  }
}

After the DLB creation, all the next terraform plan/apply detects the following drift:

      ~ ip_whitelist         = [
            "100.120.0.0/24",
            "100.20.0.0/16",
            "130.4.90.0/24",
          - "150.250.0.0/16",
            "200.10.140.0/24",
          + "150.250.0.0/16",
            "200.10.46.0/23",
        ]

The only pattern identified for this is that ip_whitelist needs to be in alphabetical order.

On a related note, while investigating this issue I noticed that applying the changes identified in ip_whitelist (be it adding a new CIDR block or the ordering issue described above) we get this error:

anypoint_dlb.dlb: Modifying... [id=XXXXXXXX]

Error: Unable to patch dlb XXXXXXXX

  on main.tf line 73, in resource "anypoint_dlb" "dlb":
  73: resource "anypoint_dlb" "dlb" {

{"status":400,"message":"invalid private key format (PEM expected)"}

This is unexpected since we are not touching the ssl endpoints or certificates.
Please tell me if I should divide this issue in two.

cc: @rubycube @RamziChoueri2903 @pmi-snmiguel

Unable to create a VPC with an Internet VPC route

I will use this issue to report two related situations, please tell me if you would prefer me to divide this into two separate github issues.

Scenario 1

When I try to create a VPC using the following code:

resource "anypoint_vpc" "avpc" {
  owner_id                     = var.bg_id
  org_id                       = var.bg_id
  name                         = "test-issue-vpc"
  region                       = "eu-west-1"
  cidr_block                   = var.vpc_cidr_block
  is_default                   = false
  shared_with                  = []
  internal_dns_servers         = []
  internal_dns_special_domains = []

  vpc_routes {
    cidr = "0.0.0.0/0"
    next_hop = "Internet Gateway"
  }
}

This code will simply crash the plugin and the VPC doesn't get created.

Scenario 2

If I remove the vpc_routes code block

resource "anypoint_vpc" "avpc" {
  owner_id                     = var.bg_id
  org_id                       = var.bg_id
  name                         = "test-issue-vpc"
  region                       = "eu-west-1"
  cidr_block                   = var.vpc_cidr_block
  is_default                   = false
  shared_with                  = []
  internal_dns_servers         = []
  internal_dns_special_domains = []
}

The VPC gets created successfully. However, every subsequent terraform plan/apply to this same code will identify a drift:

      - firewall_rules {
          - cidr_block = "100.100.100.0/19" -> null
          - from_port  = 8091 -> null
          - protocol   = "tcp" -> null
          - to_port    = 8092 -> null
        }
      - firewall_rules {
          - cidr_block = "0.0.0.0/0" -> null
          - from_port  = 8081 -> null
          - protocol   = "tcp" -> null
          - to_port    = 8082 -> null
        }

      - vpc_routes {
          - cidr     = "100.100.100.0/19" -> null
          - next_hop = "Local" -> null
        }
      - vpc_routes {
          - cidr     = "0.0.0.0/0" -> null
          - next_hop = "Internet Gateway" -> null
        }

The assumption is that the VPC creates automatically two VPC Routes and two firewall rules, however and since they are not in the terraform file, it will always try (and fail) to remove those settings.

Our solution for this is not ideal, we're adding these fields to the ignore_changes list and managing them manually, it would be great to be able to manage both vpc_routes and firewall_rules from terraform.

cc: @rubycube @RamziChoueri2903 @pmi-snmiguel

VPC reading error

Just noticed a bug when reading the firewall rules after VPC creation.

Here's the stack trace

Stack trace from the terraform-provider-anypoint plugin:

panic: interface conversion: interface {} is int, not int32

goroutine 130 [running]:
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.newVPCBody(0x19207a8)
	/Users/sboulealf/go/src/github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_vpc.go:320 +0xcd4
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.resourceVPCCreate({0x19207a8, 0xc0000f4b40}, 0xc0002f17b8, {0x17f6340, 0xc0001f8930})
	/Users/sboulealf/go/src/github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_vpc.go:138 +0x18b
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0xc0001ae240, {0x1920738, 0xc000239b40}, 0x2, {0x17f6340, 0xc0001f8930})
	/Users/sboulealf/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:285 +0x1a3
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc0001ae240, {0x1920738, 0xc000239b40}, 0xc0001f8bd0, 0xc00007c100, {0x17f6340, 0xc0001f8930})
	/Users/sboulealf/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:396 +0x86f
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc0001960a8, {0x1920738, 0xc000239b40}, 0xc000116370)
	/Users/sboulealf/go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:955 +0x9aa
github.com/hashicorp/terraform-plugin-go/tfprotov5/server.(*server).ApplyResourceChange(0xc000191340, {0x19207e0, 0xc000726180}, 0xc00040a1a0)
	/Users/sboulealf/go/pkg/mod/github.com/hashicorp/[email protected]/tfprotov5/server/server.go:332 +0x6c
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x17e6f80, 0xc000191340}, {0x19207e0, 0xc000726180}, 0xc00022a240, 0x0)
	/Users/sboulealf/go/pkg/mod/github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:380 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001ac540, {0x192e090, 0xc000164000}, 0xc00072e000, 0xc000465650, 0x1e47d80, 0x0)
	/Users/sboulealf/go/pkg/mod/google.golang.org/[email protected]/server.go:1194 +0xc8f
google.golang.org/grpc.(*Server).handleStream(0xc0001ac540, {0x192e090, 0xc000164000}, 0xc00072e000, 0x0)
	/Users/sboulealf/go/pkg/mod/google.golang.org/[email protected]/server.go:1517 +0xa2a
google.golang.org/grpc.(*Server).serveStreams.func1.2()
	/Users/sboulealf/go/pkg/mod/google.golang.org/[email protected]/server.go:859 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
	/Users/sboulealf/go/pkg/mod/google.golang.org/[email protected]/server.go:857 +0x294

Error: The terraform-provider-anypoint plugin crashed!

Changing Business Group Name - panic: interface conversion: interface {} is nil, not string

Error StackTrace

Stack trace from the terraform-provider-anypoint_v1.5.1 plugin:

panic: interface conversion: interface {} is nil, not string

goroutine 272 [running]:
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.sortMapListRoles.func1(0x1?, 0x1?)
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_team_roles.go:329 +0x585
sort.insertionSort_func({0xc0008029b0?, 0xc0007a5ef0?}, 0x0, 0xa)
sort/zsortfunc.go:12 +0xb1
sort.stable_func({0xc0008029b0?, 0xc0007a5ef0?}, 0xa)
sort/zsortfunc.go:343 +0x7a
sort.SliceStable({0xc995c0, 0xc000776c78}, 0x10?)
sort/slice.go:35 +0x85
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.sortMapListRoles({0xc00066b700, 0xa, 0x10})
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_team_roles.go:315 +0x72
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.equalTeamRoles({0xc995c0?, 0xc000776558?}, {0xc995c0?, 0xc000776c48?})
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_team_roles.go:264 +0x105
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint.resourceTeamRoles.func1({0xc000309400?, 0xdf349a?}, {0xf4aec0?, 0xc0005102d0?}, {0xdf2436?, 0x5?}, 0xc0005463c0?)
github.com/mulesoft-consulting/terraform-provider-anypoint/anypoint/resource_team_roles.go:56 +0x1ae
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.schemaMap.diff(0x6?, {0xf4aec0, 0xc0005102d0}, {0xdf2436, 0x5}, 0xc0005463c0, 0xc000053600, {0xf4da90?, 0xc000053680}, 0x0)
github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/schema.go:1144 +0x3a8
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.schemaMap.Diff(0xc000511740, {0xf4aec0, 0xc0005102d0}, 0xc000378a90, 0xc0006772c0, 0x0, {0xdd5ce0, 0xc000399e40}, 0x0)
github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/schema.go:679 +0x353
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).SimpleDiff(0xf4b5c0?, {0xf4aec0?, 0xc0005102d0?}, 0xc000378a90, 0xcefcc0?, {0xdd5ce0?, 0xc000399e40?})
github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:890 +0x6c
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).PlanResourceChange(0xc00011e018, {0xf4aec0?, 0xc000510120?}, 0xc0006cbb30)
github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:741 +0x9c9
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).PlanResourceChange(0xc00015a140, {0xf4aec0?, 0xc000759a10?}, 0xc0000c9730)
github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:783 +0x574
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_PlanResourceChange_Handler({0xdbad00?, 0xc00015a140}, {0xf4aec0, 0xc000759a10}, 0xc0000c96c0, 0x0)
github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:367 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc00052a000, {0xf4eb00, 0xc00056c9c0}, 0xc000527e60, 0xc0001167e0, 0x14ef748, 0x0)
google.golang.org/[email protected]/server.go:1295 +0xb2b
google.golang.org/grpc.(*Server).handleStream(0xc00052a000, {0xf4eb00, 0xc00056c9c0}, 0xc000527e60, 0x0)
google.golang.org/[email protected]/server.go:1636 +0xa2f
google.golang.org/grpc.(*Server).serveStreams.func1.2()
google.golang.org/[email protected]/server.go:932 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
google.golang.org/[email protected]/server.go:930 +0x28a

Error: The terraform-provider-anypoint_v1.5.1 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

Change in the configuration

We were renaming a business group:

image

Please let me know if there is more information that can help.

Team additional attributes

Hi,

Some additional team attributes that should be integrated:

  • external_org_id
  • external_org_name
  • org_name
  • membership_count
  • membership_type
  • external_group_mappings
  • caller_capabilities

Further information can be found here

customize diffing for optional attributes

Hi,
following #46 and #39 requirements, we should generalise the use of DiffSuppressFunc across all resources in order to avoid unnecessary updates.

This issue concern primitive attributes se as optional.
For list/set/map types, a specific issue should be opened and resolved following specific requirements depending on the resource.

DLB with additional attribute

Hi,
How can we add keep_url_encoding to DLB. I tried by adding to the payload and below is the error
Error: Value for unconfigurable attribute
can you please share, how can add
keep_url_encoding and upstream_tlsv12

[Feature Request] Runtime Manager Alerts?

Hi!

I just found this repo and I'm excited to use it. As an Operations Engineer one of the first things I looked for was being able to use this Terraform Provider to manage my Runtime Manager Alerts, of which I have quite a few that I've manually built-out, but would love to codify them as Terraform.

I see the underlying library already has support - https://github.com/mulesoft-consulting/anypoint-automation-client-generator/blob/master/spec/rm_alerts.yml

Is this feature already planned?

If not, I may be able to work on a PR to add it (assuming you're accepting PRs?)

Thanks for the awesome provider!

unable to retrieve roles with anypoint_roles data source

Using version 1.5.1 of the provider.
a Connected App configured as "External - App acts on its own behalf"
and what should be correct Scopes of "Access Controls Admin"
When using a client id and secret always receive a response of
"on main.tf, in data "anypoint_roles" "roles":
data "anypoint_roles" "roles" {
Unauthorized

Looking at the Scopes Details it appears "Access Controls Admin" does not have GET support
organizations/{{org}}/roles DELETE
but it does have
/organizations/{{org}}/rolegroups/*/roles DELETE GET POST
/organizations/{{org}}/teams/*/roles DELETE GET POST

It appears the only way to use a Connect App is configured with "Internal - App acts on behalf of user", but trying that with client id and secret still did not retrieve roles. Looks like it will need an access_token

Is there a way for anypoint_roles data source to work with an External Connected App configuration?

Please update documentation or provide examples for setting up Connect Apps with the proper scopes/permissions
Please update documentation if certain data sources require different methods of authorization

Bug 1.3

I had upgraded to latest version 1.13. When i try to install DLB ...its complaining that
{"status":400,"message":"invalid private key format (PEM expected)"}

But when i revert to 1.2 it works perfectly.

Can you please check.

Multiple group mappings not sticking to single team

When adding multiple group mappings to a team, only 1 gets added. For example
Team1 can have multiple group mappings:
ad_group1
ad_group2
.... etc

Terraform performs operations successfully but when viewing the teams settings page only one mapping shows up.
Platform apis suggest multiple mappings can be added at a time. Link for reference

Unable to assign nested environments to VPC configured at parent BG

When creating a child business group from the parent, and assigning a VPC at the parent, I'm unable to define a list of environments associated to the VPC.

If you first run:

resource "anypoint_bg" "mike_corp_bg" {
name = "MikeCorp"
parentorganizationid = var.parent_org
ownerid = var.owner_id
entitlements_createsuborgs = true
entitlements_createenvironments = true
entitlements_globaldeployment = true
entitlements_vcoresproduction_assigned = 0
entitlements_vcoressandbox_assigned = 0.1
entitlements_vcoresdesign_assigned = 0
entitlements_staticips_assigned = 0
entitlements_vpcs_assigned = 0
entitlements_loadbalancer_assigned = 0
entitlements_vpns_assigned = 0
}

resource "anypoint_env" "sandbox_environments" {
count = length(var.sandbox_environments)
org_id = anypoint_bg.mike_corp_bg.id
name = element(var.sandbox_environments, count.index)
type = "sandbox"
}

resource "anypoint_env" "production_environments" {
count = length(var.production_environments)
org_id = anypoint_bg.mike_corp_bg.id
name = element(var.production_environments, count.index)
type = "production"
}

resource anypoint_vpc "production_vpc" {
cidr_block = "10.0.0.0/16"
name = "MikeCorp_PROD_VPC"
org_id = var.parent_org
region = var.regions["eu-west-1"]
// shared_with = tolist([anypoint_bg.mike_corp_bg.id])
// associated_environments = anypoint_env.production_environments[*].id
}

resource anypoint_vpc "sandbox_vpc" {
cidr_block = "10.0.0.0/16"
name = "MikeCorp_NON_PROD_VPC"
org_id = var.parent_org
region = var.regions["eu-west-1"]
// shared_with = tolist([anypoint_bg.mike_corp_bg.id])
// associated_environments = anypoint_env.sandbox_environments[*].id
}

Then uncomment shared_with, and re apply then the VPC is shared with the child, but linking the environments fails

│ Error: Unable to Create VPC

│ on resources.tf line 31, in resource "anypoint_vpc" "production_vpc":
│ 31: resource anypoint_vpc "production_vpc" {

│ {"status":400,"message":"Not all of the environments: [8257eeb4-936a-42b2-97e0-508f7b272968] are in the organization or in sub-organization structure."}


│ Error: Unable to Create VPC

│ on resources.tf line 40, in resource "anypoint_vpc" "sandbox_vpc":
│ 40: resource anypoint_vpc "sandbox_vpc" {

│ {"status":400,"message":"Not all of the environments: [f65e3a7b-73cc-4c94-90ec-e4a65a041e8b, 1be05145-04da-4c5e-9c47-02b2f4a4ee3b, d6150798-84f5-44dd-b41a-3e480c2e234c] are in the
│ organization or in sub-organization structure."}

If you try and run the whole script as one then the error is around the VPC and not the environments


│ Error: Unable to Create VPC

│ on resources.tf line 31, in resource "anypoint_vpc" "production_vpc":
│ 31: resource anypoint_vpc "production_vpc" {

│ {"status":400,"message":"The list of organizations: [5faad559-9c48-4a3d-a1d7-edf5676d6173] is not in the sub-organization tree."}


│ Error: Unable to Create VPC

│ on resources.tf line 40, in resource "anypoint_vpc" "sandbox_vpc":
│ 40: resource anypoint_vpc "sandbox_vpc" {

│ {"status":400,"message":"The list of organizations: [5faad559-9c48-4a3d-a1d7-edf5676d6173] is not in the sub-organization tree."}

It seems like there's a dependency on resources creating before the response is returned, and maybe the data is not set when trying to create the VPC/Environment.

I'm also using a variables file:

variable username {
type = string
default = "mike_cat"
description = "the username of the anypoint user"
}

variable password {
type = string
sensitive = true
description = "the password of the anypoint user"
}

variable sandbox_environments {
description = "Sandbox/Non Production Environments List"
type = list
default = ["dev","qa", "uat"]
}

variable production_environments {
description = "Production Environments List"
type = list
default = ["pro"]
}

variable "regions" {
type = map
default = {
"eu-west-1" = "eu-west-1"
}
}

variable owner_id {
type = string
default = "4ba9236f-fc97-49d1-b90c-c86dee1c6e13"
description = "the id associated with mike-cat"
}

variable parent_org {
type = string
default = "aa1f55d6-213d-4f60-845c-207286484cd1"
description = "The Parent Org"
}

To run this update your username to yours, and export TF_VAR_password={your-password} so Terraform takes your password from your environment variable

DLB certificates issue after initial apply

Hi guys,

I encountered an issue where after successfully deploying a DLB with certificates, every subsequent terraform plan/apply will re-apply the ssl_endpoints settings despite no changes were made.

The following code reproduces the issue:

resource "anypoint_dlb" "dlb" {
  org_id = var.bg_id
  vpc_id = "vpc-XXXXXXXXXXXXX"
  name = "sample-dlb"
  state = "started"
  ip_whitelist = ["0.0.0.0/0"]
  http_mode = "off"
  tlsv1 = false
  ssl_endpoints {
    public_key_label = "tf-public-key-name"
    public_key = ""
    private_key_label = "tf-private-key-name"
    private_key = ""
    verify_client_mode = "off"
    mappings {
      input_uri = "{app}/"
      app_name = "{app}"
      app_uri = "/" 
    }
  }
}

Additionally every subsequent plan/apply also detects a drift in state: ~ state = "STARTED" -> "started". This one seems to be just a case-sensitive matter.

Error message when teams and teams roles csv files are empty

When the teams and teams roles csv files are empty the following error messages is show.
To reproduce remove all team names and team roles from their respective csv files.

Error: Insufficient roles blocks │ │ on resources.tf line 60, in resource "anypoint_team_roles" "lvl1_teams_roles": │ 60: resource "anypoint_team_roles" "lvl1_teams_roles" { │ │ At least 1 "roles" blocks are required.

Unable to add client certificate to a Load Balancer

Using provider v1.5.2 we are deploying multiple DLBs with certificates. However we noticed that it is not possible to set a Client Certificate, for example of a trusted CA to verify client certificates. Can you implement this feature please? It's one of the few mandatory manual steps that's stopping us from fully automating our Mulesoft infrastructure.

org entitlement diffing customization

Hi.

Orgs are always detects as updated in the terraform plan phase. The reason is simply because since not all entitlement are present in a regular terraform script that creates a business group resource, the plan phase detects a discrepancy between the default remote values and what is declared.

Following #39 we should optimize entitlements diffing for orgs to avoid unnecessary updates when some entitlement are not present in the terraform script

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.