diff --git a/builtin/providers/chef/provider.go b/builtin/providers/chef/provider.go index 6a7f8e540..a362b0071 100644 --- a/builtin/providers/chef/provider.go +++ b/builtin/providers/chef/provider.go @@ -2,8 +2,10 @@ package chef import ( "encoding/json" + "fmt" "io/ioutil" "os" + "strings" "time" "github.com/hashicorp/terraform/helper/schema" @@ -48,7 +50,7 @@ func Provider() terraform.ResourceProvider { "chef_data_bag_item": resourceChefDataBagItem(), "chef_environment": resourceChefEnvironment(), //"chef_node": resourceChefNode(), - //"chef_role": resourceChefRole(), + "chef_role": resourceChefRole(), }, ConfigureFunc: providerConfigure, @@ -95,3 +97,16 @@ func jsonStateFunc(value interface{}) string { jsonValue, _ := json.Marshal(&tmp) return string(jsonValue) } + +func runListEntryStateFunc(value interface{}) string { + // Recipes in run lists can either be naked, like "foo", or can + // be explicitly qualified as "recipe[foo]". Whichever form we use, + // the server will always normalize to the explicit form, + // so we'll normalize too and then we won't generate unnecessary + // diffs when we refresh. + in := value.(string) + if !strings.Contains(in, "[") { + return fmt.Sprintf("recipe[%s]", in) + } + return in +} diff --git a/builtin/providers/chef/resource_role.go b/builtin/providers/chef/resource_role.go new file mode 100644 index 000000000..8e3f74316 --- /dev/null +++ b/builtin/providers/chef/resource_role.go @@ -0,0 +1,185 @@ +package chef + +import ( + "encoding/json" + "fmt" + + "github.com/hashicorp/terraform/helper/schema" + + chefc "github.com/go-chef/chef" +) + +func resourceChefRole() *schema.Resource { + return &schema.Resource{ + Create: CreateRole, + Update: UpdateRole, + Read: ReadRole, + Delete: DeleteRole, + + Schema: map[string]*schema.Schema{ + "name": &schema.Schema{ + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "description": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Default: "Managed by Terraform", + }, + "default_attributes_json": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Default: "{}", + StateFunc: jsonStateFunc, + }, + "override_attributes_json": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Default: "{}", + StateFunc: jsonStateFunc, + }, + "run_list": &schema.Schema{ + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + StateFunc: runListEntryStateFunc, + }, + }, + }, + } +} + +func CreateRole(d *schema.ResourceData, meta interface{}) error { + client := meta.(*chefc.Client) + + role, err := roleFromResourceData(d) + if err != nil { + return err + } + + _, err = client.Roles.Create(role) + if err != nil { + return err + } + + d.SetId(role.Name) + return ReadRole(d, meta) +} + +func UpdateRole(d *schema.ResourceData, meta interface{}) error { + client := meta.(*chefc.Client) + + role, err := roleFromResourceData(d) + if err != nil { + return err + } + + _, err = client.Roles.Put(role) + if err != nil { + return err + } + + d.SetId(role.Name) + return ReadRole(d, meta) +} + +func ReadRole(d *schema.ResourceData, meta interface{}) error { + client := meta.(*chefc.Client) + + name := d.Id() + + role, err := client.Roles.Get(name) + if err != nil { + if errRes, ok := err.(*chefc.ErrorResponse); ok { + if errRes.Response.StatusCode == 404 { + d.SetId("") + return nil + } + } else { + return err + } + } + + d.Set("name", role.Name) + d.Set("description", role.Description) + + defaultAttrJson, err := json.Marshal(role.DefaultAttributes) + if err != nil { + return err + } + d.Set("default_attributes_json", defaultAttrJson) + + overrideAttrJson, err := json.Marshal(role.OverrideAttributes) + if err != nil { + return err + } + d.Set("override_attributes_json", overrideAttrJson) + + runListI := make([]interface{}, len(role.RunList)) + for i, v := range role.RunList { + runListI[i] = v + } + d.Set("run_list", runListI) + + return nil +} + +func DeleteRole(d *schema.ResourceData, meta interface{}) error { + client := meta.(*chefc.Client) + + name := d.Id() + + // For some reason Roles.Delete is not exposed by the + // underlying client library, so we have to do this manually. + + path := fmt.Sprintf("roles/%s", name) + + httpReq, err := client.NewRequest("DELETE", path, nil) + if err != nil { + return err + } + + _, err = client.Do(httpReq, nil) + if err == nil { + d.SetId("") + } + + return err +} + +func roleFromResourceData(d *schema.ResourceData) (*chefc.Role, error) { + + role := &chefc.Role{ + Name: d.Get("name").(string), + Description: d.Get("description").(string), + ChefType: "role", + } + + var err error + + err = json.Unmarshal( + []byte(d.Get("default_attributes_json").(string)), + &role.DefaultAttributes, + ) + if err != nil { + return nil, fmt.Errorf("default_attributes_json: %s", err) + } + + err = json.Unmarshal( + []byte(d.Get("override_attributes_json").(string)), + &role.OverrideAttributes, + ) + if err != nil { + return nil, fmt.Errorf("override_attributes_json: %s", err) + } + + runListI := d.Get("run_list").([]interface{}) + role.RunList = make([]string, len(runListI)) + for i, vI := range runListI { + role.RunList[i] = vI.(string) + } + + return role, nil +} diff --git a/builtin/providers/chef/resource_role_test.go b/builtin/providers/chef/resource_role_test.go new file mode 100644 index 000000000..3859e4e85 --- /dev/null +++ b/builtin/providers/chef/resource_role_test.go @@ -0,0 +1,120 @@ +package chef + +import ( + "fmt" + "reflect" + "testing" + + chefc "github.com/go-chef/chef" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccRole_basic(t *testing.T) { + var role chefc.Role + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccRoleCheckDestroy(&role), + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccRoleConfig_basic, + Check: resource.ComposeTestCheckFunc( + testAccRoleCheckExists("chef_role.test", &role), + func(s *terraform.State) error { + + if expected := "terraform-acc-test-basic"; role.Name != expected { + return fmt.Errorf("wrong name; expected %v, got %v", expected, role.Name) + } + if expected := "Terraform Acceptance Tests"; role.Description != expected { + return fmt.Errorf("wrong description; expected %v, got %v", expected, role.Description) + } + + expectedRunList := chefc.RunList{ + "recipe[terraform@1.0.0]", + "recipe[consul]", + "role[foo]", + } + if !reflect.DeepEqual(role.RunList, expectedRunList) { + return fmt.Errorf("wrong runlist; expected %#v, got %#v", expectedRunList, role.RunList) + } + + var expectedAttributes interface{} + expectedAttributes = map[string]interface{}{ + "terraform_acc_test": true, + } + if !reflect.DeepEqual(role.DefaultAttributes, expectedAttributes) { + return fmt.Errorf("wrong default attributes; expected %#v, got %#v", expectedAttributes, role.DefaultAttributes) + } + if !reflect.DeepEqual(role.OverrideAttributes, expectedAttributes) { + return fmt.Errorf("wrong override attributes; expected %#v, got %#v", expectedAttributes, role.OverrideAttributes) + } + + return nil + }, + ), + }, + }, + }) +} + +func testAccRoleCheckExists(rn string, role *chefc.Role) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[rn] + if !ok { + return fmt.Errorf("resource not found: %s", rn) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("role id not set") + } + + client := testAccProvider.Meta().(*chefc.Client) + gotRole, err := client.Roles.Get(rs.Primary.ID) + if err != nil { + return fmt.Errorf("error getting role: %s", err) + } + + *role = *gotRole + + return nil + } +} + +func testAccRoleCheckDestroy(role *chefc.Role) resource.TestCheckFunc { + return func(s *terraform.State) error { + client := testAccProvider.Meta().(*chefc.Client) + _, err := client.Roles.Get(role.Name) + if err == nil { + return fmt.Errorf("role still exists") + } + if _, ok := err.(*chefc.ErrorResponse); !ok { + // A more specific check is tricky because Chef Server can return + // a few different error codes in this case depending on which + // part of its stack catches the error. + return fmt.Errorf("got something other than an HTTP error (%v) when getting role", err) + } + + return nil + } +} + +const testAccRoleConfig_basic = ` +resource "chef_role" "test" { + name = "terraform-acc-test-basic" + description = "Terraform Acceptance Tests" + default_attributes_json = <