Support more than one cert-manager certificate by rpaas instance

tsuru · Oct 20, 2021 · 6603289 · 6603289
1 parent 39eeee7
commit 6603289
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 4 deletions.
diff --git a/rpaas/resource_rpaas_cert_manager.go b/rpaas/resource_rpaas_cert_manager.go
@@ -62,6 +62,7 @@ func resourceRpaasCertManagerUpsert(ctx context.Context, d *schema.ResourceData,
 
 	instance := d.Get("instance").(string)
 	serviceName := d.Get("service_name").(string)
+	issuer := d.Get("issuer").(string)
 
 	rpaasClient, err := provider.RpaasClient.SetService(serviceName)
 	if err != nil {
@@ -71,7 +72,7 @@ func resourceRpaasCertManagerUpsert(ctx context.Context, d *schema.ResourceData,
 	args := rpaas_client.UpdateCertManagerArgs{
 		Instance: instance,
 		CertManager: types.CertManager{
-			Issuer:   d.Get("issuer").(string),
+			Issuer:   issuer,
 			DNSNames: parseDNSNames(d.Get("dns_names")),
 		},
 	}
@@ -85,7 +86,7 @@ func resourceRpaasCertManagerUpsert(ctx context.Context, d *schema.ResourceData,
 		return diag.Errorf("Unable to create/update cert-manager, issuer %s for instance %s: %v", args.CertManager.Issuer, instance, err)
 	}
 
-	d.SetId(fmt.Sprintf("%s %s", serviceName, instance))
+	d.SetId(fmt.Sprintf("%s %s %s", serviceName, instance, issuer))
 	return resourceRpaasCertManagerRead(ctx, d, meta)
 }
 
@@ -107,8 +108,10 @@ func resourceRpaasCertManagerRead(ctx context.Context, d *schema.ResourceData, m
 		return diag.Errorf("Unable to read rpaas instance %s: %v", instance, err)
 	}
 
+	certificateName := "cert-manager-" + d.Get("issuer").(string)
+
 	for _, certificate := range info.Certificates {
-		if certificate.Name == "cert-manager" {
+		if certificate.Name == "cert-manager" || certificate.Name == certificateName {
 			return nil
 		}
 	}

diff --git a/rpaas/resource_rpaas_cert_manager_test.go b/rpaas/resource_rpaas_cert_manager_test.go
@@ -20,7 +20,7 @@ import (
 	"github.com/tsuru/rpaas-operator/pkg/rpaas/client/types"
 )
 
-func TestAccRpaasCertManager_basic(t *testing.T) {
+func TestAccRpaasCertManager_legacy(t *testing.T) {
 	fakeServer := echo.New()
 	fakeServer.POST("/services/rpaasv2-be/proxy/my_rpaas", func(c echo.Context) error {
 		p := rpaas_client.UpdateCertManagerArgs{}
@@ -75,6 +75,62 @@ func TestAccRpaasCertManager_basic(t *testing.T) {
 	})
 }
 
+func TestAccRpaasCertManager_basic(t *testing.T) {
+	fakeServer := echo.New()
+	fakeServer.POST("/services/rpaasv2-be/proxy/my_rpaas", func(c echo.Context) error {
+		p := rpaas_client.UpdateCertManagerArgs{}
+		err := c.Bind(&p)
+		require.NoError(t, err)
+		assert.Equal(t, "private-cert", p.Issuer)
+		assert.Equal(t, []string{"example.org"}, p.DNSNames)
+		return c.JSON(http.StatusOK, nil)
+	})
+	fakeServer.GET("/services/rpaasv2-be/proxy/my_rpaas", func(c echo.Context) error {
+		return c.JSON(http.StatusOK, struct {
+			Routes       []types.Route           `json:"routes"`
+			Certificates []types.CertificateInfo `json:"certificates"`
+		}{
+			Routes: []types.Route{
+				{Path: "/", Content: "	# nginx config\n"},
+			},
+			Certificates: []types.CertificateInfo{
+				{
+					Name: "cert-manager-private-cert",
+				},
+			},
+		})
+	})
+	fakeServer.DELETE("/services/rpaasv2-be/proxy/my_rpaas", func(c echo.Context) error {
+		return c.NoContent(http.StatusOK)
+	})
+	fakeServer.HTTPErrorHandler = func(err error, c echo.Context) {
+		t.Errorf("methods=%s, path=%s, err=%s", c.Request().Method, c.Path(), err.Error())
+	}
+	server := httptest.NewServer(fakeServer)
+	os.Setenv("TSURU_TARGET", server.URL)
+	os.Setenv("TSURU_TOKEN", "asdf")
+
+	resourceName := "rpaas_cert_manager.cert-manager"
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		IDRefreshName:     resourceName,
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      nil,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRpaasCertManager_basic("my_rpaas"),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccResourceExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "instance", "my_rpaas"),
+					resource.TestCheckResourceAttr(resourceName, "service_name", "rpaasv2-be"),
+					resource.TestCheckResourceAttr(resourceName, "issuer", "private-cert"),
+					resource.TestCheckResourceAttr(resourceName, "id", "rpaasv2-be my_rpaas private-cert"),
+				),
+			},
+		},
+	})
+}
+
 func testAccRpaasCertManager_basic(name string) string {
 	return fmt.Sprintf(`
 resource "rpaas_cert_manager" "cert-manager" {