[Feat.] New HSS host group resource opentelekomcloud_hss_host_group_v5

docs/resources/hss_host_group_v5.md

@@ -0,0 +1,70 @@
+---
+subcategory: "Host Security Service (HSS)"
+layout: "opentelekomcloud"
+page_title: "OpenTelekomCloud: opentelekomcloud_hss_host_group_v5"
+sidebar_current: "docs-opentelekomcloud-resource-hss-host-group-v5"
+description: |-
+  Manages an HSS host group Service resource within OpenTelekomCloud.
+---
+
+# opentelekomcloud_hss_host_group_v5
+
+Manages an HSS host group resource within OpenTelekomCloud.
+
+## Example Usage
+
+### Create an HSS host group and bind ECS instances
+
+```hcl
+variable "host_group_name" {}
+variable "host_ids" {
+  type = list(string)
+}
+
+resource "opentelekomcloud_hss_host_group_v5" "test" {
+  name     = var.host_group_name
+  host_ids = var.host_ids
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required, String) Specifies the name of the host group.
+  The valid length is limited from `1` to `64`, only Chinese characters, English letters, digits, hyphens (-),
+  underscores (_), dots (.), pluses (+) and asterisks (*) are allowed.
+  The Chinese characters must be in `UTF-8` or `Unicode` format.
+
+* `host_ids` - (Required, List) Specifies the list of host IDs.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The resource ID in UUID format.
+
+* `host_num` - The total host number.
+
+* `region` - The region where the host group is located.
+
+* `risk_host_num` - The number of hosts at risk.
+
+* `unprotect_host_num` - The number of unprotect hosts.
+
+* `unprotect_host_ids` - The ID list of the unprotect hosts.
+
+## Timeouts
+
+This resource provides the following timeouts configuration options:
+
+* `create` - Default is 30 minutes.
+* `update` - Default is 30 minutes.
+
+## Import
+
+The host group resource can be imported using `id`, e.g.
+
+```bash
+$ terraform import opentelekomcloud_hss_host_group_v5.group <id>
+```

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/jmespath/go-jmespath v0.4.0
 	github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241104181956-db479a6d384d
+	github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241111133703-101a74fd5b4e
 	github.com/unknwon/com v1.0.1
 	golang.org/x/crypto v0.21.0
 	golang.org/x/sync v0.1.0

go.sum

@@ -158,6 +158,8 @@ github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
 github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241104181956-db479a6d384d h1:6nr8FpvqTw30NPORd7XIKKUW0EtYEKzWbxEO5mF/00g=
 github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241104181956-db479a6d384d/go.mod h1:M1F6OfSRZRzAmAFKQqSLClX952at5hx5rHe4UTEykgg=
+github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241111133703-101a74fd5b4e h1:/rdKqoWltx2CwxKQQ4hPxuxX6ip2JQ8lAazWTvtji3k=
+github.com/opentelekomcloud/gophertelekomcloud v0.9.4-0.20241111133703-101a74fd5b4e/go.mod h1:M1F6OfSRZRzAmAFKQqSLClX952at5hx5rHe4UTEykgg=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

opentelekomcloud/acceptance/hss/resource_opentelekomcloud_hss_host_group_v5_test.go

@@ -0,0 +1,130 @@
+package hss
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	group "github.com/opentelekomcloud/gophertelekomcloud/openstack/hss/v5/host"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/common"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/env"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/cfg"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/hss"
+)
+
+func getHostGroupFunc(conf *cfg.Config, state *terraform.ResourceState) (interface{}, error) {
+	client, err := conf.HssV5Client(env.OS_REGION_NAME)
+	if err != nil {
+		return nil, fmt.Errorf("error creating HSS v5 client: %s", err)
+	}
+	return hss.QueryHostGroupById(client, state.Primary.ID)
+}
+
+func TestAccHostGroup_basic(t *testing.T) {
+	var (
+		gr *group.HostGroupResp
+
+		name  = fmt.Sprintf("hss-acc-api%s", acctest.RandString(5))
+		rName = "opentelekomcloud_hss_host_group_v5.group"
+	)
+
+	rc := common.InitResourceCheck(
+		rName,
+		&gr,
+		getHostGroupFunc,
+	)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			common.TestAccPreCheck(t)
+		},
+		ProviderFactories: common.TestAccProviderFactories,
+		CheckDestroy:      rc.CheckResourceDestroy(),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccHostGroup_basic(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(rName, "name", name),
+					resource.TestCheckResourceAttr(rName, "host_ids.#", "1"),
+					resource.TestCheckResourceAttrSet(rName, "host_num"),
+				),
+			},
+			{
+				Config: testAccHostGroup_update(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(rName, "name", name+"-update"),
+					resource.TestCheckResourceAttr(rName, "host_ids.#", "2"),
+					resource.TestCheckResourceAttrSet(rName, "host_num"),
+				),
+			},
+			{
+				ResourceName:      rName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				// The field `unprotect_host_ids` will be filled in during the creation and editing operations.
+				// We only need to add ignore to the test case and do not need to make special instructions in the document.
+				ImportStateVerifyIgnore: []string{
+					"unprotect_host_ids",
+				},
+			},
+		},
+	})
+}
+
+func testAccHostGroup_base(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "opentelekomcloud_compute_instance_v2" "instance" {
+  count = 2
+
+  name              = "%s"
+  description       = "my_desc"
+  availability_zone = "%s"
+
+  image_name = "Standard_Debian_11_latest"
+  flavor_id  = "s3.large.2"
+
+  metadata = {
+    foo = "bar"
+  }
+  network {
+    uuid = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.network_id
+  }
+
+  tags = {
+    muh = "value-create"
+    kuh = "value-create"
+    emp = ""
+  }
+
+  stop_before_destroy = true
+}
+`, common.DataSourceSubnet, name, env.OS_AVAILABILITY_ZONE)
+}
+
+func testAccHostGroup_basic(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "opentelekomcloud_hss_host_group_v5" "group" {
+  name     = "%[2]s"
+  host_ids = slice(opentelekomcloud_compute_instance_v2.instance[*].id, 0, 1)
+}
+`, testAccHostGroup_base(name), name)
+}
+
+func testAccHostGroup_update(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "opentelekomcloud_hss_host_group_v5" "group" {
+  name     = "%[2]s-update"
+  host_ids = opentelekomcloud_compute_instance_v2.instance[*].id
+}
+`, testAccHostGroup_base(name), name)
+}

opentelekomcloud/common/cfg/config.go

@@ -1217,6 +1217,13 @@ func (c *Config) EvpnV5Client(region string) (*golangsdk.ServiceClient, error) {
 	})
 }
 
+func (c *Config) HssV5Client(region string) (*golangsdk.ServiceClient, error) {
+	return openstack.NewHssV5(c.HwClient, golangsdk.EndpointOpts{
+		Region:       region,
+		Availability: c.getEndpointType(),
+	})
+}
+
 func reconfigProjectName(src Config, projectName ProjectName) (*Config, error) {
 	config := &Config{}
 	if err := copier.Copy(config, &src); err != nil {

opentelekomcloud/provider.go

@@ -35,6 +35,7 @@ import (
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/fgs"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/fw"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/gaussdb"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/hss"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/iam"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/ims"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/kms"
@@ -460,6 +461,7 @@ func Provider() *schema.Provider {
 			"opentelekomcloud_fw_policy_v2":                              fw.ResourceFWPolicyV2(),
 			"opentelekomcloud_fw_rule_v2":                                fw.ResourceFWRuleV2(),
 			"opentelekomcloud_gaussdb_mysql_instance_v3":                 gaussdb.ResourceGaussDBInstanceV3(),
+			"opentelekomcloud_hss_host_group_v5":                         hss.ResourceHostGroup(),
 			"opentelekomcloud_identity_acl_v3":                           iam.ResourceIdentityAclV3(),
 			"opentelekomcloud_identity_agency_v3":                        iam.ResourceIdentityAgencyV3(),
 			"opentelekomcloud_identity_credential_v3":                    iam.ResourceIdentityCredentialV3(),

opentelekomcloud/services/hss/common.go

@@ -0,0 +1,13 @@
+package hss
+
+const (
+	errCreationV5Client = "error creating OpenTelekomCloud HSS v5 client: %w"
+	hssClientV5         = "hss-v5-client"
+)
+
+type ProtectStatus string
+
+const (
+	ProtectStatusClosed ProtectStatus = "closed"
+	ProtectStatusOpened ProtectStatus = "opened"
+)