fix: gaap http rule support sni (#1041)

* fix: gaap http rule support sni

* fix: unit test

* fix

Co-authored-by: mikatong <[email protected]>

Author: tongyiming

go.mod

@@ -31,15 +31,15 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.283
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cloudaudit v1.0.199
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cls v1.0.377
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.392
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.397
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.385
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.359
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dayu v1.0.335
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dc v1.0.199
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.294
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/emr v1.0.287
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.199
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.397
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.199
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/mongodb v1.0.199
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/monitor v1.0.329

go.sum

@@ -485,6 +485,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.389/go.mod
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.391/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.392 h1:UqcmPErxEm77NwqaRq6J1i2rcbhXcZHzq7WOuc9clAQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.392/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.397 h1:oYU+ghWYDEXSpU8aogzPYHiuZAI1291BMroSG0WKdAc=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.397/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.385 h1:8bwloRxRwSADSK48KxaUeO9JHmmgniNGJbA7Or/HUEk=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.385/go.mod h1:PMxA0L4o8Fbx/6+ju1cAMAU7x2bV4C6e/LTqVe745yM=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.359 h1:cNKqelPgUxrJkLY0Azd2QHr/UMYOPPnmqs88clt2akk=
@@ -501,6 +503,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383 h1:OhKvreaR
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383/go.mod h1:WLskTV0GsorWBboZsLUWrgj+f1xGOKGzPGCK9275tdU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.199 h1:tmjUPp0VBKuzjTqt0IQ5PT6iYt0yLmvM2DUzMFF7SGk=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.199/go.mod h1:tuPVv7O2B2fIpoDsrV/kvC62FO4CE4FihUxZY0JX2ek=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.397 h1:i0GyUqV/dAJkvEO1foUBB4GG/KrwbseORspjLNdTcfo=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.397/go.mod h1:5XosT/WYkH2v6Q6L34hjJIeQXOymyoBWYcvlmxupjFo=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.194/go.mod h1:yrBKWhChnDqNz1xuXdSbWXG56XawEq0G5j1lg4VwBD4=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.199 h1:rSDQeqvV4khOJUyg6xmMYF26CRd+WtSYvfwP6N72NP0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.199/go.mod h1:yrBKWhChnDqNz1xuXdSbWXG56XawEq0G5j1lg4VwBD4=

tencentcloud/data_source_tc_gaap_http_rules.go

@@ -161,6 +161,16 @@ func dataSourceTencentCloudGaapHttpRules() *schema.Resource {
 							Computed:    true,
 							Description: "Requested host which is forwarded to the realserver by the listener.",
 						},
+						"sni_switch": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "ServerNameIndication (SNI) switch.",
+						},
+						"sni": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "ServerNameIndication (SNI).",
+						},
 						"realservers": {
 							Type:        schema.TypeList,
 							Computed:    true,
@@ -294,6 +304,8 @@ func dataSourceTencentCloudGaapHttpRulesRead(d *schema.ResourceData, m interface
 				"health_check_path":   *checkParams.Path,
 				"health_check_method": *checkParams.Method,
 				"forward_host":        *rule.ForwardHost,
+				"sni_switch":          *rule.ServerNameIndicationSwitch,
+				"sni":                 *rule.ServerNameIndication,
 			}
 			statusCodes := make([]int, 0, len(checkParams.StatusCode))
 			for _, code := range checkParams.StatusCode {

tencentcloud/extension_gaap.go

@@ -32,6 +32,9 @@ const (
 
 	GAAPInternalError    = "InternalError"
 	GAAPResourceNotFound = "ResourceNotFound"
+
+	GAAP_SERVER_NAME_INDICATION_SWITCH_ON  = "ON"
+	GAAP_SERVER_NAME_INDICATION_SWITCH_OFF = "OFF"
 )
 
 var (

tencentcloud/resource_tc_gaap_http_rule.go

@@ -220,6 +220,19 @@ func resourceTencentCloudGaapHttpRule() *schema.Resource {
 				Default:     "default",
 				Description: "The default value of requested host which is forwarded to the realserver by the listener is `default`.",
 			},
+			"sni_switch": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				Computed:     true,
+				ValidateFunc: validateAllowedStringValue([]string{GAAP_SERVER_NAME_INDICATION_SWITCH_ON, GAAP_SERVER_NAME_INDICATION_SWITCH_OFF}),
+				Description:  "ServerNameIndication (SNI) switch. ON means on and OFF means off.",
+			},
+			"sni": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: "ServerNameIndication (SNI) is required when the SNI switch is turned on.",
+			},
 		},
 	}
 }
@@ -235,17 +248,19 @@ func resourceTencentCloudGaapHttpRuleCreate(d *schema.ResourceData, m interface{
 	listenerId := d.Get("listener_id").(string)
 
 	rule := gaapHttpRule{
-		listenerId:        listenerId,
-		domain:            d.Get("domain").(string),
-		path:              d.Get("path").(string),
-		realserverType:    d.Get("realserver_type").(string),
-		scheduler:         d.Get("scheduler").(string),
-		healthCheck:       d.Get("health_check").(bool),
-		interval:          d.Get("interval").(int),
-		connectTimeout:    d.Get("connect_timeout").(int),
-		healthCheckPath:   d.Get("health_check_path").(string),
-		healthCheckMethod: d.Get("health_check_method").(string),
-		forwardHost:       d.Get("forward_host").(string),
+		listenerId:                 listenerId,
+		domain:                     d.Get("domain").(string),
+		path:                       d.Get("path").(string),
+		realserverType:             d.Get("realserver_type").(string),
+		scheduler:                  d.Get("scheduler").(string),
+		healthCheck:                d.Get("health_check").(bool),
+		interval:                   d.Get("interval").(int),
+		connectTimeout:             d.Get("connect_timeout").(int),
+		healthCheckPath:            d.Get("health_check_path").(string),
+		healthCheckMethod:          d.Get("health_check_method").(string),
+		forwardHost:                d.Get("forward_host").(string),
+		serverNameIndicationSwitch: d.Get("sni_switch").(string),
+		serverNameIndication:       d.Get("sni").(string),
 	}
 
 	if raw, ok := d.GetOk("health_check_status_codes"); ok {
@@ -271,6 +286,9 @@ func resourceTencentCloudGaapHttpRuleCreate(d *schema.ResourceData, m interface{
 		return errors.New("health_check_status_codes can't be empty")
 	}
 
+	if rule.serverNameIndicationSwitch == GAAP_SERVER_NAME_INDICATION_SWITCH_ON && rule.serverNameIndication == "" {
+		return fmt.Errorf("ServerNameIndication (SNI) is required when the SNI switch is turned on.")
+	}
 	service := GaapService{client: m.(*TencentCloudClient).apiV3Conn}
 
 	id, err := service.CreateHttpRule(ctx, rule)
@@ -342,6 +360,8 @@ func resourceTencentCloudGaapHttpRuleRead(d *schema.ResourceData, m interface{})
 	_ = d.Set("health_check_method", rule.CheckParams.Method)
 	_ = d.Set("forward_host", rule.ForwardHost)
 	_ = d.Set("health_check_status_codes", rule.CheckParams.StatusCode)
+	_ = d.Set("sni_switch", rule.ServerNameIndicationSwitch)
+	_ = d.Set("sni", rule.ServerNameIndication)
 
 	realserverSet := make([]map[string]interface{}, 0, len(rule.RealServerSet))
 	for _, rs := range rule.RealServerSet {
@@ -373,7 +393,17 @@ func resourceTencentCloudGaapHttpRuleUpdate(d *schema.ResourceData, m interface{
 		scheduler  *string
 		updateAttr []string
 	)
-
+	if d.HasChange("sni_switch") {
+		updateAttr = append(updateAttr, "sni_switch")
+	}
+	sniSwitch := d.Get("sni_switch").(string)
+	if d.HasChange("sni") {
+		updateAttr = append(updateAttr, "sni")
+	}
+	sni := d.Get("sni").(string)
+	if sniSwitch == GAAP_SERVER_NAME_INDICATION_SWITCH_ON && sni == "" {
+		return fmt.Errorf("ServerNameIndication (SNI) is required when the SNI switch is turned on.")
+	}
 	if d.HasChange("path") {
 		updateAttr = append(updateAttr, "path")
 		path = helper.String(d.Get("path").(string))
@@ -454,7 +484,7 @@ func resourceTencentCloudGaapHttpRuleUpdate(d *schema.ResourceData, m interface{
 
 	if err := service.ModifyHTTPRuleAttribute(
 		ctx,
-		listenerId, id, healthCheckPath, healthCheckMethod,
+		listenerId, id, healthCheckPath, healthCheckMethod, sniSwitch, sni,
 		path, scheduler, healthCheck, interval, connectTimeout, healthCheckStatusCodes,
 	); err != nil {
 		return err

tencentcloud/resource_tc_gaap_realserver_test.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"strconv"
 	"testing"
+	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
@@ -116,7 +117,8 @@ func TestAccTencentCloudGaapRealserver_updateTags(t *testing.T) {
 				),
 			},
 			{
-				Config: testAccGaapRealserverUpdateTags,
+				PreConfig: func() { time.Sleep(time.Duration(time.Second * 5)) },
+				Config:    testAccGaapRealserverUpdateTags,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckGaapRealserverExists("tencentcloud_gaap_realserver.foo", id),
 					resource.TestCheckResourceAttr("tencentcloud_gaap_realserver.foo", "tags.test", "test"),

tencentcloud/service_tencentcloud_gaap.go

@@ -25,18 +25,20 @@ type gaapRealserverBind struct {
 }
 
 type gaapHttpRule struct {
-	listenerId             string
-	domain                 string
-	path                   string
-	realserverType         string
-	scheduler              string
-	healthCheck            bool
-	interval               int
-	connectTimeout         int
-	healthCheckPath        string
-	healthCheckMethod      string
-	healthCheckStatusCodes []int
-	forwardHost            string
+	listenerId                 string
+	domain                     string
+	path                       string
+	realserverType             string
+	scheduler                  string
+	healthCheck                bool
+	interval                   int
+	connectTimeout             int
+	healthCheckPath            string
+	healthCheckMethod          string
+	healthCheckStatusCodes     []int
+	forwardHost                string
+	serverNameIndicationSwitch string
+	serverNameIndication       string
 }
 
 type GaapService struct {
@@ -2669,6 +2671,12 @@ func (me *GaapService) CreateHttpRule(ctx context.Context, httpRule gaapHttpRule
 	}
 
 	request.ForwardHost = &httpRule.forwardHost
+	if httpRule.serverNameIndicationSwitch != "" {
+		request.ServerNameIndicationSwitch = &httpRule.serverNameIndicationSwitch
+	}
+	if httpRule.serverNameIndication != "" {
+		request.ServerNameIndication = &httpRule.serverNameIndication
+	}
 
 	if err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
 		ratelimit.Check(request.GetAction())
@@ -2778,7 +2786,7 @@ func (me *GaapService) DescribeHttpRule(ctx context.Context, id string) (rule *g
 
 func (me *GaapService) ModifyHTTPRuleAttribute(
 	ctx context.Context,
-	listenerId, ruleId, healthCheckPath, healthCheckMethod string,
+	listenerId, ruleId, healthCheckPath, healthCheckMethod, sniSwitch, sni string,
 	path, scheduler *string,
 	healthCheck bool,
 	interval, connectTimeout int,
@@ -2792,6 +2800,8 @@ func (me *GaapService) ModifyHTTPRuleAttribute(
 	request.RuleId = &ruleId
 	request.Path = path
 	request.Scheduler = scheduler
+	request.ServerNameIndicationSwitch = &sniSwitch
+	request.ServerNameIndication = &sni
 
 	if healthCheck {
 		request.HealthCheck = helper.IntUint64(1)