gitlabhq · nagyv · Apr 24, 2022 · Apr 24, 2022 · Apr 24, 2022 · Apr 24, 2022
diff --git a/docs/resources/pages_domain.md b/docs/resources/pages_domain.md
@@ -0,0 +1,48 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "gitlab_pages_domain Resource - terraform-provider-gitlab"
+subcategory: ""
+description: |-
+  The gitlab_pages_domain resource allows to manage the lifecycle of a custom Pages domain including its TLS certificates.
+  Upstream API: GitLab REST API docs https://docs.gitlab.com/ee/api/pages_domains.html
+---
+
+# gitlab_pages_domain (Resource)
+
+The `gitlab_pages_domain` resource allows to manage the lifecycle of a custom Pages domain including its TLS certificates.
+
+**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/pages_domains.html)
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `domain` (String) The custom domain.
+- `project` (String) The ID or [URL-encoded path of the project](https://docs.gitlab.com/ee/api/index.html#namespaced-path-encoding) owned by the authenticated user.
+
+### Optional
+
+- `auto_ssl_enabled` (Boolean) Enables automatic generation of SSL certificates issued by Let’s Encrypt for custom domains.
+- `certificate` (String) The certificate in PEM format with intermediates following in most specific to least specific order.
+- `certificate_data` (Block List, Max: 1) The certificate data. (see [below for nested schema](#nestedblock--certificate_data))
+- `key` (String) The certificate key in PEM format.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `url` (String) The URL for the given domain.
+- `verification_code` (String, Sensitive) The verification code for the domain.
+- `verified` (Boolean) The certificate data.
+
+<a id="nestedblock--certificate_data"></a>
+### Nested Schema for `certificate_data`
+
+Optional:
+
+- `expiration` (String) The certificate expiration date.
+- `expired` (Boolean) Is the certificate expired?
+
+
diff --git a/internal/provider/resource_gitlab_pages_domain.go b/internal/provider/resource_gitlab_pages_domain.go
@@ -0,0 +1,220 @@
+package provider
+
+import (
+	"context"
+	"log"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	gitlab "github.com/xanzy/go-gitlab"
+)
+
+var _ = registerResource("gitlab_pages_domain", func() *schema.Resource {
+	return &schema.Resource{
+		Description: `The ` + "`gitlab_pages_domain`" + ` resource allows to manage the lifecycle of a custom Pages domain including its TLS certificates.
+
+**Upstream API**: [GitLab REST API docs](https://docs.gitlab.com/ee/api/pages_domains.html)`,
+
+		CreateContext: resourceGitlabPagesDomainCreate,
+		ReadContext:   resourceGitlabPagesDomainRead,
+		UpdateContext: resourceGitlabPagesDomainUpdate,
+		DeleteContext: resourceGitlabPagesDomainDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"domain": {
+				Description: "The custom domain.",
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+			},
+			"project": {
+				Description: "The ID or [URL-encoded path of the project](https://docs.gitlab.com/ee/api/index.html#namespaced-path-encoding) owned by the authenticated user.",
+				Type:        schema.TypeString,
+				ForceNew:    true,
+				Required:    true,
+			},
+			"auto_ssl_enabled": {
+				Description: "Enables automatic generation of SSL certificates issued by Let’s Encrypt for custom domains.",
+				Type:        schema.TypeBool,
+				Optional:    true,
+			},
+			"certificate": {
+				Description: "The certificate in PEM format with intermediates following in most specific to least specific order.",
+				Type:        schema.TypeString,
+				Optional:    true,
+			},
+			"key": {
+				Description: "The certificate key in PEM format.",
+				Type:        schema.TypeString,
+				Optional:    true,
+			},
+			"url": {
+				Description: "The URL for the given domain.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"certificate_data": {
+				Description: "The certificate data.",
+				Type:        schema.TypeList,
+				MaxItems:    1,
+				Computed:    true,
+				Optional:    true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"expired": {
+							Description: "Is the certificate expired?",
+							Type:        schema.TypeBool,
+							Computed:    true,
+							Optional:    true,
+						},
+						"expiration": {
+							Description:  "The certificate expiration date.",
+							Type:         schema.TypeString,
+							ValidateFunc: validation.IsRFC3339Time,
+							Computed:     true,
+							Optional:     true,
+						},
+					},
+				},
+			},
+			"verified": {
+				Description: "The certificate data.",
+				Type:        schema.TypeBool,
+				Computed:    true,
+			},
+			"verification_code": {
+				Description: "The verification code for the domain.",
+				Type:        schema.TypeString,
+				Computed:    true,
+				Sensitive:   true,
+			},
+		},
+	}
+})
+
+func resourceGitlabPagesDomainCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*gitlab.Client)
+	projectID := d.Get("project").(string)
+	domain := d.Get("domain").(string)
+	auto_ssl_enabled := d.Get("auto_ssl_enabled").(bool)
+	certificate := d.Get("certificate").(string)
+	key := d.Get("key").(string)
+
+	options := &gitlab.CreatePagesDomainOptions{
+		Domain:         &domain,
+		AutoSslEnabled: &auto_ssl_enabled,
+		Certificate:    &certificate,
+		Key:            &key,
+	}
-	domain := d.Get("domain").(string)
-	auto_ssl_enabled := d.Get("auto_ssl_enabled").(bool)
-	certificate := d.Get("certificate").(string)
-	key := d.Get("key").(string)
-
-	options := &gitlab.CreatePagesDomainOptions{
-		Domain:         &domain,
-		AutoSslEnabled: &auto_ssl_enabled,
-		Certificate:    &certificate,
-		Key:            &key,
-	}
+	domain := d.Get("domain").(string)
+	auto_ssl_enabled := d.Get("auto_ssl_enabled").(bool)
+	certificate := d.Get("certificate").(string)
+	key := d.Get("key").(string)
+
+	options := &gitlab.CreatePagesDomainOptions{
+		Domain:         gitlab.String(d.Get("domain").(string)),
+		AutoSslEnabled: gitlab.Bool(d.Get("auto_ssl_enabled").(bool))
+		Certificate:    gitlab.String(d.Get("certificate").(string)),
+		Key:            gitlab.String(d.Get("key").(string)),
+	}
-	domain := d.Get("domain").(string)
-	auto_ssl_enabled := d.Get("auto_ssl_enabled").(bool)
-	certificate := d.Get("certificate").(string)
-	key := d.Get("key").(string)
-
-	options := &gitlab.CreatePagesDomainOptions{
-		Domain:         &domain,
-		AutoSslEnabled: &auto_ssl_enabled,
-		Certificate:    &certificate,
-		Key:            &key,
-	}
+	domain := d.Get("domain").(string)
+	auto_ssl_enabled := d.Get("auto_ssl_enabled").(bool)
+	certificate := d.Get("certificate").(string)
+	key := d.Get("key").(string)
+
+	options := &gitlab.CreatePagesDomainOptions{
+		Domain:         gitlab.String(d.Get("domain").(string)),
+		AutoSslEnabled: gitlab.Bool(d.Get("auto_ssl_enabled").(bool))
+		Certificate:    gitlab.String(d.Get("certificate").(string)),
+		Key:            gitlab.String(d.Get("key").(string)),
+	}
+
+	log.Printf("[DEBUG] create gitlab pages domain %s", domain)
+
+	_, _, err := client.PagesDomains.CreatePagesDomain(projectID, options, gitlab.WithContext(ctx))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	d.SetId(buildTwoPartID(&projectID, &domain))
+	return resourceGitlabPagesDomainRead(ctx, d, meta)
+}
+
+func resourceGitlabPagesDomainUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*gitlab.Client)
+
+	projectID, domain, err := parseTwoPartID(d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	options := &gitlab.UpdatePagesDomainOptions{}
+
+	if d.HasChange("auto_ssl_enabled") {
+		options.AutoSslEnabled = gitlab.Bool(d.Get("auto_ssl_enabled").(bool))
+	}
+	if d.HasChange("certificate") {
+		options.Certificate = gitlab.String(d.Get("certificate").(string))
+	}
+	if d.HasChange("key") {
+		options.Key = gitlab.String(d.Get("key").(string))
+	}
+
+	log.Printf("[DEBUG] update gitlab pages domain %s for %s", domain, projectID)
+
+	_, _, err2 := client.PagesDomains.UpdatePagesDomain(projectID, domain, options, gitlab.WithContext(ctx))
+	if err2 != nil {
+		return diag.FromErr(err2)
+	}
+	return resourceGitlabProjectMirrorRead(ctx, d, meta)
+}
+
+func resourceGitlabPagesDomainRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*gitlab.Client)
+	projectID, domain, err := parseTwoPartID(d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	log.Printf("[DEBUG] read gitlab pages domain %s", domain)
+
+	pagesDomain, _, err := client.PagesDomains.GetPagesDomain(projectID, domain, gitlab.WithContext(ctx))
+	if err != nil {
+		if is404(err) {
+			log.Printf("[DEBUG] gitlab pages domain %s not found, removing from state", domain)
+			d.SetId("")
+			return nil
+		}
+		return diag.FromErr(err)
+	}
+
+	d.Set("project", projectID)
+	d.Set("domain", pagesDomain.Domain)
+	d.Set("url", pagesDomain.URL)
+	d.Set("auto_ssl_enabled", pagesDomain.AutoSslEnabled)
+	if err := d.Set("certificate_data", flattenCertificateData(pagesDomain)); err != nil {
+		return diag.FromErr(err)
+	}
+	d.Set("verified", pagesDomain.Verified)
+	d.Set("verification_code", pagesDomain.VerificationCode)
+	return nil
+}
+
+func resourceGitlabPagesDomainDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*gitlab.Client)
+	projectID, domain, err := parseTwoPartID(d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	log.Printf("[DEBUG] Delete gitlab pages domain %s", domain)
+
+	_, err = client.PagesDomains.DeletePagesDomain(projectID, domain, gitlab.WithContext(ctx))
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+func flattenCertificateData(pagesDomain *gitlab.PagesDomain) (certificate_data []map[string]interface{}) {
+	if pagesDomain == nil {
+		return
+	}
+
+	var certificate_expiration string
+	if pagesDomain.Certificate.Expiration == nil {
+		certificate_expiration = ""
+	} else {
+		certificate_expiration = pagesDomain.Certificate.Expiration.Format(time.RFC3339)
+	}
+
+	certificate_data = []map[string]interface{}{
+		{
+			"expired":    pagesDomain.Certificate.Expired,
+			"expiration": certificate_expiration,
+		},
+	}
+	return certificate_data
+}
diff --git a/internal/provider/resource_gitlab_pages_domain_test.go b/internal/provider/resource_gitlab_pages_domain_test.go
@@ -0,0 +1,119 @@
+package provider
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/xanzy/go-gitlab"
+)
+
+func TestAccGitlabPagesDomain_basic(t *testing.T) {
+	var pagesDomain gitlab.PagesDomain
+	rInt := acctest.RandInt()
+	project := testAccCreateProject(t)
+
+	resource.Test(t, resource.TestCase{
+		ProviderFactories: providerFactories,
+		CheckDestroy:      testAccCheckGitlabPagesDestroy,
+		Steps: []resource.TestStep{
+			// Create a pages domain with all options
+			{
+				Config: testAccGitlabPagesDomainCreate(rInt, project.PathWithNamespace),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckGitlabPagesDomainExists("gitlab_pages_domain.this", &pagesDomain),
+					resource.TestCheckResourceAttrSet("gitlab_pages_domain.this", "auto_ssl_enabled"),
+				),
+			},
+			// Verify import
+			{
+				ResourceName:      "gitlab_pages_domain.this",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			// Update the pages domain to toggle all the values to their inverse
+			{
+				Config: testAccGitlabPagesDomainUpdate(rInt, project.PathWithNamespace),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckGitlabPagesDomainExists("gitlab_pages_domain.this", &pagesDomain),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckGitlabPagesDomainExists(n string, pagesDomain *gitlab.PagesDomain) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not Found: %s", n)
+		}
+
+		projectID := rs.Primary.Attributes["project"]
+		if projectID == "" {
+			return fmt.Errorf("No project ID is set")
+		}
+
+		domain := rs.Primary.Attributes["domain"]
+		if domain == "" {
+			return fmt.Errorf("No domain is set")
+		}
+
+		gotPagesDomain, _, err := testGitlabClient.PagesDomains.GetPagesDomain(projectID, domain)
+		if err != nil {
+			return err
+		}
+		*pagesDomain = *gotPagesDomain
+		return nil
+	}
+}
+
+func testAccCheckGitlabPagesDestroy(s *terraform.State) error {
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "gitlab_pages_domain" {
+			continue
+		}
+
+		projectID := rs.Primary.Attributes["project"]
+		if projectID == "" {
+			return fmt.Errorf("No project ID is set")
+		}
+
+		domain := rs.Primary.Attributes["domain"]
+		if domain == "" {
+			return fmt.Errorf("No domain is set")
+		}
+
+		gotPagesDomain, err := testGitlabClient.PagesDomains.DeletePagesDomain(projectID, domain)
+		if err == nil {
+			if gotPagesDomain != nil {
+				return fmt.Errorf("Pages domain %s still exists after deletion", domain)
+			}
+		}
+		if !is404(err) {
+			return err
+		}
+		return nil
+	}
+	return nil
+}
+
+func testAccGitlabPagesDomainCreate(rInt int, project string) string {
+	return fmt.Sprintf(`
+resource "gitlab_pages_domain" "this" {
+  project                     = "%[2]s"
+  domain                      = "page-%[1]d.example.com"
+}
+	`, rInt, project)
+}
+
+func testAccGitlabPagesDomainUpdate(rInt int, project string) string {
+	return fmt.Sprintf(`
+resource "gitlab_pages_domain" "this" {
+  project                     = "%[2]s"
+  domain                      = "page-%[1]d.example.com"
+}
+	`, rInt+1, project)
+}