feat: es supoort sg (#1956)

* feat: es supoort sg

* fix: merge master

* fix: fmt

* feat: add changelog

* update forcenew

---------

Co-authored-by: anonymous <anonymous@mail.org>
Co-authored-by: hellertang <hellertang@tencent.com>

Author: 3 people

.changelog/1956.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+tencentcloud_elasticsearch_security_group
+```

go.mod

@@ -53,7 +53,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/domain v1.0.414
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dts v1.0.628
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/emr v1.0.287
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.699
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.514
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.563
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/lighthouse v1.0.656

go.sum

@@ -883,6 +883,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/emr v1.0.287 h1:+9COBXA
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/emr v1.0.287/go.mod h1:xRvd0xsyCoviCiMRfJMh5lODPnLx+bnTfENNx6GHzFA=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383 h1:OhKvreaRPhwBEButv45yBcu6BvfvR1JAEXbU/NTck94=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.383/go.mod h1:WLskTV0GsorWBboZsLUWrgj+f1xGOKGzPGCK9275tdU=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.699 h1:7lFObucmWErYOh+5/AzpgerUAFoO72XqhXrAzFltTIo=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es v1.0.699/go.mod h1:Iq+JZDHZlYu/dcmpT48SLFESqxL+C9GjRKrQHcw+FjQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.514 h1:MKSaqFCa4PCzzb2gVV+oFpxsiPmnCf6uDJwxf9eOoNU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.514/go.mod h1:uTfhkzPZOwop+tSo83QHrMWtesWdQApxJuFZEXGKXH0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/kms v1.0.563 h1:FoX+MK4vHThvPO6FbP5q98zD8S3n+d5+DbtK7skl++c=

tencentcloud/basic_test.go

@@ -1072,3 +1072,21 @@ const (
 )
 
 // End of TSE
+
+// ES
+const (
+	defaultEsInstanceId    = "es-5wn36he6"
+	defaultEsSecurityGroup = "sg-edmur627"
+)
+
+const DefaultEsVariables = `
+variable "instance_id" {
+  default = "` + defaultEsInstanceId + `"
+}
+
+variable "security_group_id" {
+  default = "` + defaultEsSecurityGroup + `"
+}
+`
+
+// End of TSE

tencentcloud/provider.go

@@ -502,6 +502,7 @@ Elasticsearch Service(ES)
 
   Resource
     tencentcloud_elasticsearch_instance
+	tencentcloud_elasticsearch_security_group
 
 Global Application Acceleration(GAAP)
   Data Source
@@ -2503,6 +2504,7 @@ func Provider() *schema.Provider {
 			"tencentcloud_monitor_tmp_grafana_config":                          resourceTencentCloudMonitorTmpGrafanaConfig(),
 			"tencentcloud_mongodb_standby_instance":                            resourceTencentCloudMongodbStandbyInstance(),
 			"tencentcloud_elasticsearch_instance":                              resourceTencentCloudElasticsearchInstance(),
+			"tencentcloud_elasticsearch_security_group":                        resourceTencentCloudElasticsearchSecurityGroup(),
 			"tencentcloud_postgresql_instance":                                 resourceTencentCloudPostgresqlInstance(),
 			"tencentcloud_postgresql_readonly_instance":                        resourceTencentCloudPostgresqlReadonlyInstance(),
 			"tencentcloud_postgresql_readonly_group":                           resourceTencentCloudPostgresqlReadonlyGroup(),

tencentcloud/resource_tc_cynosdb_upgrade_proxy_version.go

@@ -15,13 +15,14 @@ package tencentcloud
 import (
 	"context"
 	"fmt"
+	"log"
+	"strings"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	sdkErrors "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/errors"
 	cynosdb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb/v20190107"
 	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
-	"log"
-	"strings"
 )
 
 func resourceTencentCloudCynosdbUpgradeProxyVersion() *schema.Resource {

tencentcloud/resource_tc_elasticsearch_security_group.go

@@ -0,0 +1,153 @@
+/*
+Provides a resource to create a elasticsearch security_group
+
+Example Usage
+
+```hcl
+resource "tencentcloud_elasticsearch_security_group" "security_group" {
+    instance_id        = "es-5wn36he6"
+    security_group_ids = [
+        "sg-mayqdlt1",
+        "sg-po2q8cg7",
+    ]
+}
+```
+
+Import
+
+elasticsearch security_group can be imported using the id, e.g.
+
+```
+terraform import tencentcloud_elasticsearch_security_group.security_group instance_id
+```
+*/
+package tencentcloud
+
+import (
+	"context"
+	"log"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	elasticsearch "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/es/v20180416"
+)
+
+func resourceTencentCloudElasticsearchSecurityGroup() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceTencentCloudElasticsearchSecurityGroupCreate,
+		Read:   resourceTencentCloudElasticsearchSecurityGroupRead,
+		Update: resourceTencentCloudElasticsearchSecurityGroupUpdate,
+		Delete: resourceTencentCloudElasticsearchSecurityGroupDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"instance_id": {
+				Required:    true,
+				ForceNew:    true,
+				Type:        schema.TypeString,
+				Description: "Instance Id.",
+			},
+
+			"security_group_ids": {
+				Optional: true,
+				Type:     schema.TypeSet,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "Security group id list.",
+			},
+		},
+	}
+}
+
+func resourceTencentCloudElasticsearchSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_elasticsearch_security_group.create")()
+	defer inconsistentCheck(d, meta)()
+
+	var instanceId string
+	if v, ok := d.GetOk("instance_id"); ok {
+		instanceId = v.(string)
+	}
+
+	d.SetId(instanceId)
+
+	return resourceTencentCloudElasticsearchSecurityGroupUpdate(d, meta)
+}
+
+func resourceTencentCloudElasticsearchSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_elasticsearch_security_group.read")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	service := ElasticsearchService{client: meta.(*TencentCloudClient).apiV3Conn}
+
+	instanceId := d.Id()
+
+	securityGroup, err := service.DescribeInstanceById(ctx, instanceId)
+	if err != nil {
+		return err
+	}
+
+	if securityGroup == nil {
+		d.SetId("")
+		log.Printf("[WARN]%s resource `ElasticsearchSecurityGroup` [%s] not found, please check if it has been deleted.\n", logId, d.Id())
+		return nil
+	}
+
+	if securityGroup.InstanceId != nil {
+		_ = d.Set("instance_id", securityGroup.InstanceId)
+	}
+
+	if securityGroup.SecurityGroups != nil {
+		_ = d.Set("security_group_ids", securityGroup.SecurityGroups)
+	}
+
+	return nil
+}
+
+func resourceTencentCloudElasticsearchSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_elasticsearch_security_group.update")()
+	defer inconsistentCheck(d, meta)()
+
+	logId := getLogId(contextNil)
+
+	request := elasticsearch.NewModifyEsVipSecurityGroupRequest()
+
+	instanceId := d.Id()
+	request.InstanceId = &instanceId
+
+	if v, ok := d.GetOk("security_group_ids"); ok {
+		securityGroupIdsSet := v.(*schema.Set).List()
+		for i := range securityGroupIdsSet {
+			securityGroupIds := securityGroupIdsSet[i].(string)
+			request.SecurityGroupIds = append(request.SecurityGroupIds, &securityGroupIds)
+		}
+	}
+
+	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
+		result, e := meta.(*TencentCloudClient).apiV3Conn.UseEsClient().ModifyEsVipSecurityGroup(request)
+		if e != nil {
+			return retryError(e)
+		} else {
+			log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString())
+		}
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s update elasticsearch securityGroup failed, reason:%+v", logId, err)
+		return err
+	}
+
+	return resourceTencentCloudElasticsearchSecurityGroupRead(d, meta)
+}
+
+func resourceTencentCloudElasticsearchSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
+	defer logElapsed("resource.tencentcloud_elasticsearch_security_group.delete")()
+	defer inconsistentCheck(d, meta)()
+
+	return nil
+}

tencentcloud/resource_tc_elasticsearch_security_group_test.go

@@ -0,0 +1,128 @@
+package tencentcloud
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+// go test -i; go test -test.run TestAccTencentCloudElasticsearchSecurityGroupResource_basic -v
+func TestAccTencentCloudElasticsearchSecurityGroupResource_basic(t *testing.T) {
+	t.Parallel()
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckElasticsearchSecurityGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccElasticsearchSecurityGroup,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckElasticsearchSecurityGroupExists("tencentcloud_elasticsearch_security_group.security_group"),
+					resource.TestCheckResourceAttrSet("tencentcloud_elasticsearch_security_group.security_group", "instance_id"),
+					resource.TestCheckResourceAttrSet("tencentcloud_elasticsearch_security_group.security_group", "security_group_ids.#"),
+				),
+			},
+			{
+				ResourceName:      "tencentcloud_elasticsearch_security_group.security_group",
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccElasticsearchSecurityGroupUp,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckElasticsearchSecurityGroupExists("tencentcloud_elasticsearch_security_group.security_group"),
+					resource.TestCheckResourceAttrSet("tencentcloud_elasticsearch_security_group.security_group", "instance_id"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckElasticsearchSecurityGroupDestroy(s *terraform.State) error {
+	logId := getLogId(contextNil)
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	elasticsearchService := ElasticsearchService{
+		client: testAccProvider.Meta().(*TencentCloudClient).apiV3Conn,
+	}
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "tencentcloud_elasticsearch_security_group" {
+			continue
+		}
+
+		instance, err := elasticsearchService.DescribeInstanceById(ctx, rs.Primary.ID)
+		if err != nil {
+			err = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+				instance, err = elasticsearchService.DescribeInstanceById(ctx, rs.Primary.ID)
+				if err != nil {
+					return retryError(err)
+				}
+				return nil
+			})
+		}
+		if err != nil {
+			return err
+		}
+		if instance != nil && len(instance.SecurityGroups) > 0 {
+			return fmt.Errorf("elasticsearch securityGroup still exists: %s", rs.Primary.ID)
+		}
+	}
+	return nil
+}
+
+func testAccCheckElasticsearchSecurityGroupExists(n string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		logId := getLogId(contextNil)
+		ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("elasticsearch instance %s is not found", n)
+		}
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("elasticsearch instance id is not set")
+		}
+		elasticsearchService := ElasticsearchService{
+			client: testAccProvider.Meta().(*TencentCloudClient).apiV3Conn,
+		}
+		instance, err := elasticsearchService.DescribeInstanceById(ctx, rs.Primary.ID)
+		if err != nil {
+			err = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+				instance, err = elasticsearchService.DescribeInstanceById(ctx, rs.Primary.ID)
+				if err != nil {
+					return retryError(err)
+				}
+				return nil
+			})
+		}
+		if err != nil {
+			return err
+		}
+		if instance == nil {
+			return fmt.Errorf("elasticsearch securityGroup is not found")
+		}
+		return nil
+	}
+}
+
+const testAccElasticsearchSecurityGroup = DefaultEsVariables + `
+
+resource "tencentcloud_elasticsearch_security_group" "security_group" {
+    instance_id        = var.instance_id
+    security_group_ids = [
+        var.security_group_id
+    ]
+}
+
+`
+
+const testAccElasticsearchSecurityGroupUp = DefaultEsVariables + `
+
+resource "tencentcloud_elasticsearch_security_group" "security_group" {
+    instance_id        = var.instance_id
+}
+
+`