From 41bf902cc996e868b1974e6b72914c2d38cbff34 Mon Sep 17 00:00:00 2001
From: Andrei Lukyanchyk <125263040+andrei-lukyanchyk@users.noreply.github.com>
Date: Thu, 2 Jan 2025 10:16:06 +0100
Subject: [PATCH] CDI-915: add missing attributes to CDN Resource in terraform
 (#164)

* CDI-915: add primary_resource param to CDN resource

* CDI-915: add proxy_ssl_enabled, proxy_ssl_ca, proxy_ssl_data params to CDN resource

* CDI-915: upgrade gcorelabscdn-go to v1.0.23
---
 docs/resources/cdn_resource.md       |  4 +++
 gcore/resource_gcore_cdn_resource.go | 47 ++++++++++++++++++++++++++++
 go.mod                               |  2 +-
 go.sum                               |  2 ++
 4 files changed, 54 insertions(+), 1 deletion(-)

diff --git a/docs/resources/cdn_resource.md b/docs/resources/cdn_resource.md
index 71d5b4e..c6b1844 100644
--- a/docs/resources/cdn_resource.md
+++ b/docs/resources/cdn_resource.md
@@ -95,6 +95,10 @@ resource "gcore_cdn_resource" "cdn_example_com" {
 - `origin` (String) A domain name or IP of your origin source. Specify a port if custom. You can use either 'origin' parameter or 'originGroup' in the resource definition.
 - `origin_group` (Number) ID of the Origins Group. Use one of your Origins Group or create a new one. You can use either 'origin' parameter or 'originGroup' in the resource definition.
 - `origin_protocol` (String) This option defines the protocol that will be used by CDN servers to request content from an origin source. If not specified, we will use HTTP to connect to an origin server. Possible values are: HTTPS, HTTP, MATCH.
+- `primary_resource` (Number) Specify the ID of the main CDN resource that shares a caching zone with a reserve resource.
+- `proxy_ssl_ca` (Number) Specify the ID of the trusted CA certificate used to verify an origin.
+- `proxy_ssl_data` (Number) Specify the ID of the SSL certificate used to verify an origin.
+- `proxy_ssl_enabled` (Boolean) Enables or disables SSL certificate validation of the origin server before completing any connection.
 - `secondary_hostnames` (Set of String) List of additional CNAMEs.
 - `ssl_data` (Number) Specify the SSL Certificate ID which should be used for the CDN Resource.
 - `ssl_enabled` (Boolean) Use HTTPS protocol for content delivery.
diff --git a/gcore/resource_gcore_cdn_resource.go b/gcore/resource_gcore_cdn_resource.go
index 96efb86..bf4c26d 100644
--- a/gcore/resource_gcore_cdn_resource.go
+++ b/gcore/resource_gcore_cdn_resource.go
@@ -87,6 +87,29 @@ func resourceCDNResource() *schema.Resource {
 				Computed:    true,
 				Description: "Status of a CDN resource content availability. Possible values are: Active, Suspended, Processed.",
 			},
+			"primary_resource": {
+				Type:        schema.TypeInt,
+				Optional:    true,
+				ForceNew:    true,
+				Description: "Specify the ID of the main CDN resource that shares a caching zone with a reserve resource.",
+			},
+			"proxy_ssl_enabled": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Description: "Enables or disables SSL certificate validation of the origin server before completing any connection.",
+			},
+			"proxy_ssl_ca": {
+				Type:         schema.TypeInt,
+				Optional:     true,
+				RequiredWith: []string{"proxy_ssl_enabled"},
+				Description:  "Specify the ID of the trusted CA certificate used to verify an origin.",
+			},
+			"proxy_ssl_data": {
+				Type:         schema.TypeInt,
+				Optional:     true,
+				RequiredWith: []string{"proxy_ssl_enabled"},
+				Description:  "Specify the ID of the SSL certificate used to verify an origin.",
+			},
 			"options": resourceOptionsSchema,
 		},
 		CreateContext: resourceCDNResourceCreate,
@@ -110,6 +133,10 @@ func resourceCDNResourceCreate(ctx context.Context, d *schema.ResourceData, m in
 	req.OriginProtocol = resources.Protocol(d.Get("origin_protocol").(string))
 	req.SSlEnabled = d.Get("ssl_enabled").(bool)
 	req.SSLData = d.Get("ssl_data").(int)
+	req.PrimaryResource = d.Get("primary_resource").(int)
+	req.ProxySSLEnabled = d.Get("proxy_ssl_enabled").(bool)
+	req.ProxySSLCA = d.Get("proxy_ssl_ca").(int)
+	req.ProxySSLData = d.Get("proxy_ssl_data").(int)
 
 	req.Options = listToOptions(d.Get("options").([]interface{}))
 
@@ -154,6 +181,10 @@ func resourceCDNResourceRead(ctx context.Context, d *schema.ResourceData, m inte
 	d.Set("ssl_data", result.SSLData)
 	d.Set("status", result.Status)
 	d.Set("active", result.Active)
+	d.Set("primary_resource", result.PrimaryResource)
+	d.Set("proxy_ssl_enabled", result.ProxySSLEnabled)
+	d.Set("proxy_ssl_ca", result.ProxySSLCA)
+	d.Set("proxy_ssl_data", result.ProxySSLData)
 	if err := d.Set("options", optionsToList(result.Options)); err != nil {
 		return diag.FromErr(err)
 	}
@@ -182,6 +213,22 @@ func resourceCDNResourceUpdate(ctx context.Context, d *schema.ResourceData, m in
 	req.OriginProtocol = resources.Protocol(d.Get("origin_protocol").(string))
 	req.Options = listToOptions(d.Get("options").([]interface{}))
 	req.SecondaryHostnames = make([]string, 0)
+	req.ProxySSLEnabled = d.Get("proxy_ssl_enabled").(bool)
+
+	if v, ok := d.GetOk("proxy_ssl_ca"); ok {
+		proxySSLCA := v.(int)
+		req.ProxySSLCA = &proxySSLCA
+	} else {
+		req.ProxySSLCA = nil
+	}
+
+	if v, ok := d.GetOk("proxy_ssl_data"); ok {
+		proxySSLData := v.(int)
+		req.ProxySSLData = &proxySSLData
+	} else {
+		req.ProxySSLData = nil
+	}
+
 	for _, hostname := range d.Get("secondary_hostnames").(*schema.Set).List() {
 		req.SecondaryHostnames = append(req.SecondaryHostnames, hostname.(string))
 	}
diff --git a/go.mod b/go.mod
index 50a02db..d651d02 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/AlekSi/pointer v1.2.0
 	github.com/G-Core/gcore-dns-sdk-go v0.2.9
 	github.com/G-Core/gcore-storage-sdk-go v0.1.34
-	github.com/G-Core/gcorelabscdn-go v1.0.21
+	github.com/G-Core/gcorelabscdn-go v1.0.23
 	github.com/G-Core/gcorelabscloud-go v0.8.13
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.27.0
diff --git a/go.sum b/go.sum
index 8d330bb..3fb83cf 100644
--- a/go.sum
+++ b/go.sum
@@ -15,6 +15,8 @@ github.com/G-Core/gcorelabscdn-go v1.0.19 h1:P4qYP+cnO+0DrVftGnL1gt7En8/RYsl20zw
 github.com/G-Core/gcorelabscdn-go v1.0.19/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE=
 github.com/G-Core/gcorelabscdn-go v1.0.21 h1:ROkbuFy2uyZbnDMaUFrYvjSYqk45GygwU3byOsNIs38=
 github.com/G-Core/gcorelabscdn-go v1.0.21/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE=
+github.com/G-Core/gcorelabscdn-go v1.0.23 h1:mn/2BaqiBLux0k9/UDZ2OFMk+uCLTxO+1fLKTRi72mE=
+github.com/G-Core/gcorelabscdn-go v1.0.23/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE=
 github.com/G-Core/gcorelabscloud-go v0.8.12 h1:qT8rrtSCXT+ol1g4zrl5JzWG+8IicHWCn7+U96tdlj4=
 github.com/G-Core/gcorelabscloud-go v0.8.12/go.mod h1:13Z1USxlxPbDFuYQyWqfNexlk4kUvOYTXbnvV/Z1lZo=
 github.com/G-Core/gcorelabscloud-go v0.8.13 h1:MpaT3owpIfbLP3EPZW+NDuxQfezN7FK6b+4VV0WILP8=