New Resource: aws_lb_listener_certificate #2686
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Puneeth-n
force-pushed
the
chore/alb-sni-fix
branch
from
ee52629
to
0f526d1
Compare
Closed
Puneeth-n
force-pushed
the
chore/alb-sni-fix
branch
from
0f526d1
to
be7076a
Compare
|
@Ninir @radeksimko Can you please review it so that I and @oarmstrong see it to completion :) |
|
Should my PR #2649 be closed in favour of this one now then? |
|
@oarmstrong feel free to to either close and work on this one or merge this to your branch and I close this one. Basically, I just fixed the acceptance tests in your branch. |
|
Hello guys, Great feature here ! Do you have any idea when this will be released ? |
|
@radeksimko @Ninir Can you please review it? |
|
Does anyone plan to review this ? This is so important to have only one application load balancer with all the certificates. Tx !! |
|
Pls, review, since this functionality can be very useful for many cases |
radeksimko
added
service/elb
radeksimko
changed the title
|
Is there anyway to get this feature up asap? We have been waiting for this since a long time. |
|
We have also a issue which would be solved by this. Maybe someone else like @bflad can support? |
paddycarver
suggested changes
Feb 20, 2018
There was a problem hiding this comment.
Hi @Puneeth-n,
Thanks for the PR! In running the tests, both fail for me:
make testacc TEST=./aws TESTARGS='-run=TestAccAwsLbListenerCertificate_*'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAwsLbListenerCertificate_* -timeout 120m
=== RUN TestAccAwsLbListenerCertificate_basic
--- FAIL: TestAccAwsLbListenerCertificate_basic (192.75s)
testing.go:503: Step 0 error: Error applying: 1 error(s) occurred:
* aws_iam_server_certificate.default: 1 error(s) occurred:
* aws_iam_server_certificate.default: [WARN] Error uploading server certificate, error: EntityAlreadyExists: The Server Certificate with name terraform-default-cert already exists.
=== RUN TestAccAwsLbListenerCertificate_cycle
--- FAIL: TestAccAwsLbListenerCertificate_cycle (191.70s)
testing.go:503: Step 0 error: Error applying: 1 error(s) occurred:
* aws_iam_server_certificate.default: 1 error(s) occurred:
* aws_iam_server_certificate.default: [WARN] Error uploading server certificate, error: EntityAlreadyExists: The Server Certificate with name terraform-default-cert already exists.
FAIL
exit status 1
FAIL github.com/terraform-providers/terraform-provider-aws/aws 384.503s
It seems the tests can't be run in parallel, because the certificate names chosen are hardcoded, but must be unique.
The following patch resolved the issue for me:
diff --git a/aws/resource_aws_lb_listener_certificate_test.go b/aws/resource_aws_lb_listener_certificate_test.go
index ee564cd1..46f15268 100644
--- a/aws/resource_aws_lb_listener_certificate_test.go
+++ b/aws/resource_aws_lb_listener_certificate_test.go
@@ -20,7 +20,7 @@ func TestAccAwsLbListenerCertificate_basic(t *testing.T) {
CheckDestroy: testAccCheckAwsLbListenerCertificateDestroy,
Steps: []resource.TestStep{
{
- Config: testAccLbListenerCertificateConfig(acctest.RandString(5)),
+ Config: testAccLbListenerCertificateConfig(acctest.RandString(5), acctest.RandString(5)),
Check: resource.ComposeTestCheckFunc(
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.default"),
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.additional_1"),
@@ -39,6 +39,7 @@ func TestAccAwsLbListenerCertificate_basic(t *testing.T) {
func TestAccAwsLbListenerCertificate_cycle(t *testing.T) {
rName := acctest.RandString(5)
+ suffix := acctest.RandString(5)
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
@@ -46,7 +47,7 @@ func TestAccAwsLbListenerCertificate_cycle(t *testing.T) {
CheckDestroy: testAccCheckAwsLbListenerCertificateDestroy,
Steps: []resource.TestStep{
{
- Config: testAccLbListenerCertificateConfig(rName),
+ Config: testAccLbListenerCertificateConfig(rName, suffix),
Check: resource.ComposeTestCheckFunc(
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.default"),
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.additional_1"),
@@ -60,7 +61,7 @@ func TestAccAwsLbListenerCertificate_cycle(t *testing.T) {
),
},
{
- Config: testAccLbListenerCertificateAddNew(rName),
+ Config: testAccLbListenerCertificateAddNew(rName, suffix),
Check: resource.ComposeTestCheckFunc(
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.default"),
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.additional_1"),
@@ -77,7 +78,7 @@ func TestAccAwsLbListenerCertificate_cycle(t *testing.T) {
),
},
{
- Config: testAccLbListenerCertificateConfig(rName),
+ Config: testAccLbListenerCertificateConfig(rName, suffix),
Check: resource.ComposeTestCheckFunc(
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.default"),
testAccCheckAwsLbListenerCertificateExists("aws_lb_listener_certificate.additional_1"),
@@ -153,7 +154,7 @@ func testAccCheckAwsLbListenerCertificateNotExists(name string) resource.TestChe
}
}
-func testAccLbListenerCertificateConfig(rName string) string {
+func testAccLbListenerCertificateConfig(rName, suffix string) string {
return fmt.Sprintf(`
resource "aws_lb_listener_certificate" "default" {
listener_arn = "${aws_lb_listener.test.arn}"
@@ -196,7 +197,7 @@ resource "aws_lb_listener" "test" {
}
resource "aws_iam_server_certificate" "default" {
- name = "terraform-default-cert"
+ name = "terraform-default-cert-%s"
certificate_body = <<EOF
-----BEGIN CERTIFICATE-----
MIICpDCCAYwCCQC8EdACDsZ33jANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
@@ -252,7 +253,7 @@ EOF
}
resource "aws_iam_server_certificate" "additional_1" {
- name = "terraform-additional-cert-1"
+ name = "terraform-additional-cert-1-%s"
certificate_body = <<EOF
-----BEGIN CERTIFICATE-----
MIICpDCCAYwCCQD3BjmOb0++dDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
@@ -308,7 +309,7 @@ EOF
}
resource "aws_iam_server_certificate" "additional_2" {
- name = "terraform-additional-cert-2"
+ name = "terraform-additional-cert-2-%s"
certificate_body = <<EOF
-----BEGIN CERTIFICATE-----
MIICpDCCAYwCCQDZ2oRa1sGckDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
@@ -364,7 +365,7 @@ EOF
}
resource "aws_iam_server_certificate" "additional_3" {
- name = "terraform-additional-cert-3"
+ name = "terraform-additional-cert-3-%s"
certificate_body = <<EOF
-----BEGIN CERTIFICATE-----
MIICpDCCAYwCCQC5bnxXukDHoTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
@@ -434,11 +435,11 @@ resource "aws_subnet" "test" {
vpc_id = "${aws_vpc.test.id}"
cidr_block = "${element(var.subnets, count.index)}"
availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}"
-}`, rName)
+}`, rName, suffix, suffix, suffix, suffix)
}
-func testAccLbListenerCertificateAddNew(rName string) string {
- return fmt.Sprintf(testAccLbListenerCertificateConfig(rName) + `
+func testAccLbListenerCertificateAddNew(rName, prefix string) string {
+ return fmt.Sprintf(testAccLbListenerCertificateConfig(rName, prefix) + `
resource "aws_lb_listener_certificate" "additional_3" {
listener_arn = "${aws_lb_listener.test.arn}"
certificate_arn = "${aws_iam_server_certificate.additional_3.arn}"
Feel free to use that, or come up with your own solution.
|
@paddycarver Sure. Will give it a spin and get back to you. |
…vider-aws into chore/alb-sni-fix
…ovider-aws into chore/alb-sni-fix
…ovider-aws into chore/alb-sni-fix
…ovider-aws into chore/alb-sni-fix
|
@paddycarver done! |
paddycarver
approved these changes
Feb 20, 2018
|
Tests pass for me! Thanks! |
|
@oarmstrong @paddycarver Thanks! |
|
Thanks for all your help @Puneeth-n on my original PR and for all the maintainers involved in getting this merged! Great work everyone! |
|
thanks guys, huge milestone. @paddycarver You may want also change milestone of this issue since it is targeted to |
|
This has been released in version 1.10.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes the acceptance tests in #2649 and closes #2649 and #1853. as requested in this comment here
@oarmstrong
TLSresource in tests because sometimes the tests were failing because of "malformed certificate".For some reason, I couldn't create a PR on the original branch hence creating the PR against master.