feat: allow attaching firewalls to the server

Closes #157
hetznercloud · Aug 13, 2024 · bfde81c · bfde81c
1 parent 7bcfdcf
commit bfde81c
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 5 deletions.
diff --git a/.web-docs/components/builder/hcloud/README.md b/.web-docs/components/builder/hcloud/README.md
@@ -150,6 +150,9 @@ builder.
 
 - `public_ipv4_disabled` (bool) - Disable the public ipv6 for the created server.
 
+- `firewalls` (array of strings) - List of Firewall by name or id to be attached
+  to the created server.
+
 ## Basic Example
 
 Here is a basic example. It is completely valid as soon as you enter your own

diff --git a/builder/hcloud/config.go b/builder/hcloud/config.go
@@ -47,11 +47,12 @@ type Config struct {
 	SSHKeys        []string          `mapstructure:"ssh_keys"`
 	SSHKeysLabels  map[string]string `mapstructure:"ssh_keys_labels"`
 
-	Networks           []int64 `mapstructure:"networks"`
-	PublicIPv4         string  `mapstructure:"public_ipv4"`
-	PublicIPv4Disabled bool    `mapstructure:"public_ipv4_disabled"`
-	PublicIPv6         string  `mapstructure:"public_ipv6"`
-	PublicIPv6Disabled bool    `mapstructure:"public_ipv6_disabled"`
+	Networks           []int64  `mapstructure:"networks"`
+	PublicIPv4         string   `mapstructure:"public_ipv4"`
+	PublicIPv4Disabled bool     `mapstructure:"public_ipv4_disabled"`
+	PublicIPv6         string   `mapstructure:"public_ipv6"`
+	PublicIPv6Disabled bool     `mapstructure:"public_ipv6_disabled"`
+	Firewalls          []string `mapstructure:"firewalls"`
 
 	RescueMode string `mapstructure:"rescue"`
 

diff --git a/builder/hcloud/config.hcl2spec.go b/builder/hcloud/config.hcl2spec.go
diff --git a/builder/hcloud/step_create_server.go b/builder/hcloud/step_create_server.go
@@ -52,6 +52,18 @@ func (s *stepCreateServer) Run(ctx context.Context, state multistep.StateBag) mu
 		sshKeys = append(sshKeys, sshKey)
 	}
 
+	firewalls := make([]*hcloud.ServerCreateFirewall, 0, len(c.Firewalls))
+	for _, value := range c.Firewalls {
+		firewall, _, err := client.Firewall.Get(ctx, value)
+		if err != nil {
+			return errorHandler(state, ui, fmt.Sprintf("Could not fetch firewall '%s'", k), err)
+		}
+		if firewall == nil {
+			return errorHandler(state, ui, "", fmt.Errorf("Could not find firewall '%s'", k))
+		}
+		firewalls = append(firewalls, &hcloud.ServerCreateFirewall{Firewall: *firewall})
+	}
+
 	var image *hcloud.Image
 	var err error
 	if c.Image != "" {
@@ -77,6 +89,7 @@ func (s *stepCreateServer) Run(ctx context.Context, state multistep.StateBag) mu
 		Name:       c.ServerName,
 		ServerType: &hcloud.ServerType{Name: c.ServerType},
 		Image:      image,
+		Firewalls:  firewalls,
 		SSHKeys:    sshKeys,
 		Location:   &hcloud.Location{Name: c.Location},
 		UserData:   userData,

diff --git a/docs/builders/hcloud.mdx b/docs/builders/hcloud.mdx
@@ -140,6 +140,9 @@ builder.
 
 - `public_ipv4_disabled` (bool) - Disable the public ipv6 for the created server.
 
+- `firewalls` (array of strings) - List of Firewall by name or id to be attached
+  to the created server.
+
 ## Basic Example
 
 Here is a basic example. It is completely valid as soon as you enter your own