[APIGW]: gateway resource implementation (#2407)

[APIGW]: gateway resource implementation

Summary of the Pull Request
Basic gateway resource introduced for APIGW.
PR Checklist

 Refers to: #2403
 Tests added/passed.
 Documentation updated.
 Schema updated.
 Release notes added.

Acceptance Steps Performed
=== RUN   TestAccAPIGWv2Gateway_basic
=== PAUSE TestAccAPIGWv2Gateway_basic
=== CONT  TestAccAPIGWv2Gateway_basic
--- PASS: TestAccAPIGWv2Gateway_basic (395.95s)
PASS

=== RUN   TestAccAPIGWGatewayV2ImportBasic
--- PASS: TestAccAPIGWGatewayV2ImportBasic (355.57s)
PASS

Process finished with the exit code 0
Process finished with the exit code 0

Reviewed-by: Anton Sidelnikov

docs/resources/apigw_gateway.md

@@ -0,0 +1,112 @@
+---
+subcategory: "APIG"
+---
+
+Up-to-date reference of API arguments for Anti-DDoS service you can get at
+`https://docs.otc.t-systems.com/api-gateway/api-ref/dedicated_gateway_apis_v2/index.html`.
+
+# opentelekomcloud_apigw_gateway_v2
+
+API Gateway (APIG) is a high-performance, high-availability, and high-security API hosting service that helps you build,
+manage, and deploy APIs at any scale.
+With just a few clicks, you can integrate internal systems, and selectively expose capabilities with minimal costs and risks.
+
+
+## Example Usage
+
+```hcl
+resource "opentelekomcloud_apigw_gateway_v2" "gateway" {
+  name               = "test-gateway"
+  spec_id            = "BASIC"
+  vpc_id             = var.vpc_id
+  subnet_id          = var.network_id
+  security_group_id  = var.default_secgroup.id
+  availability_zones = ["eu-de-01", "eu-de-02"]
+  description        = "test gateway"
+  bandwidth_size     = 5
+  maintain_begin     = "22:00:00"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required, String) Specifies gateway name.
+
+* `spec_id` - (Required, ForceNew, String) Gateway edition. Options:
+  This resource provides the following timeouts configuration options:
+  - `BASIC`
+  - `PROFESSIONAL`
+  - `ENTERPRISE`
+  - `PLATINUM`
+
+* `vpc_id` - (Required, ForceNew, String) Specifies VPC ID.
+
+* `subnet_id` - (Required, ForceNew, String) Specifies network ID.
+
+* `security_group_id` - (Required, String) Specifies ID of the security group to which the gateway belongs.
+
+* `description` - (Optional, String) Specifies gateway description.
+
+* `availability_zones` - (Optional, List) Specifies gateway description.
+
+* `bandwidth_size` - (Optional, String) Specifies outbound access bandwidth. This parameter is required if public outbound
+  access is enabled for the gateway. After you configure the bandwidth for the gateway,
+  users can access resources on public networks.
+
+* `ingress_bandwidth_size` - (Optional, String) Specifies public inbound access bandwidth. This parameter is required if public
+  inbound access is enabled for the gateway and loadbalancer_provider is set to elb.
+  After you bind an EIP to the gateway, users can access APIs in the gateway from public networks using the EIP.
+
+* `loadbalancer_provider` - (Optional, String) Specifies type of the load balancer used by the gateway.
+  This resource provides the following timeouts configuration options:
+    - `elb`
+
+* `maintain_begin` - (Optional, String) Specifies start time of the maintenance time window.
+  It must be in the format "xx:00:00". The value of xx can be 02, 06, 10, 14, 18, or 22.
+
+## Attributes Reference
+
+All above argument parameters can be exported as attribute parameters along with attribute reference.
+
+* `maintain_end` - End time of the maintenance time window. It must be in the format "xx:00:00".
+  There is a 4-hour difference between the start time and end time.
+
+* `vpc_ingress_address` - VPC ingress address.
+
+* `public_egress_address` - IP address for public outbound access.
+
+* `supported_features` - Supported features.
+
+* `status` - Instance status.
+
+* `project_id` - Instance project id.
+
+* `region` - Instance region.
+
+* `vpcep_service_name` - Name of a VPC endpoint service.
+
+* `private_egress_addresses` - List of private egress addresses.
+*
+## Import
+
+APIG Gateway can be imported using the `gateway_id`, e.g.
+
+```shell
+$ terraform import opentelekomcloud_apigw_gateway_v2.gateway c1881895-cdcb-4d23-96cb-032e6a3ee667
+```
+
+Note that the imported state may not be identical to your resource definition, due to `ingress_bandwidth_size` missing from the
+API response. It is generally recommended running `terraform plan` after importing a gateway.
+
+```
+resource "opentelekomcloud_apigw_gateway_v2" "gateway" {
+    ...
+
+  lifecycle {
+    ignore_changes = [
+      ingress_bandwidth_size
+    ]
+  }
+}

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/jinzhu/copier v0.3.5
 	github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240104133714-ec3597686677
+	github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240108103338-13bba7d2bc2a
 	github.com/unknwon/com v1.0.1
 	golang.org/x/crypto v0.17.0
 	golang.org/x/sync v0.1.0

go.sum

@@ -156,10 +156,8 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLA
 github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20231130102706-bd7cd723462c h1:m46tMSMp8VaNdPuL2jw19NLm4SLoLAhGD7RboJ9XRIU=
-github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20231130102706-bd7cd723462c/go.mod h1:52hmT1BkuU3niQC6fgHOHdNkYOTh9ry4HYbmuSOjDkw=
-github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240104133714-ec3597686677 h1:fxXgAddrBEMUmNFgyXp04mq1LWVRWu7JJJLioyqpaI0=
-github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240104133714-ec3597686677/go.mod h1:52hmT1BkuU3niQC6fgHOHdNkYOTh9ry4HYbmuSOjDkw=
+github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240108103338-13bba7d2bc2a h1:ZBOOSd7b6uQcWqzEmruiNqw1JIsTJ7NwyAQnrOHFpe8=
+github.com/opentelekomcloud/gophertelekomcloud v0.8.1-0.20240108103338-13bba7d2bc2a/go.mod h1:52hmT1BkuU3niQC6fgHOHdNkYOTh9ry4HYbmuSOjDkw=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

opentelekomcloud/acceptance/apigw/resource_opentelekomcloud_apigw_gateway_v2_test.go

@@ -0,0 +1,170 @@
+package acceptance
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/opentelekomcloud/gophertelekomcloud/openstack/apigw/v2/gateway"
+	"github.com/opentelekomcloud/gophertelekomcloud/openstack/autoscaling/v1/configurations"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/common"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/acceptance/env"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/cfg"
+)
+
+const resourceName = "opentelekomcloud_apigw_gateway_v2.gateway"
+
+func TestAccAPIGWv2Gateway_basic(t *testing.T) {
+	var gatewayConfig gateway.Gateway
+	name := fmt.Sprintf("gateway-%s", acctest.RandString(10))
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			common.TestAccPreCheck(t)
+		},
+		ProviderFactories: common.TestAccProviderFactories,
+		CheckDestroy:      testAccCheckAPIGWv2GatewayDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAPIGWv2GatewayBasic(name),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAPIGWv2GatewayExists(resourceName, &gatewayConfig),
+					resource.TestCheckResourceAttr(resourceName, "name", name),
+					resource.TestCheckResourceAttr(resourceName, "spec_id", "BASIC"),
+					resource.TestCheckResourceAttr(resourceName, "description", "test gateway"),
+					resource.TestCheckResourceAttr(resourceName, "bandwidth_size", "5"),
+					resource.TestCheckResourceAttr(resourceName, "maintain_begin", "22:00:00"),
+				),
+			},
+			{
+				Config: testAccAPIGWv2GatewayUpdated(name),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAPIGWv2GatewayExists(resourceName, &gatewayConfig),
+					resource.TestCheckResourceAttr(resourceName, "name", name+"-updated"),
+					resource.TestCheckResourceAttr(resourceName, "description", "test gateway 2"),
+					resource.TestCheckResourceAttr(resourceName, "bandwidth_size", "0"),
+					resource.TestCheckResourceAttr(resourceName, "maintain_begin", "02:00:00"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAPIGWv2GatewayDestroy(s *terraform.State) error {
+	config := common.TestAccProvider.Meta().(*cfg.Config)
+	client, err := config.AutoscalingV1Client(env.OS_REGION_NAME)
+	if err != nil {
+		return fmt.Errorf("error creating OpenTelekomCloud AutoScalingV1 client: %w", err)
+	}
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "opentelekomcloud_apigw_gateway_v2" {
+			continue
+		}
+
+		_, err := configurations.Get(client, rs.Primary.ID)
+		if err == nil {
+			return fmt.Errorf("AS configuration still exists")
+		}
+	}
+
+	return nil
+}
+
+func testAccCheckAPIGWv2GatewayExists(n string, configuration *gateway.Gateway) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("no ID is set")
+		}
+
+		config := common.TestAccProvider.Meta().(*cfg.Config)
+		client, err := config.APIGWV2Client(env.OS_REGION_NAME)
+		if err != nil {
+			return fmt.Errorf("error creating OpenTelekomCloud AutoScalingV1 client: %w", err)
+		}
+
+		found, err := gateway.Get(client, rs.Primary.ID)
+		if err != nil {
+			return err
+		}
+
+		if found.ID != rs.Primary.ID {
+			return fmt.Errorf("autoscaling Configuration not found")
+		}
+		configuration = found
+
+		return nil
+	}
+}
+
+func TestAccAPIGWGatewayV2ImportBasic(t *testing.T) {
+	name := fmt.Sprintf("gateway-%s", acctest.RandString(10))
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { common.TestAccPreCheck(t) },
+		ProviderFactories: common.TestAccProviderFactories,
+		CheckDestroy:      testAccCheckAPIGWv2GatewayDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAPIGWv2GatewayBasic(name),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"ingress_bandwidth_size",
+				},
+			},
+		},
+	})
+}
+
+func testAccAPIGWv2GatewayBasic(gatewayName string) string {
+	return fmt.Sprintf(`
+%s
+
+%s
+
+resource "opentelekomcloud_apigw_gateway_v2" "gateway"{
+  name                    = "%s"
+  spec_id                 = "BASIC"
+  vpc_id                  = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.vpc_id
+  subnet_id               = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.network_id
+  security_group_id       = data.opentelekomcloud_networking_secgroup_v2.default_secgroup.id
+  availability_zones      = ["eu-de-01", "eu-de-02"]
+  description             = "test gateway"
+  bandwidth_size          = 5
+  maintain_begin          =  "22:00:00"
+  ingress_bandwidth_size  = 5
+}
+`, common.DataSourceSubnet, common.DataSourceSecGroupDefault, gatewayName)
+}
+
+func testAccAPIGWv2GatewayUpdated(gatewayName string) string {
+	return fmt.Sprintf(`
+%s
+
+%s
+
+resource "opentelekomcloud_apigw_gateway_v2" "gateway"{
+  name 					  = "%s-updated"
+  spec_id 				  = "BASIC"
+  vpc_id 				  = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.vpc_id
+  subnet_id               = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.network_id
+  security_group_id       = data.opentelekomcloud_networking_secgroup_v2.default_secgroup.id
+  availability_zones      = ["eu-de-01", "eu-de-02"]
+  description             = "test gateway 2"
+  bandwidth_size          = 0
+  maintain_begin          = "02:00:00"
+  ingress_bandwidth_size  = 5
+}
+`, common.DataSourceSubnet, common.DataSourceSecGroupDefault, gatewayName)
+}

opentelekomcloud/common/cfg/config.go

@@ -1125,6 +1125,13 @@ func (c *Config) DwsV1Client(region string) (*golangsdk.ServiceClient, error) {
 	})
 }
 
+func (c *Config) APIGWV2Client(region string) (*golangsdk.ServiceClient, error) {
+	return openstack.NewAPIGW(c.HwClient, golangsdk.EndpointOpts{
+		Region:       region,
+		Availability: c.getEndpointType(),
+	})
+}
+
 func (c *Config) DwsV2Client(region string) (*golangsdk.ServiceClient, error) {
 	service, err := openstack.NewDWSV1(c.HwClient, golangsdk.EndpointOpts{
 		Region:       region,

opentelekomcloud/provider.go

@@ -8,6 +8,7 @@ import (
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/cfg"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/antiddos"
+	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/apigw"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/as"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/bms"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/services/cbr"
@@ -345,6 +346,7 @@ func Provider() *schema.Provider {
 
 		ResourcesMap: map[string]*schema.Resource{
 			"opentelekomcloud_antiddos_v1":                               antiddos.ResourceAntiDdosV1(),
+			"opentelekomcloud_apigw_gateway_v2":                          apigw.ResourceAPIGWv2(),
 			"opentelekomcloud_as_configuration_v1":                       as.ResourceASConfiguration(),
 			"opentelekomcloud_as_group_v1":                               as.ResourceASGroup(),
 			"opentelekomcloud_as_policy_v1":                              as.ResourceASPolicy(),