From c8d422be625e451afa771cb0de9c40afc01fca7b Mon Sep 17 00:00:00 2001 From: Nick Metz Date: Mon, 3 Feb 2020 12:54:41 +0100 Subject: [PATCH 1/4] Add http2 protocol support for API Management --- .../resource_arm_api_management.go | 44 +++++++++++++++++-- .../tests/resource_arm_api_management_test.go | 9 ++++ website/docs/r/api_management.html.markdown | 8 ++++ 3 files changed, 58 insertions(+), 3 deletions(-) diff --git a/azurerm/internal/services/apimanagement/resource_arm_api_management.go b/azurerm/internal/services/apimanagement/resource_arm_api_management.go index 50006deb1ac2..9239f1350d9e 100644 --- a/azurerm/internal/services/apimanagement/resource_arm_api_management.go +++ b/azurerm/internal/services/apimanagement/resource_arm_api_management.go @@ -28,6 +28,7 @@ var apimFrontendProtocolSsl3 = "Microsoft.WindowsAzure.ApiManagement.Gateway.Sec var apimFrontendProtocolTls10 = "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10" var apimFrontendProtocolTls11 = "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11" var apimTripleDesCiphers = "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168" +var apimHttp2Protocol = "Microsoft.WindowsAzure.ApiManagement.Gateway.Protocols.Server.Http2" func resourceArmApiManagementService() *schema.Resource { return &schema.Resource{ @@ -201,6 +202,23 @@ func resourceArmApiManagementService() *schema.Resource { }, }, + "protocols": { + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + + "enable_http2": { + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + }, + }, + }, + "security": { Type: schema.TypeList, Optional: true, @@ -658,10 +676,14 @@ func resourceArmApiManagementServiceRead(d *schema.ResourceData, meta interface{ d.Set("scm_url", props.ScmURL) d.Set("public_ip_addresses", props.PublicIPAddresses) - if err := d.Set("security", flattenApiManagementCustomProperties(props.CustomProperties)); err != nil { + if err := d.Set("security", flattenApiManagementSecurityCustomProperties(props.CustomProperties)); err != nil { return fmt.Errorf("Error setting `security`: %+v", err) } + if err := d.Set("protocols", flattenApiManagementProtocolsCustomProperties(props.CustomProperties)); err != nil { + return fmt.Errorf("Error setting `protocols`: %+v", err) + } + hostnameConfigs := flattenApiManagementHostnameConfigurations(props.HostnameConfigurations, d) if err := d.Set("hostname_configuration", hostnameConfigs); err != nil { return fmt.Errorf("Error setting `hostname_configuration`: %+v", err) @@ -1094,7 +1116,7 @@ func expandApiManagementCustomProperties(d *schema.ResourceData) map[string]*str backendProtocolSsl3 = c.(bool) } - return map[string]*string{ + customProperties := map[string]*string{ apimBackendProtocolSsl3: utils.String(strconv.FormatBool(backendProtocolSsl3)), apimBackendProtocolTls10: utils.String(strconv.FormatBool(backendProtocolTls10)), apimBackendProtocolTls11: utils.String(strconv.FormatBool(backendProtocolTls11)), @@ -1103,9 +1125,17 @@ func expandApiManagementCustomProperties(d *schema.ResourceData) map[string]*str apimFrontendProtocolTls11: utils.String(strconv.FormatBool(frontendProtocolTls11)), apimTripleDesCiphers: utils.String(strconv.FormatBool(tripleDesCiphers)), } + + if vp := d.Get("protocols").(([]interface{})); len(vp) > 0 { + if p, ok := d.GetOkExists("protocols.0.enable_http2"); ok { + customProperties[apimHttp2Protocol] = utils.String(strconv.FormatBool(p.(bool))) + } + } + + return customProperties } -func flattenApiManagementCustomProperties(input map[string]*string) []interface{} { +func flattenApiManagementSecurityCustomProperties(input map[string]*string) []interface{} { output := make(map[string]interface{}) output["enable_backend_ssl30"] = parseApiManagementNilableDictionary(input, apimBackendProtocolSsl3) @@ -1128,6 +1158,14 @@ func flattenApiManagementCustomProperties(input map[string]*string) []interface{ return []interface{}{output} } +func flattenApiManagementProtocolsCustomProperties(input map[string]*string) []interface{} { + output := make(map[string]interface{}) + + output["enable_http2"] = parseApiManagementNilableDictionary(input, apimHttp2Protocol) + + return []interface{}{output} +} + func apiManagementResourceHostnameSchema(schemaName string) map[string]*schema.Schema { return map[string]*schema.Schema{ "host_name": { diff --git a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go index 7c287d5274c8..34ddd77fe346 100644 --- a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go +++ b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go @@ -104,6 +104,7 @@ func TestAccAzureRMApiManagement_customProps(t *testing.T) { Config: testAccAzureRMApiManagement_customProps(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApiManagementExists(data.ResourceName), + resource.TestCheckResourceAttr(data.ResourceName, "protocols.0.enable_http2", "true"), ), }, data.ImportStep(), @@ -427,6 +428,10 @@ resource "azurerm_api_management" "test" { sku_name = "Developer_1" + protocols { + enable_http2 = true + } + security { enable_frontend_tls10 = true enable_triple_des_ciphers = true @@ -511,6 +516,10 @@ resource "azurerm_api_management" "test" { store_name = "Root" } + protocols { + enable_http2 = true + } + security { enable_backend_tls11 = true enable_backend_ssl30 = true diff --git a/website/docs/r/api_management.html.markdown b/website/docs/r/api_management.html.markdown index fccbf694dd37..d2c2544e4d4d 100644 --- a/website/docs/r/api_management.html.markdown +++ b/website/docs/r/api_management.html.markdown @@ -72,6 +72,8 @@ The following arguments are supported: * `policy` - (Optional) A `policy` block as defined below. +* `protocols` - (Optional) A `protocols` block as defined below. + * `security` - (Optional) A `security` block as defined below. * `sign_in` - (Optional) A `sign_in` block as defined below. @@ -163,6 +165,12 @@ A `proxy` block supports the following: --- +A `protocols` block supports the following: + +* `enable_http2` - (Optional) Should HTTP/2 support be enabled on the client-facing side of the gateway? + +--- + A `security` block supports the following: * `enable_backend_ssl30` - (Optional) Should SSL 3.0 be enabled on the backend of the gateway? Defaults to `false`. From 5520b956a1ebd2350ceee9bca4a2d4fdd2b5a47e Mon Sep 17 00:00:00 2001 From: Nick Metz Date: Mon, 3 Feb 2020 14:13:22 +0100 Subject: [PATCH 2/4] format code --- .../apimanagement/tests/resource_arm_api_management_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go index 34ddd77fe346..e4160ad73778 100644 --- a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go +++ b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go @@ -429,7 +429,7 @@ resource "azurerm_api_management" "test" { sku_name = "Developer_1" protocols { - enable_http2 = true + enable_http2 = true } security { @@ -517,7 +517,7 @@ resource "azurerm_api_management" "test" { } protocols { - enable_http2 = true + enable_http2 = true } security { From 4c1d9720cf62064899bb17d15a1c907f6bfd105a Mon Sep 17 00:00:00 2001 From: Nick Metz Date: Mon, 10 Feb 2020 10:26:39 +0100 Subject: [PATCH 3/4] Set default for enable_http2 to false, update documentation --- .../services/apimanagement/resource_arm_api_management.go | 2 +- website/docs/r/api_management.html.markdown | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/azurerm/internal/services/apimanagement/resource_arm_api_management.go b/azurerm/internal/services/apimanagement/resource_arm_api_management.go index 9239f1350d9e..f2e444abf051 100644 --- a/azurerm/internal/services/apimanagement/resource_arm_api_management.go +++ b/azurerm/internal/services/apimanagement/resource_arm_api_management.go @@ -213,7 +213,7 @@ func resourceArmApiManagementService() *schema.Resource { "enable_http2": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: false, }, }, }, diff --git a/website/docs/r/api_management.html.markdown b/website/docs/r/api_management.html.markdown index d2c2544e4d4d..094f99514915 100644 --- a/website/docs/r/api_management.html.markdown +++ b/website/docs/r/api_management.html.markdown @@ -167,7 +167,7 @@ A `proxy` block supports the following: A `protocols` block supports the following: -* `enable_http2` - (Optional) Should HTTP/2 support be enabled on the client-facing side of the gateway? +* `enable_http2` - (Optional) Should HTTP/2 support be enabled on the client-facing side of the gateway? Defaults to `false`. --- From 2edc265ed0c4f3277fd5bd0862d5cc7f26506ca4 Mon Sep 17 00:00:00 2001 From: Nick Metz Date: Mon, 10 Feb 2020 13:07:08 +0100 Subject: [PATCH 4/4] Add comment to remove computed in 2.0, update description in documentation, update tests --- .../services/apimanagement/resource_arm_api_management.go | 3 +-- .../tests/resource_arm_api_management_test.go | 7 ++----- website/docs/r/api_management.html.markdown | 2 +- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/azurerm/internal/services/apimanagement/resource_arm_api_management.go b/azurerm/internal/services/apimanagement/resource_arm_api_management.go index f2e444abf051..5146ebd6650d 100644 --- a/azurerm/internal/services/apimanagement/resource_arm_api_management.go +++ b/azurerm/internal/services/apimanagement/resource_arm_api_management.go @@ -205,11 +205,10 @@ func resourceArmApiManagementService() *schema.Resource { "protocols": { Type: schema.TypeList, Optional: true, - Computed: true, + Computed: true, // TODO: remove in 2.0 MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ - "enable_http2": { Type: schema.TypeBool, Optional: true, diff --git a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go index e4160ad73778..a31d047b5a5f 100644 --- a/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go +++ b/azurerm/internal/services/apimanagement/tests/resource_arm_api_management_test.go @@ -104,7 +104,7 @@ func TestAccAzureRMApiManagement_customProps(t *testing.T) { Config: testAccAzureRMApiManagement_customProps(data), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApiManagementExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "protocols.0.enable_http2", "true"), + resource.TestCheckResourceAttr(data.ResourceName, "protocols.0.enable_http2", "false"), ), }, data.ImportStep(), @@ -126,6 +126,7 @@ func TestAccAzureRMApiManagement_complete(t *testing.T) { testCheckAzureRMApiManagementExists(data.ResourceName), resource.TestCheckResourceAttr(data.ResourceName, "tags.Acceptance", "Test"), resource.TestCheckResourceAttrSet(data.ResourceName, "public_ip_addresses.#"), + resource.TestCheckResourceAttr(data.ResourceName, "protocols.0.enable_http2", "true"), ), }, { @@ -428,10 +429,6 @@ resource "azurerm_api_management" "test" { sku_name = "Developer_1" - protocols { - enable_http2 = true - } - security { enable_frontend_tls10 = true enable_triple_des_ciphers = true diff --git a/website/docs/r/api_management.html.markdown b/website/docs/r/api_management.html.markdown index 094f99514915..1189514c5fad 100644 --- a/website/docs/r/api_management.html.markdown +++ b/website/docs/r/api_management.html.markdown @@ -167,7 +167,7 @@ A `proxy` block supports the following: A `protocols` block supports the following: -* `enable_http2` - (Optional) Should HTTP/2 support be enabled on the client-facing side of the gateway? Defaults to `false`. +* `enable_http2` - (Optional) Should HTTP/2 be supported by the API Management Service? Defaults to `false`. ---