feat(vpcgw): read gateway network's private IPs (#3077)

Co-authored-by: Yacine FODIL <[email protected]>

Author: Mia-Cross

docs/resources/vpc_gateway_network.md

@@ -113,6 +113,9 @@ In addition to all arguments above, the following attributes are exported:
 - `created_at` - The date and time of the creation of the GatewayNetwork.
 - `updated_at` - The date and time of the last update of the GatewayNetwork.
 - `status` - The status of the Public Gateway's connection to the Private Network.
+- `private_ip` - The private IPv4 address associated with the resource.
+    - `id` - The ID of the IPv4 address resource.
+    - `address` - The private IPv4 address.
 
 ## Import
 

internal/services/k8s/testdata/pool-public-ip-disabled.cassette.yaml

@@ -4,8 +4,10 @@ import (
 	"context"
 	"time"
 
+	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	ipamAPI "github.com/scaleway/scaleway-sdk-go/api/ipam/v1"
 	"github.com/scaleway/scaleway-sdk-go/api/vpcgw/v1"
 	v2 "github.com/scaleway/scaleway-sdk-go/api/vpcgw/v2"
 	"github.com/scaleway/scaleway-sdk-go/scw"
@@ -14,6 +16,7 @@ import (
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/locality/zonal"
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/meta"
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/services/instance"
+	"github.com/scaleway/terraform-provider-scaleway/v2/internal/services/ipam"
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/types"
 )
 
@@ -223,10 +226,10 @@ func readVPCGWResourceDataV2(d *schema.ResourceData, gw *v2.Gateway) diag.Diagno
 }
 
 // readVPCGWNetworkResourceDataV1 sets the resource data using a v1 gateway network
-func readVPCGWNetworkResourceDataV1(d *schema.ResourceData, gatewayNetwork *vpcgw.GatewayNetwork) diag.Diagnostics {
+func readVPCGWNetworkResourceDataV1(d *schema.ResourceData, gatewayNetwork *vpcgw.GatewayNetwork, diags diag.Diagnostics) diag.Diagnostics {
 	fetchRegion, err := gatewayNetwork.Zone.Region()
 	if err != nil {
-		return diag.FromErr(err)
+		return append(diags, diag.FromErr(err)...)
 	}
 
 	_ = d.Set("private_network_id", regional.NewIDString(fetchRegion, gatewayNetwork.PrivateNetworkID))
@@ -265,10 +268,10 @@ func readVPCGWNetworkResourceDataV1(d *schema.ResourceData, gatewayNetwork *vpcg
 }
 
 // readVPCGWNetworkResourceDataV2 sets the resource data using a v1 gateway network
-func readVPCGWNetworkResourceDataV2(d *schema.ResourceData, gatewayNetwork *v2.GatewayNetwork) diag.Diagnostics {
+func readVPCGWNetworkResourceDataV2(d *schema.ResourceData, gatewayNetwork *v2.GatewayNetwork, diags diag.Diagnostics) diag.Diagnostics {
 	fetchRegion, err := gatewayNetwork.Zone.Region()
 	if err != nil {
-		return diag.FromErr(err)
+		return append(diags, diag.FromErr(err)...)
 	}
 
 	_ = d.Set("private_network_id", regional.NewIDString(fetchRegion, gatewayNetwork.PrivateNetworkID))
@@ -301,6 +304,74 @@ func readVPCGWNetworkResourceDataV2(d *schema.ResourceData, gatewayNetwork *v2.G
 	return nil
 }
 
+func getPrivateIPsV1(ctx context.Context, gn *vpcgw.GatewayNetwork, m interface{}) (interface{}, diag.Diagnostics) {
+	var privateIPs []map[string]interface{}
+
+	resourceID := gn.ID
+
+	region, err := gn.Zone.Region()
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	resourceType := ipamAPI.ResourceTypeVpcGatewayNetwork
+	opts := &ipam.GetResourcePrivateIPsOptions{
+		ResourceID:       &resourceID,
+		ResourceType:     &resourceType,
+		PrivateNetworkID: &gn.PrivateNetworkID,
+	}
+
+	privateIPs, err = ipam.GetResourcePrivateIPs(ctx, m, region, opts)
+	if err != nil {
+		if !httperrors.Is403(err) {
+			return nil, diag.FromErr(err)
+		}
+
+		return nil, diag.Diagnostics{diag.Diagnostic{
+			Severity:      diag.Warning,
+			Summary:       err.Error(),
+			Detail:        "Got 403 while reading private IPs from IPAM API, please check your IAM permissions",
+			AttributePath: cty.GetAttrPath("private_ips"),
+		}}
+	}
+
+	return privateIPs, nil
+}
+
+func getPrivateIPsV2(ctx context.Context, gn *v2.GatewayNetwork, m interface{}) (interface{}, diag.Diagnostics) {
+	var privateIPs []map[string]interface{}
+
+	resourceID := gn.ID
+
+	region, err := gn.Zone.Region()
+	if err != nil {
+		return nil, diag.FromErr(err)
+	}
+
+	resourceType := ipamAPI.ResourceTypeVpcGatewayNetwork
+	opts := &ipam.GetResourcePrivateIPsOptions{
+		ResourceID:       &resourceID,
+		ResourceType:     &resourceType,
+		PrivateNetworkID: &gn.PrivateNetworkID,
+	}
+
+	privateIPs, err = ipam.GetResourcePrivateIPs(ctx, m, region, opts)
+	if err != nil {
+		if !httperrors.Is403(err) {
+			return nil, diag.FromErr(err)
+		}
+
+		return nil, diag.Diagnostics{diag.Diagnostic{
+			Severity:      diag.Warning,
+			Summary:       err.Error(),
+			Detail:        "Got 403 while reading private IPs from IPAM API, please check your IAM permissions",
+			AttributePath: cty.GetAttrPath("private_ips"),
+		}}
+	}
+
+	return privateIPs, nil
+}
+
 // updateGatewayV1 performs the update of the public gateway using the v1 API
 func updateGatewayV1(ctx context.Context, d *schema.ResourceData, apiV1 *vpcgw.API, zone scw.Zone, id string) error {
 	v1UpdateRequest := &vpcgw.UpdateGatewayRequest{

internal/services/rdb/testdata/instance-private-network.cassette.yaml

@@ -125,6 +125,25 @@ func ResourceNetwork() *schema.Resource {
 				Computed:    true,
 				Description: "The mac address on this network",
 			},
+			"private_ip": {
+				Type:        schema.TypeList,
+				Computed:    true,
+				Description: "The private IPv4 address associated with the resource.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"id": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The ID of the IPv4 address resource.",
+						},
+						"address": {
+							Type:        schema.TypeString,
+							Computed:    true,
+							Description: "The private IPv4 address.",
+						},
+					},
+				},
+			},
 			"created_at": {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -207,6 +226,8 @@ func ResourceVPCGatewayNetworkRead(ctx context.Context, d *schema.ResourceData,
 		return diag.FromErr(err)
 	}
 
+	var diags diag.Diagnostics
+
 	gatewayNetwork, err := waitForVPCGatewayNetworkV2(ctx, api, zone, ID, d.Timeout(schema.TimeoutRead))
 	if err != nil {
 		if httperrors.Is412(err) {
@@ -218,7 +239,16 @@ func ResourceVPCGatewayNetworkRead(ctx context.Context, d *schema.ResourceData,
 				return diag.FromErr(err)
 			}
 
-			return readVPCGWNetworkResourceDataV1(d, gatewayV1)
+			if gatewayNetwork.PrivateNetworkID != "" {
+				privateIPs, diags := getPrivateIPsV1(ctx, gatewayV1, m)
+				if diags != nil && len(diags) > 0 && diags[0].Severity == diag.Error {
+					return diags
+				}
+
+				_ = d.Set("private_ip", privateIPs)
+			}
+
+			return readVPCGWNetworkResourceDataV1(d, gatewayV1, diags)
 		} else if httperrors.Is404(err) {
 			d.SetId("")
 
@@ -228,7 +258,16 @@ func ResourceVPCGatewayNetworkRead(ctx context.Context, d *schema.ResourceData,
 		return diag.FromErr(err)
 	}
 
-	return readVPCGWNetworkResourceDataV2(d, gatewayNetwork)
+	if gatewayNetwork.PrivateNetworkID != "" {
+		privateIPs, diags := getPrivateIPsV2(ctx, gatewayNetwork, m)
+		if diags != nil && len(diags) > 0 && diags[0].Severity == diag.Error {
+			return diags
+		}
+
+		_ = d.Set("private_ip", privateIPs)
+	}
+
+	return readVPCGWNetworkResourceDataV2(d, gatewayNetwork, diags)
 }
 
 func ResourceVPCGatewayNetworkUpdate(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {

internal/services/vpc/testdata/data-source-routes-basic.cassette.yaml

@@ -64,6 +64,8 @@ func TestAccVPCGatewayNetwork_WithIPAMConfig(t *testing.T) {
 					resource.TestCheckResourceAttr("scaleway_vpc_gateway_network.main", "ipam_config.0.push_default_route", "true"),
 					resource.TestCheckResourceAttrSet("scaleway_vpc_gateway_network.main", "ipam_config.0.ipam_ip_id"),
 					resource.TestCheckResourceAttr("scaleway_vpc_gateway_network.main", "enable_masquerade", "true"),
+					resource.TestCheckResourceAttrSet("scaleway_vpc_gateway_network.main", "private_ip.0.id"),
+					resource.TestCheckResourceAttrSet("scaleway_vpc_gateway_network.main", "private_ip.0.address"),
 				),
 			},
 			{