From 1eb0fe0a34fadc14354ad83bbea89133fc056571 Mon Sep 17 00:00:00 2001
From: Dan Petersen <dp@danitso.com>
Date: Wed, 1 Jan 2020 22:58:22 +0100
Subject: [PATCH] Additional certificate attributes

---
 README.md                                     |  10 +-
 ...esource_virtual_environment_certificate.tf |  36 +++++
 ...esource_virtual_environment_certificate.go | 134 +++++++++++++++++-
 ...ce_virtual_environment_certificate_test.go |  30 ++++
 4 files changed, 204 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 286894ff..3f223ae4 100644
--- a/README.md
+++ b/README.md
@@ -261,7 +261,15 @@ This data source doesn't accept arguments.
 * `private_key` - (Required) The PEM encoded private key
 
 ###### Attributes
-This resource doesn't expose any additional attributes.
+* `expiration_date` - The expiration date (RFC 3339)
+* `file_name` - The file name
+* `issuer` - The issuer
+* `public_key_size` - The public key size
+* `public_key_type` - The public key type
+* `ssl_fingerprint` - The SSL fingerprint
+* `start_date` - The start date (RFC 3339)
+* `subject` - The subject
+* `subject_alternative_names` - The subject alternative names
 
 ##### DNS (proxmox_virtual_environment_dns)
 
diff --git a/example/resource_virtual_environment_certificate.tf b/example/resource_virtual_environment_certificate.tf
index 6f02ce2c..53423462 100644
--- a/example/resource_virtual_environment_certificate.tf
+++ b/example/resource_virtual_environment_certificate.tf
@@ -26,3 +26,39 @@ resource "tls_self_signed_cert" "proxmox_virtual_environment_certificate" {
     "server_auth",
   ]
 }
+
+output "resource_proxmox_virtual_environment_certificate_example_expiration_date" {
+  value = "${proxmox_virtual_environment_certificate.example.expiration_date}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_file_name" {
+  value = "${proxmox_virtual_environment_certificate.example.file_name}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_issuer" {
+  value = "${proxmox_virtual_environment_certificate.example.issuer}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_public_key_size" {
+  value = "${proxmox_virtual_environment_certificate.example.public_key_size}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_public_key_type" {
+  value = "${proxmox_virtual_environment_certificate.example.public_key_type}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_ssl_fingerprint" {
+  value = "${proxmox_virtual_environment_certificate.example.ssl_fingerprint}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_start_date" {
+  value = "${proxmox_virtual_environment_certificate.example.start_date}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_subject" {
+  value = "${proxmox_virtual_environment_certificate.example.subject}"
+}
+
+output "resource_proxmox_virtual_environment_certificate_example_subject_alternative_names" {
+  value = "${proxmox_virtual_environment_certificate.example.subject_alternative_names}"
+}
diff --git a/proxmoxtf/resource_virtual_environment_certificate.go b/proxmoxtf/resource_virtual_environment_certificate.go
index 959d84a4..088c891d 100644
--- a/proxmoxtf/resource_virtual_environment_certificate.go
+++ b/proxmoxtf/resource_virtual_environment_certificate.go
@@ -7,6 +7,7 @@ package proxmoxtf
 import (
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/danitso/terraform-provider-proxmox/proxmox"
 	"github.com/hashicorp/terraform/helper/schema"
@@ -16,11 +17,20 @@ const (
 	dvResourceVirtualEnvironmentCertificateCertificateChain = ""
 	dvResourceVirtualEnvironmentCertificateOverwrite        = false
 
-	mkResourceVirtualEnvironmentCertificateCertificate      = "certificate"
-	mkResourceVirtualEnvironmentCertificateCertificateChain = "certificate_chain"
-	mkResourceVirtualEnvironmentCertificateNodeName         = "node_name"
-	mkResourceVirtualEnvironmentCertificateOverwrite        = "overwrite"
-	mkResourceVirtualEnvironmentCertificatePrivateKey       = "private_key"
+	mkResourceVirtualEnvironmentCertificateCertificate             = "certificate"
+	mkResourceVirtualEnvironmentCertificateCertificateChain        = "certificate_chain"
+	mkResourceVirtualEnvironmentCertificateFileName                = "file_name"
+	mkResourceVirtualEnvironmentCertificateIssuer                  = "issuer"
+	mkResourceVirtualEnvironmentCertificateNodeName                = "node_name"
+	mkResourceVirtualEnvironmentCertificateExpirationDate          = "expiration_date"
+	mkResourceVirtualEnvironmentCertificateOverwrite               = "overwrite"
+	mkResourceVirtualEnvironmentCertificatePrivateKey              = "private_key"
+	mkResourceVirtualEnvironmentCertificatePublicKeySize           = "public_key_size"
+	mkResourceVirtualEnvironmentCertificatePublicKeyType           = "public_key_type"
+	mkResourceVirtualEnvironmentCertificateSSLFingerprint          = "ssl_fingerprint"
+	mkResourceVirtualEnvironmentCertificateStartDate               = "start_date"
+	mkResourceVirtualEnvironmentCertificateSubject                 = "subject"
+	mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames = "subject_alternative_names"
 )
 
 func resourceVirtualEnvironmentCertificate() *schema.Resource {
@@ -37,6 +47,21 @@ func resourceVirtualEnvironmentCertificate() *schema.Resource {
 				Optional:    true,
 				Default:     dvResourceVirtualEnvironmentCertificateCertificateChain,
 			},
+			mkResourceVirtualEnvironmentCertificateExpirationDate: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The expiration date",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateFileName: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The file name",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateIssuer: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The issuer",
+				Computed:    true,
+			},
 			mkResourceVirtualEnvironmentCertificateNodeName: &schema.Schema{
 				Type:        schema.TypeString,
 				Description: "The node name",
@@ -55,6 +80,37 @@ func resourceVirtualEnvironmentCertificate() *schema.Resource {
 				Required:    true,
 				Sensitive:   true,
 			},
+			mkResourceVirtualEnvironmentCertificatePublicKeySize: &schema.Schema{
+				Type:        schema.TypeInt,
+				Description: "The public key size",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificatePublicKeyType: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The public key type",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateSSLFingerprint: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The SSL fingerprint",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateStartDate: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The start date",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateSubject: &schema.Schema{
+				Type:        schema.TypeString,
+				Description: "The subject",
+				Computed:    true,
+			},
+			mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames: &schema.Schema{
+				Type:        schema.TypeList,
+				Description: "The subject alternative names",
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString},
+			},
 		},
 		Create: resourceVirtualEnvironmentCertificateCreate,
 		Read:   resourceVirtualEnvironmentCertificateRead,
@@ -147,6 +203,74 @@ func resourceVirtualEnvironmentCertificateRead(d *schema.ResourceData, m interfa
 				d.Set(mkResourceVirtualEnvironmentCertificateCertificate, newCertificate)
 				d.Set(mkResourceVirtualEnvironmentCertificateCertificateChain, newCertificateChain)
 			}
+
+			d.Set(mkResourceVirtualEnvironmentCertificateFileName, *c.FileName)
+
+			if c.NotAfter != nil {
+				t := time.Time(*c.NotAfter)
+
+				d.Set(mkResourceVirtualEnvironmentCertificateExpirationDate, t.UTC().Format(time.RFC3339))
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateExpirationDate, "")
+			}
+
+			if c.Issuer != nil {
+				d.Set(mkResourceVirtualEnvironmentCertificateIssuer, *c.Issuer)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateIssuer, "")
+			}
+
+			if c.PublicKeyBits != nil {
+				d.Set(mkResourceVirtualEnvironmentCertificatePublicKeySize, *c.PublicKeyBits)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificatePublicKeySize, 0)
+			}
+
+			if c.PublicKeyType != nil {
+				pkType := *c.PublicKeyType
+
+				for _, pkt := range []string{"ecdsa", "dsa", "rsa"} {
+					if strings.Contains(pkType, pkt) {
+						pkType = pkt
+					}
+				}
+
+				d.Set(mkResourceVirtualEnvironmentCertificatePublicKeyType, pkType)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificatePublicKeyType, "")
+			}
+
+			if c.Fingerprint != nil {
+				d.Set(mkResourceVirtualEnvironmentCertificateSSLFingerprint, *c.Fingerprint)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateSSLFingerprint, "")
+			}
+
+			if c.NotBefore != nil {
+				t := time.Time(*c.NotBefore)
+
+				d.Set(mkResourceVirtualEnvironmentCertificateStartDate, t.UTC().Format(time.RFC3339))
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateStartDate, "")
+			}
+
+			if c.Subject != nil {
+				d.Set(mkResourceVirtualEnvironmentCertificateSubject, *c.Subject)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateSubject, "")
+			}
+
+			if c.SubjectAlternativeNames != nil {
+				sanList := make([]interface{}, len(*c.SubjectAlternativeNames))
+
+				for i, san := range *c.SubjectAlternativeNames {
+					sanList[i] = san
+				}
+
+				d.Set(mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames, sanList)
+			} else {
+				d.Set(mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames, []interface{}{})
+			}
 		}
 	}
 
diff --git a/proxmoxtf/resource_virtual_environment_certificate_test.go b/proxmoxtf/resource_virtual_environment_certificate_test.go
index 4dbdecb6..c54c1209 100644
--- a/proxmoxtf/resource_virtual_environment_certificate_test.go
+++ b/proxmoxtf/resource_virtual_environment_certificate_test.go
@@ -33,15 +33,45 @@ func TestResourceVirtualEnvironmentCertificateSchema(t *testing.T) {
 		mkResourceVirtualEnvironmentCertificateCertificateChain,
 	})
 
+	testComputedAttributes(t, s, []string{
+		mkResourceVirtualEnvironmentCertificateExpirationDate,
+		mkResourceVirtualEnvironmentCertificateFileName,
+		mkResourceVirtualEnvironmentCertificateIssuer,
+		mkResourceVirtualEnvironmentCertificatePublicKeySize,
+		mkResourceVirtualEnvironmentCertificatePublicKeyType,
+		mkResourceVirtualEnvironmentCertificateSSLFingerprint,
+		mkResourceVirtualEnvironmentCertificateStartDate,
+		mkResourceVirtualEnvironmentCertificateSubject,
+		mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames,
+	})
+
 	testSchemaValueTypes(t, s, []string{
 		mkResourceVirtualEnvironmentCertificateCertificate,
 		mkResourceVirtualEnvironmentCertificateCertificateChain,
+		mkResourceVirtualEnvironmentCertificateExpirationDate,
+		mkResourceVirtualEnvironmentCertificateFileName,
+		mkResourceVirtualEnvironmentCertificateIssuer,
 		mkResourceVirtualEnvironmentCertificateNodeName,
 		mkResourceVirtualEnvironmentCertificatePrivateKey,
+		mkResourceVirtualEnvironmentCertificatePublicKeySize,
+		mkResourceVirtualEnvironmentCertificatePublicKeyType,
+		mkResourceVirtualEnvironmentCertificateSSLFingerprint,
+		mkResourceVirtualEnvironmentCertificateStartDate,
+		mkResourceVirtualEnvironmentCertificateSubject,
+		mkResourceVirtualEnvironmentCertificateSubjectAlternativeNames,
 	}, []schema.ValueType{
 		schema.TypeString,
 		schema.TypeString,
 		schema.TypeString,
 		schema.TypeString,
+		schema.TypeString,
+		schema.TypeString,
+		schema.TypeString,
+		schema.TypeInt,
+		schema.TypeString,
+		schema.TypeString,
+		schema.TypeString,
+		schema.TypeString,
+		schema.TypeList,
 	})
 }