* feat(acme): implement CRUD API for proxmox cluster ACME
* feat(acme): implement acme_accounts data source
* feat(acme): implement acme_account data source
* fix(acme): wait for task status on account creation
* feat(acme): implement account resource creation
* feat(acme): implement account read
* fix(acme): wait for task status on account update
* feat(acme): implement account update
* fix(acme): wait for task status on account deletion
* feat(acme): implement account deletion
* feat(acme): implement account import
* feat(acme): provide correctly typed API response for `account` field
* feat(acme): implement account schema for acme_account data source
* fix(acme): read `location` into state in acme_account resource
* fix(acme): ensure `name` of acme_account resource can't be changed
* docs(acme): generate documentation
* feat(acme): read back ACME account details from API
* Revert "fix(acme): ensure `name` of acme_account resource can't be changed"
* fix(acme): provide default for acme account name
* fix(acme): acme account name can't be changed
* chore(acme): update resource doc to clarify PVE auth requirements
* chore(acme): add `created_at` attr to the resource, sort model fields & schema attributes alphabetically
---------
Signed-off-by: Björn Brauer <zaubernerd@zaubernerd.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* fix(vm): improve reliability of VM create / get operations
- Add retries to GET API calls, fix retrying on POST (VM create) API calls.
- Minor fix in acceptance tests
---------
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* feat(nodes): Initial support to manage APT repositories
> Summary
This commit implements initial support for managing APT repositories
which is (currently) limited to…
- …adding "standard" repositories to allow to configure it.
- toggling the activation status (enabled/disabled) of any configured
repository.
+ !WARNING!
+ Note that deleting or modifying a repository in any other way is
+ (sadly) not possible (yet?)!
+ The limited functionality is due to the (current) capabilities of
+ the Proxmox VE APT repository API [1] itself.
>> Why are there two resources for one API entity?
Even though an APT repository should be seen as a single API entity, it
was required to implement standard repositories as dedicated
`proxmox_virtual_environment_apt_standard_repository`. This is because
standard repositories must be configured (added) first to the default
source list files because their activation status can be toggled. This
is handled by the HTTP `PUT` request, but the modifying request is
`POST` which would require two calls within the same Terraform execution
cycle. I tried to implement it in a single resource and it worked out
mostly after some handling some edges cases, but in the end there were
still too many situations an edge cases where it might break due to
Terraform state drifts between states. In the end the dedicated
resources are way cleaner and easier to use without no complexity and
conditional attribute juggling for practitioners.
>> Other "specialties"
Unfortunately the Proxmox VE API responses to HTTP `GET` requests with
four larger arrays which are, more or less, kind of connected to each
other, but they also somehow stand on their own. This means that there
is a `files` array that contains the `repositories` again which again
contains all repositories with their metadata of every source file. On
the other hand available standard repositories are listed in the
`standard-repos` array, but their activation status is only stored when
they have already been added through a `PUT` request. The `infos` array
is more less useless.
So in order to get the required data and store them in the state the
`importFromAPI` methods of the models must loop through all the
deep-nested arrays and act based on specific attributes like a matching
file path, comparing it to the activation status and so on.
In the end the implementation is really stable after testing it with all
possible conditions and state combinations.
@bpg if you'd like me to create a small data logic flow chart to make it
easier to understand some parts of the code let me know. I can make my
local notes "shareable" which I created to not loose track of the logic.
>> What is the way to manage the activation status of a "standard" repository?
Because the two resources are modular and scoped they can be simply
combined to manage an APT "standard" repository, e.g. toggling its
activation status. The following examples are also included in the
documentations.
```hcl
// This resource ensure that the "no-subscription" standard repository
// is added to the source list.
// It represents the `PUT` API request.
resource "proxmox_virtual_environment_apt_standard_repository" "example" {
handle = "no-subscription"
node = "pve"
}
// This resource allows to actually modify the activation status of the
// standard repository as it represents the `POST`.
// Using the values from the dedicated standard repository resource
// makes sure that Terraform correctly resolves dependency order.
resource "proxmox_virtual_environment_apt_repository" "example" {
enabled = true
file_path = proxmox_virtual_environment_apt_standard_repository.example.file_path
index = proxmox_virtual_environment_apt_standard_repository.example.index
node = proxmox_virtual_environment_apt_standard_repository.example.node
}
```
[1]: https://pve.proxmox.com/pve-docs/api-viewer/#/nodes/{node}/apt/repositories
---------
Signed-off-by: Sven Greb <development@svengreb.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
feat(vm2): add initial support for `cdrom`
This is a breaking change comparing to v1 - switching the cdrom schema from a nested block to a nested attribute map.
Improvements comparing to v1:
- support for `ide`, `sata`, `scsi` interfaces
- support for multiple cdroms
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* misc(vm2): add support for `vga`
* fix: use random VM IDs in parallel acc tests
---------
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* fix: ignore upgrade parameter when custom cloud-init file is used
Signed-off-by: Kai <nankeen@users.noreply.github.com>
* fix acceptance tests, make `upgrade` computed
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
---------
Signed-off-by: Kai <nankeen@users.noreply.github.com>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Kai <nankeen@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* feat(vm): add initial support for IDE
Very broken, doesn't properly work at the moment, WIP
Signed-off-by: DevMiner <devminer@devminer.xyz>
* add acceptance test for ide disks, fixed few issues
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
* update VM example
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
---------
Signed-off-by: DevMiner <devminer@devminer.xyz>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
This commit implements the `next-id` and `notify` PVE API cluster
options.
The `next-id` attribute allows to control the range for the next free
VM ID. It is implemented as object and can be used in the
`proxmox_virtual_environment_cluster_options` resource and can be used
like this:
```terraform
resource "proxmox_virtual_environment_cluster_options" "options" {
next_id = {
lower = 200
upper = 299
}
}
```
Note that the minimum and maximum values are unfortunately not
documented in the PVE API explorer but can be found in the web UI where
the form fields have validations!
The `notify` PVE API attribute is also an object that has all the PVE
API fields:
```terraform
resource "proxmox_virtual_environment_cluster_options" "options" {
notify = {
ha_fencing_mode = "never"
ha_fencing_target = "default-matcher"
package_updates = "always"
package_updates_target = "default-matcher"
package_replication = "always"
package_replication_target = "default-matcher"
}
}
```terraform
Note that the "fencing" attribute names have been adjusted to better
reflect their meaning since they are scoped to the Proxmox VE HA fencing
feature [1]. All attributes with the `_target` suffix are names for the
Proxmox VE notifications matchers [2].
[1]: https://pve.proxmox.com/wiki/Fencing
[2]: https://pve.proxmox.com/pve-docs/chapter-notifications.html#notification_matchers
---------
Signed-off-by: Sven Greb <development@svengreb.de>
* feat(cluster): Implement initial support for "hardware mappings"
Right now it is alredy possible to use a mapped resource [1], but there
is no dedicated `proxmox_virtual_environment_cluster_hardware_mapping`
resource but this step must still be done manually (or automated through
other ways that interact with the Proxmox API).
This commit implements support for "hardware mapping" resources and data
sources for the, currently, available bus types PCI and USB, based on
the Proxmox VE API documentations [2].
There are some "specialities" in these resources and data sources:
1. The Proxmox VE API attribute, but this implementations names it
"comment" since this naming is generally across the Proxmox VE web UI
and API documentations. This still follows the Terraform
"best practices" [3] as it improves the user experience by matching
the field name to the naming used in the human-facing interfaces.
2. Like in point 1, the name of the attribute of "node checks
diagnostics" for USB hardware mappings is "errors" in the Proxmox VE
API while it is "checks" for hardware mappings of type PCI.
The second naming pattern is also generally used across the
Proxmox VE web UI and API documentations, including the "check_node"
attribute that is also implemented in the
"proxmox_virtual_environment_hardware_mappings" data source.
Therefore, this implementation named both attributes "checks" which
still follows the Terraform "best practices" [3] as it improves the
user experience by matching the field name to the naming used in the
human-facing interfaces.
3. This implmenetation comes with the "unique" feature of allowing
comments (named "descriptions" by the Proxmox VE API) for an entry in
a device map which is not possible through the web UI at all but only
adding a comment for the whole mapping entry instead.
Note that this implementation also adds another point in the
"Known Issues" documentation since it is only possible to map a
PCI/USB device using the `root` PAM account, but this is still better
than having to manually configure it through the web UI or by
interacting with the Proxmox VE API on other ways.
[1]: https://github.com/bpg/terraform-provider-proxmox/pull/500
[2]: https://pve.proxmox.com/pve-docs/api-viewer/#/cluster/mapping/pci
[3]: https://developer.hashicorp.com/terraform/plugin/best-practices/hashicorp-provider-design-principles#resource-and-attribute-schema-should-closely-match-the-underlying-api
Signed-off-by: Sven Greb <development@svengreb.de>
* fix linter
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
---------
Signed-off-by: Sven Greb <development@svengreb.de>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
