terraform-provider-greenhost/digitalocean/resource_digitalocean_certi...

package digitalocean

import (
	"context"
	"fmt"
	"log"
	"time"

	"github.com/digitalocean/godo"
	"github.com/hashicorp/terraform/helper/resource"
	"github.com/hashicorp/terraform/helper/schema"
	"github.com/hashicorp/terraform/helper/validation"
)

func resourceDigitalOceanCertificate() *schema.Resource {
	return &schema.Resource{
		Create: resourceDigitalOceanCertificateCreate,
		Read:   resourceDigitalOceanCertificateRead,
		Delete: resourceDigitalOceanCertificateDelete,
		Importer: &schema.ResourceImporter{
			State: schema.ImportStatePassthrough,
		},

		Schema: map[string]*schema.Schema{
			"name": {
				Type:         schema.TypeString,
				Required:     true,
				ForceNew:     true,
				ValidateFunc: validation.NoZeroValues,
			},

			"private_key": {
				Type:         schema.TypeString,
				Optional:     true,
				Sensitive:    true,
				ForceNew:     true,
				ValidateFunc: validation.NoZeroValues,
			},

			"leaf_certificate": {
				Type:         schema.TypeString,
				Optional:     true,
				ForceNew:     true,
				ValidateFunc: validation.NoZeroValues,
			},

			"certificate_chain": {
				Type:         schema.TypeString,
				Optional:     true,
				ForceNew:     true,
				ValidateFunc: validation.NoZeroValues,
			},

			"domains": {
				Type: schema.TypeSet,
				Elem: &schema.Schema{
					Type:         schema.TypeString,
					ValidateFunc: validation.NoZeroValues,
				},
				Optional:      true,
				ForceNew:      true,
				ConflictsWith: []string{"private_key", "leaf_certificate", "certificate_chain"},
				// The domains attribute is computed for custom certs and should be ignored in diffs.
				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
					return d.Get("type") == "custom"
				},
			},

			"type": {
				Type:     schema.TypeString,
				Optional: true,
				ForceNew: true,
				Default:  "custom",
				ValidateFunc: validation.StringInSlice([]string{
					"custom",
					"lets_encrypt",
				}, false),
			},

			"state": {
				Type:     schema.TypeString,
				Computed: true,
			},

			"not_after": {
				Type:     schema.TypeString,
				Computed: true,
			},

			"sha1_fingerprint": {
				Type:     schema.TypeString,
				Computed: true,
			},
		},
	}
}

func buildCertificateRequest(d *schema.ResourceData) (*godo.CertificateRequest, error) {
	req := &godo.CertificateRequest{
		Name: d.Get("name").(string),
		Type: d.Get("type").(string),
	}

	if v, ok := d.GetOk("private_key"); ok {
		req.PrivateKey = v.(string)
	}
	if v, ok := d.GetOk("leaf_certificate"); ok {
		req.LeafCertificate = v.(string)
	}
	if v, ok := d.GetOk("certificate_chain"); ok {
		req.CertificateChain = v.(string)
	}

	if v, ok := d.GetOk("domains"); ok {
		req.DNSNames = expandDigitalOceanCertificateDomains(v.(*schema.Set).List())
	}

	return req, nil
}

func resourceDigitalOceanCertificateCreate(d *schema.ResourceData, meta interface{}) error {
	client := meta.(*CombinedConfig).godoClient()

	certificateType := d.Get("type").(string)
	if certificateType == "custom" {
		if _, ok := d.GetOk("private_key"); !ok {
			return fmt.Errorf("`private_key` is required for when type is `custom` or empty")
		}

		if _, ok := d.GetOk("leaf_certificate"); !ok {
			return fmt.Errorf("`leaf_certificate` is required for when type is `custom` or empty")
		}
	} else if certificateType == "lets_encrypt" {

		if _, ok := d.GetOk("domains"); !ok {
			return fmt.Errorf("`domains` is required for when type is `lets_encrypt`")
		}
	}

	log.Printf("[INFO] Create a Certificate Request")

	certReq, err := buildCertificateRequest(d)
	if err != nil {
		return err
	}

	log.Printf("[DEBUG] Certificate Create: %#v", certReq)
	cert, _, err := client.Certificates.Create(context.Background(), certReq)
	if err != nil {
		return fmt.Errorf("Error creating Certificate: %s", err)
	}

	d.SetId(cert.ID)

	log.Printf("[INFO] Waiting for certificate (%s) to have state 'verified'", cert.ID)
	stateConf := &resource.StateChangeConf{
		Pending:    []string{"pending"},
		Target:     []string{"verified"},
		Refresh:    newCertificateStateRefreshFunc(d, meta),
		Timeout:    d.Timeout(schema.TimeoutCreate),
		Delay:      10 * time.Second,
		MinTimeout: 3 * time.Second,
	}

	if _, err := stateConf.WaitForState(); err != nil {
		return fmt.Errorf("Error waiting for certificate (%s) to become active: %s", d.Get("name"), err)
	}

	return resourceDigitalOceanCertificateRead(d, meta)
}

func resourceDigitalOceanCertificateRead(d *schema.ResourceData, meta interface{}) error {
	client := meta.(*CombinedConfig).godoClient()

	log.Printf("[INFO] Reading the details of the Certificate %s", d.Id())
	cert, resp, err := client.Certificates.Get(context.Background(), d.Id())
	if err != nil {
		// check if the certificate no longer exists.
		if resp != nil && resp.StatusCode == 404 {
			log.Printf("[WARN] DigitalOcean Certificate (%s) not found", d.Id())
			d.SetId("")
			return nil
		}

		return fmt.Errorf("Error retrieving Certificate: %s", err)
	}

	d.Set("name", cert.Name)
	d.Set("type", cert.Type)
	d.Set("state", cert.State)
	d.Set("not_after", cert.NotAfter)
	d.Set("sha1_fingerprint", cert.SHA1Fingerprint)

	if err := d.Set("domains", flattenDigitalOceanCertificateDomains(cert.DNSNames)); err != nil {
		return fmt.Errorf("Error setting `domains`: %+v", err)
	}

	return nil

}

func resourceDigitalOceanCertificateDelete(d *schema.ResourceData, meta interface{}) error {
	client := meta.(*CombinedConfig).godoClient()

	log.Printf("[INFO] Deleting Certificate: %s", d.Id())
	_, err := client.Certificates.Delete(context.Background(), d.Id())
	if err != nil {
		return fmt.Errorf("Error deleting Certificate: %s", err)
	}

	return nil

}

func expandDigitalOceanCertificateDomains(domains []interface{}) []string {
	expandedDomains := make([]string, len(domains))
	for i, v := range domains {
		expandedDomains[i] = v.(string)
	}

	return expandedDomains
}

func flattenDigitalOceanCertificateDomains(domains []string) *schema.Set {
	if domains == nil {
		return nil
	}

	flattenedDomains := schema.NewSet(schema.HashString, []interface{}{})
	for _, v := range domains {
		if v != "" {
			flattenedDomains.Add(v)
		}
	}

	return flattenedDomains
}

func newCertificateStateRefreshFunc(d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {
	client := meta.(*CombinedConfig).godoClient()
	return func() (interface{}, string, error) {

		// Retrieve the certificate properties
		cert, _, err := client.Certificates.Get(context.Background(), d.Id())
		if err != nil {
			return nil, "", fmt.Errorf("Error retrieving certifica: %s", err)
		}

		return cert, cert.State, nil
	}
}
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`package digitalocean`

			`import (`
			`"context"`
			`"fmt"`
			`"log"`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`"time"`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00
			`"github.com/digitalocean/godo"`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`"github.com/hashicorp/terraform/helper/resource"`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`"github.com/hashicorp/terraform/helper/schema"`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`"github.com/hashicorp/terraform/helper/validation"`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`)`

			`func resourceDigitalOceanCertificate() *schema.Resource {`
			`return &schema.Resource{`
			`Create: resourceDigitalOceanCertificateCreate,`
			`Read: resourceDigitalOceanCertificateRead,`
			`Delete: resourceDigitalOceanCertificateDelete,`
Add importability for Load Balancers and Certificate. (#104) * Added importability for load balancer * Added importability, go fmt'ed * Added importability for DNS records * added importability for certificates * Added import notes for DNS records and load balancers * Added import tests * Added random int for test configs * Added certificates for the test to import * Fixed docs, added certificate importability on docs * Make TestAccDigitalOceanCertificate_importBasic pass by reusing certificate generation from resource_digitalocean_certificate_test.go * Fix importablity of Load Balancer Droplet droplet_ids. * Revert "Added importability for DNS records" This reverts commit 94b1f69fe756c862125d0b899d49eca74f7bd591. * Remove mention of record imports in docs. * Remove digitalocean/import_digitalocean_record_test.go 2018-06-25 23:38:10 +00:00			`Importer: &schema.ResourceImporter{`
			`State: schema.ImportStatePassthrough,`
			`},`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00
			`Schema: map[string]*schema.Schema{`
			`"name": {`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Type: schema.TypeString,`
			`Required: true,`
			`ForceNew: true,`
			`ValidateFunc: validation.NoZeroValues,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`

			`"private_key": {`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Type: schema.TypeString,`
			`Optional: true,`
			`Sensitive: true,`
			`ForceNew: true,`
			`ValidateFunc: validation.NoZeroValues,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`

			`"leaf_certificate": {`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Type: schema.TypeString,`
			`Optional: true,`
			`ForceNew: true,`
			`ValidateFunc: validation.NoZeroValues,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`

			`"certificate_chain": {`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Type: schema.TypeString,`
			`Optional: true,`
			`ForceNew: true,`
			`ValidateFunc: validation.NoZeroValues,`
			`},`

			`"domains": {`
			`Type: schema.TypeSet,`
			`Elem: &schema.Schema{`
			`Type: schema.TypeString,`
			`ValidateFunc: validation.NoZeroValues,`
			`},`
			`Optional: true,`
			`ForceNew: true,`
			`ConflictsWith: []string{"private_key", "leaf_certificate", "certificate_chain"},`
Add explanitory comment. 2018-10-04 18:26:28 +00:00			`// The domains attribute is computed for custom certs and should be ignored in diffs.`
Suppress diff for dns names on custom certificate resources (Fixes: #146). 2018-10-04 15:41:55 +00:00			`DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {`
			`return d.Get("type") == "custom"`
			`},`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`},`

			`"type": {`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`Type: schema.TypeString,`
			`Optional: true,`
			`ForceNew: true,`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Default: "custom",`
			`ValidateFunc: validation.StringInSlice([]string{`
			`"custom",`
			`"lets_encrypt",`
			`}, false),`
			`},`

			`"state": {`
			`Type: schema.TypeString,`
			`Computed: true,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`

			`"not_after": {`
			`Type: schema.TypeString,`
provider/digitalocean: Mark not_after and sha1_fingerprint as computed 2017-05-26 14:21:08 +00:00			`Computed: true,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`

			`"sha1_fingerprint": {`
			`Type: schema.TypeString,`
provider/digitalocean: Mark not_after and sha1_fingerprint as computed 2017-05-26 14:21:08 +00:00			`Computed: true,`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`},`
			`},`
			`}`
			`}`

			`func buildCertificateRequest(d schema.ResourceData) (godo.CertificateRequest, error) {`
			`req := &godo.CertificateRequest{`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`Name: d.Get("name").(string),`
			`Type: d.Get("type").(string),`
			`}`

			`if v, ok := d.GetOk("private_key"); ok {`
			`req.PrivateKey = v.(string)`
			`}`
			`if v, ok := d.GetOk("leaf_certificate"); ok {`
			`req.LeafCertificate = v.(string)`
			`}`
			`if v, ok := d.GetOk("certificate_chain"); ok {`
			`req.CertificateChain = v.(string)`
			`}`

			`if v, ok := d.GetOk("domains"); ok {`
			`req.DNSNames = expandDigitalOceanCertificateDomains(v.(*schema.Set).List())`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`}`

			`return req, nil`
			`}`

			`func resourceDigitalOceanCertificateCreate(d *schema.ResourceData, meta interface{}) error {`
Update all resources and datasources to use new method of accessing the godo client. 2019-01-07 23:48:17 +00:00			`client := meta.(*CombinedConfig).godoClient()`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00
Certificates: Move attribute validation from CustomizeDiff to Create (Fixes: #163). When CustomizeDiff is run for a new resource, it does not have access to the current state. In the digitalocean_certificate resource, we are using a CustomizeDiff function to validate that certain attributes are used together depending on the certificate type. When the value for one of those attributes is interpolated, as in the case of generating a cert using the acme provider, the validation fails since it depends on reading the value from state. As state is not present, the value is interpreted as empty. From the CustomizeDiff doc string: > // The phases Terraform runs this in, and the state available via functions > // like Get and GetChange, are as follows: > // > // * New resource: One run with no state https://godoc.org/github.com/hashicorp/terraform/helper/schema#Resource This PR moves the validation from the CustomizeDiff function into the Create function as well as adding acceptance tests: ``` $ make testacc TESTARGS='-run=TestAccDigitalOceanCertificate_ExpectedErrors' ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test $(go list ./... \|grep -v 'vendor') -v -run=TestAccDigitalOceanCertificate_ExpectedE$ ? github.com/terraform-providers/terraform-provider-digitalocean [no test files] === RUN TestAccDigitalOceanCertificate_ExpectedErrors --- PASS: TestAccDigitalOceanCertificate_ExpectedErrors (0.10s) PASS ok github.com/terraform-providers/terraform-provider-digitalocean/digitalocean (cached) ``` 2019-03-28 18:13:22 +00:00			`certificateType := d.Get("type").(string)`
			`if certificateType == "custom" {`
			`if _, ok := d.GetOk("private_key"); !ok {`
			return fmt.Errorf("`private_key` is required for when type is `custom` or empty")
			`}`

			`if _, ok := d.GetOk("leaf_certificate"); !ok {`
			return fmt.Errorf("`leaf_certificate` is required for when type is `custom` or empty")
			`}`
			`} else if certificateType == "lets_encrypt" {`

			`if _, ok := d.GetOk("domains"); !ok {`
			return fmt.Errorf("`domains` is required for when type is `lets_encrypt`")
			`}`
			`}`

provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`log.Printf("[INFO] Create a Certificate Request")`

			`certReq, err := buildCertificateRequest(d)`
			`if err != nil {`
			`return err`
			`}`

			`log.Printf("[DEBUG] Certificate Create: %#v", certReq)`
			`cert, _, err := client.Certificates.Create(context.Background(), certReq)`
			`if err != nil {`
			`return fmt.Errorf("Error creating Certificate: %s", err)`
			`}`

			`d.SetId(cert.ID)`

Fixed a debug message typo 2018-09-04 19:00:54 +00:00			`log.Printf("[INFO] Waiting for certificate (%s) to have state 'verified'", cert.ID)`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`stateConf := &resource.StateChangeConf{`
			`Pending: []string{"pending"},`
			`Target: []string{"verified"},`
			`Refresh: newCertificateStateRefreshFunc(d, meta),`
			`Timeout: d.Timeout(schema.TimeoutCreate),`
			`Delay: 10 * time.Second,`
			`MinTimeout: 3 * time.Second,`
			`}`

			`if _, err := stateConf.WaitForState(); err != nil {`
			`return fmt.Errorf("Error waiting for certificate (%s) to become active: %s", d.Get("name"), err)`
			`}`

provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`return resourceDigitalOceanCertificateRead(d, meta)`
			`}`

			`func resourceDigitalOceanCertificateRead(d *schema.ResourceData, meta interface{}) error {`
Update all resources and datasources to use new method of accessing the godo client. 2019-01-07 23:48:17 +00:00			`client := meta.(*CombinedConfig).godoClient()`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00
			`log.Printf("[INFO] Reading the details of the Certificate %s", d.Id())`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`cert, resp, err := client.Certificates.Get(context.Background(), d.Id())`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`if err != nil {`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`// check if the certificate no longer exists.`
			`if resp != nil && resp.StatusCode == 404 {`
			`log.Printf("[WARN] DigitalOcean Certificate (%s) not found", d.Id())`
			`d.SetId("")`
			`return nil`
			`}`

provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`return fmt.Errorf("Error retrieving Certificate: %s", err)`
			`}`

			`d.Set("name", cert.Name)`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`d.Set("type", cert.Type)`
			`d.Set("state", cert.State)`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`d.Set("not_after", cert.NotAfter)`
			`d.Set("sha1_fingerprint", cert.SHA1Fingerprint)`

Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`if err := d.Set("domains", flattenDigitalOceanCertificateDomains(cert.DNSNames)); err != nil {`
			return fmt.Errorf("Error setting `domains`: %+v", err)
			`}`

provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00			`return nil`

			`}`

			`func resourceDigitalOceanCertificateDelete(d *schema.ResourceData, meta interface{}) error {`
Update all resources and datasources to use new method of accessing the godo client. 2019-01-07 23:48:17 +00:00			`client := meta.(*CombinedConfig).godoClient()`
provider/digitalocean: Add support for certificates Besides the support for DO certificates themselves, this commit also includes: 1) A new `RandTLSCert` function that generates a valid, self-signed TLS certificate to be used in the test 2) A fix for the PEM encoding of the private key generated in `RandSSHKeyPair`: the PEM was always empty 2017-05-16 10:40:33 +00:00
			`log.Printf("[INFO] Deleting Certificate: %s", d.Id())`
			`_, err := client.Certificates.Delete(context.Background(), d.Id())`
			`if err != nil {`
			`return fmt.Errorf("Error deleting Certificate: %s", err)`
			`}`

			`return nil`

			`}`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00
			`func expandDigitalOceanCertificateDomains(domains []interface{}) []string {`
			`expandedDomains := make([]string, len(domains))`
			`for i, v := range domains {`
			`expandedDomains[i] = v.(string)`
			`}`

			`return expandedDomains`
			`}`

			`func flattenDigitalOceanCertificateDomains(domains []string) *schema.Set {`
			`if domains == nil {`
			`return nil`
			`}`

			`flattenedDomains := schema.NewSet(schema.HashString, []interface{}{})`
			`for _, v := range domains {`
			`if v != "" {`
			`flattenedDomains.Add(v)`
			`}`
			`}`

			`return flattenedDomains`
			`}`

			`func newCertificateStateRefreshFunc(d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {`
Update all resources and datasources to use new method of accessing the godo client. 2019-01-07 23:48:17 +00:00			`client := meta.(*CombinedConfig).godoClient()`
Added support for LetsEncrypt issued certificates 2018-08-29 18:45:16 +00:00			`return func() (interface{}, string, error) {`

			`// Retrieve the certificate properties`
			`cert, _, err := client.Certificates.Get(context.Background(), d.Id())`
			`if err != nil {`
			`return nil, "", fmt.Errorf("Error retrieving certifica: %s", err)`
			`}`

			`return cert, cert.State, nil`
			`}`
			`}`