Skip to content

Commit f043398

Browse files
matheuspolitanomatheuspolitano
authored
cdn add geofence feature (#1020)
* add geofencing attribute to "stackit_cdn_distribution"
1 parent 87bc741 commit f043398

File tree

9 files changed

+324
-23
lines changed

9 files changed

+324
-23
lines changed

docs/data-sources/cdn_distribution.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@ Read-Only:
5858

5959
Read-Only:
6060

61+
- `geofencing` (Map of List of String) A map of URLs to a list of countries where content is allowed.
6162
- `origin_request_headers` (Map of String) The configured origin request headers for the backend
6263
- `origin_url` (String) The configured backend type for the distribution
6364
- `type` (String) The configured backend type. Supported values are: `http`.

docs/resources/cdn_distribution.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,9 @@ resource "stackit_cdn_distribution" "example_distribution" {
2222
backend = {
2323
type = "http"
2424
origin_url = "https://mybackend.onstackit.cloud"
25+
geofencing = {
26+
"https://mybackend.onstackit.cloud" = ["DE"]
27+
}
2528
}
2629
regions = ["EU", "US", "ASIA", "AF", "SA"]
2730
blocked_countries = ["DE", "AT", "CH"]
@@ -80,6 +83,7 @@ Required:
8083

8184
Optional:
8285

86+
- `geofencing` (Map of List of String) A map of URLs to a list of countries where content is allowed.
8387
- `origin_request_headers` (Map of String) The configured origin request headers for the backend
8488

8589

examples/resources/stackit_cdn_distribution/resource.tf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@ resource "stackit_cdn_distribution" "example_distribution" {
44
backend = {
55
type = "http"
66
origin_url = "https://mybackend.onstackit.cloud"
7+
geofencing = {
8+
"https://mybackend.onstackit.cloud" = ["DE"]
9+
}
710
}
811
regions = ["EU", "US", "ASIA", "AF", "SA"]
912
blocked_countries = ["DE", "AT", "CH"]

stackit/internal/services/cdn/cdn_acc_test.go

Lines changed: 41 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,13 @@ var instanceResource = map[string]string{
3535
"dns_name": fmt.Sprintf("tf-acc-%s.stackit.gg", strings.Split(uuid.NewString(), "-")[0]),
3636
}
3737

38-
func configResources(regions string) string {
38+
func configResources(regions string, geofencingCountries []string) string {
39+
var quotedCountries []string
40+
for _, country := range geofencingCountries {
41+
quotedCountries = append(quotedCountries, fmt.Sprintf(`%q`, country))
42+
}
43+
44+
geofencingList := strings.Join(quotedCountries, ",")
3945
return fmt.Sprintf(`
4046
%s
4147
@@ -45,6 +51,9 @@ func configResources(regions string) string {
4551
backend = {
4652
type = "http"
4753
origin_url = "%s"
54+
geofencing = {
55+
"%s" = [%s]
56+
}
4857
}
4958
regions = [%s]
5059
blocked_countries = [%s]
@@ -70,12 +79,12 @@ func configResources(regions string) string {
7079
type = "CNAME"
7180
records = ["${stackit_cdn_distribution.distribution.domains[0].name}."]
7281
}
73-
`, testutil.CdnProviderConfig(), testutil.ProjectId, instanceResource["config_backend_origin_url"],
82+
`, testutil.CdnProviderConfig(), testutil.ProjectId, instanceResource["config_backend_origin_url"], instanceResource["config_backend_origin_url"], geofencingList,
7483
regions, instanceResource["blocked_countries"], testutil.ProjectId, instanceResource["dns_name"],
7584
testutil.ProjectId, instanceResource["custom_domain_prefix"])
7685
}
7786

78-
func configCustomDomainResources(regions, cert, key string) string {
87+
func configCustomDomainResources(regions, cert, key string, geofencingCountries []string) string {
7988
return fmt.Sprintf(`
8089
%s
8190
@@ -88,10 +97,10 @@ func configCustomDomainResources(regions, cert, key string) string {
8897
private_key = %q
8998
}
9099
}
91-
`, configResources(regions), cert, key)
100+
`, configResources(regions, geofencingCountries), cert, key)
92101
}
93102

94-
func configDatasources(regions, cert, key string) string {
103+
func configDatasources(regions, cert, key string, geofencingCountries []string) string {
95104
return fmt.Sprintf(`
96105
%s
97106
@@ -106,7 +115,7 @@ func configDatasources(regions, cert, key string) string {
106115
name = stackit_cdn_custom_domain.custom_domain.name
107116
108117
}
109-
`, configCustomDomainResources(regions, cert, key))
118+
`, configCustomDomainResources(regions, cert, key, geofencingCountries))
110119
}
111120
func makeCertAndKey(t *testing.T, organization string) (cert, key []byte) {
112121
privateKey, err := rsa.GenerateKey(cryptoRand.Reader, 2048)
@@ -149,6 +158,7 @@ func TestAccCDNDistributionResource(t *testing.T) {
149158
fullDomainName := fmt.Sprintf("%s.%s", instanceResource["custom_domain_prefix"], instanceResource["dns_name"])
150159
organization := fmt.Sprintf("organization-%s", uuid.NewString())
151160
cert, key := makeCertAndKey(t, organization)
161+
geofencing := []string{"DE", "ES"}
152162

153163
organization_updated := fmt.Sprintf("organization-updated-%s", uuid.NewString())
154164
cert_updated, key_updated := makeCertAndKey(t, organization_updated)
@@ -158,7 +168,7 @@ func TestAccCDNDistributionResource(t *testing.T) {
158168
Steps: []resource.TestStep{
159169
// Distribution Create
160170
{
161-
Config: configResources(instanceResource["config_regions"]),
171+
Config: configResources(instanceResource["config_regions"], geofencing),
162172
Check: resource.ComposeAggregateTestCheckFunc(
163173
resource.TestCheckResourceAttrSet("stackit_cdn_distribution.distribution", "distribution_id"),
164174
resource.TestCheckResourceAttrSet("stackit_cdn_distribution.distribution", "created_at"),
@@ -173,22 +183,32 @@ func TestAccCDNDistributionResource(t *testing.T) {
173183
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "config.blocked_countries.#", "2"),
174184
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "config.blocked_countries.0", "CU"),
175185
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "config.blocked_countries.1", "AQ"),
186+
resource.TestCheckResourceAttr(
187+
"stackit_cdn_distribution.distribution",
188+
fmt.Sprintf("config.backend.geofencing.%s.0", instanceResource["config_backend_origin_url"]),
189+
"DE",
190+
),
191+
resource.TestCheckResourceAttr(
192+
"stackit_cdn_distribution.distribution",
193+
fmt.Sprintf("config.backend.geofencing.%s.1", instanceResource["config_backend_origin_url"]),
194+
"ES",
195+
),
176196
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "config.optimizer.enabled", "true"),
177197
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "project_id", testutil.ProjectId),
178198
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "status", "ACTIVE"),
179199
),
180200
},
181201
// Wait step, that confirms the CNAME record has "propagated"
182202
{
183-
Config: configResources(instanceResource["config_regions"]),
203+
Config: configResources(instanceResource["config_regions"], geofencing),
184204
Check: func(_ *terraform.State) error {
185205
_, err := blockUntilDomainResolves(fullDomainName)
186206
return err
187207
},
188208
},
189209
// Custom Domain Create
190210
{
191-
Config: configCustomDomainResources(instanceResource["config_regions"], string(cert), string(key)),
211+
Config: configCustomDomainResources(instanceResource["config_regions"], string(cert), string(key), geofencing),
192212
Check: resource.ComposeAggregateTestCheckFunc(
193213
resource.TestCheckResourceAttr("stackit_cdn_custom_domain.custom_domain", "status", "ACTIVE"),
194214
resource.TestCheckResourceAttr("stackit_cdn_custom_domain.custom_domain", "name", fullDomainName),
@@ -242,7 +262,7 @@ func TestAccCDNDistributionResource(t *testing.T) {
242262
},
243263
// Data Source
244264
{
245-
Config: configDatasources(instanceResource["config_regions"], string(cert), string(key)),
265+
Config: configDatasources(instanceResource["config_regions"], string(cert), string(key), geofencing),
246266
Check: resource.ComposeAggregateTestCheckFunc(
247267
resource.TestCheckResourceAttrSet("data.stackit_cdn_distribution.distribution", "distribution_id"),
248268
resource.TestCheckResourceAttrSet("data.stackit_cdn_distribution.distribution", "created_at"),
@@ -255,6 +275,16 @@ func TestAccCDNDistributionResource(t *testing.T) {
255275
resource.TestCheckResourceAttr("data.stackit_cdn_distribution.distribution", "domains.0.type", "managed"),
256276
resource.TestCheckResourceAttr("data.stackit_cdn_distribution.distribution", "domains.1.type", "custom"),
257277
resource.TestCheckResourceAttr("data.stackit_cdn_distribution.distribution", "config.regions.#", "2"),
278+
resource.TestCheckResourceAttr(
279+
"data.stackit_cdn_distribution.distribution",
280+
fmt.Sprintf("config.backend.geofencing.%s.0", instanceResource["config_backend_origin_url"]),
281+
"DE",
282+
),
283+
resource.TestCheckResourceAttr(
284+
"data.stackit_cdn_distribution.distribution",
285+
fmt.Sprintf("config.backend.geofencing.%s.1", instanceResource["config_backend_origin_url"]),
286+
"ES",
287+
),
258288
resource.TestCheckResourceAttr("data.stackit_cdn_distribution.distribution", "config.regions.0", "EU"),
259289
resource.TestCheckResourceAttr("data.stackit_cdn_distribution.distribution", "config.regions.1", "US"),
260290
resource.TestCheckResourceAttr("stackit_cdn_distribution.distribution", "config.blocked_countries.#", "2"),
@@ -271,7 +301,7 @@ func TestAccCDNDistributionResource(t *testing.T) {
271301
},
272302
// Update
273303
{
274-
Config: configCustomDomainResources(instanceResource["config_regions_updated"], string(cert_updated), string(key_updated)),
304+
Config: configCustomDomainResources(instanceResource["config_regions_updated"], string(cert_updated), string(key_updated), geofencing),
275305
Check: resource.ComposeAggregateTestCheckFunc(
276306
resource.TestCheckResourceAttrSet("stackit_cdn_distribution.distribution", "distribution_id"),
277307
resource.TestCheckResourceAttrSet("stackit_cdn_distribution.distribution", "created_at"),

stackit/internal/services/cdn/distribution/datasource.go

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,6 +142,13 @@ func (r *distributionDataSource) Schema(_ context.Context, _ datasource.SchemaRe
142142
Description: schemaDescriptions["config_backend_origin_request_headers"],
143143
ElementType: types.StringType,
144144
},
145+
"geofencing": schema.MapAttribute{
146+
Description: "A map of URLs to a list of countries where content is allowed.",
147+
Computed: true,
148+
ElementType: types.ListType{
149+
ElemType: types.StringType,
150+
},
151+
},
145152
},
146153
},
147154
"regions": schema.ListAttribute{
@@ -192,7 +199,7 @@ func (r *distributionDataSource) Read(ctx context.Context, req datasource.ReadRe
192199
resp.State.RemoveResource(ctx)
193200
return
194201
}
195-
err = mapFields(distributionResp.Distribution, &model)
202+
err = mapFields(ctx, distributionResp.Distribution, &model)
196203
if err != nil {
197204
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading CDN distribution", fmt.Sprintf("Error processing API response: %v", err))
198205
return

0 commit comments

Comments
 (0)