Added GCP Netblock Data Source (#1416) (#1580)

* Added GCP Netblock Data Source (#1416)

* Added docs for google_netblock_ip_ranges (#1416)

* Code review changes (#1416)

Author: ortaman

google/data_source_google_netblock_ip_ranges.go

@@ -0,0 +1,128 @@
+package google
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform/helper/schema"
+	"io/ioutil"
+	"net/http"
+	"strings"
+)
+
+func dataSourceGoogleNetblockIpRanges() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceGoogleNetblockIpRangesRead,
+
+		Schema: map[string]*schema.Schema{
+			"cidr_blocks": {
+				Type:     schema.TypeList,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
+			"cidr_blocks_ipv4": {
+				Type:     schema.TypeList,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
+			"cidr_blocks_ipv6": {
+				Type:     schema.TypeList,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Computed: true,
+			},
+		},
+	}
+}
+
+func dataSourceGoogleNetblockIpRangesRead(d *schema.ResourceData, meta interface{}) error {
+	d.SetId("netblock-ip-ranges")
+
+	// https://cloud.google.com/compute/docs/faq#where_can_i_find_product_name_short_ip_ranges
+	CidrBlocks, err := getCidrBlocks()
+
+	if err != nil {
+		return err
+	}
+
+	d.Set("cidr_blocks", CidrBlocks["cidr_blocks"])
+	d.Set("cidr_blocks_ipv4", CidrBlocks["cidr_blocks_ipv4"])
+	d.Set("cidr_blocks_ipv6", CidrBlocks["cidr_blocks_ipv6"])
+
+	return nil
+}
+
+func netblock_request(name string) (string, error) {
+	const DNS_URL = "https://dns.google.com/resolve?name=%s&type=TXT"
+
+	response, err := http.Get(fmt.Sprintf("https://dns.google.com/resolve?name=%s&type=TXT", name))
+
+	if err != nil {
+		return "", fmt.Errorf("Error from _cloud-netblocks: %s", err)
+	}
+
+	defer response.Body.Close()
+	body, err := ioutil.ReadAll(response.Body)
+
+	if err != nil {
+		return "", fmt.Errorf("Error to retrieve the domains list: %s", err)
+	}
+
+	return string(body), nil
+}
+
+func getCidrBlocks() (map[string][]string, error) {
+	const INITIAL_NETBLOCK_DNS = "_cloud-netblocks.googleusercontent.com"
+	var dnsNetblockList []string
+	cidrBlocks := make(map[string][]string)
+
+	response, err := netblock_request(INITIAL_NETBLOCK_DNS)
+
+	if err != nil {
+		return nil, err
+	}
+
+	splitedResponse := strings.Split(string(response), " ")
+
+	for _, sp := range splitedResponse {
+		if strings.HasPrefix(sp, "include:") {
+			dnsNetblock := strings.Replace(sp, "include:", "", 1)
+			dnsNetblockList = append(dnsNetblockList, dnsNetblock)
+		}
+	}
+
+	for len(dnsNetblockList) > 0 {
+
+		dnsNetblock := dnsNetblockList[0]
+
+		dnsNetblockList[0] = ""
+		dnsNetblockList = dnsNetblockList[1:len(dnsNetblockList)]
+
+		response, err = netblock_request(dnsNetblock)
+
+		if err != nil {
+			return nil, err
+		}
+
+		splitedResponse = strings.Split(string(response), " ")
+
+		for _, sp := range splitedResponse {
+			if strings.HasPrefix(sp, "ip") {
+
+				cdrBlock := strings.Split(sp, ":")[1]
+				cidrBlocks["cidr_blocks"] = append(cidrBlocks["cidr_blocks"], cdrBlock)
+
+				if strings.HasPrefix(sp, "ip4") {
+					cdrBlock := strings.Replace(sp, "ip4:", "", 1)
+					cidrBlocks["cidr_blocks_ipv4"] = append(cidrBlocks["cidr_blocks_ipv4"], cdrBlock)
+
+				} else if strings.HasPrefix(sp, "ip6") {
+					cdrBlock := strings.Replace(sp, "ip6:", "", 1)
+					cidrBlocks["cidr_blocks_ipv6"] = append(cidrBlocks["cidr_blocks_ipv6"], cdrBlock)
+				}
+			} else if strings.HasPrefix(sp, "include:") {
+				cidr_block := strings.Replace(sp, "include:", "", 1)
+				dnsNetblockList = append(dnsNetblockList, cidr_block)
+			}
+		}
+	}
+
+	return cidrBlocks, nil
+}

google/data_source_google_netblock_ip_ranges_test.go

@@ -0,0 +1,38 @@
+package google
+
+import (
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccDataSourceGoogleNetblockIpRanges_basic(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccNetblockIpRangesConfig,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks.#", regexp.MustCompile(("^[1-9]+[0-9]*$"))),
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks.0", regexp.MustCompile("^[0-9./:]+$")),
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks_ipv4.#", regexp.MustCompile(("^[1-9]+[0-9]*$"))),
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks_ipv4.0", regexp.MustCompile("^[0-9./]+$")),
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks_ipv6.#", regexp.MustCompile(("^[1-9]+[0-9]*$"))),
+					resource.TestMatchResourceAttr("data.google_netblock_ip_ranges.some",
+						"cidr_blocks_ipv6.0", regexp.MustCompile("^[0-9./:]+$")),
+				),
+			},
+		},
+	})
+}
+
+const testAccNetblockIpRangesConfig = `
+data "google_netblock_ip_ranges" "some" {}
+`

google/provider.go

@@ -87,6 +87,7 @@ func Provider() terraform.ResourceProvider {
 			"google_iam_policy":                      dataSourceGoogleIamPolicy(),
 			"google_kms_secret":                      dataSourceGoogleKmsSecret(),
 			"google_folder":                          dataSourceGoogleFolder(),
+			"google_netblock_ip_ranges":              dataSourceGoogleNetblockIpRanges(),
 			"google_organization":                    dataSourceGoogleOrganization(),
 			"google_service_account":                 dataSourceGoogleServiceAccount(),
 			"google_service_account_key":             dataSourceGoogleServiceAccountKey(),

website/docs/d/datasource_google_netblock_ip_ranges.html.markdown

@@ -0,0 +1,39 @@
+---
+layout: "google"
+page_title: "Google: google_netblock_ip_ranges"
+sidebar_current: "docs-google-datasource-netblock-ip-ranges"
+description: |-
+  Use this data source to get the IP ranges from the sender policy framework (SPF) record of \_cloud-netblocks.googleusercontent.com
+---
+
+# google_netblock_ip_ranges
+
+Use this data source to get the IP ranges from the sender policy framework (SPF) record of \_cloud-netblocks.googleusercontent
+
+https://cloud.google.com/compute/docs/faq#where_can_i_find_product_name_short_ip_ranges
+
+## Example Usage
+
+```tf
+data "google_netblock_ip_ranges" "netblock" {}
+
+output "cidr_blocks" {
+  value = "${data.google_netblock_ip_ranges.netblock.cidr_blocks}"
+}
+
+output "cidr_blocks_ipv4" {
+  value = "${data.google_netblock_ip_ranges.netblock.cidr_blocks_ipv4}"
+}
+
+output "cidr_blocks_ipv6" {
+  value = "${data.google_netblock_ip_ranges.netblock.cidr_blocks_ipv6}"
+}
+```
+
+## Attributes Reference
+
+* `cidr_blocks` - Retrieve list of all CIDR blocks.
+
+* `cidr_blocks_ipv4` - Retrieve list of the IP4 CIDR blocks
+
+* `cidr_blocks_ipv6` - Retrieve list of the IP6 CIDR blocks.

website/google.erb

@@ -91,6 +91,9 @@
       <li<%= sidebar_current("docs-google-kms-secret") %>>
       <a href="/docs/providers/google/d/google_kms_secret.html">google_kms_secret</a>
       </li>
+      <li<%= sidebar_current("docs-google-datasource-netblock-ip-ranges") %>>
+      <a href="/docs/providers/google/d/datasource_google_netblock_ip_ranges.html">google_netblock_ip_ranges</a>
+      </li>
       <li<%= sidebar_current("docs-google-datasource-organization") %>>
       <a href="/docs/providers/google/d/google_organization.html">google_organization</a>
       </li>