Merge remote-tracking branch 'origin/master' into add-api-management-…

…vnet-integration

.travis.yml

@@ -34,16 +34,12 @@ matrix:
     #- name: "make lintunused"
     #  script: GOGC=5 make lintunused
     - name: "make tflint"
-      script:
-      - GO111MODULE=off go get -u github.com/hashicorp/terraform
-      - make tflint
+      script: make tflint
     - name: "make test"
       script: make test
     - name: "make depscheck"
       script: make depscheck
     - name: "make website-lint"
-      script:
-      - GO111MODULE=off go get -u github.com/hashicorp/terraform
-      - make website-lint
+      script: make website-lint
     - name: "make website-test"
       script: make website-test

GNUmakefile

@@ -20,7 +20,7 @@ tools:
 	GO111MODULE=off go get -u github.com/bflad/tfproviderdocs
 	GO111MODULE=off go get -u github.com/katbyte/terrafmt
 
-build: fmtcheck
+build: fmtcheck generate
 	go install
 
 build-docker:
@@ -37,6 +37,9 @@ fmtcheck:
 	@sh "$(CURDIR)/scripts/gofmtcheck.sh"
 	@sh "$(CURDIR)/scripts/timeouts.sh"
 
+generate:
+	go generate ./azurerm/internal/provider/
+
 goimports:
 	@echo "==> Fixing imports code with goimports..."
 	goimports -w $(PKG_NAME)/
@@ -120,11 +123,14 @@ ifeq (,$(wildcard $(GOPATH)/src/$(WEBSITE_REPO)))
 endif
 	@$(MAKE) -C $(GOPATH)/src/$(WEBSITE_REPO) website-provider PROVIDER_PATH=$(shell pwd) PROVIDER_NAME=$(PKG_NAME)
 
+scaffold-website:
+	./scripts/scaffold-website.sh
+
 website-test:
 ifeq (,$(wildcard $(GOPATH)/src/$(WEBSITE_REPO)))
 	echo "$(WEBSITE_REPO) not found in your GOPATH (necessary for layouts and assets), get-ting..."
 	git clone https://$(WEBSITE_REPO) $(GOPATH)/src/$(WEBSITE_REPO)
 endif
 	@$(MAKE) -C $(GOPATH)/src/$(WEBSITE_REPO) website-provider-test PROVIDER_PATH=$(shell pwd) PROVIDER_NAME=$(PKG_NAME)
 
-.PHONY: build build-docker test test-docker testacc vet fmt fmtcheck errcheck test-compile website website-test
+.PHONY: build build-docker test test-docker testacc vet fmt fmtcheck errcheck scaffold-website test-compile website website-test

README.md

@@ -14,7 +14,9 @@ The AzureRM Provider supports Terraform 0.10.x and later - but Terraform 0.12.x
 provider "azurerm" {
   # We recommend pinning to the specific version of the Azure Provider you're using
   # since new versions are released frequently
-  version = "=1.43.0"
+  version = "=2.0.0"
+
+  features {}
 
   # More information on the authentication methods supported by
   # the AzureRM Provider can be found here:
@@ -45,7 +47,7 @@ Further [usage documentation is available on the Terraform website](https://www.
 
 ## Developer Requirements
 
-* [Terraform](https://www.terraform.io/downloads.html) version 0.10.x +
+* [Terraform](https://www.terraform.io/downloads.html) version 0.12.x +
 * [Go](https://golang.org/doc/install) version 1.13.x (to build the provider plugin)
 
 If you're on Windows you'll also need:
@@ -93,7 +95,7 @@ $ make test
 
 The majority of tests in the provider are Acceptance Tests - which provisions real resources in Azure. It's possible to run the entire acceptance test suite by running `make testacc` - however it's likely you'll want to run a subset, which you can do using a prefix, by running:
 
-```
+```sh
 make testacc SERVICE='resource' TESTARGS='-run=TestAccAzureRMResourceGroup' TESTTIMEOUT='60m'
 ```
 
@@ -110,3 +112,18 @@ The following Environment Variables must be set in your shell prior to running a
 
 **Note:** Acceptance tests create real resources in Azure which often cost money to run.
 
+---
+
+## Developer: Scaffolding the Website Documentation
+
+You can scaffold the documentation for a Data Source by running:
+
+```sh
+$ make scaffold-website BRAND_NAME="Resource Group" RESOURCE_NAME="azurerm_resource_group" RESOURCE_TYPE="data"
+```
+
+You can scaffold the documentation for a Resource by running:
+
+```sh
+$ make scaffold-website BRAND_NAME="Resource Group" RESOURCE_NAME="azurerm_resource_group" RESOURCE_TYPE="resource" RESOURCE_ID="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1"
+```

azurerm/helpers/azure/app_service.go

@@ -3,17 +3,22 @@ package azure
 import (
 	"fmt"
 	"log"
-	"net"
 	"regexp"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/web/mgmt/2018-02-01/web"
+	"github.com/Azure/azure-sdk-for-go/services/web/mgmt/2019-08-01/web"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/suppress"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
 )
 
+const (
+	// TODO: switch back once https://github.com/Azure/azure-rest-api-specs/pull/8435 has been fixed
+	SystemAssignedUserAssigned web.ManagedServiceIdentityType = "SystemAssigned, UserAssigned"
+)
+
 func SchemaAppServiceAadAuthSettings() *schema.Schema {
 	return &schema.Schema{
 		Type:     schema.TypeList,
@@ -225,7 +230,7 @@ func SchemaAppServiceIdentity() *schema.Schema {
 					ValidateFunc: validation.StringInSlice([]string{
 						string(web.ManagedServiceIdentityTypeNone),
 						string(web.ManagedServiceIdentityTypeSystemAssigned),
-						string(web.ManagedServiceIdentityTypeSystemAssignedUserAssigned),
+						string(SystemAssignedUserAssigned),
 						string(web.ManagedServiceIdentityTypeUserAssigned),
 					}, true),
 					DiffSuppressFunc: suppress.CaseDifference,
@@ -302,25 +307,15 @@ func SchemaAppServiceSiteConfig() *schema.Schema {
 					Elem: &schema.Resource{
 						Schema: map[string]*schema.Schema{
 							"ip_address": {
-								Type:     schema.TypeString,
-								Optional: true,
+								Type:         schema.TypeString,
+								Optional:     true,
+								ValidateFunc: validate.CIDR,
 							},
 							"virtual_network_subnet_id": {
 								Type:         schema.TypeString,
 								Optional:     true,
 								ValidateFunc: validation.StringIsNotEmpty,
 							},
-							"subnet_mask": {
-								Type:     schema.TypeString,
-								Optional: true,
-								Computed: true,
-								// TODO we should fix this in 2.0
-								// This attribute was made with the assumption that `ip_address` was the only valid option
-								// but `virtual_network_subnet_id` is being added and doesn't need a `subnet_mask`.
-								// We'll assume a default of "255.255.255.255" in the expand code when `ip_address` is specified
-								// and `subnet_mask` is not.
-								// Default:  "255.255.255.255",
-							},
 						},
 					},
 				},
@@ -477,11 +472,6 @@ func SchemaAppServiceSiteConfig() *schema.Schema {
 					}, false),
 				},
 
-				"virtual_network_name": {
-					Type:     schema.TypeString,
-					Optional: true,
-				},
-
 				"cors": SchemaWebCorsSettings(),
 
 				"auto_swap_slot_name": {
@@ -689,10 +679,6 @@ func SchemaAppServiceDataSourceSiteConfig() *schema.Schema {
 								Type:     schema.TypeString,
 								Computed: true,
 							},
-							"subnet_mask": {
-								Type:     schema.TypeString,
-								Computed: true,
-							},
 						},
 					},
 				},
@@ -777,11 +763,6 @@ func SchemaAppServiceDataSourceSiteConfig() *schema.Schema {
 					Computed: true,
 				},
 
-				"virtual_network_name": {
-					Type:     schema.TypeString,
-					Computed: true,
-				},
-
 				"cors": {
 					Type:     schema.TypeList,
 					Computed: true,
@@ -1334,7 +1315,7 @@ func ExpandAppServiceIdentity(input []interface{}) *web.ManagedServiceIdentity {
 		Type: identityType,
 	}
 
-	if managedServiceIdentity.Type == web.ManagedServiceIdentityTypeUserAssigned || managedServiceIdentity.Type == web.ManagedServiceIdentityTypeSystemAssignedUserAssigned {
+	if managedServiceIdentity.Type == web.ManagedServiceIdentityTypeUserAssigned || managedServiceIdentity.Type == SystemAssignedUserAssigned {
 		managedServiceIdentity.UserAssignedIdentities = identityIds
 	}
 
@@ -1439,31 +1420,20 @@ func ExpandAppServiceSiteConfig(input interface{}) (*web.SiteConfig, error) {
 			ipAddress := restriction["ip_address"].(string)
 			vNetSubnetID := restriction["virtual_network_subnet_id"].(string)
 			if vNetSubnetID != "" && ipAddress != "" {
-				return siteConfig, fmt.Errorf(fmt.Sprintf("only one of `ip_address` or `virtual_network_subnet_id` can set set for `site_config.0.ip_restriction.%d`", i))
+				return siteConfig, fmt.Errorf(fmt.Sprintf("only one of `ip_address` or `virtual_network_subnet_id` can be set for `site_config.0.ip_restriction.%d`", i))
 			}
 
 			if vNetSubnetID == "" && ipAddress == "" {
-				return siteConfig, fmt.Errorf(fmt.Sprintf("one of `ip_address` or `virtual_network_subnet_id` must be set set for `site_config.0.ip_restriction.%d`", i))
+				return siteConfig, fmt.Errorf(fmt.Sprintf("one of `ip_address` or `virtual_network_subnet_id` must be set for `site_config.0.ip_restriction.%d`", i))
 			}
 
 			ipSecurityRestriction := web.IPSecurityRestriction{}
+			if ipAddress == "Any" {
+				continue
+			}
+
 			if ipAddress != "" {
-				mask := restriction["subnet_mask"].(string)
-				if mask == "" {
-					mask = "255.255.255.255"
-				}
-				// the 2018-02-01 API expects a blank subnet mask and an IP address in CIDR format: a.b.c.d/x
-				// so translate the IP and mask if necessary
-				restrictionMask := ""
-				cidrAddress := ipAddress
-				if mask != "" {
-					ipNet := net.IPNet{IP: net.ParseIP(ipAddress), Mask: net.IPMask(net.ParseIP(mask))}
-					cidrAddress = ipNet.String()
-				} else if !strings.Contains(ipAddress, "/") {
-					cidrAddress += "/32"
-				}
-				ipSecurityRestriction.IPAddress = &cidrAddress
-				ipSecurityRestriction.SubnetMask = &restrictionMask
+				ipSecurityRestriction.IPAddress = &ipAddress
 			}
 
 			if vNetSubnetID != "" {
@@ -1519,10 +1489,6 @@ func ExpandAppServiceSiteConfig(input interface{}) (*web.SiteConfig, error) {
 		siteConfig.MinTLSVersion = web.SupportedTLSVersions(v.(string))
 	}
 
-	if v, ok := config["virtual_network_name"]; ok {
-		siteConfig.VnetName = utils.String(v.(string))
-	}
-
 	if v, ok := config["cors"]; ok {
 		corsSettings := v.(interface{})
 		expand := ExpandWebCorsSettings(corsSettings)
@@ -1587,20 +1553,14 @@ func FlattenAppServiceSiteConfig(input *web.SiteConfig) []interface{} {
 	if vs := input.IPSecurityRestrictions; vs != nil {
 		for _, v := range *vs {
 			block := make(map[string]interface{})
+
 			if ip := v.IPAddress; ip != nil {
-				// the 2018-02-01 API uses CIDR format (a.b.c.d/x), so translate that back to IP and mask
-				if strings.Contains(*ip, "/") {
-					ipAddr, ipNet, _ := net.ParseCIDR(*ip)
-					block["ip_address"] = ipAddr.String()
-					mask := net.IP(ipNet.Mask)
-					block["subnet_mask"] = mask.String()
+				if *ip == "Any" {
+					continue
 				} else {
 					block["ip_address"] = *ip
 				}
 			}
-			if subnet := v.SubnetMask; subnet != nil {
-				block["subnet_mask"] = *subnet
-			}
 			if vNetSubnetID := v.VnetSubnetResourceID; vNetSubnetID != nil {
 				block["virtual_network_subnet_id"] = *vNetSubnetID
 			}
@@ -1643,10 +1603,6 @@ func FlattenAppServiceSiteConfig(input *web.SiteConfig) []interface{} {
 		result["windows_fx_version"] = *input.WindowsFxVersion
 	}
 
-	if input.VnetName != nil {
-		result["virtual_network_name"] = *input.VnetName
-	}
-
 	result["scm_type"] = string(input.ScmType)
 	result["ftps_state"] = string(input.FtpsState)
 	result["min_tls_version"] = string(input.MinTLSVersion)

azurerm/helpers/azure/app_service_schedule_backup.go

@@ -9,9 +9,8 @@ import (
 
 	"github.com/Azure/go-autorest/autorest/date"
 
-	"github.com/Azure/azure-sdk-for-go/services/web/mgmt/2018-02-01/web"
+	"github.com/Azure/azure-sdk-for-go/services/web/mgmt/2019-08-01/web"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate"
 )
 
 func SchemaAppServiceBackup() *schema.Schema {
@@ -78,7 +77,7 @@ func SchemaAppServiceBackup() *schema.Schema {
 								Type:             schema.TypeString,
 								Optional:         true,
 								DiffSuppressFunc: suppress.RFC3339Time,
-								ValidateFunc:     validate.RFC3339Time,
+								ValidateFunc:     validation.IsRFC3339Time,
 							},
 						},
 					},
@@ -129,7 +128,7 @@ func ExpandAppServiceBackup(input []interface{}) *web.BackupRequest {
 		}
 
 		if v, ok := schedule["start_time"].(string); ok {
-			dateTimeToStart, _ := time.Parse(time.RFC3339, v) //validated by schema
+			dateTimeToStart, _ := time.Parse(time.RFC3339, v) // validated by schema
 			backupSchedule.StartTime = &date.Time{Time: dateTimeToStart}
 		}
 

azurerm/helpers/azure/batch_account.go

@@ -3,7 +3,7 @@ package azure
 import (
 	"fmt"
 
-	"github.com/Azure/azure-sdk-for-go/services/batch/mgmt/2018-12-01/batch"
+	"github.com/Azure/azure-sdk-for-go/services/batch/mgmt/2019-08-01/batch"
 )
 
 // ExpandBatchAccountKeyVaultReference expands Batch account KeyVault reference

azurerm/helpers/azure/batch_pool.go

@@ -7,7 +7,7 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/batch/mgmt/2018-12-01/batch"
+	"github.com/Azure/azure-sdk-for-go/services/batch/mgmt/2019-08-01/batch"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
 )
@@ -571,6 +571,11 @@ func ExpandBatchPoolNetworkConfiguration(list []interface{}) (*batch.NetworkConf
 		}
 	}
 
+	if v, ok := networkConfigValue["public_ips"]; ok {
+		publicIPsRaw := v.(*schema.Set).List()
+		networkConfiguration.PublicIPs = utils.ExpandStringSlice(publicIPsRaw)
+	}
+
 	if v, ok := networkConfigValue["endpoint_configuration"]; ok {
 		endpoint, err := ExpandBatchPoolEndpointConfiguration(v.([]interface{}))
 		if err != nil {
@@ -582,7 +587,7 @@ func ExpandBatchPoolNetworkConfiguration(list []interface{}) (*batch.NetworkConf
 	return networkConfiguration, nil
 }
 
-//ExpandBatchPoolEndpointConfiguration expands Batch pool endpoint configuration
+// ExpandBatchPoolEndpointConfiguration expands Batch pool endpoint configuration
 func ExpandBatchPoolEndpointConfiguration(list []interface{}) (*batch.PoolEndpointConfiguration, error) {
 	if len(list) == 0 {
 		return nil, nil
@@ -621,7 +626,7 @@ func ExpandBatchPoolEndpointConfiguration(list []interface{}) (*batch.PoolEndpoi
 	}, nil
 }
 
-//ExpandBatchPoolNetworkSecurityGroupRule expands Batch pool network security group rule
+// ExpandBatchPoolNetworkSecurityGroupRule expands Batch pool network security group rule
 func ExpandBatchPoolNetworkSecurityGroupRule(list []interface{}) ([]batch.NetworkSecurityGroupRule, error) {
 	if len(list) == 0 {
 		return nil, nil
@@ -661,6 +666,10 @@ func FlattenBatchPoolNetworkConfiguration(networkConfig *batch.NetworkConfigurat
 		result["subnet_id"] = *networkConfig.SubnetID
 	}
 
+	if networkConfig.PublicIPs != nil {
+		result["public_ips"] = schema.NewSet(schema.HashString, utils.FlattenStringSlice(networkConfig.PublicIPs))
+	}
+
 	if cfg := networkConfig.EndpointConfiguration; cfg != nil && cfg.InboundNatPools != nil && len(*cfg.InboundNatPools) != 0 {
 		endpointConfigs := make([]interface{}, len(*cfg.InboundNatPools))
 
@@ -673,7 +682,7 @@ func FlattenBatchPoolNetworkConfiguration(networkConfig *batch.NetworkConfigurat
 				inboundNatPoolMap["backend_port"] = *inboundNatPool.BackendPort
 			}
 			if inboundNatPool.FrontendPortRangeStart != nil && inboundNatPool.FrontendPortRangeEnd != nil {
-				inboundNatPoolMap["frontend_port_range"] = fmt.Sprintf("%d-%d", *inboundNatPool.FrontendPortRangeStart, inboundNatPool.FrontendPortRangeEnd)
+				inboundNatPoolMap["frontend_port_range"] = fmt.Sprintf("%d-%d", *inboundNatPool.FrontendPortRangeStart, *inboundNatPool.FrontendPortRangeEnd)
 			}
 			inboundNatPoolMap["protocol"] = inboundNatPool.Protocol