feat(vpc-gw): add support for SSH bastion (#1255)

Author: remyleone

docs/resources/vpc_public_gateway.md

@@ -30,6 +30,8 @@ The following arguments are supported:
 - `project_id` - (Defaults to [provider](../index.md#project_id) `project_id`) The ID of the project the public gateway is associated with.
 - `upstream_dns_servers` - (Optional) override the gateway's default recursive DNS servers, if DNS features are enabled.
 - `ip_id` - (Optional) attach an existing flexible IP to the gateway
+- `bastion_enabled` - (Optional) Enable SSH bastion on the gateway
+- `bastion_port` - (Optional) The port on which the SSH bastion will listen.
 
 ## Attributes Reference
 

scaleway/helpers.go

@@ -494,6 +494,13 @@ func expandInt32Ptr(data interface{}) *int32 {
 	return scw.Int32Ptr(int32(data.(int)))
 }
 
+func expandUint32Ptr(data interface{}) *uint32 {
+	if data == nil || data == "" {
+		return nil
+	}
+	return scw.Uint32Ptr(uint32(data.(int)))
+}
+
 func expandIPNet(raw string) (scw.IPNet, error) {
 	if raw == "" {
 		return scw.IPNet{}, nil

scaleway/resource_vpc_public_gateway.go

@@ -56,6 +56,17 @@ func resourceScalewayVPCPublicGateway() *schema.Resource {
 					Type: schema.TypeString,
 				},
 			},
+			"bastion_enabled": {
+				Type:        schema.TypeBool,
+				Description: "Enable SSH bastion on the gateway",
+				Optional:    true,
+			},
+			"bastion_port": {
+				Type:        schema.TypeInt,
+				Description: "Port of the SSH bastion",
+				Optional:    true,
+				Computed:    true,
+			},
 			"project_id": projectIDSchema(),
 			"zone":       zoneSchema(),
 			// Computed elements
@@ -86,9 +97,14 @@ func resourceScalewayVPCPublicGatewayCreate(ctx context.Context, d *schema.Resou
 		Tags:               expandStrings(d.Get("tags")),
 		UpstreamDNSServers: expandStrings(d.Get("upstream_dns_servers")),
 		ProjectID:          d.Get("project_id").(string),
+		EnableBastion:      d.Get("bastion_enabled").(bool),
 		Zone:               zone,
 	}
 
+	if bastionPort, ok := d.GetOk("bastion_port"); ok {
+		req.BastionPort = expandUint32Ptr(bastionPort.(int))
+	}
+
 	if ipID, ok := d.GetOk("ip_id"); ok {
 		req.IPID = expandStringPtr(expandZonedID(ipID).ID)
 	}
@@ -133,6 +149,8 @@ func resourceScalewayVPCPublicGatewayRead(ctx context.Context, d *schema.Resourc
 	_ = d.Set("tags", gateway.Tags)
 	_ = d.Set("upstream_dns_servers", gateway.UpstreamDNSServers)
 	_ = d.Set("ip_id", newZonedID(gateway.Zone, gateway.IP.ID).String())
+	_ = d.Set("bastion_enabled", gateway.BastionEnabled)
+	_ = d.Set("bastion_port", int(gateway.BastionPort))
 
 	return nil
 }
@@ -148,19 +166,34 @@ func resourceScalewayVPCPublicGatewayUpdate(ctx context.Context, d *schema.Resou
 		return diag.FromErr(err)
 	}
 
-	if d.HasChanges("name", "tags", "upstream_dns_servers") {
-		updateRequest := &vpcgw.UpdateGatewayRequest{
-			GatewayID:          gateway.ID,
-			Zone:               gateway.Zone,
-			Name:               scw.StringPtr(d.Get("name").(string)),
-			Tags:               scw.StringsPtr(expandStrings(d.Get("tags"))),
-			UpstreamDNSServers: scw.StringsPtr(expandStrings(d.Get("upstream_dns_servers"))),
-		}
+	updateRequest := &vpcgw.UpdateGatewayRequest{
+		GatewayID: gateway.ID,
+		Zone:      gateway.Zone,
+	}
 
-		_, err = vpcgwAPI.UpdateGateway(updateRequest, scw.WithContext(ctx))
-		if err != nil {
-			return diag.FromErr(err)
-		}
+	if d.HasChanges("name") {
+		updateRequest.Name = scw.StringPtr(d.Get("name").(string))
+	}
+
+	if d.HasChange("tags") {
+		updateRequest.Tags = scw.StringsPtr(expandStrings(d.Get("tags")))
+	}
+
+	if d.HasChange("bastion_port") {
+		updateRequest.BastionPort = scw.Uint32Ptr(uint32(d.Get("bastion_port").(int)))
+	}
+
+	if d.HasChange("enable_bastion") {
+		updateRequest.EnableBastion = scw.BoolPtr(d.Get("enable_bastion").(bool))
+	}
+
+	if d.HasChange("upstream_dns_servers") {
+		updateRequest.UpstreamDNSServers = scw.StringsPtr(expandStrings(d.Get("upstream_dns_servers")))
+	}
+
+	_, err = vpcgwAPI.UpdateGateway(updateRequest, scw.WithContext(ctx))
+	if err != nil {
+		return diag.FromErr(err)
 	}
 
 	_, err = waitForVPCPublicGateway(ctx, vpcgwAPI, zone, id, d.Timeout(schema.TimeoutUpdate))