feat(fgs): supplement attributes for function resources

docs/resources/fgs_function.md

@@ -405,6 +405,34 @@ The `reserved_instances` block supports:
   If this parameter is enabled, reserved instances are initialized and the mode change needs some time to take effect.
   You will still be billed at the price of reserved instances for non-idle mode in this period.
 
+* `func_vpc` - (Optional, List) Specifies the configuration of function VPC.  
+  The [func_vpc](#functiongraph_func_vpc) structure is documented below.
+
+<a name="functiongraph_func_vpc"></a>
+The `func_vpc` block supports:
+
+* `cidr` - (Optional, String) Specifies the network segment on which the subnet resides.
+
+* `gateway` - (Optional, String) Specifies the gateway.
+
+* `network_controller` - (Optional, List) Specifies the function network configuration.  
+  The [network_controller](#functiongraph_network_controller) structure is documented below.
+
+<a name="functiongraph_network_controller"></a>
+The `network_controller` block supports:
+
+* `disable_public_network` - (Optional, Bool) Specifies the prohibit public network access switch.
+
+* `trigger_access_vpcs` - (Optional, List) Specifies the trigger function VPC configuration.
+  The [trigger_access_vpcs](#network_controller_trigger_access_vpcs) structure is documented below.
+
+<a name="network_controller_trigger_access_vpcs"></a>
+The `trigger_access_vpcs` block supports:
+
+* `vpc_id` - (Optional, String) Specifies the VPC ID.
+
+* `vpc_name` - (Optional, String) Specifies the VPC name.
+
 * `tactics_config` - (Optional, List) Specifies the auto scaling policies for reserved instance.
   The [tactics_config](#functiongraph_tactics_config) structure is documented below.
 

go.mod

@@ -4,7 +4,7 @@ go 1.18
 
 require (
 	github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962
-	github.com/chnsz/golangsdk v0.0.0-20240524090804-ac6a27dd5751
+	github.com/chnsz/golangsdk v0.0.0-20240529073340-b68ab4ec7a36
 	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/go-uuid v1.0.3

go.sum

@@ -22,8 +22,8 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/chnsz/golangsdk v0.0.0-20240524090804-ac6a27dd5751 h1:iUs8gGT2658wrIRw/aMm6GJITdo6a5lGw6GUHftY6EM=
-github.com/chnsz/golangsdk v0.0.0-20240524090804-ac6a27dd5751/go.mod h1:Erm4hDWxXgAdbkG3+hhJFgRzEL1TvvcroWzw2Gax4uI=
+github.com/chnsz/golangsdk v0.0.0-20240529073340-b68ab4ec7a36 h1:MiPVVsb+UjJOJa1Jydc0QCPrX1RIVrqXI8nqj1Yz6X4=
+github.com/chnsz/golangsdk v0.0.0-20240529073340-b68ab4ec7a36/go.mod h1:Erm4hDWxXgAdbkG3+hhJFgRzEL1TvvcroWzw2Gax4uI=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=

huaweicloud/services/acceptance/fgs/resource_huaweicloud_fgs_function_test.go

@@ -1315,3 +1315,75 @@ resource "huaweicloud_fgs_function" "test" {
 }
 `, name)
 }
+
+func TestAccFgsV2Function_funcVpcAndNetworkController(t *testing.T) {
+	var (
+		f function.Function
+
+		name         = acceptance.RandomAccResourceName()
+		resourceName = "huaweicloud_fgs_function.test"
+	)
+
+	rc := acceptance.InitResourceCheck(
+		resourceName,
+		&f,
+		getResourceObj,
+	)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acceptance.TestAccPreCheck(t)
+		},
+		ProviderFactories: acceptance.TestAccProviderFactories,
+		CheckDestroy:      rc.CheckResourceDestroy(),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccFunction_funcVpcAndNetworkController(name),
+				Check: resource.ComposeTestCheckFunc(
+					rc.CheckResourceExists(),
+					resource.TestCheckResourceAttr(resourceName, "name", name),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"app",
+					"package",
+					"func_code",
+				},
+			},
+		},
+	})
+}
+
+func testAccFunction_funcVpcAndNetworkController(name string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+resource "huaweicloud_fgs_function" "test" {
+  name           = "%[2]s"
+  app            = "default"
+  handler        = "bootstrap"
+  xrole          = "function_all_trust"
+  memory_size    = 128
+  timeout        = 3
+  runtime        = "Custom"
+  code_type      = "inline"
+  vpc_id         = huaweicloud_vpc.test.id
+  network_id     = huaweicloud_vpc_subnet.test.id
+  func_vpc{
+    cidr            = "192.168.0.0/24"
+    gateway         = "192.168.0.1"
+  }
+  network_controller{
+    disable_public_network = true
+    trigger_access_vpcs{
+      vpc_id   = huaweicloud_vpc.test.id
+      vpc_name = huaweicloud_vpc.test.name
+    }
+  }
+}
+`, common.TestBaseNetwork(name), name)
+}

huaweicloud/services/fgs/resource_huaweicloud_fgs_function.go

@@ -409,6 +409,50 @@ func ResourceFgsFunctionV2() *schema.Resource {
 				Optional:    true,
 				Description: "schema: Internal; Specifies the maximum duration that the function can be initialized.",
 			},
+			"func_vpc": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"cidr": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"gateway": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+					},
+				},
+			},
+			"network_controller": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"disable_public_network": {
+							Type:     schema.TypeBool,
+							Optional: true,
+						},
+						"trigger_access_vpcs": {
+							Type:     schema.TypeList,
+							Optional: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"vpc_id": {
+										Type:     schema.TypeString,
+										Optional: true,
+									},
+									"vpc_name": {
+										Type:     schema.TypeString,
+										Optional: true,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
 			"version": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -497,6 +541,45 @@ func buildCustomImage(imageConfig []interface{}) *function.CustomImage {
 	}
 }
 
+func buildFuncVpc(funcVpcConfig []interface{}) *function.FuncVpc {
+	if len(funcVpcConfig) < 1 {
+		return nil
+	}
+
+	cfg := funcVpcConfig[0].(map[string]interface{})
+	return &function.FuncVpc{
+		Cidr:    cfg["cidr"].(string),
+		Gateway: cfg["gateway"].(string),
+	}
+}
+
+func buildNetworkController(networkControllerConfig []interface{}) *function.NetworkControlConfig {
+	if len(networkControllerConfig) < 1 {
+		return nil
+	}
+
+	cfg := networkControllerConfig[0].(map[string]interface{})
+	return &function.NetworkControlConfig{
+		DisablePublicNetwork: cfg["disable_public_network"].(bool),
+		TriggerAccessVpcs:    buildTriggerAccessVpcs(cfg["trigger_access_vpcs"].([]interface{})),
+	}
+}
+
+func buildTriggerAccessVpcs(vpcConfig []interface{}) []function.VpcConfig {
+	if len(vpcConfig) < 1 {
+		return nil
+	}
+	result := make([]function.VpcConfig, len(vpcConfig))
+	for i, val := range vpcConfig {
+		cfg := val.(map[string]interface{})
+		result[i] = function.VpcConfig{
+			VpcId:   cfg["vpc_id"].(string),
+			VpcName: cfg["vpc_name"].(string),
+		}
+	}
+	return result
+}
+
 func buildFgsFunctionParameters(d *schema.ResourceData, cfg *config.Config) (function.CreateOpts, error) {
 	// check app and package
 	app, appOk := d.GetOk("app")
@@ -539,6 +622,8 @@ func buildFgsFunctionParameters(d *schema.ResourceData, cfg *config.Config) (fun
 		GPUType:             d.Get("gpu_type").(string),
 		PreStopHandler:      d.Get("pre_stop_handler").(string),
 		PreStopTimeout:      d.Get("pre_stop_timeout").(int),
+		FuncVpc:             buildFuncVpc(d.Get("func_vpc").([]interface{})),
+		NetworkController:   buildNetworkController(d.Get("network_controller").([]interface{})),
 	}
 	if v, ok := d.GetOk("func_code"); ok {
 		funcCode := function.FunctionCodeOpts{
@@ -674,9 +759,45 @@ func setFgsFunctionAgency(d *schema.ResourceData, agency string) error {
 }
 
 func setFgsFunctionVpcAccess(d *schema.ResourceData, funcVpc function.FuncVpc) error {
+	result := []map[string]interface{}{
+		{
+			"cidr":    funcVpc.Cidr,
+			"gateway": funcVpc.Gateway,
+		},
+	}
+
 	mErr := multierror.Append(
 		d.Set("vpc_id", funcVpc.VpcId),
 		d.Set("network_id", funcVpc.SubnetId),
+		d.Set("func_vpc", result),
+	)
+	if err := mErr.ErrorOrNil(); err != nil {
+		return fmt.Errorf("error setting vault fields: %s", err)
+	}
+	return nil
+}
+
+func setTriggerAccessVpcs(vpcConfigs []function.VpcConfig) interface{} {
+	result := make([]map[string]interface{}, len(vpcConfigs))
+	for i, val := range vpcConfigs {
+		result[i] = map[string]interface{}{
+			"vpc_id":   val.VpcId,
+			"vpc_name": val.VpcName,
+		}
+	}
+	return result
+}
+
+func setNetworkController(d *schema.ResourceData, networkController function.NetworkControlConfig) error {
+	result := []map[string]interface{}{
+		{
+			"disable_public_network": networkController.DisablePublicNetwork,
+			"trigger_access_vpcs":    setTriggerAccessVpcs(networkController.TriggerAccessVpcs),
+		},
+	}
+
+	mErr := multierror.Append(
+		d.Set("network_controller", result),
 	)
 	if err := mErr.ErrorOrNil(); err != nil {
 		return fmt.Errorf("error setting vault fields: %s", err)
@@ -901,6 +1022,7 @@ func resourceFgsFunctionRead(_ context.Context, d *schema.ResourceData, meta int
 		d.Set("gpu_type", f.GPUType),
 		d.Set("pre_stop_handler", f.PreStopHandler),
 		d.Set("pre_stop_timeout", f.PreStopTimeout),
+		setNetworkController(d, f.NetworkController),
 	)
 
 	reservedInstances, err := getReservedInstanceConfig(fgsClient, d)
@@ -1267,6 +1389,8 @@ func resourceFgsFunctionMetadataUpdate(fgsClient *golangsdk.ServiceClient, urn s
 		GPUType:            d.Get("gpu_type").(string),
 		PreStopHandler:     d.Get("pre_stop_handler").(string),
 		PreStopTimeout:     d.Get("pre_stop_timeout").(int),
+		FuncVpc:            buildFuncVpc(d.Get("func_vpc").([]interface{})),
+		NetworkController:  buildNetworkController(d.Get("network_controller").([]interface{})),
 	}
 
 	if _, ok := d.GetOk("vpc_id"); ok {

vendor/modules.txt

@@ -13,7 +13,7 @@ github.com/apparentlymart/go-cidr/cidr
 # github.com/apparentlymart/go-textseg/v13 v13.0.0
 ## explicit; go 1.16
 github.com/apparentlymart/go-textseg/v13/textseg
-# github.com/chnsz/golangsdk v0.0.0-20240524090804-ac6a27dd5751
+# github.com/chnsz/golangsdk v0.0.0-20240529073340-b68ab4ec7a36
 ## explicit; go 1.14
 github.com/chnsz/golangsdk
 github.com/chnsz/golangsdk/auth