Add cloudstack_physicalnetwork and some underlying additional resources
#201
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Implement data source for cloudstack_physicalnetwork to retrieve physical network details. - Create resource for managing cloudstack_physicalnetwork, including CRUD operations. - Add tests for both data source and resource functionalities. - Update documentation for cloudstack_physicalnetwork data source and resource.
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for three new CloudStack resources that manage physical network infrastructure: cloudstack_physicalnetwork, cloudstack_traffic_type, and cloudstack_network_service_provider. These resources allow Terraform to manage physical network configurations in CloudStack zones.
- Implements complete CRUD operations for physical networks, traffic types, and network service providers
- Adds corresponding data source for querying physical networks
- Includes comprehensive test coverage for all new resources
Reviewed Changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| cloudstack/provider.go | Registers new resources and data source with provider |
| cloudstack/resource_cloudstack_physicalnetwork.go | Physical network resource implementation |
| cloudstack/resource_cloudstack_traffic_type.go | Traffic type resource implementation |
| cloudstack/resource_cloudstack_network_service_provider.go | Network service provider resource implementation |
| cloudstack/data_source_cloudstack_physicalnetwork.go | Physical network data source implementation |
| website/docs/r/*.html.markdown | Documentation for new resources |
| website/docs/d/physicalnetwork.html.markdown | Documentation for new data source |
| *_test.go files | Test suites for all new resources and data source |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Comment on lines
+268
to
+275
| if d.Get("kvm_network_label") == "" { | ||
| d.Set("kvm_network_label", "cloudbr0") | ||
| } | ||
|
|
||
| if d.Get("xen_network_label") == "" { | ||
| d.Set("xen_network_label", "xenbr0") | ||
| } | ||
|
|
There was a problem hiding this comment.
Setting default values during import can cause configuration drift. These hardcoded defaults may not match the actual CloudStack configuration and will cause Terraform to detect changes on subsequent plans. Consider removing these default assignments or making them optional.
Suggested change
| if d.Get("kvm_network_label") == "" { | |
| d.Set("kvm_network_label", "cloudbr0") | |
| } | |
| if d.Get("xen_network_label") == "" { | |
| d.Set("xen_network_label", "xenbr0") | |
| } | |
| // Do not set hardcoded defaults for kvm_network_label or xen_network_label during import. | |
| // If the API provides these values, set them; otherwise, leave them unset. |
Copilot uses AI. Check for mistakes.
There was a problem hiding this comment.
@ianc769 , I think we can considder this co-pilot comment in a future improvement. the magic values here are a bit ugly and rigid (albeit correct)
kiranchavala
approved these changes
Aug 29, 2025
There was a problem hiding this comment.
LGTM, Tested manually the resources
network_service_provider,
cloudstack_physicalnetwork,
cloudstack_traffic_type
Also the data_source_cloudstack_physicalnetwork
resource "cloudstack_zone" "foo" {
name = "terraform-zone"
dns1 = "8.8.8.8"
internal_dns1 = "8.8.4.4"
network_type = "Advanced"
}
resource "cloudstack_physicalnetwork" "foo" {
name = "terraform-physical-network"
zone = cloudstack_zone.foo.name
broadcast_domain_range = "ZONE"
isolation_methods = ["VLAN"]
}
resource "cloudstack_traffic_type" "foo" {
physical_network_id = cloudstack_physicalnetwork.foo.id
type = "Management"
kvm_network_label = "cloudbr0"
}
resource "cloudstack_network_service_provider" "securitygroup" {
name = "SecurityGroupProvider"
physical_network_id = cloudstack_physicalnetwork.foo.id
state = "Enabled"
}
terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# cloudstack_network_service_provider.securitygroup will be created
+ resource "cloudstack_network_service_provider" "securitygroup" {
+ id = (known after apply)
+ name = "SecurityGroupProvider"
+ physical_network_id = (known after apply)
+ state = "Enabled"
}
# cloudstack_physicalnetwork.foo will be created
+ resource "cloudstack_physicalnetwork" "foo" {
+ broadcast_domain_range = "ZONE"
+ id = (known after apply)
+ isolation_methods = [
+ "VLAN",
]
+ name = "terraform-physical-network"
+ zone = "terraform-zone"
}
# cloudstack_traffic_type.foo will be created
+ resource "cloudstack_traffic_type" "foo" {
+ id = (known after apply)
+ kvm_network_label = "cloudbr0"
+ physical_network_id = (known after apply)
+ type = "Management"
}
# cloudstack_zone.foo will be created
+ resource "cloudstack_zone" "foo" {
+ dns1 = "8.8.8.8"
+ id = (known after apply)
+ internal_dns1 = "8.8.4.4"
+ name = "terraform-zone"
+ network_type = "Advanced"
}
Plan: 4 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
cloudstack_zone.foo: Creating...
cloudstack_zone.foo: Creation complete after 1s [id=760d4c0d-cc59-4245-bb30-18d3448ae672]
cloudstack_physicalnetwork.foo: Creating...
cloudstack_physicalnetwork.foo: Creation complete after 1s [id=318ce63d-7642-4174-8f3e-69b00f38c98a]
cloudstack_network_service_provider.securitygroup: Creating...
cloudstack_traffic_type.foo: Creating...
cloudstack_network_service_provider.securitygroup: Creation complete after 1s [id=8cebfeed-7df8-444a-9802-6d9a86dd4de8]
cloudstack_traffic_type.foo: Creation complete after 1s [id=abcb7c9f-05f6-4ff1-a90f-3b16394cef1e]
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
╭─ ~/Desktop/cloudstack-India-demo/cloudstack-terraform copy ✔ ╱ 5s ╱ Azure subscription 1 ╱ 03:52:39 PM
╰─ terraform destroy
cloudstack_zone.foo: Refreshing state... [id=760d4c0d-cc59-4245-bb30-18d3448ae672]
cloudstack_physicalnetwork.foo: Refreshing state... [id=318ce63d-7642-4174-8f3e-69b00f38c98a]
cloudstack_network_service_provider.securitygroup: Refreshing state... [id=8cebfeed-7df8-444a-9802-6d9a86dd4de8]
cloudstack_traffic_type.foo: Refreshing state... [id=abcb7c9f-05f6-4ff1-a90f-3b16394cef1e]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# cloudstack_network_service_provider.securitygroup will be destroyed
- resource "cloudstack_network_service_provider" "securitygroup" {
- id = "8cebfeed-7df8-444a-9802-6d9a86dd4de8" -> null
- name = "SecurityGroupProvider" -> null
- physical_network_id = "318ce63d-7642-4174-8f3e-69b00f38c98a" -> null
- state = "Enabled" -> null
}
# cloudstack_physicalnetwork.foo will be destroyed
- resource "cloudstack_physicalnetwork" "foo" {
- broadcast_domain_range = "ZONE" -> null
- id = "318ce63d-7642-4174-8f3e-69b00f38c98a" -> null
- isolation_methods = [
- "VLAN",
] -> null
- name = "terraform-physical-network" -> null
- zone = "terraform-zone" -> null
# (2 unchanged attributes hidden)
}
# cloudstack_traffic_type.foo will be destroyed
- resource "cloudstack_traffic_type" "foo" {
- id = "abcb7c9f-05f6-4ff1-a90f-3b16394cef1e" -> null
- kvm_network_label = "cloudbr0" -> null
- physical_network_id = "318ce63d-7642-4174-8f3e-69b00f38c98a" -> null
- type = "Management" -> null
}
# cloudstack_zone.foo will be destroyed
- resource "cloudstack_zone" "foo" {
- dns1 = "8.8.8.8" -> null
- id = "760d4c0d-cc59-4245-bb30-18d3448ae672" -> null
- internal_dns1 = "8.8.4.4" -> null
- name = "terraform-zone" -> null
- network_type = "Advanced" -> null
}
Plan: 0 to add, 0 to change, 4 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
cloudstack_network_service_provider.securitygroup: Destroying... [id=8cebfeed-7df8-444a-9802-6d9a86dd4de8]
cloudstack_traffic_type.foo: Destroying... [id=abcb7c9f-05f6-4ff1-a90f-3b16394cef1e]
cloudstack_traffic_type.foo: Destruction complete after 1s
cloudstack_network_service_provider.securitygroup: Destruction complete after 1s
cloudstack_physicalnetwork.foo: Destroying... [id=318ce63d-7642-4174-8f3e-69b00f38c98a]
cloudstack_physicalnetwork.foo: Destruction complete after 0s
cloudstack_zone.foo: Destroying... [id=760d4c0d-cc59-4245-bb30-18d3448ae672]
cloudstack_zone.foo: Destruction complete after 0s
Destroy complete! Resources: 4 destroyed.
data "cloudstack_physicalnetwork" "default" {
filter {
name = "name"
value = "terraform-physical-network"
}
}
output "zome" {
value = data.cloudstack_physicalnetwork.default.zone
}
terraform apply
data.cloudstack_physicalnetwork.default: Reading...
data.cloudstack_physicalnetwork.default: Read complete after 0s [id=7f434f12-dece-4705-b08f-980d97fc542d]
Changes to Outputs:
+ zome = "terraform-zone"
You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
zome = "terraform-zone"
DaanHoogland
approved these changes
Aug 31, 2025
ianc769
added a commit
to ianc769/cloudstack-terraform-provider
that referenced
this pull request
Sep 3, 2025
kiranchavala
pushed a commit
that referenced
this pull request
Sep 16, 2025
* Add CloudStack project resource * Add test for empty display_text defaulting to name value * Uncomment and implement tests for accountid and userid in project resource * Minor README Fix * Update display_text to required for API compatibility and adjust documentation * Clean up tests for 4.20.1.0 * fix: include domain ID when looking up projects by ID Fix issue where getProjectByID() would always return "id not found" while getProjectByName() could find the same project. CloudStack projects are only unique within a domain context, so we now include domain ID in lookups. - Modified getProjectByID() to accept optional domain parameter - Updated all calls to include domain when available - Updated test functions accordingly - Updated documentation to clarify domain requirement for project imports * feat: add cloudstack_project data source and corresponding tests * remove rogue testing script * Update cloudstack/resource_cloudstack_project.go Co-authored-by: Copilot <[email protected]> * adding domain validation to ensure projects are only reused within the intended scope Co-authored-by: Copilot <[email protected]> * Updated cloudstack go sdk to v2.17.1 (#193) * Fix creation of firewall & Egress firewall rules when created in a project * chore(deps): bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.3.7 to 1.6.1. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.3.7...v1.6.1) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-version: 1.6.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * resolve retrieveError issue * Update cloudstack/resource_cloudstack_project.go Co-authored-by: Copilot <[email protected]> * Update cloudstack/resource_cloudstack_project.go Co-authored-by: Copilot <[email protected]> * Change display_text field from required to optional in resourceCloudStackProject * Pin github actions version for opentofu * rat + excludes and add licenses to other files (#200) * readme: add specific test instruction in readme (#211) Add instructions for specific test execution * data: get vpc in project by project name (#209) * Support additional parameters for cloudstack_nic resource (#210) * serviceoffering: add params for custom offering, storage tags, encryptroot (#212) * Support desc and ruleId in create_network_acl_rule * fix review comment * change rule_id -> rule_number and add doc * add params in unit tests * verify description and rule_number in unit test * use fields defined in schema * fix test verification sequence * handle review comments * Add support for additional optional parameters for creating network offerings (#205) * Add disk_offering & override_disk_offering to instance resource * Update website/docs/r/instance.html.markdown Co-authored-by: Copilot <[email protected]> * Allow specifying private end port & public end port for port forward rules * Update tests * Add `cloudstack_physicalnetwork` and some underlying additional resources (#201) * feat: add cidrlist parameter to loadbalancer rule (#147) * feat: add cloudstack_project resource to provider * fix: update display_text to displaytext in project resource and tests. fix: update lookup to use getAccountNameByID helper function * fix: rename display_text to displaytext in project resource and tests --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Copilot <[email protected]> Co-authored-by: Suresh Kumar Anaparti <[email protected]> Co-authored-by: Pearl Dsilva <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: vishesh92 <[email protected]> Co-authored-by: dahn <[email protected]> Co-authored-by: Manoj Kumar <[email protected]> Co-authored-by: Wei Zhou <[email protected]> Co-authored-by: Abhishek Kumar <[email protected]> Co-authored-by: ABW <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding
cloudstack_physicalnetwork,cloudstack_traffic_typeandcloudstack_physicalnetworkas terraform managed resource options:cloudstack_physicalnetwork-> https://cloudstack.apache.org/api/apidocs-4.20/apis/createPhysicalNetwork.htmlcloudstack_traffic_type-> https://cloudstack.apache.org/api/apidocs-4.20/apis/addTrafficType.htmlcloudstack_network_service_provider-> https://cloudstack.apache.org/api/apidocs-4.20/apis/addNetworkServiceProvider.htmlUsing this code for example: