feat(lb): health_check block

docs/resources/lb_backend.md

@@ -6,7 +6,8 @@ page_title: "Scaleway: scaleway_lb_backend"
 # scaleway_lb_backend
 
 Creates and manages Scaleway Load-Balancer Backends.
-For more information, see [the documentation](https://www.scaleway.com/en/developers/api/load-balancer/zoned-api/#path-backends).
+For more information,
+see [the documentation](https://www.scaleway.com/en/developers/api/load-balancer/zoned-api/#path-backends).
 
 ## Examples
 
@@ -36,32 +37,69 @@ resource "scaleway_lb_backend" "backend01" {
 }
 ```
 
+or
+
+```hcl
+resource scaleway_lb_ip main {}
+
+resource scaleway_lb main {
+  ip_id = scaleway_lb_ip.main.id
+  name  = "test-lb"
+  type  = "lb-s"
+}
+
+resource scaleway_lb_backend main {
+  lb_id            = scaleway_lb.main.id
+  name             = "bkd01"
+  forward_protocol = "tcp"
+  forward_port     = 80
+
+  health_check {
+    protocol    = "http"
+    uri         = "http://test.com/health"
+    method      = "POST"
+    code        = 404
+    host_header = "test.com"
+  }
+}
+```
+
 ## Arguments Reference
 
 The following arguments are supported:
 
 ### Basic arguments
 
 - `lb_id`                       - (Required) The load-balancer ID this backend is attached to.
-~> **Important:** Updates to `lb_id` will recreate the backend.
-- `zone` - (Defaults to [provider](../index.md#zone) `zone`) The [zone](../guides/regions_and_zones.md#zones) in which the load-balancer was created.
+  ~> **Important:** Updates to `lb_id` will recreate the backend.
+- `zone` - (Defaults to [provider](../index.md#zone) `zone`) The [zone](../guides/regions_and_zones.md#zones) in which
+  the load-balancer was created.
 - `forward_protocol`            - (Required) Backend protocol. Possible values are: `tcp` or `http`.
 - `name`                        - (Optional) The name of the load-balancer backend.
 - `forward_port`                - (Required) User sessions will be forwarded to this port of backend servers.
-- `forward_port_algorithm`      - (Default: `roundrobin`) Load balancing algorithm. Possible values are: `roundrobin`, `leastconn` and `first`.
-- `sticky_sessions`             - (Default: `none`) The type of sticky sessions. The only current possible values are: `none`, `cookie` and `table`.
-- `sticky_sessions_cookie_name` - (Optional) Cookie name for sticky sessions. Only applicable when sticky_sessions is set to `cookie`.
+- `forward_port_algorithm`      - (Default: `roundrobin`) Load balancing algorithm. Possible values
+  are: `roundrobin`, `leastconn` and `first`.
+- `sticky_sessions`             - (Default: `none`) The type of sticky sessions. The only current possible values
+  are: `none`, `cookie` and `table`.
+- `sticky_sessions_cookie_name` - (Optional) Cookie name for sticky sessions. Only applicable when sticky_sessions is
+  set to `cookie`.
 - `server_ips`                  - (Optional) List of backend server IP addresses. Addresses can be either IPv4 or IPv6.
-- `send_proxy_v2`               - DEPRECATED please use `proxy_protocol` instead - (Default: `false`) Enables PROXY protocol version 2.
-- `proxy_protocol`              - (Default: `none`) Choose the type of PROXY protocol to enable (`none`, `v1`, `v2`, `v2_ssl`, `v2_ssl_cn`)
+- `health_check`                - (Optional, Maximum of 1) Health Check configuration block. Detailed below.
+- `send_proxy_v2`               - DEPRECATED please use `proxy_protocol` instead - (Default: `false`) Enables PROXY
+  protocol version 2.
+- `proxy_protocol`              - (Default: `none`) Choose the type of PROXY protocol to
+  enable (`none`, `v1`, `v2`, `v2_ssl`, `v2_ssl_cn`)
 - `timeout_server`              - (Optional) Maximum server connection inactivity time. (e.g.: `1s`)
 - `timeout_connect`             - (Optional) Maximum initial server connection establishment time. (e.g.: `1s`)
 - `timeout_tunnel`              - (Optional) Maximum tunnel inactivity time. (e.g.: `1s`)
-- `failover_host`               - (Optional) Scaleway S3 bucket website to be served in case all backend servers are down.
-~> **Note:** Only the host part of the Scaleway S3 bucket website is expected:
-e.g. 'failover-website.s3-website.fr-par.scw.cloud' if your bucket website URL is 'https://failover-website.s3-website.fr-par.scw.cloud/'.
+- `failover_host`               - (Optional) Scaleway S3 bucket website to be served in case all backend servers are
+  down.
+  ~> **Note:** Only the host part of the Scaleway S3 bucket website is expected:
+  e.g. 'failover-website.s3-website.fr-par.scw.cloud' if your bucket website URL
+  is 'https://failover-website.s3-website.fr-par.scw.cloud/'.
 - `ssl_bridging`                - (Default: `false`) Enables SSL between load balancer and backend servers.
-- `ignore_ssl_server_verify`    - (Default: `false`) Specifies whether the Load Balancer should check the backend server’s certificate before initiating a connection.
+- `ignore_ssl_server_verify`    - (Default: `false`) Specifies whether the Load Balancer should check the backend
+  server’s certificate before initiating a connection.
 
 ### Health Check arguments
 
@@ -71,29 +109,55 @@ You may use one of the following health check types: `TCP`, `HTTP` or `HTTPS`. (
 - `health_check_timeout`        - (Default: `30s`) Timeout before we consider a HC request failed.
 - `health_check_delay`          - (Default: `60s`) Interval between two HC requests.
 - `health_check_port`           - (Default: `forward_port`) Port the HC requests will be send to.
-- `health_check_max_retries`    - (Default: `2`) Number of allowed failed HC requests before the backend server is marked down.
-- `health_check_tcp`            - (Optional) This block enable TCP health check. Only one of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
-- `health_check_http`           - (Optional) This block enable HTTP health check. Only one of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
+- `health_check_max_retries`    - (Default: `2`) Number of allowed failed HC requests before the backend server is
+  marked down.
+- `health_check_tcp`            - (Optional) This block enable TCP health check. Only one
+  of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
+- `health_check_http`           - (Optional) This block enable HTTP health check. Only one
+  of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
     - `uri`                       - (Required) The HTTP endpoint URL to call for HC requests.
     - `method`                    - (Default: `GET`) The HTTP method to use for HC requests.
     - `code`                      - (Default: `200`) The expected HTTP status code.
     - `host_header`               - (Optional) The HTTP host header to use for HC requests.
-- `health_check_https`          - (Optional) This block enable HTTPS health check. Only one of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
+- `health_check_https`          - (Optional) This block enable HTTPS health check. Only one
+  of `health_check_tcp`, `health_check_http` and `health_check_https` should be specified.
     - `uri`                       - (Required) The HTTPS endpoint URL to call for HC requests.
     - `method`                    - (Default: `GET`) The HTTP method to use for HC requests.
     - `code`                      - (Default: `200`) The expected HTTP status code.
     - `host_header`               - (Optional) The HTTP host header to use for HC requests.
     - `sni`                       - (Optional) The SNI to use for HC requests over SSL.
-- `on_marked_down_action`       - (Default: `none`) Modify what occurs when a backend server is marked down. Possible values are: `none` and `shutdown_sessions`.
-
+- `on_marked_down_action`       - (Default: `none`) Modify what occurs when a backend server is marked down. Possible
+  values are: `none` and `shutdown_sessions`.
+
+## health_check
+
+~> **Important:** `health_chck` conflicts with `health_check_https`, `health_check_http`, `health_check_tcp`.
+
+- `protocol`                  - (Required) Protocol the load balancer uses when performing health checks on targets.
+  Must be either `TCP`, `HTTP`, `HTTPS`, `LDAP`, `MySQL`, `PgSQL`.
+- `port`                      - (Optional) The HTTPS endpoint URL to call for HC requests.
+- `uri`                       - (Optional) The HTTPS endpoint URL to call for HC requests.
+- `method`                    - (Optional) The HTTP method to use for HC requests.
+- `code`                      - (Optional) The expected HTTP status code.
+- `host_header`               - (Optional) The HTTP host header to use for HC requests.
+- `sni`                       - (Optional) The SNI to use for HC requests over SSL.
+- `database_user`             - (Optional) The Database User to use for HC requests using `mysql` or `pgsql` protocol.
+- `check_timeout`             - (Optional) The Timeout before we consider a HC request failed.
+- `check_delay`               - (Optional) The time to wait between two consecutive health checks.
+- `check_send_proxy`          - (Optional) It defines whether proxy protocol should be activated for the health check.
+- `max_retries`               - (Optional) Number of allowed failed HC requests before the backend server is marked
+  down.
+- `transient_check_delay`     - (Optional) The time to wait between two consecutive health checks when a backend server
+  is in a transient state.
 
 ## Attributes Reference
 
 In addition to all arguments above, the following attributes are exported:
 
 - `id` - The ID of the loadbalancer backend.
 
-~> **Important:** Load-Balancers backends' IDs are [zoned](../guides/regions_and_zones.md#resource-ids), which means they are of the form `{zone}/{id}`, e.g. `fr-par-1/11111111-1111-1111-1111-111111111111`
+~> **Important:** Load-Balancers backends' IDs are [zoned](../guides/regions_and_zones.md#resource-ids), which means
+they are of the form `{zone}/{id}`, e.g. `fr-par-1/11111111-1111-1111-1111-111111111111`
 
 ## Import
 

scaleway/helpers_lb.go

@@ -350,6 +350,161 @@ func expandLbHCHTTPS(raw interface{}) *lbSDK.HealthCheckHTTPSConfig {
 	}
 }
 
+func expandLbHCMySQL(raw interface{}) *lbSDK.HealthCheckMysqlConfig {
+	if raw == nil || len(raw.([]interface{})) != 1 {
+		return nil
+	}
+
+	rawMap := raw.([]interface{})[0].(map[string]interface{})
+	return &lbSDK.HealthCheckMysqlConfig{
+		User: rawMap["database_user"].(string),
+	}
+}
+
+func expandLbHCPgSQL(raw interface{}) *lbSDK.HealthCheckPgsqlConfig {
+	if raw == nil || len(raw.([]interface{})) != 1 {
+		return nil
+	}
+
+	rawMap := raw.([]interface{})[0].(map[string]interface{})
+	return &lbSDK.HealthCheckPgsqlConfig{
+		User: rawMap["database_user"].(string),
+	}
+}
+
+func expandLbHCLDAP(raw interface{}) *lbSDK.HealthCheckLdapConfig {
+	if raw == nil || len(raw.([]interface{})) != 1 {
+		return nil
+	}
+
+	return &lbSDK.HealthCheckLdapConfig{}
+}
+
+func expandLbHealthCheck(raw interface{}) (*lbSDK.HealthCheck, error) {
+	if raw == nil || len(raw.([]interface{})) != 1 {
+		return nil, nil
+	}
+
+	var err error
+
+	rawMap := raw.([]interface{})[0].(map[string]interface{})
+
+	protocol := rawMap["protocol"]
+	hc := &lbSDK.HealthCheck{}
+	hc.CheckMaxRetries = int32(rawMap["max_retries"].(int))
+	hc.Port = int32(rawMap["port"].(int))
+	hc.CheckDelay, err = expandDuration(rawMap["check_delay"])
+	if err != nil {
+		return nil, err
+	}
+	hc.CheckTimeout, err = expandDuration(rawMap["check_timeout"])
+	if err != nil {
+		return nil, err
+	}
+	hc.CheckSendProxy = rawMap["check_send_proxy"].(bool)
+	hc.TransientCheckDelay = &scw.Duration{Seconds: int64(rawMap["transient_check_delay"].(int))}
+
+	switch protocol {
+	case "tcp":
+		hc.TCPConfig = &lbSDK.HealthCheckTCPConfig{}
+	case "http":
+		hc.HTTPConfig = expandLbHCHTTP(raw)
+	case "https":
+		hc.HTTPSConfig = expandLbHCHTTPS(raw)
+	case "mysql":
+		hc.MysqlConfig = expandLbHCMySQL(raw)
+	case "pgsql":
+		hc.PgsqlConfig = expandLbHCPgSQL(raw)
+	case "ldap":
+		hc.LdapConfig = expandLbHCLDAP(raw)
+	}
+
+	return hc, err
+}
+
+func updateHealthCheckChanges(hc *lbSDK.HealthCheck, updateHCRequest *lbSDK.ZonedAPIUpdateHealthCheckRequest) {
+	updateHCRequest.TransientCheckDelay = hc.TransientCheckDelay
+	updateHCRequest.CheckSendProxy = hc.CheckSendProxy
+	updateHCRequest.CheckTimeout = hc.CheckTimeout
+	updateHCRequest.CheckMaxRetries = hc.CheckMaxRetries
+	updateHCRequest.CheckDelay = hc.CheckDelay
+	updateHCRequest.Port = hc.Port
+
+	switch {
+	case hc.TCPConfig != nil:
+		updateHCRequest.TCPConfig = hc.TCPConfig
+
+	case hc.PgsqlConfig != nil:
+		updateHCRequest.PgsqlConfig = hc.PgsqlConfig
+
+	case hc.MysqlConfig != nil:
+		updateHCRequest.MysqlConfig = hc.MysqlConfig
+
+	case hc.HTTPConfig != nil:
+		updateHCRequest.HTTPConfig = hc.HTTPConfig
+
+	case hc.HTTPSConfig != nil:
+		updateHCRequest.HTTPSConfig = hc.HTTPSConfig
+
+	case hc.LdapConfig != nil:
+		updateHCRequest.LdapConfig = hc.LdapConfig
+
+	case hc.RedisConfig != nil:
+		updateHCRequest.RedisConfig = hc.RedisConfig
+	}
+}
+
+func flattenLbHealthCheck(hc *lbSDK.HealthCheck) interface{} {
+	if hc == nil {
+		return nil
+	}
+
+	raw := make(map[string]interface{})
+	raw["port"] = hc.Port
+	raw["check_timeout"] = flattenDuration(hc.CheckTimeout)
+	raw["check_delay"] = flattenDuration(hc.CheckDelay)
+	raw["transient_check_delay"] = hc.TransientCheckDelay.Seconds
+	raw["check_send_proxy"] = flattenBoolPtr(&hc.CheckSendProxy)
+	raw["max_retries"] = hc.CheckMaxRetries
+
+	if hc.HTTPConfig != nil {
+		raw["protocol"] = "http"
+		raw["uri"] = hc.HTTPConfig.URI
+		raw["method"] = hc.HTTPConfig.Method
+		raw["code"] = flattenInt32Ptr(hc.HTTPConfig.Code)
+		raw["host_header"] = hc.HTTPConfig.HostHeader
+	}
+
+	if hc.HTTPSConfig != nil {
+		raw["protocol"] = "https"
+		raw["uri"] = hc.HTTPSConfig.URI
+		raw["method"] = hc.HTTPSConfig.Method
+		raw["code"] = flattenInt32Ptr(hc.HTTPSConfig.Code)
+		raw["host_header"] = hc.HTTPSConfig.HostHeader
+		raw["sni"] = hc.HTTPSConfig.Sni
+	}
+
+	if hc.LdapConfig != nil {
+		raw["protocol"] = "ldap"
+	}
+	if hc.TCPConfig != nil {
+		raw["protocol"] = "tcp"
+	}
+	if hc.MysqlConfig != nil {
+		raw["protocol"] = "mysql"
+		raw["database_user"] = hc.MysqlConfig.User
+	}
+	if hc.PgsqlConfig != nil {
+		raw["protocol"] = "pgsql"
+		raw["database_user"] = hc.PgsqlConfig.User
+	}
+	if hc.RedisConfig != nil {
+		raw["protocol"] = "redis"
+	}
+
+	return []map[string]interface{}{raw}
+}
+
 func expandLbLetsEncrypt(raw interface{}) *lbSDK.CreateCertificateRequestLetsencryptConfig {
 	if raw == nil || len(raw.([]interface{})) != 1 {
 		return nil