feat(vpn): onboarding of connection resource and datasource

[rubenhoenle]

Description

continues PR #1487
relates to STACKITTPR-551

Checklist

• Issue was linked above
• Code format was applied: make fmt
• Examples were added / adjusted (see examples/ directory)
• Docs are up-to-date: make generate-docs (will be checked by CI)
• Unit tests got implemented or updated
• Acceptance tests got implemented or updated (see e.g. here)
• Unit tests are passing: make test (will be checked by CI)
• No linter issues: make lint (will be checked by CI)

[github-actions]

Merging this branch will increase overall coverage

Impacted Packages	Coverage Δ	🤖
github.com/stackitcloud/terraform-provider-stackit/stackit	1.18% (ø)
github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn	0.00% (ø)
github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/connection	42.92% (+42.92%)	🌟

---

Coverage by file

Changed files (no unit tests)

Changed File	Coverage Δ	Total	Covered	Missed	🤖
github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/connection/datasource.go	19.35% (+19.35%)	62 (+62)	12 (+12)	50 (+50)	🎉
github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/connection/resource.go	46.81% (+46.81%)	376 (+376)	176 (+176)	200 (+200)	🌟
github.com/stackitcloud/terraform-provider-stackit/stackit/provider.go	1.18% (ø)	169	2	167

Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code.

Changed unit test files

• github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/connection/datasource_test.go
• github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/connection/resource_test.go
• github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/vpn_acc_test.go
• github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/vpn/vpn_test.go

[cgoetz-inovex]

should we use remote_subnets here?

[cgoetz-inovex]

same as above, plural?

[cgoetz-inovex]

I suspect an error here:
tf config:

resource "stackit_vpn_gateway" "example-2" {
  project_id   = var.sna_project_id
  display_name = "cg-test-gw-policy"
  plan_id      = "p500"
  routing_type = "POLICY_BASED"

  availability_zones = {
    tunnel1 = "eu01-1"
    tunnel2 = "eu01-2"
  }
}

resource "stackit_vpn_connection" "example-2" {
  project_id = var.sna_project_id
  gateway_id = stackit_vpn_gateway.example-2.gateway_id
  display_name = "cg-test-conn-policy"
  tunnel1 = {
    remote_address = "10.0.0.3"
    pre_shared_key = "redacted"
    phase1 = {
      dh_groups = ["modp2048s256"]
      encryption_algorithms = ["aes256gcm16"]
      integrity_algorithms = ["sha2_256"]
    }
    phase2 = {
      dh_groups = ["modp2048s256"]
      encryption_algorithms = ["aes256gcm16"]
      integrity_algorithms = ["sha2_256"]
    }

  }
  tunnel2 = {
    remote_address = "10.0.0.3"
    pre_shared_key = "redacted"
    phase1 = {
      dh_groups = ["modp2048s256"]
      encryption_algorithms = ["aes256gcm16"]
      integrity_algorithms = ["sha2_256"]
    }
    phase2 = {
      dh_groups = ["modp2048s256"]
      encryption_algorithms = ["aes256gcm16"]
      integrity_algorithms = ["sha2_256"]
    }
  }
}

results in:

╷
│ Error: Error creating VPN connection
│ 
│   with stackit_vpn_connection.example-2,
│   on provider.tf line 199, in resource "stackit_vpn_connection" "example-2":
│  199: resource "stackit_vpn_connection" "example-2" {
│ 
│ Calling API: 400 Bad Request, status code 400, Body: {"error":{"code":400,"message":"One or more fields are
│ invalid.","status":"BAD_REQUEST","details":[{"reason":"INVALID_FIELD","domain":"vpn.access.stackit.cloud","metadata":{"field":"staticRoutes","validationError":"field
│ must be **excluded"}}]}}**

the plan looks like:

+ static_routes = []