Resolve issue #279

CiscoDevNet · Jun 26, 2024 · 0f4d3c0 · 0f4d3c0
1 parent 725fc13
commit 0f4d3c0
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 0 deletions.
diff --git a/docs/data-sources/zone_based_firewall_policy_definition.md b/docs/data-sources/zone_based_firewall_policy_definition.md
@@ -69,6 +69,7 @@ Read-Only:
 Read-Only:
 
 - `policy_id` (String) policy id for selected match entry
+- `protocol_type` (String) Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
 - `type` (String) Type of match entry
 - `value` (String) value for selected match entry
 - `value_variable` (String) variable value for selected match entry if it has variable option (sourceIp & destinationIp)
diff --git a/docs/resources/zone_based_firewall_policy_definition.md b/docs/resources/zone_based_firewall_policy_definition.md
@@ -108,6 +108,7 @@ Required:
 Optional:
 
 - `policy_id` (String) policy id for selected match entry
+- `protocol_type` (String) Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
 - `value` (String) value for selected match entry
 - `value_variable` (String) variable value for selected match entry if it has variable option (sourceIp & destinationIp)
 

diff --git a/gen/definitions/generic/zone_based_firewall_policy_definition.yaml b/gen/definitions/generic/zone_based_firewall_policy_definition.yaml
@@ -108,6 +108,12 @@ attributes:
         description: value for selected match entry
         exclude_test: true
         example: 2
+      - model_name: app
+        tf_name: protocol_type
+        type: String
+        description: Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
+        exclude_test: true
+        example: dns
       - model_name: vipVariableName
         tf_name: value_variable
         type: String

diff --git a/internal/provider/data_source_sdwan_zone_based_firewall_policy_definition.go b/internal/provider/data_source_sdwan_zone_based_firewall_policy_definition.go
@@ -131,6 +131,10 @@ func (d *ZoneBasedFirewallPolicyDefinitionDataSource) Schema(ctx context.Context
 										MarkdownDescription: "value for selected match entry",
 										Computed:            true,
 									},
+									"protocol_type": schema.StringAttribute{
+										MarkdownDescription: "Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.",
+										Computed:            true,
+									},
 									"value_variable": schema.StringAttribute{
 										MarkdownDescription: "variable value for selected match entry if it has variable option (sourceIp & destinationIp)",
 										Computed:            true,

diff --git a/internal/provider/model_sdwan_zone_based_firewall_policy_definition.go b/internal/provider/model_sdwan_zone_based_firewall_policy_definition.go
@@ -57,6 +57,7 @@ type ZoneBasedFirewallPolicyDefinitionRulesMatchEntries struct {
 	Type          types.String `tfsdk:"type"`
 	PolicyId      types.String `tfsdk:"policy_id"`
 	Value         types.String `tfsdk:"value"`
+	ProtocolType  types.String `tfsdk:"protocol_type"`
 	ValueVariable types.String `tfsdk:"value_variable"`
 }
 type ZoneBasedFirewallPolicyDefinitionRulesActionEntries struct {
@@ -132,6 +133,9 @@ func (data ZoneBasedFirewallPolicyDefinition) toBody(ctx context.Context) string
 					if !childItem.Value.IsNull() {
 						itemChildBody, _ = sjson.Set(itemChildBody, "value", childItem.Value.ValueString())
 					}
+					if !childItem.ProtocolType.IsNull() {
+						itemChildBody, _ = sjson.Set(itemChildBody, "app", childItem.ProtocolType.ValueString())
+					}
 					if !childItem.ValueVariable.IsNull() {
 						itemChildBody, _ = sjson.Set(itemChildBody, "vipVariableName", childItem.ValueVariable.ValueString())
 					}
@@ -238,6 +242,11 @@ func (data *ZoneBasedFirewallPolicyDefinition) fromBody(ctx context.Context, res
 					} else {
 						cItem.Value = types.StringNull()
 					}
+					if ccValue := cv.Get("app"); ccValue.Exists() {
+						cItem.ProtocolType = types.StringValue(ccValue.String())
+					} else {
+						cItem.ProtocolType = types.StringNull()
+					}
 					if ccValue := cv.Get("vipVariableName"); ccValue.Exists() {
 						cItem.ValueVariable = types.StringValue(ccValue.String())
 					} else {
@@ -333,6 +342,9 @@ func (data *ZoneBasedFirewallPolicyDefinition) hasChanges(ctx context.Context, s
 					if !data.Rules[i].MatchEntries[ii].Value.Equal(state.Rules[i].MatchEntries[ii].Value) {
 						hasChanges = true
 					}
+					if !data.Rules[i].MatchEntries[ii].ProtocolType.Equal(state.Rules[i].MatchEntries[ii].ProtocolType) {
+						hasChanges = true
+					}
 					if !data.Rules[i].MatchEntries[ii].ValueVariable.Equal(state.Rules[i].MatchEntries[ii].ValueVariable) {
 						hasChanges = true
 					}

diff --git a/internal/provider/resource_sdwan_zone_based_firewall_policy_definition.go b/internal/provider/resource_sdwan_zone_based_firewall_policy_definition.go
@@ -158,6 +158,10 @@ func (r *ZoneBasedFirewallPolicyDefinitionResource) Schema(ctx context.Context,
 										MarkdownDescription: helpers.NewAttributeDescription("value for selected match entry").String,
 										Optional:            true,
 									},
+									"protocol_type": schema.StringAttribute{
+										MarkdownDescription: helpers.NewAttributeDescription("Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.").String,
+										Optional:            true,
+									},
 									"value_variable": schema.StringAttribute{
 										MarkdownDescription: helpers.NewAttributeDescription("variable value for selected match entry if it has variable option (sourceIp & destinationIp)").String,
 										Optional:            true,