Skip to content

Commit

Permalink
Resolve Issue #278 and #279 (#281)
Browse files Browse the repository at this point in the history
  • Loading branch information
seconroy authored Jul 10, 2024
1 parent fdbdb59 commit 8f37062
Show file tree
Hide file tree
Showing 6 changed files with 43 additions and 12 deletions.
1 change: 1 addition & 0 deletions docs/data-sources/zone_based_firewall_policy_definition.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ Read-Only:
Read-Only:

- `policy_id` (String) policy id for selected match entry
- `protocol_type` (String) Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
- `type` (String) Type of match entry
- `value` (String) value for selected match entry
- `value_variable` (String) variable value for selected match entry if it has variable option (sourceIp & destinationIp)
21 changes: 11 additions & 10 deletions docs/resources/zone_based_firewall_policy_definition.md
Original file line number Diff line number Diff line change
Expand Up @@ -80,13 +80,22 @@ Required:

- `base_action` (String) Base action
- Choices: `pass`, `drop`, `inspect`
- `match_entries` (Attributes List) List of match entries (see [below for nested schema](#nestedatt--rules--match_entries))
- `rule_name` (String) Rule name
- `rule_order` (Number) Rule

Optional:

- `action_entries` (Attributes List) List of actions entries (see [below for nested schema](#nestedatt--rules--action_entries))
- `match_entries` (Attributes List) List of match entries (see [below for nested schema](#nestedatt--rules--match_entries))

<a id="nestedatt--rules--action_entries"></a>
### Nested Schema for `rules.action_entries`

Optional:

- `type` (String) Type of action entry
- Choices: `log`, `connectionEvents`


<a id="nestedatt--rules--match_entries"></a>
### Nested Schema for `rules.match_entries`
Expand All @@ -99,18 +108,10 @@ Required:
Optional:

- `policy_id` (String) policy id for selected match entry
- `protocol_type` (String) Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
- `value` (String) value for selected match entry
- `value_variable` (String) variable value for selected match entry if it has variable option (sourceIp & destinationIp)


<a id="nestedatt--rules--action_entries"></a>
### Nested Schema for `rules.action_entries`

Optional:

- `type` (String) Type of action entry
- Choices: `log`, `connectionEvents`

## Import

Import is supported using the following syntax:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@ attributes:
tf_name: match_entries
data_path: [match]
type: List
mandatory: true
min_list: 1
description: List of match entries
attributes:
Expand All @@ -109,6 +108,12 @@ attributes:
description: value for selected match entry
exclude_test: true
example: 2
- model_name: app
tf_name: protocol_type
type: String
description: Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.
exclude_test: true
example: dns
- model_name: vipVariableName
tf_name: value_variable
type: String
Expand All @@ -118,6 +123,7 @@ attributes:
- model_name: actions
tf_name: action_entries
type: List
min_list: 1
description: List of actions entries
attributes:
- model_name: type
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,10 @@ func (d *ZoneBasedFirewallPolicyDefinitionDataSource) Schema(ctx context.Context
MarkdownDescription: "value for selected match entry",
Computed: true,
},
"protocol_type": schema.StringAttribute{
MarkdownDescription: "Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.",
Computed: true,
},
"value_variable": schema.StringAttribute{
MarkdownDescription: "variable value for selected match entry if it has variable option (sourceIp & destinationIp)",
Computed: true,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ type ZoneBasedFirewallPolicyDefinitionRulesMatchEntries struct {
Type types.String `tfsdk:"type"`
PolicyId types.String `tfsdk:"policy_id"`
Value types.String `tfsdk:"value"`
ProtocolType types.String `tfsdk:"protocol_type"`
ValueVariable types.String `tfsdk:"value_variable"`
}
type ZoneBasedFirewallPolicyDefinitionRulesActionEntries struct {
Expand Down Expand Up @@ -132,6 +133,9 @@ func (data ZoneBasedFirewallPolicyDefinition) toBody(ctx context.Context) string
if !childItem.Value.IsNull() {
itemChildBody, _ = sjson.Set(itemChildBody, "value", childItem.Value.ValueString())
}
if !childItem.ProtocolType.IsNull() {
itemChildBody, _ = sjson.Set(itemChildBody, "app", childItem.ProtocolType.ValueString())
}
if !childItem.ValueVariable.IsNull() {
itemChildBody, _ = sjson.Set(itemChildBody, "vipVariableName", childItem.ValueVariable.ValueString())
}
Expand Down Expand Up @@ -238,6 +242,11 @@ func (data *ZoneBasedFirewallPolicyDefinition) fromBody(ctx context.Context, res
} else {
cItem.Value = types.StringNull()
}
if ccValue := cv.Get("app"); ccValue.Exists() {
cItem.ProtocolType = types.StringValue(ccValue.String())
} else {
cItem.ProtocolType = types.StringNull()
}
if ccValue := cv.Get("vipVariableName"); ccValue.Exists() {
cItem.ValueVariable = types.StringValue(ccValue.String())
} else {
Expand Down Expand Up @@ -333,6 +342,9 @@ func (data *ZoneBasedFirewallPolicyDefinition) hasChanges(ctx context.Context, s
if !data.Rules[i].MatchEntries[ii].Value.Equal(state.Rules[i].MatchEntries[ii].Value) {
hasChanges = true
}
if !data.Rules[i].MatchEntries[ii].ProtocolType.Equal(state.Rules[i].MatchEntries[ii].ProtocolType) {
hasChanges = true
}
if !data.Rules[i].MatchEntries[ii].ValueVariable.Equal(state.Rules[i].MatchEntries[ii].ValueVariable) {
hasChanges = true
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ func (r *ZoneBasedFirewallPolicyDefinitionResource) Schema(ctx context.Context,
},
"match_entries": schema.ListNestedAttribute{
MarkdownDescription: helpers.NewAttributeDescription("List of match entries").String,
Required: true,
Optional: true,
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"type": schema.StringAttribute{
Expand All @@ -158,6 +158,10 @@ func (r *ZoneBasedFirewallPolicyDefinitionResource) Schema(ctx context.Context,
MarkdownDescription: helpers.NewAttributeDescription("value for selected match entry").String,
Optional: true,
},
"protocol_type": schema.StringAttribute{
MarkdownDescription: helpers.NewAttributeDescription("Should be included with additionally entries for `destinationPort` and `protocol` whenever the type `protocolName` is used.").String,
Optional: true,
},
"value_variable": schema.StringAttribute{
MarkdownDescription: helpers.NewAttributeDescription("variable value for selected match entry if it has variable option (sourceIp & destinationIp)").String,
Optional: true,
Expand All @@ -182,6 +186,9 @@ func (r *ZoneBasedFirewallPolicyDefinitionResource) Schema(ctx context.Context,
},
},
},
Validators: []validator.List{
listvalidator.SizeAtLeast(1),
},
},
},
},
Expand Down

0 comments on commit 8f37062

Please sign in to comment.