fix: allowed ip range description fix for PGD (#610)

* fix: allowed ip range description fix for PGD

* fix: if allow all ip ranges, force description to be empty for consistency

* fix: ip description remove

* fix: code comments and allow ip ranges response description set to "" if cidrblock is 0.0.0.0/0

pkg/plan_modifier/data_group_custom_diff.go

@@ -7,7 +7,6 @@ import (
 	"strings"
 
 	"github.com/EnterpriseDB/terraform-provider-biganimal/pkg/models/pgd/terraform"
-	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/tfsdk"
@@ -80,30 +79,6 @@ func (m CustomDataGroupDiffModifier) PlanModifyList(ctx context.Context, req pla
 			return
 		}
 
-		for _, pDg := range planDgsObs {
-			// fix to set the correct allowed ip ranges to allow all if a PGD data group has private networking set as true
-			if pDg.PrivateNetworking != nil && *pDg.PrivateNetworking {
-				pDg.AllowedIpRanges = types.SetValueMust(pDg.AllowedIpRanges.ElementType(ctx), []attr.Value{
-					types.ObjectValueMust(
-						pDg.AllowedIpRanges.ElementType(ctx).(types.ObjectType).AttributeTypes(),
-						map[string]attr.Value{
-							"cidr_block":  types.StringValue("0.0.0.0/0"),
-							"description": types.StringValue("To allow all access"),
-						}),
-				})
-				// fix to set the correct allowed ip ranges for PGD data group if allowed ip ranges length is 0
-			} else if pDg.AllowedIpRanges.IsNull() || len(pDg.AllowedIpRanges.Elements()) == 0 {
-				pDg.AllowedIpRanges = types.SetValueMust(pDg.AllowedIpRanges.ElementType(ctx), []attr.Value{
-					types.ObjectValueMust(
-						pDg.AllowedIpRanges.ElementType(ctx).(types.ObjectType).AttributeTypes(),
-						map[string]attr.Value{
-							"cidr_block":  types.StringValue("0.0.0.0/0"),
-							"description": types.StringValue(""),
-						}),
-				})
-			}
-		}
-
 		mapState := tfsdk.State{Schema: req.Plan.Schema, Raw: req.Plan.Raw}
 		diag = mapState.SetAttribute(ctx, path.Root("data_groups"), planDgsObs)
 		if diag.ErrorsCount() > 0 {
@@ -156,28 +131,6 @@ func (m CustomDataGroupDiffModifier) PlanModifyList(ctx context.Context, req pla
 					pDg.WalStorage.Throughput = sDg.WalStorage.Throughput
 				}
 
-				// fix to set the correct allowed ip ranges to allow all if a PGD data group has private networking set as true
-				if pDg.PrivateNetworking != nil && *pDg.PrivateNetworking {
-					pDg.AllowedIpRanges = types.SetValueMust(pDg.AllowedIpRanges.ElementType(ctx), []attr.Value{
-						types.ObjectValueMust(
-							pDg.AllowedIpRanges.ElementType(ctx).(types.ObjectType).AttributeTypes(),
-							map[string]attr.Value{
-								"cidr_block":  types.StringValue("0.0.0.0/0"),
-								"description": types.StringValue("To allow all access"),
-							}),
-					})
-					// fix to set the correct allowed ip ranges for PGD data group if allowed ip ranges length is 0
-				} else if pDg.AllowedIpRanges.IsNull() || len(pDg.AllowedIpRanges.Elements()) == 0 {
-					pDg.AllowedIpRanges = types.SetValueMust(pDg.AllowedIpRanges.ElementType(ctx), []attr.Value{
-						types.ObjectValueMust(
-							pDg.AllowedIpRanges.ElementType(ctx).(types.ObjectType).AttributeTypes(),
-							map[string]attr.Value{
-								"cidr_block":  types.StringValue("0.0.0.0/0"),
-								"description": types.StringValue(""),
-							}),
-					})
-				}
-
 				// if private networking has change then connection string will change
 				if sDg.PrivateNetworking != pDg.PrivateNetworking {
 					pDg.Connection = types.StringUnknown()

pkg/provider/resource_analytics_cluster.go

@@ -522,9 +522,18 @@ func readAnalyticsCluster(ctx context.Context, client *api.ClusterClient, tfClus
 	tfClusterResource.AllowedIpRanges = []AllowedIpRangesResourceModel{}
 	if allowedIpRanges := responseCluster.AllowedIpRanges; allowedIpRanges != nil {
 		for _, ipRange := range *allowedIpRanges {
+			description := ipRange.Description
+
+			// if cidr block is 0.0.0.0/0 then set description to empty string
+			// setting private networking and leaving allowed ip ranges as empty will return
+			// cidr block as 0.0.0.0/0 and description as "To allow all access"
+			// so we need to set description to empty string to keep it consistent with the tf resource
+			if ipRange.CidrBlock == "0.0.0.0/0" {
+				description = ""
+			}
 			tfClusterResource.AllowedIpRanges = append(tfClusterResource.AllowedIpRanges, AllowedIpRangesResourceModel{
 				CidrBlock:   ipRange.CidrBlock,
-				Description: types.StringValue(ipRange.Description),
+				Description: types.StringValue(description),
 			})
 		}
 	}

pkg/provider/resource_cluster.go

@@ -922,9 +922,18 @@ func readCluster(ctx context.Context, client *api.ClusterClient, tfClusterResour
 	tfClusterResource.AllowedIpRanges = []AllowedIpRangesResourceModel{}
 	if allowedIpRanges := responseCluster.AllowedIpRanges; allowedIpRanges != nil {
 		for _, ipRange := range *allowedIpRanges {
+			description := ipRange.Description
+
+			// if cidr block is 0.0.0.0/0 then set description to empty string
+			// setting private networking and leaving allowed ip ranges as empty will return
+			// cidr block as 0.0.0.0/0 and description as "To allow all access"
+			// so we need to set description to empty string to keep it consistent with the tf resource
+			if ipRange.CidrBlock == "0.0.0.0/0" {
+				description = ""
+			}
 			tfClusterResource.AllowedIpRanges = append(tfClusterResource.AllowedIpRanges, AllowedIpRangesResourceModel{
 				CidrBlock:   ipRange.CidrBlock,
-				Description: types.StringValue(ipRange.Description),
+				Description: types.StringValue(description),
 			})
 		}
 	}

pkg/provider/resource_fareplica.go

@@ -671,9 +671,18 @@ func readFAReplica(ctx context.Context, client *api.ClusterClient, fAReplicaReso
 	fAReplicaResourceModel.AllowedIpRanges = []AllowedIpRangesResourceModel{}
 	if allowedIpRanges := responseCluster.AllowedIpRanges; allowedIpRanges != nil {
 		for _, ipRange := range *allowedIpRanges {
+			description := ipRange.Description
+
+			// if cidr block is 0.0.0.0/0 then set description to empty string
+			// setting private networking and leaving allowed ip ranges as empty will return
+			// cidr block as 0.0.0.0/0 and description as "To allow all access"
+			// so we need to set description to empty string to keep it consistent with the tf resource
+			if ipRange.CidrBlock == "0.0.0.0/0" {
+				description = ""
+			}
 			fAReplicaResourceModel.AllowedIpRanges = append(fAReplicaResourceModel.AllowedIpRanges, AllowedIpRangesResourceModel{
 				CidrBlock:   ipRange.CidrBlock,
-				Description: types.StringValue(ipRange.Description),
+				Description: types.StringValue(description),
 			})
 		}
 	}

pkg/provider/resource_pgd.go

@@ -1404,14 +1404,26 @@ func buildTFGroupsAs(ctx context.Context, diags *diag.Diagnostics, state tfsdk.S
 				if apiRespDgModel.AllowedIpRanges != nil && len(*apiRespDgModel.AllowedIpRanges) > 0 {
 					for _, v := range *apiRespDgModel.AllowedIpRanges {
 						v := v
+
+						description := v.Description
+
+						// if cidr block is 0.0.0.0/0 then set description to empty string
+						// setting private networking and leaving allowed ip ranges as empty will return
+						// cidr block as 0.0.0.0/0 and description as "To allow all access"
+						// so we need to set description to empty string to keep it consistent with the tf resource
+						if v.CidrBlock == "0.0.0.0/0" {
+							description = ""
+						}
+
 						ob, diag := types.ObjectValue(allwdIpRngsElemTFType.AttrTypes, map[string]attr.Value{
 							"cidr_block":  types.StringValue(v.CidrBlock),
-							"description": types.StringValue(v.Description),
+							"description": types.StringValue(description),
 						})
 						if diag.HasError() {
 							diags.Append(diag...)
 							return
 						}
+
 						allowedIpRanges = append(allowedIpRanges, ob)
 					}
 				}