From 6f5b13e81fba166796188eca9bc6ab969d495fc9 Mon Sep 17 00:00:00 2001
From: Marcel da Silva <marcel.dasilva@twint.ch>
Date: Fri, 12 Jul 2024 16:26:47 +0200
Subject: [PATCH] support ldap bigip_ltm_monitor

---
 bigip/datasource_bigip_ltm_monitor.go         | 31 ++++++++++++++++
 bigip/resource_bigip_ltm_monitor.go           | 37 +++++++++++++++++++
 bigip/resource_bigip_ltm_monitor_test.go      | 36 ++++++++++++++++++
 .../github.com/f5devcentral/go-bigip/ltm.go   | 12 ++++++
 4 files changed, 116 insertions(+)

diff --git a/bigip/datasource_bigip_ltm_monitor.go b/bigip/datasource_bigip_ltm_monitor.go
index 24f7febdd..a4a3ec8ba 100644
--- a/bigip/datasource_bigip_ltm_monitor.go
+++ b/bigip/datasource_bigip_ltm_monitor.go
@@ -103,6 +103,32 @@ func dataSourceBigipLtmMonitor() *schema.Resource {
 				Computed:    true,
 				Description: "the database in which your user is created",
 			},
+
+			"base": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Specifies the location in the LDAP tree from which the monitor starts the health check",
+			},
+			"filter": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Specifies an LDAP key for which the monitor searches",
+			},
+			"mandatory_attributes": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Specifies whether the target must include attributes in its response to be considered up. The options are no (Specifies that the system performs only a one-level search (based on the Filter setting), and does not require that the target returns any attributes.) and yes (Specifies that the system performs a sub-tree search, and if the target returns no attributes, the target is considered down.)",
+			},
+			"chase_referrals": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Specifies whether the system will query the LDAP servers pointed to by any referrals in the query results.",
+			},
+			"security": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Specifies the secure communications protocol that the monitor uses to communicate with the target. The options are none (Specifies that the system does not use a security protocol for communications with the target.), ssl (Specifies that the system uses the SSL protocol for communications with the target.), and tls (Specifies that the system uses the TLS protocol for communications with the target.)",
+			},
 		},
 	}
 }
@@ -141,6 +167,11 @@ func dataSourceBigipLtmMonitorRead(ctx context.Context, d *schema.ResourceData,
 			_ = d.Set("username", m.Username)
 			_ = d.Set("name", name)
 			_ = d.Set("database", m.Database)
+			_ = d.Set("base", m.Base)
+			_ = d.Set("filter", m.Filter)
+			_ = d.Set("mandatory_attributes", m.MandatoryAttributes)
+			_ = d.Set("chase_referrals", m.ChaseReferrals)
+			_ = d.Set("security", m.Security)
 			d.SetId(m.FullPath)
 			return nil
 		}
diff --git a/bigip/resource_bigip_ltm_monitor.go b/bigip/resource_bigip_ltm_monitor.go
index 943198e8c..1c2e11787 100644
--- a/bigip/resource_bigip_ltm_monitor.go
+++ b/bigip/resource_bigip_ltm_monitor.go
@@ -196,6 +196,32 @@ func resourceBigipLtmMonitor() *schema.Resource {
 				Optional:    true,
 				Description: "the ssl profile",
 			},
+
+			"base": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Specifies the location in the LDAP tree from which the monitor starts the health check",
+			},
+			"filter": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Specifies an LDAP key for which the monitor searches",
+			},
+			"mandatory_attributes": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Specifies whether the target must include attributes in its response to be considered up. The options are no (Specifies that the system performs only a one-level search (based on the Filter setting), and does not require that the target returns any attributes.) and yes (Specifies that the system performs a sub-tree search, and if the target returns no attributes, the target is considered down.)",
+			},
+			"chase_referrals": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Specifies whether the system will query the LDAP servers pointed to by any referrals in the query results.",
+			},
+			"security": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Specifies the secure communications protocol that the monitor uses to communicate with the target. The options are none (Specifies that the system does not use a security protocol for communications with the target.), ssl (Specifies that the system uses the SSL protocol for communications with the target.), and tls (Specifies that the system uses the TLS protocol for communications with the target.)",
+			},
 		},
 	}
 }
@@ -287,6 +313,12 @@ func resourceBigipLtmMonitorRead(ctx context.Context, d *schema.ResourceData, me
 			_ = d.Set("password", m.Password)
 			_ = d.Set("name", name)
 			_ = d.Set("database", m.Database)
+
+			_ = d.Set("base", m.Base)
+			_ = d.Set("filter", m.Filter)
+			_ = d.Set("mandatory_attributes", m.MandatoryAttributes)
+			_ = d.Set("chase_referrals", m.ChaseReferrals)
+			_ = d.Set("security", m.Security)
 			return nil
 		}
 	}
@@ -382,5 +414,10 @@ func getLtmMonitorConfig(d *schema.ResourceData, config *bigip.Monitor) *bigip.M
 	config.Password = d.Get("password").(string)
 	config.UpInterval = d.Get("up_interval").(int)
 	config.SSLProfile = d.Get("ssl_profile").(string)
+	config.Base = d.Get("base").(string)
+	config.Filter = d.Get("filter").(string)
+	config.MandatoryAttributes = d.Get("mandatory_attributes").(string)
+	config.ChaseReferrals = d.Get("chase_referrals").(string)
+	config.Security = d.Get("security").(string)
 	return config
 }
diff --git a/bigip/resource_bigip_ltm_monitor_test.go b/bigip/resource_bigip_ltm_monitor_test.go
index eaebe5981..87c50d8fa 100644
--- a/bigip/resource_bigip_ltm_monitor_test.go
+++ b/bigip/resource_bigip_ltm_monitor_test.go
@@ -22,6 +22,7 @@ var TestHttpsMonitorName = fmt.Sprintf("/%s/test-https-monitor", TestPartition)
 var TestFtpMonitorName = fmt.Sprintf("/%s/test-ftp-monitor", TestPartition)
 var TestUdpMonitorName = fmt.Sprintf("/%s/test-udp-monitor", TestPartition)
 var TestPostgresqlMonitorName = fmt.Sprintf("/%s/test-postgresql-monitor", TestPartition)
+var TestLDAPMonitorName = fmt.Sprintf("/%s/test-ldap-monitor", TestPartition)
 var TestGatewayIcmpMonitorName = fmt.Sprintf("/%s/test-gateway", TestPartition)
 var TestTcpHalfOpenMonitorName = fmt.Sprintf("/%s/test-tcp-half-open", TestPartition)
 
@@ -97,6 +98,17 @@ resource "bigip_ltm_monitor" "test-postgresql-monitor" {
 }
 `
 
+var TestLDAPMonitorResource = `
+resource "bigip_ltm_monitor" "test-ldap-monitor" {
+        name = "` + TestLDAPMonitorName + `"
+        parent = "/Common/ldap"
+        interval          = 5
+        timeout           = 16
+        base              = "DC=company,DC=com"
+        filter            = "(cn=username)"
+        security          = "ssl"
+}
+`
 var TestGatewayIcmpMonitorResource = `
 resource "bigip_ltm_monitor" "test-gateway-icmp-monitor" {
   name        = "` + TestGatewayIcmpMonitorName + `"
@@ -292,6 +304,30 @@ func TestAccBigipLtmMonitor_UdpCreate(t *testing.T) {
 		},
 	})
 }
+func TestAccBigipLtmMonitor_LDAPCreate(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAcctPreCheck(t)
+		},
+		Providers:    testAccProviders,
+		CheckDestroy: testMonitorsDestroyed,
+		Steps: []resource.TestStep{
+			{
+				Config: TestLDAPMonitorResource,
+				Check: resource.ComposeTestCheckFunc(
+					testCheckMonitorExists(TestLDAPMonitorName),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "parentsdf", "/Common/ldap"),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "timeout", "16"),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "interval", "5"),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "filter", "(cn=username)"),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "security", "ssl"),
+					resource.TestCheckResourceAttr("bigip_ltm_monitor.test-ldap-monitor", "base", "DC=company,DC=com"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccBigipLtmMonitor_PostgresqlCreate(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {
diff --git a/vendor/github.com/f5devcentral/go-bigip/ltm.go b/vendor/github.com/f5devcentral/go-bigip/ltm.go
index be226f060..9661bbbb9 100644
--- a/vendor/github.com/f5devcentral/go-bigip/ltm.go
+++ b/vendor/github.com/f5devcentral/go-bigip/ltm.go
@@ -1067,6 +1067,12 @@ type Monitor struct {
 	RecvRow        string `json:"recvRow,omitempty"`
 	RecvColumn     string `json:"recvColumn,omitempty"`
 	SSLProfile     string `json:"sslProfile,omitempty"`
+	// ldap specifics
+	Base                string `json:"base,omitempty"`
+	Filter              string `json:"filter,omitempty"`
+	MandatoryAttributes string `json:"mandatoryAttributes,omitempty"`
+	ChaseReferrals      string `json:"chaseReferrals,omitempty"`
+	Security            string `json:"security,omitempty"`
 }
 
 type monitorDTO struct {
@@ -1100,6 +1106,12 @@ type monitorDTO struct {
 	RecvRow        string `json:"recvRow,omitempty"`
 	RecvColumn     string `json:"recvColumn,omitempty"`
 	SSLProfile     string `json:"sslProfile,omitempty"`
+	// ldap specifics
+	Base                string `json:"base,omitempty"`
+	Filter              string `json:"filter,omitempty"`
+	MandatoryAttributes string `json:"mandatoryAttributes,omitempty"`
+	ChaseReferrals      string `json:"chaseReferrals,omitempty"`
+	Security            string `json:"security,omitempty"`
 }
 
 type Profiles struct {