Merge in changes from sayedh/terraform-provider-unifi

.gitignore

@@ -3,3 +3,4 @@
 .vscode
 dist
 terraform-provider-unifi
+terraform-provider-unifi.exe

.goreleaser.yml

@@ -1,40 +1,44 @@
+version: 2
 builds:
-- env:
-    - CGO_ENABLED=0
-  mod_timestamp: '{{ .CommitTimestamp }}'
-  flags:
-    - -trimpath
-  ldflags:
-    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
-  goos:
-    - freebsd
-    - windows
-    - linux
-    - darwin
-  goarch:
-    - amd64
-    - '386'
-    - arm
-    - arm64
-  ignore:
-    - goos: darwin
-      goarch: '386'
-  binary: '{{ .ProjectName }}_v{{ .Version }}'
+  - env:
+      - CGO_ENABLED=0
+    mod_timestamp: '{{ .CommitTimestamp }}'
+    flags:
+      - -trimpath
+    ldflags:
+      - -s -w -X main.version={{.Version}} -X main.commit={{.Commit}}
+    goos:
+      - freebsd
+      - windows
+      - linux
+      - darwin
+    goarch:
+      - amd64
+      - '386'
+      - arm
+      - arm64
+    ignore:
+      - goos: darwin
+        goarch: '386'
+    binary: '{{ .ProjectName }}_v{{ .Version }}'
+    hooks:
+      post:
+        - cmd: chmod 755 "{{ .Path }}"
 archives:
-- format: zip
-  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+  - format: zip
+    name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
 checksum:
   name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
   algorithm: sha256
 signs:
   - artifacts: checksum
     args:
-      - "--batch"
-      - "--local-user"
-      - "{{ .Env.GPG_FINGERPRINT }}"
-      - "--output"
-      - "${signature}"
-      - "--detach-sign"
-      - "${artifact}"
+      - --batch
+      - --local-user
+      - '{{ .Env.GPG_FINGERPRINT }}'
+      - --output
+      - '${signature}'
+      - --detach-sign
+      - '${artifact}'
 changelog:
-  skip: true
+  disable: true

README.md

@@ -1,23 +1,69 @@
-![Acceptance Tests](https://github.com/paultyng/terraform-provider-unifi/workflows/Acceptance%20Tests/badge.svg?event=push)
+<!-- ![Acceptance Tests](https://github.com/sayedh/terraform-provider-unifi/workflows/Acceptance%20Tests/badge.svg?event=push) -->
 
 # Unifi Terraform Provider (terraform-provider-unifi)
 
-**Note** You can't (for obvious reasons) configure your network while connected to something that may disconnect (like the WiFi). Use a hard-wired connection to your controller to use this provider.
-
-Functionality first needs to be added to the [go-unifi](https://github.com/paultyng/go-unifi) SDK.
+This project is a fork of [paultyng/terraform-provider-unifi](https://github.com/paultyng/terraform-provider-unifi), updated to support the latest UniFi Network versions.
 
 ## Documentation
 
-You can browse documentation on the [Terraform provider registry](https://registry.terraform.io/providers/paultyng/unifi/latest/docs).
+Browse the official provider documentation on the [Terraform provider registry](https://registry.terraform.io/providers/sayedh/unifi/latest/docs).
+
+## Supported UniFi Controller Versions
+
+As of **version v1.0.1**, this provider supports **UniFi Controller v8.4.59**. Earlier versions, up to **v7.4.162**, were supported in the original [paultyng](https://github.com/paultyng/terraform-provider-unifi) release.
+
+
+## Development Status
 
-## Supported Unifi Controller Versions
+This provider is currently under active development, with efforts to update compatibility with the latest UniFi Network Controller version **v8.4.59**. While significant progress has been made, **only a few features are fully tested and confirmed to work**:
 
-As of version [v0.34](https://github.com/paultyng/terraform-provider-unifi/releases/tag/v0.34.0), this provider only supports version 6 of the Unifi controller software. If you need v5 support, you can pin an older version of the provider.
+- **Resource: Network**
+- **Resource: Port Profile**
 
-The docker, UDM, and UDM-Pro versions are slightly different (the API is proxied a little differently) but for the most part should all be supported. Individual patch versions of the controller are generally not tested for compatibility, just the latest stable versions.
+Other resources and data sources **may not yet be fully functional** on the latest UniFi Network version, and testing is ongoing. Users should be aware that these features might work inconsistently or could break entirely when working with newer versions of the UniFi controller.
+
+## Fork History
+
+- This Terraform provider was originally created by [Paul Tyng](https://github.com/paultyng) to support UniFi Network versions up to 7.4.162.
+- In August 2024, this fork was initiated to extend support to newer versions of the UniFi Network software, specifically **v8.4.59**.
+- Ongoing efforts are being made to thoroughly test and refine all functionality.
 
 ## Using the Provider
 
-### Terraform 1.0 and above
+### Terraform 1.0 and Above
+
+You can use the provider via the [Terraform provider registry](https://registry.terraform.io/providers/sayedh/unifi/latest).
+
+**Note**: When using this provider, ensure you're connected via a hard-wired connection to the UniFi Controller rather than WiFi, as configuring your network over a connection that could disconnect (like WiFi) is risky and may result in issues.
+
+### Terraform Configuration Example
+
+```hcl
+provider "unifi" {
+  controller = "https://<unifi-controller-url>"
+  username   = "admin"
+  password   = "password"
+}
+
+resource "unifi_network" "example" {
+  name = "Example Network"
+  # Add relevant configuration options here
+}
+```
+
+## Versioning
+
+The provider has been versioned with the goal of maintaining backward compatibility where possible. However, many changes involve breaking adjustments. Updates will continue to follow semantic versioning.
+
+## Note on UniFi Go SDK
+
+This provider relies on the [go-unifi SDK](https://github.com/sayedh/go-unifi), also forked from [Paul Tyng's original SDK](https://github.com/paultyng/go-unifi), to interact with the UniFi Controller. Code generation and updates to the SDK are performed to support the latest UniFi Controller features.
+
+## Contributing
+
+Contributions are highly appreciated to ensure better compatibility with the latest UniFi Network versions. Please submit issues and pull requests to the [GitHub repository](https://github.com/sayedh/terraform-provider-unifi).
+
+## Disclaimer
+
+This project is in an **experimental state**, and users should proceed with caution when using it in production environments. Expect rapid changes and potentially breaking updates as development progresses.
 
-You can use the provider via the [Terraform provider registry](https://registry.terraform.io/providers/paultyng/unifi).

docs/index.md

@@ -7,8 +7,28 @@ description: |-
 
 # Unifi Provider
 
-The Unifi provider provides resources to interact with a Unifi controller API.
+The Unifi provider allows users to manage and configure UniFi Network controllers and devices via the Terraform ecosystem. This provider is currently **under active development** and should be considered **experimental**.
 
+## Important Warning
+
+This provider is **not yet fully functional** and is **under construction**. Only limited features are thoroughly tested and confirmed to work. Users should be aware that certain features may work inconsistently or may not work at all. It is recommended to use this provider for **testing and experimentation purposes only**, rather than in production environments.
+
+## Supported UniFi Controller Version
+
+This provider currently works with **UniFi Controller v8.4.59**. Efforts are ongoing to ensure compatibility with the latest UniFi Network Controller versions.
+
+## Features Currently Working
+
+The following features are thoroughly tested and confirmed to work:
+
+- **Resource: Network** - Manage UniFi network configurations.
+- **Resource: Port Profile** - Configure port profiles for UniFi switches.
+
+## Fork Information
+
+This provider is a fork of the original [paultyng/terraform-provider-unifi](https://github.com/paultyng/terraform-provider-unifi). The original provider supports UniFi Network versions up to **v7.4.162**. For users requiring compatibility with older UniFi Network versions, please use the [paultyng provider on the Terraform Registry](https://registry.terraform.io/providers/paultyng/unifi/latest).
+
+## Authentication Recommendations
 It is not recommended to use your own account for management of your controller. A user specific to
 Terraform is recommended. You can create a **Limited Admin** with **Local Access Only** and
 provide that information for authentication. Two-factor authentication is not supported in the provider.

docs/resources/port_profile.md

@@ -34,8 +34,37 @@ resource "unifi_port_profile" "poe_disabled" {
   native_networkconf_id = unifi_network.vlan.id
   poe_mode              = "off"
 }
+
+resource "unifi_port_profile" "with_included_networks" {
+  name                  = "Included Networks Profile"
+  native_networkconf_id = unifi_network.vlan.id
+  tagged_vlan_mgmt      = "custom"
+  included_network_ids  = [unifi_network.vlan20.id, unifi_network.vlan30.id]
+  poe_mode              = "auto"
+}
+
+resource "unifi_port_profile" "block_all_forward_native" {
+  name                  = "Block All Forward Native"
+  native_networkconf_id = unifi_network.management.id
+  tagged_vlan_mgmt      = "block_all"
+  poe_mode              = "auto"
+  forward               = "native"
+}
 ```
 
+## Description
+
+`unifi_port_profile` manages a port profile for use on network switches.
+
+New Addition: A complementary schema `included_network_ids` has been introduced alongside the existing `excluded_network_ids`. While `excluded_network_ids` allows users to specify networks that should be excluded from the port profile, `included_network_ids` provides the inverse functionality, enabling users to explicitly include specific networks. This addition enhances flexibility and ease of use by allowing users to choose the most suitable approach for their configuration needs.
+
+### Important Configuration Constraints
+- Tagged VLAN Management (`tagged_vlan_mgmt`):
+  - To utilize `included_network_ids` or `excluded_network_ids`, the tagged_vlan_mgmt attribute must be set to `"custom"`.
+  - If `tagged_vlan_mgmt` is set to `"block_all"`, the `forward` attribute must be explicitly set to `"native"`.
+
+These constraints ensure that the network inclusion/exclusion logic functions correctly and that the port forwarding behavior aligns with the desired configuration.
+
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
@@ -46,7 +75,10 @@ resource "unifi_port_profile" "poe_disabled" {
 - `dot1x_idle_timeout` (Number) The timeout, in seconds, to use when using the MAC Based 802.1X control. Can be between 0 and 65535 Defaults to `300`.
 - `egress_rate_limit_kbps` (Number) The egress rate limit, in kpbs, for the port profile. Can be between `64` and `9999999`.
 - `egress_rate_limit_kbps_enabled` (Boolean) Enable egress rate limiting for the port profile. Defaults to `false`.
-- `forward` (String) The type forwarding to use for the port profile. Can be `all`, `native`, `customize` or `disabled`. Defaults to `native`.
+- `excluded_network_ids` (Set of String) The IDs of networks to exclude from this port profile.
+- `included_network_ids` (Set of String) The IDs of networks to include in this port profile. 
+  - This is the inverse of excluded_network_ids and allows for explicitly specifying which networks should be part of the port profile.
+- `forward` (String) The type forwarding to use for the port profile. Can be `all`, `native`, `customize` or `disabled`. Defaults to `customize`.
 - `full_duplex` (Boolean) Enable full duplex for the port profile. Defaults to `false`.
 - `isolation` (Boolean) Enable port isolation for the port profile. Defaults to `false`.
 - `lldpmed_enabled` (Boolean) Enable LLDP-MED for the port profile. Defaults to `true`.
@@ -82,3 +114,28 @@ resource "unifi_port_profile" "poe_disabled" {
 - `id` (String) The ID of the port profile.
 
 
+## Additional Notes
+
+- Mutual Exclusivity: The `included_network_ids` and `excluded_network_ids` schemas are complementary. It's recommended to use either `included_network_ids` or `excluded_network_ids` based on your configuration needs, but not both simultaneously to avoid potential conflicts.
+
+- Tagged VLAN Management Requirements:
+  - Using `included_network_ids` or `excluded_network_ids`: Ensure that `tagged_vlan_mgmt` is set to `"custom"`. This setting allows the port profile to recognize and apply the inclusion or exclusion of specific network IDs.
+  - Using `block_all`: When `tagged_vlan_mgmt` is set to `"block_all"`, you must set the `forward` attribute to `"native"`. This configuration blocks all tagged VLAN traffic except for the native VLAN.
+
+- Ease of Use: The introduction of included_network_ids simplifies configurations where specific networks need to be explicitly included, enhancing clarity and maintainability of your Terraform code.
+
+- Backward Compatibility: Existing configurations using excluded_network_ids will continue to function as before, ensuring backward compatibility.
+
+- Validation:
+  - Terraform configurations must adhere to the constraints related to tagged_vlan_mgmt. Failure to do so will result in validation errors.
+  - Example of invalid configuration:
+  ```terraform
+  resource "unifi_port_profile" "invalid" {
+    name                  = "Invalid Profile"
+    native_networkconf_id = unifi_network.management.id
+    tagged_vlan_mgmt      = "block_all"
+    poe_mode              = "auto"
+    // Missing `forward = "native"`
+  }
+  ```
+  This configuration is invalid because forward is not set to "native" when tagged_vlan_mgmt is "block_all".