From 230312ee34787b15dbdaba1d6bb4ba0ca22add42 Mon Sep 17 00:00:00 2001 From: GitHub Terraform Date: Tue, 24 Oct 2023 23:27:07 -0700 Subject: [PATCH] feat: Enhaced acceptance test coverage --- zpa/common/resourcetype/resource_type.go | 1 + zpa/common/testing/variable/variable.go | 34 +++- ...rce_zpa_access_policy_client_types_test.go | 11 +- ..._source_zpa_access_policy_platform_test.go | 9 +- ...zpa_application_segment_inspection_test.go | 3 - ...data_source_zpa_application_segment_pra.go | 8 + ...source_zpa_application_segment_pra_test.go | 2 - zpa/data_source_zpa_enrollement_cert_test.go | 53 ++++--- ...e_zpa_lss_config_log_types_formats_test.go | 72 ++++----- zpa/data_source_zpa_machine_group_test.go | 6 - zpa/data_source_zpa_microtenant_controller.go | 2 +- ..._source_zpa_microtenant_controller_test.go | 35 +++++ zpa/data_source_zpa_provisioning_key_test.go | 31 +++- zpa/provider_sweeper_test.go | 6 +- zpa/resource_zpa_app_connector_group_test.go | 21 ++- ...resource_zpa_app_server_controller_test.go | 6 + ...application_segment_browser_access_test.go | 6 + ...urce_zpa_application_segment_inspection.go | 29 ++-- ...zpa_application_segment_inspection_test.go | 33 ++-- ...source_zpa_application_segment_pra_test.go | 2 - zpa/resource_zpa_application_segment_test.go | 6 + ...resource_zpa_lss_config_controller_test.go | 11 +- ...esource_zpa_microtenant_controller_test.go | 134 ++++++++++++++++ ..._zpa_policy_access_forwarding_rule_test.go | 6 + ...e_zpa_policy_access_isolation_rule_test.go | 6 + zpa/resource_zpa_policy_access_rule_test.go | 6 + ...rce_zpa_policy_access_timeout_rule_test.go | 6 + zpa/resource_zpa_provisioning_key_test.go | 145 +++++++++++++++--- zpa/resource_zpa_segment_group_test.go | 13 +- zpa/resource_zpa_server_group_test.go | 6 + zpa/resource_zpa_service_edge_group_test.go | 7 +- zpa/utils.go | 6 + zpa/version.go | 2 +- 33 files changed, 553 insertions(+), 171 deletions(-) create mode 100644 zpa/data_source_zpa_microtenant_controller_test.go create mode 100644 zpa/resource_zpa_microtenant_controller_test.go diff --git a/zpa/common/resourcetype/resource_type.go b/zpa/common/resourcetype/resource_type.go index 5b991c9b..90fd838f 100644 --- a/zpa/common/resourcetype/resource_type.go +++ b/zpa/common/resourcetype/resource_type.go @@ -25,4 +25,5 @@ const ( ZPALSSController = "zpa_lss_config_controller" ZPAInspectionCustomControl = "zpa_inspection_custom_controls" ZPAInspectionProfile = "zpa_inspection_profile" + ZPAMicrotenant = "zpa_microtenant_controller" ) diff --git a/zpa/common/testing/variable/variable.go b/zpa/common/testing/variable/variable.go index 289a2d43..0ccf4607 100644 --- a/zpa/common/testing/variable/variable.go +++ b/zpa/common/testing/variable/variable.go @@ -12,6 +12,18 @@ const ( UseInDrMode = false ) +// App Connector Group Update +const ( + AppConnectorResourceNameUpdate = "testAcc_app_connector_group" + AppConnectorDescriptionUpdate = "this is update app connector group test" + AppConnectorEnabledUpdate = true + AppConnectorOverrideProfileUpdate = true + TCPQuickAckAppUpdate = true + TCPQuickAckAssistantUpdate = true + TCPQuickAckReadAssistantUpdate = true + UseInDrModeUpdate = false +) + // Service Edge Group const ( ServiceEdgeResourceName = "testAcc_service_edge_group" @@ -51,16 +63,28 @@ const ( const ( ServerGroupResourceName = "testAcc_server_group" ServerGroupDescription = "testAcc_server_group" - ServerGroupEnabled = true + ServerGroupEnabled = false ServerGroupDynamicDiscovery = true ) +// Segment Group Update +const ( + ServerGroupDescriptionUpdate = "this update the server group test" + ServerGroupEnabledUpdate = true +) + // Segment Group const ( SegmentGroupDescription = "testAcc_segment_group" SegmentGroupEnabled = true ) +// Segment Group Update +const ( + SegmentGroupDescriptionUpdate = "testAcc_segment_group" + SegmentGroupEnabledUpdate = true +) + // Application Segment const ( AppSegmentResourceName = "testAcc_app_segment" @@ -121,3 +145,11 @@ const ( const ( InspectionProfileDescription = "testAcc_access_rule" ) + +// Microtenant +const ( + MicrotenantName = "testAcc_microtenant_A" + MicrotenantDescription = "testAcc_microtenant_A" + MicrotenantEnabled = true + MicrotenantCriteriaAttribute = "AuthDomain" +) diff --git a/zpa/data_source_zpa_access_policy_client_types_test.go b/zpa/data_source_zpa_access_policy_client_types_test.go index 516b916b..c8e2c461 100644 --- a/zpa/data_source_zpa_access_policy_client_types_test.go +++ b/zpa/data_source_zpa_access_policy_client_types_test.go @@ -14,8 +14,15 @@ func TestAccDataSourceAccessPolicyClientTypes_Basic(t *testing.T) { { Config: (testAccCheckDataSourceAccessPolicyClientTypes_basic), Check: resource.ComposeTestCheckFunc( - resource.TestCheckNoResourceAttr( - "data.zpa_access_policy_client_types.this", ""), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_exporter"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_exporter_noauth"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_browser_isolation"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_machine_tunnel"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_ip_anchoring"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_edge_connector"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_zapp"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_slogger"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_client_types.this", "zpn_client_type_branch_connector"), ), }, }, diff --git a/zpa/data_source_zpa_access_policy_platform_test.go b/zpa/data_source_zpa_access_policy_platform_test.go index 4ad3bbf5..fdd53b9c 100644 --- a/zpa/data_source_zpa_access_policy_platform_test.go +++ b/zpa/data_source_zpa_access_policy_platform_test.go @@ -12,10 +12,13 @@ func TestAccDataSourceAccessPolicyPlatforms_Basic(t *testing.T) { ProviderFactories: testAccProviderFactories, Steps: []resource.TestStep{ { - Config: (testAccCheckDataSourceAccessPolicyPlatforms_basic), + Config: testAccCheckDataSourceAccessPolicyPlatforms_basic, Check: resource.ComposeTestCheckFunc( - resource.TestCheckNoResourceAttr( - "data.zpa_access_policy_platforms.this", ""), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_platforms.this", "linux"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_platforms.this", "android"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_platforms.this", "windows"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_platforms.this", "ios"), + resource.TestCheckResourceAttrSet("data.zpa_access_policy_platforms.this", "mac"), ), }, }, diff --git a/zpa/data_source_zpa_application_segment_inspection_test.go b/zpa/data_source_zpa_application_segment_inspection_test.go index 483a8620..8a0fce9b 100644 --- a/zpa/data_source_zpa_application_segment_inspection_test.go +++ b/zpa/data_source_zpa_application_segment_inspection_test.go @@ -1,6 +1,5 @@ package zpa -/* import ( "strconv" "testing" @@ -41,9 +40,7 @@ func TestAccDataSourceApplicationSegmentInspection_Basic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "common_apps_dto.#", "1"), resource.TestCheckResourceAttr(dataSourceTypeAndName, "tcp_port_ranges.#", "2"), ), - ExpectNonEmptyPlan: true, }, }, }) } -*/ diff --git a/zpa/data_source_zpa_application_segment_pra.go b/zpa/data_source_zpa_application_segment_pra.go index 18bba6bf..340669d7 100644 --- a/zpa/data_source_zpa_application_segment_pra.go +++ b/zpa/data_source_zpa_application_segment_pra.go @@ -140,6 +140,14 @@ func dataSourceApplicationSegmentPRA() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "microtenant_id": { + Type: schema.TypeString, + Computed: true, + }, + "microtenant_name": { + Type: schema.TypeString, + Computed: true, + }, "portal": { Type: schema.TypeBool, Computed: true, diff --git a/zpa/data_source_zpa_application_segment_pra_test.go b/zpa/data_source_zpa_application_segment_pra_test.go index 1d321c99..565c6ece 100644 --- a/zpa/data_source_zpa_application_segment_pra_test.go +++ b/zpa/data_source_zpa_application_segment_pra_test.go @@ -1,6 +1,5 @@ package zpa -/* import ( "strconv" "testing" @@ -43,4 +42,3 @@ func TestAccDataSourceApplicationSegmentPRA_Basic(t *testing.T) { }, }) } -*/ diff --git a/zpa/data_source_zpa_enrollement_cert_test.go b/zpa/data_source_zpa_enrollement_cert_test.go index 48275d86..c172e136 100644 --- a/zpa/data_source_zpa_enrollement_cert_test.go +++ b/zpa/data_source_zpa_enrollement_cert_test.go @@ -1,50 +1,53 @@ package zpa import ( + "fmt" "testing" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" ) +var enrollementCertNames = []string{ + "Root", "Client", "Connector", "Service Edge", +} + func TestAccDataSourceEnrollmentCert_Basic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, Steps: []resource.TestStep{ { - Config: testAccCheckDataSourceEnrollmentCertConfig_basic, + Config: testAccCheckDataSourceEnrollmentCert_basic(), Check: resource.ComposeTestCheckFunc( - testAccDataSourceEnrollmentCertCheck("data.zpa_enrollment_cert.root"), - testAccDataSourceEnrollmentCertCheck("data.zpa_enrollment_cert.client"), - testAccDataSourceEnrollmentCertCheck("data.zpa_enrollment_cert.connector"), - testAccDataSourceEnrollmentCertCheck("data.zpa_enrollment_cert.service_edge"), + generateEnrollmentCertChecks()..., ), }, }, }) } -func testAccDataSourceEnrollmentCertCheck(name string) resource.TestCheckFunc { - return resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet(name, "id"), - resource.TestCheckResourceAttrSet(name, "name"), - ) -} - -var testAccCheckDataSourceEnrollmentCertConfig_basic = ` -data "zpa_enrollment_cert" "root" { - name = "Root" +func generateEnrollmentCertChecks() []resource.TestCheckFunc { + var checks []resource.TestCheckFunc + for _, name := range enrollementCertNames { + resourceName := createValidResourceName(name) + checkName := fmt.Sprintf("data.zpa_enrollment_cert.%s", resourceName) + checks = append(checks, resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet(checkName, "id"), + resource.TestCheckResourceAttrSet(checkName, "name"), + )) + } + return checks } -data "zpa_enrollment_cert" "client" { - name = "Client" +func testAccCheckDataSourceEnrollmentCert_basic() string { + var configs string + for _, name := range enrollementCertNames { + resourceName := createValidResourceName(name) + configs += fmt.Sprintf(` +data "zpa_enrollment_cert" "%s" { + name = "%s" } - -data "zpa_enrollment_cert" "connector" { - name = "Connector" -} - -data "zpa_enrollment_cert" "service_edge" { - name = "Service Edge" +`, resourceName, name) + } + return configs } -` diff --git a/zpa/data_source_zpa_lss_config_log_types_formats_test.go b/zpa/data_source_zpa_lss_config_log_types_formats_test.go index 6661cf6a..ffd6ca81 100644 --- a/zpa/data_source_zpa_lss_config_log_types_formats_test.go +++ b/zpa/data_source_zpa_lss_config_log_types_formats_test.go @@ -1,69 +1,53 @@ package zpa import ( + "fmt" "testing" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" ) +var lssConfigLogTypeFormatsNames = []string{ + "zpn_ast_comprehensive_stats", "zpn_auth_log", "zpn_pbroker_comprehensive_stats", "zpn_ast_auth_log", "zpn_audit_log", + "zpn_trans_log", "zpn_http_trans_log", "zpn_waf_http_exchanges_log", +} + func TestAccDataSourceLSSLogTypeFormats_Basic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, Steps: []resource.TestStep{ { - Config: testAccCheckDataSourceLSSLogTypeFormats_basic, + Config: testAccCheckDataSourceLSSLogTypeFormats_basic(), Check: resource.ComposeTestCheckFunc( - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_ast_comprehensive_stats"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_auth_log"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_pbroker_comprehensive_stats"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_ast_auth_log"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_audit_log"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_trans_log"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_http_trans_log"), - testAccDataSourceLSSLogTypeFormatsCheck("data.zpa_lss_config_log_type_formats.zpn_waf_http_exchanges_log"), + generateLSSConfigLogTypeFormatChecks()..., ), }, }, }) } -func testAccDataSourceLSSLogTypeFormatsCheck(log_type string) resource.TestCheckFunc { - return resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet(log_type, "log_type"), - ) -} - -var testAccCheckDataSourceLSSLogTypeFormats_basic = ` -data "zpa_lss_config_log_type_formats" "zpn_ast_comprehensive_stats" { - log_type = "zpn_ast_comprehensive_stats" -} - -data "zpa_lss_config_log_type_formats" "zpn_auth_log" { - log_type = "zpn_auth_log" -} - -data "zpa_lss_config_log_type_formats" "zpn_pbroker_comprehensive_stats" { - log_type = "zpn_pbroker_comprehensive_stats" +func generateLSSConfigLogTypeFormatChecks() []resource.TestCheckFunc { + var checks []resource.TestCheckFunc + for _, log_type := range lssConfigLogTypeFormatsNames { + resourceName := createValidResourceName(log_type) + checkName := fmt.Sprintf("data.zpa_lss_config_log_type_formats.%s", resourceName) + checks = append(checks, resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet(checkName, "log_type"), + )) + } + return checks } -data "zpa_lss_config_log_type_formats" "zpn_ast_auth_log" { - log_type = "zpn_ast_auth_log" +func testAccCheckDataSourceLSSLogTypeFormats_basic() string { + var configs string + for _, log_type := range lssConfigLogTypeFormatsNames { + resourceName := createValidResourceName(log_type) + configs += fmt.Sprintf(` +data "zpa_lss_config_log_type_formats" "%s" { + log_type = "%s" } - -data "zpa_lss_config_log_type_formats" "zpn_audit_log" { - log_type = "zpn_audit_log" -} - -data "zpa_lss_config_log_type_formats" "zpn_trans_log" { - log_type = "zpn_trans_log" -} - -data "zpa_lss_config_log_type_formats" "zpn_http_trans_log" { - log_type = "zpn_http_trans_log" -} - -data "zpa_lss_config_log_type_formats" "zpn_waf_http_exchanges_log" { - log_type = "zpn_waf_http_exchanges_log" +`, resourceName, log_type) + } + return configs } -` diff --git a/zpa/data_source_zpa_machine_group_test.go b/zpa/data_source_zpa_machine_group_test.go index f529f618..01212eeb 100644 --- a/zpa/data_source_zpa_machine_group_test.go +++ b/zpa/data_source_zpa_machine_group_test.go @@ -2,7 +2,6 @@ package zpa import ( "fmt" - "strings" "testing" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" @@ -53,8 +52,3 @@ data "zpa_machine_group" "%s" { } return configs } - -// createValidResourceName converts the given name to a valid Terraform resource name -func createValidResourceName(name string) string { - return strings.ReplaceAll(name, " ", "_") -} diff --git a/zpa/data_source_zpa_microtenant_controller.go b/zpa/data_source_zpa_microtenant_controller.go index 97fc189b..3e60c2c3 100644 --- a/zpa/data_source_zpa_microtenant_controller.go +++ b/zpa/data_source_zpa_microtenant_controller.go @@ -14,7 +14,7 @@ func dataSourceMicrotenantController() *schema.Resource { Schema: map[string]*schema.Schema{ "id": { Type: schema.TypeString, - Computed: true, + Optional: true, }, "name": { Type: schema.TypeString, diff --git a/zpa/data_source_zpa_microtenant_controller_test.go b/zpa/data_source_zpa_microtenant_controller_test.go new file mode 100644 index 00000000..24c20a6c --- /dev/null +++ b/zpa/data_source_zpa_microtenant_controller_test.go @@ -0,0 +1,35 @@ +package zpa + +/* +import ( + "strconv" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/resourcetype" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/testing/method" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/testing/variable" +) + +func TestAccDataSourceMicrotenant_Basic(t *testing.T) { + resourceTypeAndName, dataSourceTypeAndName, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAMicrotenant) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckMicroTenantDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckMicrotenantConfigure(resourceTypeAndName, generatedName, variable.MicrotenantDescription, variable.MicrotenantCriteriaAttribute, variable.MicrotenantEnabled), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "id", resourceTypeAndName, "id"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "name", resourceTypeAndName, "name"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "description", resourceTypeAndName, "description"), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.MicrotenantEnabled)), + resource.TestCheckResourceAttr(resourceTypeAndName, "criteria_attribute", variable.MicrotenantCriteriaAttribute), + ), + }, + }, + }) +} +*/ diff --git a/zpa/data_source_zpa_provisioning_key_test.go b/zpa/data_source_zpa_provisioning_key_test.go index 89bb96a9..a14eb1f4 100644 --- a/zpa/data_source_zpa_provisioning_key_test.go +++ b/zpa/data_source_zpa_provisioning_key_test.go @@ -10,7 +10,7 @@ import ( "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/testing/variable" ) -func TestAccDataSourceProvisioningKey_Basic(t *testing.T) { +func TestAccDataSourceProvisioningKey_Basic_AppConnectorGroup(t *testing.T) { resourceTypeAndName, dataSourceTypeAndName, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAProvisioningKey) appConnectorGroupTypeAndName, _, appConnectorGroupGeneratedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAAppConnectorGroup) @@ -37,3 +37,32 @@ func TestAccDataSourceProvisioningKey_Basic(t *testing.T) { }, }) } + +// Testing Provisioning Key for Service Edge Group +func TestAccDataSourceProvisioningKey_Basic_ServiceEdgeGroup(t *testing.T) { + resourceTypeAndName, dataSourceTypeAndName, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAProvisioningKey) + + serviceEdgeGroupTypeAndName, _, serviceEdgeGroupGeneratedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAServiceEdgeGroup) + serviceEdgeGroupHCL := testAccCheckServiceEdgeGroupConfigure(serviceEdgeGroupTypeAndName, serviceEdgeGroupGeneratedName, variable.ServiceEdgeDescription, variable.ServiceEdgeEnabled) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckServiceEdgeGroupDestroy, + Steps: []resource.TestStep{ + + { + Config: testAccCheckProvisioningKeyServiceEdgeGroupConfigure(resourceTypeAndName, generatedName, generatedName, serviceEdgeGroupHCL, serviceEdgeGroupTypeAndName, variable.ServiceEdgeGroupType), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "id", resourceTypeAndName, "id"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "name", resourceTypeAndName, "name"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "association_type", resourceTypeAndName, "association_type"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "max_usage", resourceTypeAndName, "max_usage"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "enrollment_cert_id", resourceTypeAndName, "enrollment_cert_id"), + resource.TestCheckResourceAttrPair(dataSourceTypeAndName, "zcomponent_id", resourceTypeAndName, "zcomponent_id"), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.ProvisioningKeyEnabled)), + ), + }, + }, + }) +} diff --git a/zpa/provider_sweeper_test.go b/zpa/provider_sweeper_test.go index df38485e..fb26e69d 100644 --- a/zpa/provider_sweeper_test.go +++ b/zpa/provider_sweeper_test.go @@ -65,7 +65,7 @@ func TestRunForcedSweeper(t *testing.T) { testClient := &testClient{ sdkClient: sdkClient, } - // sweepTestAppConnectorGroup(testClient) //TODO: Tests is failing on QA2 tenant. Needs further investigation. + sweepTestAppConnectorGroup(testClient) sweepTestApplicationServer(testClient) sweepTestApplicationSegment(testClient) sweepTestApplicationSegmentBA(testClient) @@ -99,8 +99,7 @@ func setupSweeper(resourceType string, del func(*testClient) error) { }) } -/* -//TODO: Tests is failing on QA2 tenant. Needs further investigation. +// TODO: Tests is failing on QA2 tenant. Needs further investigation. func sweepTestAppConnectorGroup(client *testClient) error { var errorList []error group, _, err := client.sdkClient.appconnectorgroup.GetAll() @@ -127,7 +126,6 @@ func sweepTestAppConnectorGroup(client *testClient) error { } return condenseError(errorList) } -*/ func sweepTestApplicationServer(client *testClient) error { var errorList []error diff --git a/zpa/resource_zpa_app_connector_group_test.go b/zpa/resource_zpa_app_connector_group_test.go index 484d30f6..e50d86d9 100644 --- a/zpa/resource_zpa_app_connector_group_test.go +++ b/zpa/resource_zpa_app_connector_group_test.go @@ -38,18 +38,24 @@ func TestAccResourceAppConnectorGroupBasic(t *testing.T) { // Update test { - Config: testAccCheckAppConnectorGroupConfigure(resourceTypeAndName, generatedName, variable.AppConnectorDescription, variable.AppConnectorEnabled), + Config: testAccCheckAppConnectorGroupConfigure(resourceTypeAndName, generatedName, variable.AppConnectorDescriptionUpdate, variable.AppConnectorEnabledUpdate), Check: resource.ComposeTestCheckFunc( testAccCheckAppConnectorGroupExists(resourceTypeAndName, &groups), resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), - resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.AppConnectorDescription), - resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.AppConnectorEnabled)), - resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_app", strconv.FormatBool(variable.TCPQuickAckApp)), - resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_assistant", strconv.FormatBool(variable.TCPQuickAckAssistant)), - resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_read_assistant", strconv.FormatBool(variable.TCPQuickAckReadAssistant)), - resource.TestCheckResourceAttr(resourceTypeAndName, "use_in_dr_mode", strconv.FormatBool(variable.UseInDrMode)), + resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.AppConnectorDescriptionUpdate), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.AppConnectorEnabledUpdate)), + resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_app", strconv.FormatBool(variable.TCPQuickAckAppUpdate)), + resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_assistant", strconv.FormatBool(variable.TCPQuickAckAssistantUpdate)), + resource.TestCheckResourceAttr(resourceTypeAndName, "tcp_quick_ack_read_assistant", strconv.FormatBool(variable.TCPQuickAckReadAssistantUpdate)), + resource.TestCheckResourceAttr(resourceTypeAndName, "use_in_dr_mode", strconv.FormatBool(variable.UseInDrModeUpdate)), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -143,7 +149,6 @@ resource "%s" "%s" { resourcetype.ZPAAppConnectorGroup, generatedName, generatedName, - // variable.AppConnectorResourceName, description, strconv.FormatBool(enabled), ) diff --git a/zpa/resource_zpa_app_server_controller_test.go b/zpa/resource_zpa_app_server_controller_test.go index ade2d0a4..caedd7a8 100644 --- a/zpa/resource_zpa_app_server_controller_test.go +++ b/zpa/resource_zpa_app_server_controller_test.go @@ -44,6 +44,12 @@ func TestAccResourceApplicationServerBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.AppServerEnabled)), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_application_segment_browser_access_test.go b/zpa/resource_zpa_application_segment_browser_access_test.go index b3d93c55..8f798ed2 100644 --- a/zpa/resource_zpa_application_segment_browser_access_test.go +++ b/zpa/resource_zpa_application_segment_browser_access_test.go @@ -62,6 +62,12 @@ func TestAccResourceApplicationSegmentBrowserAccessBasic(t *testing.T) { resource.TestCheckResourceAttr(browserAccessTypeAndName, "tcp_port_range.#", "1"), ), }, + // Import test + { + ResourceName: browserAccessTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_application_segment_inspection.go b/zpa/resource_zpa_application_segment_inspection.go index 2bb37c23..94f4b388 100644 --- a/zpa/resource_zpa_application_segment_inspection.go +++ b/zpa/resource_zpa_application_segment_inspection.go @@ -204,27 +204,33 @@ func resourceApplicationSegmentInspection() *schema.Resource { "name": { Type: schema.TypeString, Optional: true, + ForceNew: true, }, "description": { Type: schema.TypeString, Optional: true, + ForceNew: true, }, "enabled": { Type: schema.TypeBool, Optional: true, + ForceNew: true, }, "app_types": { Type: schema.TypeSet, Optional: true, + ForceNew: true, Elem: &schema.Schema{Type: schema.TypeString}, }, "application_port": { Type: schema.TypeString, Optional: true, + ForceNew: true, }, "application_protocol": { Type: schema.TypeString, Optional: true, + ForceNew: true, ValidateFunc: validation.StringInSlice([]string{ "HTTP", "HTTPS", @@ -232,14 +238,17 @@ func resourceApplicationSegmentInspection() *schema.Resource { }, "certificate_id": { Type: schema.TypeString, + ForceNew: true, Optional: true, }, "domain": { Type: schema.TypeString, + ForceNew: true, Optional: true, }, "trust_untrusted_cert": { Type: schema.TypeBool, + ForceNew: true, Optional: true, }, }, @@ -350,15 +359,11 @@ func resourceApplicationSegmentInspectionRead(d *schema.ResourceData, m interfac } func flattenInspectionAppServerGroupsSimple(serverGroup []applicationsegmentinspection.AppServerGroups) []interface{} { - result := make([]interface{}, 1) - mapIds := make(map[string]interface{}) - ids := make([]string, len(serverGroup)) + ids := make([]interface{}, len(serverGroup)) for i, group := range serverGroup { ids[i] = group.ID } - mapIds["id"] = ids - result[0] = mapIds - return result + return ids } func resourceApplicationSegmentInspectionUpdate(d *schema.ResourceData, m interface{}) error { @@ -436,7 +441,9 @@ func detachInspectionPortalsFromGroup(client *Client, segmentID, segmentGroupID func expandInspectionApplicationSegment(d *schema.ResourceData, zClient *Client, id string) applicationsegmentinspection.AppSegmentInspection { details := applicationsegmentinspection.AppSegmentInspection{ ID: d.Id(), + Name: d.Get("name").(string), SegmentGroupID: d.Get("segment_group_id").(string), + SegmentGroupName: d.Get("segment_group_name").(string), BypassType: d.Get("bypass_type").(string), ConfigSpace: d.Get("config_space").(string), ICMPAccessType: d.Get("icmp_access_type").(string), @@ -508,11 +515,11 @@ func expandInspectionCommonAppsDto(d *schema.ResourceData) applicationsegmentins if !ok { return result } - appsConfigList, ok := appsConfigInterface.(*schema.Set) + appsConfigSet, ok := appsConfigInterface.(*schema.Set) if !ok { return result } - for _, appconf := range appsConfigList.List() { + for _, appconf := range appsConfigSet.List() { appConfMap, ok := appconf.(map[string]interface{}) if !ok { return result @@ -610,12 +617,12 @@ func flattenInspectionAppsConfig(d *schema.ResourceData, appConfigs []applicatio } func validateProtocolAndCertID(d *schema.ResourceData) error { - commonAppsDto, ok := d.Get("common_apps_dto").([]interface{}) - if !ok || len(commonAppsDto) == 0 { + commonAppsDto, ok := d.GetOk("common_apps_dto") + if !ok || len(commonAppsDto.(*schema.Set).List()) == 0 { return nil // or handle it as per your logic } - appsConfig := commonAppsDto[0].(map[string]interface{})["apps_config"].(*schema.Set).List() + appsConfig := commonAppsDto.(*schema.Set).List()[0].(map[string]interface{})["apps_config"].(*schema.Set).List() for _, config := range appsConfig { appConfig := config.(map[string]interface{}) protocol := appConfig["application_protocol"].(string) diff --git a/zpa/resource_zpa_application_segment_inspection_test.go b/zpa/resource_zpa_application_segment_inspection_test.go index fb491a4b..fe2a254f 100644 --- a/zpa/resource_zpa_application_segment_inspection_test.go +++ b/zpa/resource_zpa_application_segment_inspection_test.go @@ -1,6 +1,5 @@ package zpa -/* import ( "fmt" "strconv" @@ -45,7 +44,6 @@ func TestAccResourceApplicationSegmentInspectionBasic(t *testing.T) { resource.TestCheckResourceAttr(appSegmentTypeAndName, "common_apps_dto.#", "1"), resource.TestCheckResourceAttr(appSegmentTypeAndName, "tcp_port_ranges.#", "2"), ), - ExpectNonEmptyPlan: true, }, // Update test @@ -63,7 +61,6 @@ func TestAccResourceApplicationSegmentInspectionBasic(t *testing.T) { resource.TestCheckResourceAttr(appSegmentTypeAndName, "common_apps_dto.#", "1"), resource.TestCheckResourceAttr(appSegmentTypeAndName, "tcp_port_ranges.#", "2"), ), - ExpectNonEmptyPlan: true, }, }, }) @@ -79,7 +76,7 @@ func testAccCheckApplicationSegmentInspectionDestroy(s *terraform.State) error { _, _, err := client.applicationsegmentinspection.GetByName(rs.Primary.Attributes["name"]) if err == nil { - return fmt.Errorf("Inspection Application Segment still exists") + return fmt.Errorf("Inspection Application Segment Inspection still exists") } return nil @@ -91,10 +88,10 @@ func testAccCheckApplicationSegmentInspectionExists(resource string, segment *ap return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[resource] if !ok { - return fmt.Errorf("Inspection Application Segment Not found: %s", resource) + return fmt.Errorf("Inspection Application Segment Inspection Not found: %s", resource) } if rs.Primary.ID == "" { - return fmt.Errorf("no Inspection Application Segment ID is set") + return fmt.Errorf("no Inspection Application Segment Inspection ID is set") } client := testAccProvider.Meta().(*Client) resp, _, err := client.applicationsegmentinspection.GetByName(rs.Primary.Attributes["name"]) @@ -111,13 +108,13 @@ func testAccCheckApplicationSegmentInspectionExists(resource string, segment *ap } } -func testAccCheckApplicationSegmentInspectionConfigure(resourceTypeAndName, generatedName, name, description, segmentGroupHCL, segmentGroupTypeAndName, serverGroupHCL, serverGroupTypeAndName string, enabled bool,rDomain string, cnameEnabled bool) string { +func testAccCheckApplicationSegmentInspectionConfigure(resourceTypeAndName, generatedName, name, description, segmentGroupHCL, segmentGroupTypeAndName, serverGroupHCL, serverGroupTypeAndName string, enabled bool, rDomain string, cnameEnabled bool) string { return fmt.Sprintf(` // segment group resource %s -// application segment resource +// application segment inspection resource %s data "%s" "%s" { @@ -152,26 +149,20 @@ resource "%s" "%s" { health_reporting = "ON_ACCESS" bypass_type = "NEVER" tcp_keep_alive = "1" - tcp_port_range { - from = "4443" - to = "4443" - } + tcp_port_ranges = ["443", "443"] domain_names = ["sales.bd-hashicorp.com"] segment_group_id = "${%s.id}" common_apps_dto { apps_config { - name = "%s.bd-hashicorp.com" - domain = "%s.bd-hashicorp.com" + name = "sales.bd-hashicorp.com" + domain = "sales.bd-hashicorp.com" application_protocol = "HTTPS" - application_port = "4443" + application_port = "443" certificate_id = data.zpa_ba_certificate.sales.id enabled = true app_types = ["INSPECT"] } } - server_groups { - id = [] - } depends_on = [ %s ] } `, @@ -183,13 +174,7 @@ resource "%s" "%s" { generatedName, strconv.FormatBool(enabled), strconv.FormatBool(cnameEnabled), - // generatedName, segmentGroupTypeAndName, - generatedName, - generatedName, - // serverGroupTypeAndName, segmentGroupTypeAndName, - // serverGroupTypeAndName, ) } -*/ diff --git a/zpa/resource_zpa_application_segment_pra_test.go b/zpa/resource_zpa_application_segment_pra_test.go index 548d9314..84d17e93 100644 --- a/zpa/resource_zpa_application_segment_pra_test.go +++ b/zpa/resource_zpa_application_segment_pra_test.go @@ -1,6 +1,5 @@ package zpa -/* import ( "fmt" "strconv" @@ -188,4 +187,3 @@ resource "%s" "%s" { // serverGroupTypeAndName, ) } -*/ diff --git a/zpa/resource_zpa_application_segment_test.go b/zpa/resource_zpa_application_segment_test.go index 05d24851..888ff166 100644 --- a/zpa/resource_zpa_application_segment_test.go +++ b/zpa/resource_zpa_application_segment_test.go @@ -62,6 +62,12 @@ func TestAccResourceApplicationSegmentBasic(t *testing.T) { resource.TestCheckResourceAttr(appSegmentTypeAndName, "udp_port_ranges.#", "2"), ), }, + // Import test + { + ResourceName: appSegmentTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_lss_config_controller_test.go b/zpa/resource_zpa_lss_config_controller_test.go index 2cee3d51..b13a8d43 100644 --- a/zpa/resource_zpa_lss_config_controller_test.go +++ b/zpa/resource_zpa_lss_config_controller_test.go @@ -1,6 +1,5 @@ package zpa -//TODO: Tests is failing on QA2 tenant. Needs further investigation. import ( "fmt" "strconv" @@ -144,14 +143,14 @@ data "zpa_idp_controller" "this" { name = "BD_Okta_Users" } - # Retrieve the SCIM_GROUP ID(s) +# Retrieve the SCIM_GROUP ID(s) data "zpa_scim_groups" "engineering" { name = "Engineering" idp_name = "BD_Okta_Users" } -data "zpa_scim_groups" "sales" { - name = "Sales" +data "zpa_scim_groups" "finance" { + name = "Finance" idp_name = "BD_Okta_Users" } resource "%s" "%s" { @@ -167,7 +166,7 @@ resource "%s" "%s" { } policy_rule_resource { name = "policy_rule_resource-lss_auth_logs" - action = "ALLOW" + action = "LOG" policy_set_id = data.zpa_policy_type.lss_siem_policy.id conditions { negated = false @@ -187,7 +186,7 @@ resource "%s" "%s" { lhs = data.zpa_idp_controller.this.id } entry_values { - rhs = data.zpa_scim_groups.sales.id + rhs = data.zpa_scim_groups.finance.id lhs = data.zpa_idp_controller.this.id } } diff --git a/zpa/resource_zpa_microtenant_controller_test.go b/zpa/resource_zpa_microtenant_controller_test.go new file mode 100644 index 00000000..318908c4 --- /dev/null +++ b/zpa/resource_zpa_microtenant_controller_test.go @@ -0,0 +1,134 @@ +package zpa + +/* +import ( + "fmt" + "strconv" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/resourcetype" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/testing/method" + "github.com/zscaler/terraform-provider-zpa/v3/zpa/common/testing/variable" + "github.com/zscaler/zscaler-sdk-go/v2/zpa/services/microtenants" +) + +func TestAccResourceMicroTenant_Basic(t *testing.T) { + var microTenant microtenants.MicroTenant + resourceTypeAndName, _, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAMicrotenant) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckMicroTenantDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckMicrotenantConfigure(resourceTypeAndName, generatedName, variable.MicrotenantDescription, variable.MicrotenantCriteriaAttribute, variable.MicrotenantEnabled), + Check: resource.ComposeTestCheckFunc( + testAccCheckMicrotenantExists(resourceTypeAndName, µTenant), + resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), + resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.MicrotenantDescription), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.MicrotenantEnabled)), + resource.TestCheckResourceAttr(resourceTypeAndName, "criteria_attribute_values.#", "1"), + ), + }, + + // Update test + { + Config: testAccCheckMicrotenantConfigure(resourceTypeAndName, generatedName, variable.MicrotenantDescription, variable.MicrotenantCriteriaAttribute, variable.MicrotenantEnabled), + Check: resource.ComposeTestCheckFunc( + testAccCheckMicrotenantExists(resourceTypeAndName, µTenant), + resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), + resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.MicrotenantDescription), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.MicrotenantEnabled)), + resource.TestCheckResourceAttr(resourceTypeAndName, "criteria_attribute_values.#", "1"), + ), + }, + }, + }) +} + +func testAccCheckMicroTenantDestroy(s *terraform.State) error { + apiClient := testAccProvider.Meta().(*Client) + + for _, rs := range s.RootModule().Resources { + if rs.Type != resourcetype.ZPASegmentGroup { + continue + } + + group, _, err := apiClient.segmentgroup.Get(rs.Primary.ID) + + if err == nil { + return fmt.Errorf("id %s already exists", rs.Primary.ID) + } + + if group != nil { + return fmt.Errorf("segment group with id %s exists and wasn't destroyed", rs.Primary.ID) + } + } + + return nil +} + +func testAccCheckMicrotenantExists(resource string, microtenant *microtenants.MicroTenant) resource.TestCheckFunc { + return func(state *terraform.State) error { + rs, ok := state.RootModule().Resources[resource] + if !ok { + return fmt.Errorf("didn't find resource: %s", resource) + } + if rs.Primary.ID == "" { + return fmt.Errorf("no record ID is set") + } + + apiClient := testAccProvider.Meta().(*Client) + receivedMicrotenant, _, err := apiClient.microtenants.Get(rs.Primary.ID) + + if err != nil { + return fmt.Errorf("failed fetching resource %s. Recevied error: %s", resource, err) + } + *microtenant = *receivedMicrotenant + + return nil + } +} + +func testAccCheckMicrotenantConfigure(resourceTypeAndName, generatedName, description, criteria_attribute string, enabled bool) string { + return fmt.Sprintf(` +// microtenant resource +%s + +data "%s" "%s" { + id = "${%s.id}" +} +`, + // resource variables + MicroTenantHCL(generatedName, description, criteria_attribute, enabled), + + // data source variables + resourcetype.ZPAMicrotenant, + generatedName, + resourceTypeAndName, + ) +} + +func MicroTenantHCL(generatedName, description, criteria_attribute string, enabled bool) string { + return fmt.Sprintf(` +resource "%s" "%s" { + name = "tf-acc-test-%s" + description = "%s" + enabled = %s + criteria_attribute = "%s" + criteria_attribute_values = ["bd-hashicorp.com"] +} +`, + // resource variables + resourcetype.ZPAMicrotenant, + generatedName, + generatedName, + description, + strconv.FormatBool(enabled), + criteria_attribute, + ) +} +*/ diff --git a/zpa/resource_zpa_policy_access_forwarding_rule_test.go b/zpa/resource_zpa_policy_access_forwarding_rule_test.go index 56bec972..d27c0c9b 100644 --- a/zpa/resource_zpa_policy_access_forwarding_rule_test.go +++ b/zpa/resource_zpa_policy_access_forwarding_rule_test.go @@ -45,6 +45,12 @@ func TestAccPolicyForwardingRuleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "conditions.#", "2"), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_policy_access_isolation_rule_test.go b/zpa/resource_zpa_policy_access_isolation_rule_test.go index 0c3b745f..a555a091 100644 --- a/zpa/resource_zpa_policy_access_isolation_rule_test.go +++ b/zpa/resource_zpa_policy_access_isolation_rule_test.go @@ -45,6 +45,12 @@ func TestAccPolicyIsolationRuleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "conditions.#", "1"), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_policy_access_rule_test.go b/zpa/resource_zpa_policy_access_rule_test.go index 2a98837d..b0084808 100644 --- a/zpa/resource_zpa_policy_access_rule_test.go +++ b/zpa/resource_zpa_policy_access_rule_test.go @@ -54,6 +54,12 @@ func TestAccPolicyAccessRuleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "conditions.#", "1"), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_policy_access_timeout_rule_test.go b/zpa/resource_zpa_policy_access_timeout_rule_test.go index ad8a02eb..8387cab5 100644 --- a/zpa/resource_zpa_policy_access_timeout_rule_test.go +++ b/zpa/resource_zpa_policy_access_timeout_rule_test.go @@ -49,6 +49,12 @@ func TestAccPolicyTimeoutRuleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "conditions.#", "1"), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_provisioning_key_test.go b/zpa/resource_zpa_provisioning_key_test.go index 7c30c77b..4c74994c 100644 --- a/zpa/resource_zpa_provisioning_key_test.go +++ b/zpa/resource_zpa_provisioning_key_test.go @@ -13,7 +13,7 @@ import ( "github.com/zscaler/zscaler-sdk-go/v2/zpa/services/provisioningkey" ) -func TestAccResourceProvisioningKeyBasic(t *testing.T) { +func TestAccResourceProvisioningKeyBasic_Connector(t *testing.T) { var groups provisioningkey.ProvisioningKey resourceTypeAndName, _, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAProvisioningKey) @@ -23,14 +23,14 @@ func TestAccResourceProvisioningKeyBasic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, - CheckDestroy: testAccCheckProvisioningKeyDestroy, + CheckDestroy: testAccCheckProvisioningKeyDestroyAppConnector, Steps: []resource.TestStep{ // Test App Connector Group Provisioning Key { Config: testAccCheckProvisioningKeyAppConnectorGroupConfigure(resourceTypeAndName, generatedName, generatedName, appConnectorGroupHCL, appConnectorGroupTypeAndName, variable.ConnectorGroupType), Check: resource.ComposeTestCheckFunc( - testAccCheckProvisioningKeyExists(resourceTypeAndName, &groups), + testAccCheckProvisioningKeyAppConnectorExists(resourceTypeAndName, &groups), resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"), resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), resource.TestCheckResourceAttr(resourceTypeAndName, "association_type", variable.ConnectorGroupType), @@ -45,7 +45,7 @@ func TestAccResourceProvisioningKeyBasic(t *testing.T) { { Config: testAccCheckProvisioningKeyAppConnectorGroupConfigure(resourceTypeAndName, generatedName, generatedName, appConnectorGroupHCL, appConnectorGroupTypeAndName, variable.ConnectorGroupType), Check: resource.ComposeTestCheckFunc( - testAccCheckProvisioningKeyExists(resourceTypeAndName, &groups), + testAccCheckProvisioningKeyAppConnectorExists(resourceTypeAndName, &groups), resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"), resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), resource.TestCheckResourceAttr(resourceTypeAndName, "association_type", variable.ConnectorGroupType), @@ -55,11 +55,17 @@ func TestAccResourceProvisioningKeyBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.ProvisioningKeyEnabled)), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } -func testAccCheckProvisioningKeyDestroy(s *terraform.State) error { +func testAccCheckProvisioningKeyDestroyAppConnector(s *terraform.State) error { apiClient := testAccProvider.Meta().(*Client) for _, rs := range s.RootModule().Resources { @@ -81,7 +87,7 @@ func testAccCheckProvisioningKeyDestroy(s *terraform.State) error { return nil } -func testAccCheckProvisioningKeyExists(resource string, provisioningkey *provisioningkey.ProvisioningKey) resource.TestCheckFunc { +func testAccCheckProvisioningKeyAppConnectorExists(resource string, provisioningkey *provisioningkey.ProvisioningKey) resource.TestCheckFunc { return func(state *terraform.State) error { rs, ok := state.RootModule().Resources[resource] if !ok { @@ -157,10 +163,105 @@ resource "%s" "%s" { ) } -/* +// Testing Provisioning Key for Service Edge Group +func TestAccResourceProvisioningKeyBasic_ServiceEdgeGroup(t *testing.T) { + var groups provisioningkey.ProvisioningKey + resourceTypeAndName, _, generatedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAProvisioningKey) + + serviceEdgeGroupTypeAndName, _, serviceEdgeGroupGeneratedName := method.GenerateRandomSourcesTypeAndName(resourcetype.ZPAServiceEdgeGroup) + serviceEdgeGroupHCL := testAccCheckServiceEdgeGroupConfigure(serviceEdgeGroupTypeAndName, serviceEdgeGroupGeneratedName, variable.ServiceEdgeDescription, variable.ServiceEdgeEnabled) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckProvisioningKeyDestroyServiceEdgeGroup, + Steps: []resource.TestStep{ + + // Test Service Edge Group Provisioning Key + { + Config: testAccCheckProvisioningKeyServiceEdgeGroupConfigure(resourceTypeAndName, generatedName, generatedName, serviceEdgeGroupHCL, serviceEdgeGroupTypeAndName, variable.ServiceEdgeGroupType), + Check: resource.ComposeTestCheckFunc( + testAccCheckProvisioningKeyServiceEdgeGroupExists(resourceTypeAndName, &groups), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"), + resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), + resource.TestCheckResourceAttr(resourceTypeAndName, "association_type", variable.ServiceEdgeGroupType), + resource.TestCheckResourceAttr(resourceTypeAndName, "max_usage", variable.ProvisioningKeyUsage), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "enrollment_cert_id"), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "zcomponent_id"), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.ProvisioningKeyEnabled)), + ), + }, + + // Update Service Edge Group Provisioning Key + { + Config: testAccCheckProvisioningKeyServiceEdgeGroupConfigure(resourceTypeAndName, generatedName, generatedName, serviceEdgeGroupHCL, serviceEdgeGroupTypeAndName, variable.ServiceEdgeGroupType), + Check: resource.ComposeTestCheckFunc( + testAccCheckProvisioningKeyServiceEdgeGroupExists(resourceTypeAndName, &groups), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"), + resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), + resource.TestCheckResourceAttr(resourceTypeAndName, "association_type", variable.ServiceEdgeGroupType), + resource.TestCheckResourceAttr(resourceTypeAndName, "max_usage", variable.ProvisioningKeyUsage), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "enrollment_cert_id"), + resource.TestCheckResourceAttrSet(resourceTypeAndName, "zcomponent_id"), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.ProvisioningKeyEnabled)), + ), + }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccCheckProvisioningKeyDestroyServiceEdgeGroup(s *terraform.State) error { + apiClient := testAccProvider.Meta().(*Client) + + for _, rs := range s.RootModule().Resources { + if rs.Type != resourcetype.ZPAProvisioningKey { + continue + } + + rule, _, err := apiClient.provisioningkey.GetByName(rs.Primary.Attributes["association_type"], rs.Primary.Attributes["name"]) + + if err == nil { + return fmt.Errorf("id %s already exists", rs.Primary.ID) + } + + if rule != nil { + return fmt.Errorf("provisioning key with id %s exists and wasn't destroyed", rs.Primary.ID) + } + } + + return nil +} + +func testAccCheckProvisioningKeyServiceEdgeGroupExists(resource string, provisioningkey *provisioningkey.ProvisioningKey) resource.TestCheckFunc { + return func(state *terraform.State) error { + rs, ok := state.RootModule().Resources[resource] + if !ok { + return fmt.Errorf("didn't find resource: %s", resource) + } + if rs.Primary.ID == "" { + return fmt.Errorf("no record ID is set") + } + + apiClient := testAccProvider.Meta().(*Client) + receivedKey, _, err := apiClient.provisioningkey.GetByName(rs.Primary.Attributes["association_type"], rs.Primary.Attributes["name"]) + + if err != nil { + return fmt.Errorf("failed fetching resource %s. Recevied error: %s", resource, err) + } + *provisioningkey = *receivedKey + + return nil + } +} func testAccCheckProvisioningKeyServiceEdgeGroupConfigure(resourceTypeAndName, generatedName, name, serviceEdgeGroupHCL, serviceEdgeGroupTypeAndName, provisioningKeyType string) string { return fmt.Sprintf(` -// app connector group resource +// service edge group resource %s // provisioning key resource @@ -185,20 +286,21 @@ data "%s" "%s" { func serviceEdgeGroupProvisioningKeyResourceHCL(generatedName, name, serviceEdgeGroupTypeAndName, provisioningKeyType string) string { return fmt.Sprintf(` -data "zpa_enrollment_cert" "service_edge" { - name = "Service Edge" -} + data "zpa_enrollment_cert" "service_edge" { + name = "Service Edge" + } -resource "%s" "%s" { - name = "tf-acc-test-%s" - association_type = "%s" - enabled = "%s" - max_usage = "%s" - zcomponent_id = "${%s.id}" - enrollment_cert_id = data.zpa_enrollment_cert.service_edge.id - depends_on = [ data.zpa_enrollment_cert.service_edge, %s ] -} -`, + resource "%s" "%s" { + name = "tf-acc-test-%s" + association_type = "%s" + enabled = "%s" + max_usage = "%s" + zcomponent_id = "${%s.id}" + enrollment_cert_id = data.zpa_enrollment_cert.service_edge.id + depends_on = [ data.zpa_enrollment_cert.service_edge, %s ] + + } + `, // resource variables resourcetype.ZPAProvisioningKey, generatedName, @@ -210,4 +312,3 @@ resource "%s" "%s" { serviceEdgeGroupTypeAndName, ) } -*/ diff --git a/zpa/resource_zpa_segment_group_test.go b/zpa/resource_zpa_segment_group_test.go index 0bd4b5b8..4621a013 100644 --- a/zpa/resource_zpa_segment_group_test.go +++ b/zpa/resource_zpa_segment_group_test.go @@ -34,14 +34,20 @@ func TestAccResourceSegmentGroupBasic(t *testing.T) { // Update test { - Config: testAccCheckSegmentGroupConfigure(resourceTypeAndName, generatedName, variable.SegmentGroupDescription, variable.SegmentGroupEnabled), + Config: testAccCheckSegmentGroupConfigure(resourceTypeAndName, generatedName, variable.SegmentGroupDescriptionUpdate, variable.SegmentGroupEnabledUpdate), Check: resource.ComposeTestCheckFunc( testAccCheckSegmentGroupExists(resourceTypeAndName, &segmentGroup), resource.TestCheckResourceAttr(resourceTypeAndName, "name", "tf-acc-test-"+generatedName), - resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.SegmentGroupDescription), - resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.SegmentGroupEnabled)), + resource.TestCheckResourceAttr(resourceTypeAndName, "description", variable.SegmentGroupDescriptionUpdate), + resource.TestCheckResourceAttr(resourceTypeAndName, "enabled", strconv.FormatBool(variable.SegmentGroupEnabledUpdate)), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -121,7 +127,6 @@ resource "%s" "%s" { resourcetype.ZPASegmentGroup, generatedName, generatedName, - // variable.SegmentGroupResourceName, description, strconv.FormatBool(enabled), ) diff --git a/zpa/resource_zpa_server_group_test.go b/zpa/resource_zpa_server_group_test.go index 8eff2ba9..2e7d04bd 100644 --- a/zpa/resource_zpa_server_group_test.go +++ b/zpa/resource_zpa_server_group_test.go @@ -48,6 +48,12 @@ func TestAccResourceServerGroupBasic(t *testing.T) { resource.TestCheckResourceAttr(serverGroupTypeAndName, "app_connector_groups.#", "1"), ), }, + // Import test + { + ResourceName: serverGroupTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } diff --git a/zpa/resource_zpa_service_edge_group_test.go b/zpa/resource_zpa_service_edge_group_test.go index 45be553c..137b5cc3 100644 --- a/zpa/resource_zpa_service_edge_group_test.go +++ b/zpa/resource_zpa_service_edge_group_test.go @@ -52,6 +52,12 @@ func TestAccResourceServiceEdgeGroupBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceTypeAndName, "version_profile_name", variable.ServiceEdgeVersionProfileName), ), }, + // Import test + { + ResourceName: resourceTypeAndName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -138,7 +144,6 @@ resource "%s" "%s" { resourcetype.ZPAServiceEdgeGroup, generatedName, generatedName, - // variable.ServiceEdgeResourceName, description, strconv.FormatBool(enabled), strconv.FormatBool(enabled), diff --git a/zpa/utils.go b/zpa/utils.go index 90ba9a6b..5ddeb61f 100755 --- a/zpa/utils.go +++ b/zpa/utils.go @@ -6,6 +6,7 @@ import ( "log" "math" "strconv" + "strings" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/zscaler/zscaler-sdk-go/v2/zpa/services/common" @@ -171,3 +172,8 @@ func validateAppPorts(selectConnectorCloseToApp bool, udpAppPortRange []common.N return nil } + +// createValidResourceName converts the given name to a valid Terraform resource name +func createValidResourceName(name string) string { + return strings.ReplaceAll(name, " ", "_") +} diff --git a/zpa/version.go b/zpa/version.go index 1ddf01ef..e10507c4 100644 --- a/zpa/version.go +++ b/zpa/version.go @@ -1,4 +1,4 @@ package zpa // ProviderVersion is set at build-time in the release process -var ProviderVersion = "3.0.0" +var ProviderVersion = "3.0.3"