re-create resources when remote resource is deleted (#217)

* re-create resources when remote resource is deleted
* fix segment group
* updated to zscaler-sdk-go v0.2.2
* Updated GNUmkefile and CHANGELOG

CHANGELOG.md

@@ -1,5 +1,17 @@
 # Changelog
 
+## 2.5.0 (November, 30 2022)
+
+### Notes
+
+- Release date: **(November, 30 2022)**
+- Supported Terraform version: **v1.x**
+
+### Fixes
+
+- [PR #217](https://github.com/zscaler/terraform-provider-zia/pull/217) Fixed Read/Update/Delete functions to allow automatic recreation of resources, that have been manually deleted via the UI.
+- [PR #217](https://github.com/zscaler/terraform-provider-zia/pull/217) Updated provider to zscaler-sdk-go v0.2.2
+
 ## 2.4.1
 
 ### Notes

GNUmakefile

@@ -16,15 +16,15 @@ build: fmtcheck
 build13: GOOS=$(shell go env GOOS)
 build13: GOARCH=$(shell go env GOARCH)
 ifeq ($(OS),Windows_NT)  # is Windows_NT on XP, 2000, 7, Vista, 10...
-build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/2.4.1/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/2.5.0/$(GOOS)_$(GOARCH)
 else
-build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/2.4.1/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/2.5.0/$(GOOS)_$(GOARCH)
 endif
 build13: fmtcheck
 	go mod tidy && go mod vendor
 	@echo "==> Installing plugin to $(DESTINATION)"
 	@mkdir -p $(DESTINATION)
-	go build -o $(DESTINATION)/terraform-provider-zpa_v2.4.1
+	go build -o $(DESTINATION)/terraform-provider-zpa_v2.5.0
 
 test: fmtcheck
 	go test $(TEST) || exit 1

docs/guides/release-notes.md

@@ -12,10 +12,22 @@ Track all ZPA Terraform provider's releases. New resources, features, and bug fi
 
 ---
 
-``Last updated: v2.4.1``
+``Last updated: v2.5.0``
 
 ---
 
+## 2.5.0 (November, 30 2022)
+
+### Notes
+
+- Release date: **(November, 30 2022)**
+- Supported Terraform version: **v1.x**
+
+### Fixes
+
+- [PR #217](https://github.com/zscaler/terraform-provider-zia/pull/217) Fixed Read/Update/Delete functions to allow automatic recreation of resources, that have been manually deleted via the UI.
+- [PR #217](https://github.com/zscaler/terraform-provider-zia/pull/217) Updated provider to zscaler-sdk-go v0.2.2
+
 ## 2.4.1
 
 ### Notes

go.mod

@@ -9,7 +9,7 @@ require (
 	github.com/hashicorp/terraform-plugin-docs v0.13.0
 	github.com/hashicorp/terraform-plugin-sdk v1.17.2
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1
-	github.com/zscaler/zscaler-sdk-go v0.1.9
+	github.com/zscaler/zscaler-sdk-go v0.2.2
 )
 
 require (

go.sum

@@ -426,8 +426,8 @@ github.com/zclconf/go-cty v1.12.1 h1:PcupnljUm9EIvbgSHQnHhUr3fO6oFmkOrvs2BAFNXXY
 github.com/zclconf/go-cty v1.12.1/go.mod h1:s9IfD1LK5ccNMSWCVFCE2rJfHiZgi7JijgeWIMfhLvA=
 github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
 github.com/zclconf/go-cty-yaml v1.0.2/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0=
-github.com/zscaler/zscaler-sdk-go v0.1.9 h1:TtrkDK+E17/WlXBP0WHwWKGsKnXo56nVucnZc3tfGAc=
-github.com/zscaler/zscaler-sdk-go v0.1.9/go.mod h1:sKZdM1JtTgUbfNEJ6H6snieQXMel9pngEq1emAn7APo=
+github.com/zscaler/zscaler-sdk-go v0.2.2 h1:T1ikOS9dY/NOr6vQ2yrZvrfBzWxqusviKKEAVCFTZTE=
+github.com/zscaler/zscaler-sdk-go v0.2.2/go.mod h1:BvxM0j3xTM3Vb6FHUmuOKqRgNHv0EqGXfe99d1geUwc=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=

zpa/resource_zpa_app_connector_group.go

@@ -242,6 +242,13 @@ func resourceAppConnectorGroupUpdate(d *schema.ResourceData, m interface{}) erro
 		return err
 	}
 
+	if _, _, err := zClient.appconnectorgroup.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.appconnectorgroup.Update(id, &req); err != nil {
 		return err
 	}

zpa/resource_zpa_app_server_controller.go

@@ -109,7 +109,7 @@ func resourceApplicationServerRead(d *schema.ResourceData, m interface{}) error
 
 	resp, _, err := zClient.appservercontroller.Get(d.Id())
 	if err != nil {
-		if err.(*client.ErrorResponse).IsObjectNotFound() {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
 			log.Printf("[WARN] Removing application server %s from state because it no longer exists in ZPA", d.Id())
 			d.SetId("")
 			return nil
@@ -137,6 +137,13 @@ func resourceApplicationServerUpdate(d *schema.ResourceData, m interface{}) erro
 	if d.HasChange("app_server_group_ids") || d.HasChange("name") || d.HasChange("description") || d.HasChange("address") || d.HasChange("enabled") {
 		log.Println("The AppServerGroupID, name, description or address has been changed")
 
+		if _, _, err := zClient.appservercontroller.Get(d.Id()); err != nil {
+			if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+				d.SetId("")
+				return nil
+			}
+		}
+
 		if _, err := zClient.appservercontroller.Update(d.Id(), appservercontroller.ApplicationServer{
 			AppServerGroupIds: SetToStringSlice(d.Get("app_server_group_ids").(*schema.Set)),
 			Name:              d.Get("name").(string),
@@ -162,6 +169,10 @@ func resourceApplicationServerDelete(d *schema.ResourceData, m interface{}) erro
 	}
 
 	if _, err = zClient.appservercontroller.Delete(d.Id()); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
 		return err
 	}
 
@@ -173,6 +184,9 @@ func removeServerFromGroup(zClient *Client, serverID string) error {
 
 	resp, _, err := zClient.appservercontroller.Get(serverID)
 	if err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			return nil
+		}
 		return err
 	}
 
@@ -193,6 +207,7 @@ func removeServerFromGroup(zClient *Client, serverID string) error {
 
 func expandCreateAppServerRequest(d *schema.ResourceData) appservercontroller.ApplicationServer {
 	applicationServer := appservercontroller.ApplicationServer{
+		ID:                d.Id(),
 		Address:           d.Get("address").(string),
 		ConfigSpace:       d.Get("config_space").(string),
 		AppServerGroupIds: SetToStringSlice(d.Get("app_server_group_ids").(*schema.Set)),

zpa/resource_zpa_application_segment.go

@@ -288,6 +288,14 @@ func resourceApplicationSegmentUpdate(d *schema.ResourceData, m interface{}) err
 		log.Println("[ERROR] Please provde a valid segment group for the application segment")
 		return fmt.Errorf("please provde a valid segment group for the application segment")
 	}
+
+	if _, _, err := zClient.applicationsegment.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.applicationsegment.Update(id, req); err != nil {
 		return err
 	}

zpa/resource_zpa_application_segment_browser_access.go

@@ -339,6 +339,13 @@ func resourceApplicationSegmentBrowserAccessUpdate(d *schema.ResourceData, m int
 		return fmt.Errorf("please provide a valid segment group for the browser access application segment")
 	}
 
+	if _, _, err := zClient.browseraccess.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.browseraccess.Update(id, &req); err != nil {
 		return err
 	}
@@ -388,6 +395,7 @@ func detachBrowserAccessFromGroup(client *Client, segmentID, segmentGroupID stri
 
 func expandBrowserAccess(d *schema.ResourceData, zClient *Client, id string) browseraccess.BrowserAccess {
 	details := browseraccess.BrowserAccess{
+		ID:                   d.Id(),
 		SegmentGroupID:       d.Get("segment_group_id").(string),
 		SegmentGroupName:     d.Get("segment_group_name").(string),
 		BypassType:           d.Get("bypass_type").(string),

zpa/resource_zpa_application_segment_inspection.go

@@ -401,6 +401,13 @@ func resourceApplicationSegmentInspectionUpdate(d *schema.ResourceData, m interf
 		return fmt.Errorf("please provde a valid segment group for the inspection application segment")
 	}
 
+	if _, _, err := zClient.applicationsegmentinspection.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.applicationsegmentinspection.Update(id, &req); err != nil {
 		return err
 	}
@@ -450,6 +457,7 @@ func detachInspectionPortalsFromGroup(client *Client, segmentID, segmentGroupID
 
 func expandInspectionApplicationSegment(d *schema.ResourceData, zClient *Client, id string) applicationsegmentinspection.AppSegmentInspection {
 	details := applicationsegmentinspection.AppSegmentInspection{
+		ID:                   d.Id(),
 		SegmentGroupID:       d.Get("segment_group_id").(string),
 		BypassType:           d.Get("bypass_type").(string),
 		ConfigSpace:          d.Get("config_space").(string),

zpa/resource_zpa_application_segment_pra.go

@@ -403,6 +403,13 @@ func resourceApplicationSegmentPRAUpdate(d *schema.ResourceData, m interface{})
 		return fmt.Errorf("please provde a valid segment group for the sra application segment")
 	}
 
+	if _, _, err := zClient.applicationsegmentpra.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.applicationsegmentpra.Update(id, &req); err != nil {
 		return err
 	}
@@ -452,6 +459,7 @@ func detachSraPortalsFromGroup(client *Client, segmentID, segmentGroupID string)
 
 func expandSRAApplicationSegment(d *schema.ResourceData, zClient *Client, id string) applicationsegmentpra.AppSegmentPRA {
 	details := applicationsegmentpra.AppSegmentPRA{
+		ID:                   d.Id(),
 		SegmentGroupID:       d.Get("segment_group_id").(string),
 		BypassType:           d.Get("bypass_type").(string),
 		ConfigSpace:          d.Get("config_space").(string),

zpa/resource_zpa_inspection_custom_controls.go

@@ -312,6 +312,14 @@ func resourceInspectionCustomControlsUpdate(d *schema.ResourceData, m interface{
 	if err := validateRules(req); err != nil {
 		return err
 	}
+
+	if _, _, err := zClient.inspection_custom_controls.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.inspection_custom_controls.Update(id, &req); err != nil {
 		return err
 	}
@@ -354,6 +362,7 @@ func resourceInspectionCustomControlsDelete(d *schema.ResourceData, m interface{
 
 func expandInspectionCustomControls(d *schema.ResourceData) inspection_custom_controls.InspectionCustomControl {
 	custom_control := inspection_custom_controls.InspectionCustomControl{
+		ID:                               d.Id(),
 		Action:                           d.Get("action").(string),
 		ActionValue:                      d.Get("action_value").(string),
 		ControlNumber:                    d.Get("control_number").(string),

zpa/resource_zpa_inspection_profile.go

@@ -307,6 +307,14 @@ func resourceInspectionProfileUpdate(d *schema.ResourceData, m interface{}) erro
 	if err := validateInspectionProfile(&req); err != nil {
 		return err
 	}
+
+	if _, _, err := zClient.inspection_profile.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	//injectPredefinedControls(zClient, &req)
 	if _, err := zClient.inspection_profile.Update(id, &req); err != nil {
 		return err
@@ -336,6 +344,7 @@ func resourceInspectionProfileDelete(d *schema.ResourceData, m interface{}) erro
 
 func expandInspectionProfile(d *schema.ResourceData) inspection_profile.InspectionProfile {
 	inspection_profile := inspection_profile.InspectionProfile{
+		ID:                        d.Id(),
 		Name:                      d.Get("name").(string),
 		Description:               d.Get("description").(string),
 		GlobalControlActions:      SetToStringList(d, "global_control_actions"),

zpa/resource_zpa_lss_config_controller.go

@@ -265,6 +265,13 @@ func resourceLSSConfigControllerUpdate(d *schema.ResourceData, m interface{}) er
 	log.Printf("[INFO] Updating lss config controller ID: %v\n", id)
 	req := expandLSSResource(d)
 
+	if _, _, err := zClient.lssconfigcontroller.Get(id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.lssconfigcontroller.Update(id, &req); err != nil {
 		return err
 	}

zpa/resource_zpa_policy_access_forwarding_rule.go

@@ -127,6 +127,13 @@ func resourcePolicyForwardingRuleUpdate(d *schema.ResourceData, m interface{}) e
 		return err
 	}
 	if ValidateConditions(req.Conditions, zClient) {
+		if _, _, err := zClient.policysetcontroller.GetPolicyRule(globalPolicySet.ID, ruleID); err != nil {
+			if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+				d.SetId("")
+				return nil
+			}
+		}
+
 		if _, err := zClient.policysetcontroller.Update(globalPolicySet.ID, ruleID, req); err != nil {
 			return err
 		}

zpa/resource_zpa_policy_access_inspection_rule.go

@@ -125,6 +125,13 @@ func resourcePolicyInspectionRuleUpdate(d *schema.ResourceData, m interface{}) e
 		return err
 	}
 	if ValidateConditions(req.Conditions, zClient) {
+		if _, _, err := zClient.policysetcontroller.GetPolicyRule(globalPolicySet.ID, ruleID); err != nil {
+			if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+				d.SetId("")
+				return nil
+			}
+		}
+
 		if _, err := zClient.policysetcontroller.Update(globalPolicySet.ID, ruleID, req); err != nil {
 			return err
 		}

zpa/resource_zpa_policy_access_rule.go

@@ -190,6 +190,13 @@ func resourcePolicyAccessUpdate(d *schema.ResourceData, m interface{}) error {
 	if !ValidateConditions(req.Conditions, zClient) {
 		return fmt.Errorf("couldn't validate the zpa policy rule (%s) operands, please make sure you are using valid inputs for APP type, LHS & RHS", req.Name)
 	}
+	if _, _, err := zClient.policysetcontroller.GetPolicyRule(globalPolicySet.ID, ruleID); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
+
 	if _, err := zClient.policysetcontroller.Update(globalPolicySet.ID, ruleID, req); err != nil {
 		return err
 	}

zpa/resource_zpa_policy_access_timeout_rule.go

@@ -126,6 +126,13 @@ func resourcePolicyTimeoutRuleUpdate(d *schema.ResourceData, m interface{}) erro
 		return err
 	}
 	if ValidateConditions(req.Conditions, zClient) {
+		if _, _, err := zClient.policysetcontroller.GetPolicyRule(globalPolicySet.ID, ruleID); err != nil {
+			if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+				d.SetId("")
+				return nil
+			}
+		}
+
 		if _, err := zClient.policysetcontroller.Update(globalPolicySet.ID, ruleID, req); err != nil {
 			return err
 		}

zpa/resource_zpa_provisioning_key.go

@@ -206,6 +206,12 @@ func resourceProvisioningKeyUpdate(d *schema.ResourceData, m interface{}) error
 	id := d.Id()
 	log.Printf("[INFO] Updating provisining key ID: %v\n", id)
 	req := expandProvisioningKey(d)
+	if _, _, err := zClient.provisioningkey.Get(associationType, id); err != nil {
+		if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() {
+			d.SetId("")
+			return nil
+		}
+	}
 
 	if _, err := zClient.provisioningkey.Update(associationType, id, &req); err != nil {
 		return err
@@ -232,6 +238,7 @@ func resourceProvisioningKeyDelete(d *schema.ResourceData, m interface{}) error
 
 func expandProvisioningKey(d *schema.ResourceData) provisioningkey.ProvisioningKey {
 	provisioningKey := provisioningkey.ProvisioningKey{
+		ID:                    d.Id(),
 		AppConnectorGroupID:   d.Get("app_connector_group_id").(string),
 		AppConnectorGroupName: d.Get("app_connector_group_name").(string),
 		Enabled:               d.Get("enabled").(bool),