Merge pull request #854 from F5Networks/devel

devel sync to master

.github/workflows/build.yaml

@@ -0,0 +1,37 @@
+---
+name: GoLang Build
+on:
+  pull_request:
+    types: ['opened', 'synchronize']
+    paths:
+      - '**.go'
+      - 'vendor/**'
+      - '.github/workflows/**'
+jobs:
+  gobuild:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        # list whatever GO versions here you would like to support
+        golang:
+          - '1.19.*'
+#          - '1.18.*'
+#          - '1.17.*'
+#          - '1.16.*'
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.golang }}
+          cache: true
+      - name: Get dependencies
+        run: |
+          go mod download
+      - name: Build
+        run: |
+          ls -ltr
+          pwd
+          go version
+          go build -v .
+          ls -ltr

.gitignore

@@ -38,6 +38,7 @@ website/node_modules
 *.test
 *.tf
 .terraform.lock.hcl
+cover.out
 website/vendor
 keymap
 README.md

README.md

@@ -7,29 +7,28 @@
 
 A [Terraform](terraform.io) provider for F5 BigIP LTM.
 
-[![Build Status](https://travis-ci.org/f5devcentral/terraform-provider-bigip.svg?branch=master)](https://travis-ci.org/f5devcentral/terraform-provider-bigip)
+![Build Status](https://github.com/F5Networks/terraform-provider-bigip/actions/workflows/golint.yaml/badge.svg)
 [![Go Report Card](https://goreportcard.com/badge/github.com/f5devcentral/terraform-provider-bigip)](https://goreportcard.com/report/github.com/f5devcentral/terraform-provider-bigip)
 [![license](https://img.shields.io/badge/license-Mozilla-red.svg?style=flat)](https://github.com/f5devcentral/terraform-provider-bigip/blob/master/LICENSE)
-[![Gitter chat](https://badges.gitter.im/hashicorp-terraform/Lobby.png)](https://gitter.im/hashicorp-terraform/Lobby)
+[![GitHub release(latest by date)](https://img.shields.io/github/v/release/F5Networks/terraform-provider-bigip)](https://github.com/F5Networks/terraform-provider-bigip/releases)
 
-<img src="https://cdn.rawgit.com/hashicorp/terraform-website/master/content/source/assets/images/logo-hashicorp.svg" width="600px">
 
 # Requirements
--	[Terraform](https://www.terraform.io/downloads.html) 0.11.x / 0.12.x /0.13.x
--	[Go](https://golang.org/doc/install) 1.16 (to build the provider plugin)
+-	[Terraform](https://www.terraform.io/downloads.html) > 0.12.x
+-	[Go](https://golang.org/doc/install) 1.19 (to build the provider plugin)
 
 # F5 BigIP LTM requirements
 
 - This provider uses the iControlREST API, make sure that it is installed and enabled on your F5 device before proceeding.
 
 These BIG-IP versions are supported in these Terraform versions.
 
-| BIG-IP version	 |Terraform 1.x  |	Terraform 0.13  |	Terraform 0.12  | Terraform 0.11  |
-|-----------------|---------------|-----------------|-----------------|-----------------|
-| BIG-IP 17.x	    |      X        |       X         |       X         |      X          |
-| BIG-IP 16.x	    |      X        |       X         |       X         |      X          |
-| BIG-IP 15.x	    |      X        |       X         |       X         |      X          |
-| BIG-IP 14.x	    | 	   X        |       X         |       X         |      X          |
+| BIG-IP version	 | Terraform 1.x | 	Terraform 0.13 | 	Terraform 0.12 |
+|-----------------|---------------|-----------------|-----------------|
+| BIG-IP 17.x	    | X             | X               | X               |
+| BIG-IP 16.x	    | X             | X               | X               |
+| BIG-IP 15.x	    | X             | X               | X               |
+| BIG-IP 14.x	    | 	   X         | X               | X               |
 
 
 # Documentation

bigip/provider.go

@@ -153,6 +153,7 @@ func Provider() *schema.Provider {
 			"bigip_fast_udp_app":                    resourceBigipFastUdpApp(),
 			"bigip_ssl_certificate":                 resourceBigipSslCertificate(),
 			"bigip_ssl_key":                         resourceBigipSslKey(),
+			"bigip_ssl_key_cert":                    resourceBigipSSLKeyCert(),
 			"bigip_command":                         resourceBigipCommand(),
 			"bigip_common_license_manage_bigiq":     resourceBigiqLicenseManage(),
 			"bigip_bigiq_as3":                       resourceBigiqAs3(),

bigip/resource_bigip_as3.go

@@ -23,7 +23,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure"
 )
 
-var x = 0
+// var x = 0
 var m sync.Mutex
 var createdTenants string
 
@@ -167,12 +167,12 @@ func resourceBigipAs3() *schema.Resource {
 
 func resourceBigipAs3Create(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*bigip.BigIP)
-	as3Json := d.Get("as3_json").(string)
 	m.Lock()
 	defer m.Unlock()
-	log.Printf("[INFO] Creating As3 config")
+	as3Json := d.Get("as3_json").(string)
 	tenantFilter := d.Get("tenant_filter").(string)
 	tenantList, _, applicationList := client.GetTenantList(as3Json)
+	log.Printf("[INFO] Creating As3 config for tenants:%+v", tenantList)
 	tenantCount := strings.Split(tenantList, ",")
 	if tenantFilter != "" {
 		log.Printf("[DEBUG] tenantFilter:%+v", tenantFilter)
@@ -227,8 +227,6 @@ func resourceBigipAs3Create(ctx context.Context, d *schema.ResourceData, meta in
 		d.SetId("Common")
 	}
 	createdTenants = d.Get("tenant_list").(string)
-	x++
-	log.Printf("[TRACE] %+v", x)
 	return resourceBigipAs3Read(ctx, d, meta)
 }
 func resourceBigipAs3Read(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
@@ -286,11 +284,12 @@ func resourceBigipAs3Read(ctx context.Context, d *schema.ResourceData, meta inte
 
 func resourceBigipAs3Update(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*bigip.BigIP)
-	as3Json := d.Get("as3_json").(string)
 	m.Lock()
 	defer m.Unlock()
+	as3Json := d.Get("as3_json").(string)
 	log.Printf("[INFO] Updating As3 Config :%s", as3Json)
 	tenantList, _, _ := client.GetTenantList(as3Json)
+	log.Printf("[INFO] Updating As3 Config for tenants:%s", tenantList)
 	oldTenantList := d.Get("tenant_list").(string)
 	tenantFilter := d.Get("tenant_filter").(string)
 	if tenantFilter == "" {
@@ -331,15 +330,13 @@ func resourceBigipAs3Update(ctx context.Context, d *schema.ResourceData, meta in
 	}
 	createdTenants = d.Get("tenant_list").(string)
 	_ = d.Set("task_id", taskID)
-	x++
 	return resourceBigipAs3Read(ctx, d, meta)
 }
 
 func resourceBigipAs3Delete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*bigip.BigIP)
 	m.Lock()
 	defer m.Unlock()
-	log.Printf("[INFO] Deleting As3 config")
 	var name string
 	var tList string
 
@@ -352,6 +349,7 @@ func resourceBigipAs3Delete(ctx context.Context, d *schema.ResourceData, meta in
 	} else {
 		name = d.Id()
 	}
+	log.Printf("[INFO] Deleting As3 config for tenants:%+v", name)
 	err, failedTenants := client.DeleteAs3Bigip(name)
 	if err != nil {
 		log.Printf("[ERROR] Unable to DeleteContext: %v :", err)
@@ -361,7 +359,6 @@ func resourceBigipAs3Delete(ctx context.Context, d *schema.ResourceData, meta in
 		_ = d.Set("tenant_list", name)
 		return resourceBigipAs3Read(ctx, d, meta)
 	}
-	x++
 	d.SetId("")
 	return nil
 }

bigip/resource_bigip_as3_test.go

@@ -128,7 +128,8 @@ func TestAccBigipAs3_create_PartialSuccess(t *testing.T) {
 		CheckDestroy: testCheckAs3Destroy,
 		Steps: []resource.TestStep{
 			{
-				Config: TestAs3Resource2,
+				Config:      TestAs3Resource2,
+				ExpectError: regexp.MustCompile("as3 config post error response"),
 				Check: resource.ComposeTestCheckFunc(
 					testCheckAs3Exists("Sample_03", true),
 					testCheckAs3Exists("Sample_04", false),
@@ -206,6 +207,25 @@ func TestAccBigipAs3_update_deleteTenant(t *testing.T) {
 	})
 }
 
+func TestAccBigipAs3ResourceTC20(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAcctPreCheck(t)
+		},
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAs3Destroy,
+		Steps: []resource.TestStep{
+			{
+				Config:      loadFixtureString("../examples/as3/main.tf"),
+				ExpectError: regexp.MustCompile("posting as3 config failed for tenants"),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAs3Exists("Sample_http_02", false),
+				),
+			},
+		},
+	})
+}
+
 func TestAccBigipAs3_update_config(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck: func() {

bigip/resource_bigip_awaf_policy.go

@@ -71,7 +71,6 @@ func resourceBigipAwafPolicy() *schema.Resource {
 			"application_language": {
 				Type:        schema.TypeString,
 				Optional:    true,
-				Default:     "utf-8",
 				Description: "The character encoding for the web application. The character encoding determines how the policy processes the character sets. The default is Auto detect",
 			},
 			"case_insensitive": {
@@ -467,7 +466,9 @@ func resourceBigipAwafPolicyRead(ctx context.Context, d *schema.ResourceData, me
 	}
 	_ = d.Set("policy_id", wafpolicy.ID)
 	_ = d.Set("type", policyJson.Policy.Type)
-	_ = d.Set("application_language", policyJson.Policy.ApplicationLanguage)
+	if _, ok := d.GetOk("application_language"); ok {
+		_ = d.Set("application_language", policyJson.Policy.ApplicationLanguage)
+	}
 	if _, ok := d.GetOk("enforcement_mode"); ok {
 		_ = d.Set("enforcement_mode", policyJson.Policy.EnforcementMode)
 	}
@@ -538,11 +539,16 @@ func getpolicyConfig(d *schema.ResourceData) (string, error) {
 	if partition != "Common" {
 		fullPath = fmt.Sprintf("/%s/%s", partition, name)
 	}
+	var appLang1 string
+	appLang1 = "auto-detect"
+	if val, ok := d.GetOk("application_language"); ok {
+		appLang1 = val.(string)
+	}
 	policyWaf := bigip.WafPolicy{
 		Name:                name,
 		Partition:           partition,
 		FullPath:            fullPath,
-		ApplicationLanguage: d.Get("application_language").(string),
+		ApplicationLanguage: appLang1,
 	}
 	policyWaf.CaseInsensitive = d.Get("case_insensitive").(bool)
 	policyWaf.EnablePassiveMode = d.Get("enable_passivemode").(bool)
@@ -708,9 +714,12 @@ func getpolicyConfig(d *schema.ResourceData) (string, error) {
 		if policyWaf.Template.Name != "" && polJsn1.Policy.(map[string]interface{})["template"] != policyWaf.Template {
 			polJsn1.Policy.(map[string]interface{})["template"] = policyWaf.Template
 		}
-		if policyWaf.ApplicationLanguage != "" {
-			polJsn1.Policy.(map[string]interface{})["applicationLanguage"] = policyWaf.ApplicationLanguage
+		if appLang, ok := d.GetOk("application_language"); ok {
+			polJsn1.Policy.(map[string]interface{})["applicationLanguage"] = appLang
 		}
+		// if policyWaf.ApplicationLanguage != "" {
+		//	polJsn1.Policy.(map[string]interface{})["applicationLanguage"] = policyWaf.ApplicationLanguage
+		// }
 		urlList := make([]interface{}, len(policyWaf.Urls))
 		for i, v := range policyWaf.Urls {
 			urlList[i] = v

bigip/resource_bigip_do.go

@@ -132,7 +132,11 @@ func resourceBigipDoCreate(ctx context.Context, d *schema.ResourceData, meta int
 	if err != nil {
 		return diag.FromErr(fmt.Errorf("error while creating http request with DO json:%v", err))
 	}
-	req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	if clientBigip.Token != "" {
+		req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+	} else {
+		req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	}
 	req.Header.Set("Accept", "application/json")
 	req.Header.Set("Content-Type", "application/json")
 
@@ -180,10 +184,13 @@ func resourceBigipDoCreate(ctx context.Context, d *schema.ResourceData, meta int
 			log.Printf("[DEBUG]Value of Timeout counter in seconds :%v", math.Ceil(time.Since(start).Seconds()))
 			url := clientBigip.Host + "/mgmt/shared/declarative-onboarding/task/" + respID
 			req, _ := http.NewRequest("GET", url, nil)
-			req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+			if clientBigip.Token != "" {
+				req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+			} else {
+				req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+			}
 			req.Header.Set("Accept", "application/json")
 			req.Header.Set("Content-Type", "application/json")
-
 			taskResp, err := client.Do(req)
 			if taskResp == nil {
 				log.Printf("[DEBUG]taskResp of DO is empty,but continue the loop until timeout \n")
@@ -240,7 +247,11 @@ func resourceBigipDoCreate(ctx context.Context, d *schema.ResourceData, meta int
 		log.Printf("[DEBUG] Didn't get successful response within timeout")
 		url := clientBigip.Host + "/mgmt/shared/declarative-onboarding/task/" + respID
 		req, _ := http.NewRequest("GET", url, nil)
-		req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+		if clientBigip.Token != "" {
+			req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+		} else {
+			req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+		}
 		req.Header.Set("Accept", "application/json")
 		req.Header.Set("Content-Type", "application/json")
 		taskResp, err := client.Do(req)
@@ -292,10 +303,13 @@ func resourceBigipDoRead(ctx context.Context, d *schema.ResourceData, meta inter
 	if err != nil {
 		return diag.FromErr(fmt.Errorf("error while creating http request for reading Do config:%v", err))
 	}
-	req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	if clientBigip.Token != "" {
+		req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+	} else {
+		req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	}
 	req.Header.Set("Accept", "application/json")
 	req.Header.Set("Content-Type", "application/json")
-
 	resp, err := client.Do(req)
 
 	defer func() {
@@ -353,10 +367,13 @@ func resourceBigipDoUpdate(ctx context.Context, d *schema.ResourceData, meta int
 	if err != nil {
 		return diag.FromErr(fmt.Errorf("error while creating http request with DO json:%v ", err))
 	}
-	req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	if clientBigip.Token != "" {
+		req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+	} else {
+		req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+	}
 	req.Header.Set("Accept", "application/json")
 	req.Header.Set("Content-Type", "application/json")
-
 	resp, err := client.Do(req)
 
 	defer func() {
@@ -398,10 +415,13 @@ func resourceBigipDoUpdate(ctx context.Context, d *schema.ResourceData, meta int
 			log.Printf("[DEBUG]Value of loop counter :%d", i)
 			url := clientBigip.Host + "/mgmt/shared/declarative-onboarding/task/" + respID
 			req, _ := http.NewRequest("GET", url, nil)
-			req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+			if clientBigip.Token != "" {
+				req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+			} else {
+				req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+			}
 			req.Header.Set("Accept", "application/json")
 			req.Header.Set("Content-Type", "application/json")
-
 			taskResp, err := client.Do(req)
 
 			defer func() {
@@ -458,7 +478,11 @@ func resourceBigipDoUpdate(ctx context.Context, d *schema.ResourceData, meta int
 		log.Printf("[DEBUG] Didn't get successful response within timeout")
 		url := clientBigip.Host + "/mgmt/shared/declarative-onboarding/task/" + respID
 		req, _ := http.NewRequest("GET", url, nil)
-		req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+		if clientBigip.Token != "" {
+			req.Header.Set("X-F5-Auth-Token", clientBigip.Token)
+		} else {
+			req.SetBasicAuth(clientBigip.User, clientBigip.Password)
+		}
 		req.Header.Set("Accept", "application/json")
 		req.Header.Set("Content-Type", "application/json")
 		taskResp, err := client.Do(req)