diff --git a/CHANGELOG.md b/CHANGELOG.md index 41f1e9b4..97161023 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## 2.6.5 (November, xx 2023) + +### Notes + +- Release date: **(November, xx 2023)** +- Supported Terraform version: **v1.x** + +### Fixes + +- [PR #285](https://github.com/zscaler/terraform-provider-zia/pull/285) - Fixed drift within `zia_firewall_filtering_rule` for the attribute `dest_countries`. + ## 2.6.4 (October, 25 2023) ### Notes diff --git a/GNUmakefile b/GNUmakefile index f6eafe21..4e6e5fb1 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -46,15 +46,15 @@ testacc: build13: GOOS=$(shell go env GOOS) build13: GOARCH=$(shell go env GOARCH) ifeq ($(OS),Windows_NT) # is Windows_NT on XP, 2000, 7, Vista, 10... -build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.6.4/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.6.5/$(GOOS)_$(GOARCH) else -build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.6.4/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.6.5/$(GOOS)_$(GOARCH) endif build13: fmtcheck go mod tidy && go mod vendor @echo "==> Installing plugin to $(DESTINATION)" @mkdir -p $(DESTINATION) - go build -o $(DESTINATION)/terraform-provider-zia_v2.6.4 + go build -o $(DESTINATION)/terraform-provider-zia_v2.6.5 vet: @echo "==> Checking source code against go vet and staticcheck" diff --git a/docs/guides/release-notes.md b/docs/guides/release-notes.md index e800c219..e0055467 100644 --- a/docs/guides/release-notes.md +++ b/docs/guides/release-notes.md @@ -12,24 +12,20 @@ description: |- Track all ZIA Terraform provider's releases. New resources, features, and bug fixes will be tracked here. --- -``Last updated: v2.6.4`` +``Last updated: v2.6.5`` --- -## 2.6.4 (October, 25 2023) +## 2.6.5 (November, xx 2023) ### Notes -- Release date: **(October, 25 2023)** +- Release date: **(November, xx 2023)** - Supported Terraform version: **v1.x** -### Enhancements - -- [PR #285](https://github.com/zscaler/terraform-provider-zia/pull/285) - Introduced new `zia_location_management` attributes: `other_sublocation`, `other6_sublocation`, `ipv6_enabled`, `ipv6_dns_64prefix` - ### Fixes -- [PR #285](https://github.com/zscaler/terraform-provider-zia/pull/285) - Fixed `zia_location_management` resource attribute `ip_addresses` to `TypeSet` to prevent drifts in case the API returns IP addresses in an ordered fashion. +- [PR #285](https://github.com/zscaler/terraform-provider-zia/pull/285) - Fixed drift within `zia_firewall_filtering_rule` for the attribute `dest_countries`. ## 2.6.3 (October, 18 2023) diff --git a/zia/resource_zia_firewall_filtering_rules.go b/zia/resource_zia_firewall_filtering_rules.go index ca559f64..2c1bd585 100644 --- a/zia/resource_zia_firewall_filtering_rules.go +++ b/zia/resource_zia_firewall_filtering_rules.go @@ -80,9 +80,8 @@ func resourceFirewallFilteringRules() *schema.Resource { ValidateFunc: validation.StringLenBetween(0, 10240), }, "order": { - Type: schema.TypeInt, - Optional: true, - // Computed: true, + Type: schema.TypeInt, + Optional: true, Description: "Rule order number of the Firewall Filtering policy rule", }, "rank": { @@ -98,9 +97,8 @@ func resourceFirewallFilteringRules() *schema.Resource { Default: false, }, "action": { - Type: schema.TypeString, - Optional: true, - // Computed: true, + Type: schema.TypeString, + Optional: true, Description: "The action the Firewall Filtering policy rule takes when packets match the rule", ValidateFunc: validation.StringInSlice([]string{ "ALLOW", @@ -111,9 +109,8 @@ func resourceFirewallFilteringRules() *schema.Resource { }, false), }, "state": { - Type: schema.TypeString, - Optional: true, - // Computed: true, + Type: schema.TypeString, + Optional: true, Description: "Determines whether the Firewall Filtering policy rule is enabled or disabled", ValidateFunc: validation.StringInSlice([]string{ "ENABLED", @@ -137,15 +134,13 @@ func resourceFirewallFilteringRules() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, "default_rule": { - Type: schema.TypeBool, - Optional: true, - // Computed: true, + Type: schema.TypeBool, + Optional: true, Description: "If set to true, the default rule is applied", }, "predefined": { - Type: schema.TypeBool, - Optional: true, - // Computed: true, + Type: schema.TypeBool, + Optional: true, Description: "If set to true, a predefined rule is applied", }, "locations": setIDsSchemaTypeCustom(intPtr(8), "list of locations for which rule must be applied"), @@ -253,6 +248,7 @@ func resourceFirewallFilteringRulesRead(d *schema.ResourceData, m interface{}) e if !ok { return fmt.Errorf("no zia firewall filtering rule id is set") } + resp, err := zClient.filteringrules.Get(id) if err != nil { if respErr, ok := err.(*client.ErrorResponse); ok && respErr.IsObjectNotFound() { @@ -264,6 +260,11 @@ func resourceFirewallFilteringRulesRead(d *schema.ResourceData, m interface{}) e return err } + processedDestCountries := make([]string, len(resp.DestCountries)) + for i, country := range resp.DestCountries { + processedDestCountries[i] = strings.TrimPrefix(country, "COUNTRY_") + } + log.Printf("[INFO] Getting firewall filtering rule:\n%+v\n", resp) d.SetId(fmt.Sprintf("%d", resp.ID)) @@ -278,7 +279,8 @@ func resourceFirewallFilteringRulesRead(d *schema.ResourceData, m interface{}) e _ = d.Set("src_ips", resp.SrcIps) _ = d.Set("dest_addresses", resp.DestAddresses) _ = d.Set("dest_ip_categories", resp.DestIpCategories) - _ = d.Set("dest_countries", resp.DestCountries) + // _ = d.Set("dest_countries", resp.DestCountries) + _ = d.Set("dest_countries", processedDestCountries) _ = d.Set("nw_applications", resp.NwApplications) _ = d.Set("default_rule", resp.DefaultRule) _ = d.Set("predefined", resp.Predefined) @@ -423,16 +425,17 @@ func expandFirewallFilteringRules(d *schema.ResourceData) filteringrules.Firewal } result := filteringrules.FirewallFilteringRules{ - ID: id, - Name: d.Get("name").(string), - Order: d.Get("order").(int), - Rank: d.Get("rank").(int), - Action: d.Get("action").(string), - State: d.Get("state").(string), - Description: d.Get("description").(string), - SrcIps: SetToStringList(d, "src_ips"), - DestAddresses: SetToStringList(d, "dest_addresses"), - DestIpCategories: SetToStringList(d, "dest_ip_categories"), + ID: id, + Name: d.Get("name").(string), + Order: d.Get("order").(int), + Rank: d.Get("rank").(int), + Action: d.Get("action").(string), + State: d.Get("state").(string), + Description: d.Get("description").(string), + SrcIps: SetToStringList(d, "src_ips"), + DestAddresses: SetToStringList(d, "dest_addresses"), + DestIpCategories: SetToStringList(d, "dest_ip_categories"), + // DestCountries: SetToStringList(d, "dest_countries"), DestCountries: processedDestCountries, NwApplications: SetToStringList(d, "nw_applications"), EnableFullLogging: d.Get("enable_full_logging").(bool), diff --git a/zia/resource_zia_firewall_filtering_rules_test.go b/zia/resource_zia_firewall_filtering_rules_test.go index a1516212..529ce814 100644 --- a/zia/resource_zia_firewall_filtering_rules_test.go +++ b/zia/resource_zia_firewall_filtering_rules_test.go @@ -225,6 +225,7 @@ resource "%s" "%s" { state = "%s" order = 4 enable_full_logging = "%s" + dest_countries = ["CA", "US", "BR", "BT"] nw_services { id = [ data.zia_firewall_filtering_network_service.zscaler_proxy_nw_services.id ] }