fix for vpc_crn in is_vpc dns (IBM-Cloud#6114)

Author: uibm

ibm/service/vpc/resource_ibm_is_vpc.go

@@ -745,14 +745,20 @@ func vpcCreate(d *schema.ResourceData, meta interface{}, name, apm, rg string, i
 	}
 
 	if dnsresolvertpeOk, ok := d.GetOk("dns.0.resolver.0.type"); ok {
-		if dnsresolvertpeOk.(string) == "delegated" && d.Get("dns.0.resolver.0.vpc_id").(string) != "" {
+		if dnsresolvertpeOk.(string) == "delegated" && ((d.Get("dns.0.resolver.0.vpc_id").(string) != "") || (d.Get("dns.0.resolver.0.vpc_crn").(string) != "")) {
 			vpcId := d.Get("dns.0.resolver.0.vpc_id").(string)
+			vpcCrn := d.Get("dns.0.resolver.0.vpc_crn").(string)
 			createDnsBindings := &vpcv1.CreateVPCDnsResolutionBindingOptions{
 				VPCID: vpc.ID,
-				VPC: &vpcv1.VPCIdentity{
-					ID: &vpcId,
-				},
 			}
+			vpcidentity := vpcv1.VPCIdentity{}
+			if vpcId != "" {
+				vpcidentity.ID = &vpcId
+			}
+			if vpcCrn != "" {
+				vpcidentity.CRN = &vpcCrn
+			}
+			createDnsBindings.VPC = &vpcidentity
 			if bindingNameOk, ok := d.GetOk("dns.0.resolver.0.dns_binding_name"); ok {
 				bindingName := bindingNameOk.(string)
 				createDnsBindings.Name = &bindingName
@@ -763,14 +769,19 @@ func vpcCreate(d *schema.ResourceData, meta interface{}, name, apm, rg string, i
 				return fmt.Errorf("[ERROR] CreateVPCDnsResolutionBinding failed in vpc resource %s\n%s", err, response)
 			}
 			resolverType := "delegated"
-			dnsPatch := &vpcv1.VpcdnsPatch{
-				Resolver: &vpcv1.VpcdnsResolverPatch{
-					Type: &resolverType,
-					VPC: &vpcv1.VpcdnsResolverVPCPatch{
-						ID: &vpcId,
-					},
-				},
+			dnsPatch := &vpcv1.VpcdnsPatch{}
+			resolver := &vpcv1.VpcdnsResolverPatch{
+				Type: &resolverType,
+			}
+			vpcPatch := &vpcv1.VpcdnsResolverVPCPatch{}
+			if vpcId != "" {
+				vpcPatch.ID = &vpcId
 			}
+			if vpcCrn != "" {
+				vpcPatch.CRN = &vpcCrn
+			}
+			resolver.VPC = vpcPatch
+			dnsPatch.Resolver = resolver
 			vpcPatchModel := &vpcv1.VPCPatch{}
 			vpcPatchModel.Dns = dnsPatch
 			vpcPatchModelAsPatch, err := vpcPatchModel.AsPatch()
@@ -1045,9 +1056,10 @@ func vpcGet(d *schema.ResourceData, meta interface{}, id string) error {
 		}
 		resolverMapArray := dnsMap["resolver"].([]map[string]interface{})
 		resolverMap := resolverMapArray[0]
-		if resolverMap["type"] != nil && resolverMap["vpc_id"] != nil {
+		if resolverMap["type"] != nil && ((resolverMap["vpc_id"] != nil) || (resolverMap["vpc_crn"] != nil)) {
 			resType := resolverMap["type"].(*string)
 			resVpc := resolverMap["vpc_id"].(string)
+			resVpcCrn := resolverMap["vpc_crn"].(string)
 			if *resType == "delegated" {
 				listVPCDnsResolutionBindingOptions := &vpcv1.ListVPCDnsResolutionBindingsOptions{
 					VPCID: vpc.ID,
@@ -1066,7 +1078,7 @@ func vpcGet(d *schema.ResourceData, meta interface{}, id string) error {
 					allResults = append(allResults, nextPage...)
 				}
 				for _, binding := range allResults {
-					if *binding.VPC.ID == resVpc {
+					if (*binding.VPC.ID == resVpc) || (*binding.VPC.CRN == resVpcCrn) {
 						resolverMap["dns_binding_id"] = binding.ID
 						resolverMap["dns_binding_name"] = binding.Name
 						resolverMapArray[0] = resolverMap
@@ -1417,12 +1429,19 @@ func vpcUpdate(d *schema.ResourceData, meta interface{}, id, name string, hasCha
 					if oldResolverType != nil && newResolverType != nil && oldResolverType.(string) != "" && newResolverType.(string) != "" {
 						if oldResolverType.(string) == "system" && newResolverType.(string) == "delegated" {
 							vpcId := d.Get("dns.0.resolver.0.vpc_id").(string)
+							vpcCrn := d.Get("dns.0.resolver.0.vpc_crn").(string)
 							createDnsBindings := &vpcv1.CreateVPCDnsResolutionBindingOptions{
 								VPCID: core.StringPtr(d.Id()),
-								VPC: &vpcv1.VPCIdentity{
-									ID: &vpcId,
-								},
 							}
+							vpcidentity := &vpcv1.VPCIdentity{}
+							if vpcId != "" {
+								vpcidentity.ID = &vpcId
+							}
+							if vpcCrn != "" {
+								vpcidentity.CRN = &vpcCrn
+							}
+							createDnsBindings.VPC = vpcidentity
+
 							if bindingNameOk, ok := d.GetOk("dns.0.resolver.0.dns_binding_name"); ok {
 								bindingName := bindingNameOk.(string)
 								createDnsBindings.Name = &bindingName

ibm/service/vpc/resource_ibm_is_vpc_test.go

@@ -1256,6 +1256,67 @@ func testAccCheckIBMISVPCCustomResolverDelegatedToSystemConfig(vpcname1, vpcname
 	  }
     `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2)
 }
+func testAccCheckIBMISVPCCustomResolverDelegatedToSystemVPCCrnConfig(vpcname1, vpcname2 string) string {
+	return fmt.Sprintf(`
+	resource "ibm_is_vpc" "hub_true" {
+		name = "%s"
+		dns {
+		  enable_hub = true
+		}
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub1" {
+		name                     = "hub-true-subnet1"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub2" {
+		name                     = "hub-true-subnet2"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_resource_instance" "dns-cr-instance" {
+		name              = "dns-cr-instance"
+		resource_group_id = data.ibm_resource_group.rg.id
+		location          = "global"
+		service           = "dns-svcs"
+		plan              = "standard-dns"
+	  }
+	  resource "ibm_dns_custom_resolver" "test_hub_true" {
+		name              = "test-hub-true-customresolver"
+		instance_id       = ibm_resource_instance.dns-cr-instance.guid
+		description       = "new test CR - TF"
+		high_availability = true
+		enabled           = true
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub1.crn
+		  enabled    = true
+		}
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub2.crn
+		  enabled    = true
+		}
+	  }
+	  // delegated vpc
+	  resource "ibm_is_vpc" "hub_false_delegated" {
+		depends_on = [ibm_dns_custom_resolver.test_hub_true]
+		name       = "%s"
+		dns {
+		  enable_hub = false
+		  resolver {
+			type = "system"
+			dns_binding_name = "null"
+			vpc_crn = "null"
+		  }
+		}
+	  }
+	  
+	  data "ibm_resource_group" "rg" {
+		is_default = true
+	  }
+    `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2)
+}
 
 // VPC DNS name update fix
 // TestAccIBMISVPC_ResolverTypeTransitionDnsNameUpdate tests the transition of resolver types in a VPC.
@@ -1343,6 +1404,90 @@ func TestAccIBMISVPC_ResolverTypeTransitionDnsNameUpdate(t *testing.T) {
 		},
 	})
 }
+func TestAccIBMISVPC_ResolverTypeTransitionDnsNameVPCCrnUpdate(t *testing.T) {
+	var vpc string
+	vpcname1 := fmt.Sprintf("tf-vpc-hub-true-%d", acctest.RandIntRange(10, 100))
+	vpcname2 := fmt.Sprintf("tf-vpc-hub-false-%d", acctest.RandIntRange(10, 100))
+	dnsName := fmt.Sprintf("tf-dns-%d", acctest.RandIntRange(10, 100))
+	dnsNameUpdated := fmt.Sprintf("tf-dns-update-%d", acctest.RandIntRange(10, 100))
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { acc.TestAccPreCheck(t) },
+		Providers:    acc.TestAccProviders,
+		CheckDestroy: testAccCheckIBMISVPCDestroy,
+		Steps: []resource.TestStep{
+			// Step 1: Initial setup with system resolver
+			{
+				Config: testAccCheckIBMISVPCResolverSystemConfig(vpcname1, vpcname2),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISVPCExists("ibm_is_vpc.hub_false_delegated", vpc),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "name", vpcname2),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.enable_hub", "false"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.type", "system"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.vpc_crn", ""),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.dns_binding_name", ""),
+				),
+			},
+			// Step 2: Change to delegated resolver with no name
+			{
+				Config: testAccCheckIBMISVPCCustomResolverDelegatedWithNoNameVpcCrnConfig(vpcname1, vpcname2),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISVPCExists("ibm_is_vpc.hub_false_delegated", vpc),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.type", "delegated"),
+					resource.TestCheckResourceAttrSet(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.vpc_crn"),
+					resource.TestCheckResourceAttrSet(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.dns_binding_name"),
+				),
+			},
+			// Step 3: Update the binding name
+			{
+				Config: testAccCheckIBMISVPCCustomResolverDelegatedWithNameVPCCrnConfig(vpcname1, vpcname2, dnsName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISVPCExists("ibm_is_vpc.hub_false_delegated", vpc),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.type", "delegated"),
+					resource.TestCheckResourceAttrSet(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.vpc_crn"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.dns_binding_name", dnsName),
+				),
+			},
+			// Step 4: Update the binding name again
+			{
+				Config: testAccCheckIBMISVPCCustomResolverDelegatedWithNameVPCCrnConfig(vpcname1, vpcname2, dnsNameUpdated),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISVPCExists("ibm_is_vpc.hub_false_delegated", vpc),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.type", "delegated"),
+					resource.TestCheckResourceAttrSet(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.vpc_crn"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.dns_binding_name", dnsNameUpdated),
+				),
+			},
+			// Step 5: Change back to system resolver
+			{
+				Config: testAccCheckIBMISVPCCustomResolverDelegatedToSystemVPCCrnConfig(vpcname1, vpcname2),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIBMISVPCExists("ibm_is_vpc.hub_false_delegated", vpc),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.type", "system"),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.vpc_crn", ""),
+					resource.TestCheckResourceAttr(
+						"ibm_is_vpc.hub_false_delegated", "dns.0.resolver.0.dns_binding_name", ""),
+				),
+			},
+		},
+	})
+}
 
 // Helper function to generate config for custom resolver with hub VPC
 func testAccCheckIBMISVPCCustomResolverDelegatedWithNoNameConfig(vpcname1, vpcname2 string) string {
@@ -1405,6 +1550,66 @@ func testAccCheckIBMISVPCCustomResolverDelegatedWithNoNameConfig(vpcname1, vpcna
 	  }
     `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2)
 }
+func testAccCheckIBMISVPCCustomResolverDelegatedWithNoNameVpcCrnConfig(vpcname1, vpcname2 string) string {
+	return fmt.Sprintf(`
+	resource "ibm_is_vpc" "hub_true" {
+		name = "%s"
+		dns {
+		  enable_hub = true
+		}
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub1" {
+		name                     = "hub-true-subnet1"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub2" {
+		name                     = "hub-true-subnet2"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_resource_instance" "dns-cr-instance" {
+		name              = "dns-cr-instance"
+		resource_group_id = data.ibm_resource_group.rg.id
+		location          = "global"
+		service           = "dns-svcs"
+		plan              = "standard-dns"
+	  }
+	  resource "ibm_dns_custom_resolver" "test_hub_true" {
+		name              = "test-hub-true-customresolver"
+		instance_id       = ibm_resource_instance.dns-cr-instance.guid
+		description       = "new test CR - TF"
+		high_availability = true
+		enabled           = true
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub1.crn
+		  enabled    = true
+		}
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub2.crn
+		  enabled    = true
+		}
+	  }
+	  // delegated vpc
+	  resource "ibm_is_vpc" "hub_false_delegated" {
+		depends_on = [ibm_dns_custom_resolver.test_hub_true]
+		name       = "%s"
+		dns {
+		  enable_hub = false
+		  resolver {
+			type = "delegated"
+			vpc_crn = ibm_is_vpc.hub_true.crn
+		  }
+		}
+	  }
+	  
+	  data "ibm_resource_group" "rg" {
+		is_default = true
+	  }
+    `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2)
+}
 
 // Helper function to generate config for custom resolver with hub VPC
 func testAccCheckIBMISVPCCustomResolverDelegatedWithNameConfig(vpcname1, vpcname2, dnsName string) string {
@@ -1468,3 +1673,64 @@ func testAccCheckIBMISVPCCustomResolverDelegatedWithNameConfig(vpcname1, vpcname
 	  }
     `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2, dnsName)
 }
+func testAccCheckIBMISVPCCustomResolverDelegatedWithNameVPCCrnConfig(vpcname1, vpcname2, dnsName string) string {
+	return fmt.Sprintf(`
+	resource "ibm_is_vpc" "hub_true" {
+		name = "%s"
+		dns {
+		  enable_hub = true
+		}
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub1" {
+		name                     = "hub-true-subnet1"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_is_subnet" "hub_true_sub2" {
+		name                     = "hub-true-subnet2"
+		vpc                      = ibm_is_vpc.hub_true.id
+		zone                     = "%s"
+		total_ipv4_address_count = 16
+	  }
+	  resource "ibm_resource_instance" "dns-cr-instance" {
+		name              = "dns-cr-instance"
+		resource_group_id = data.ibm_resource_group.rg.id
+		location          = "global"
+		service           = "dns-svcs"
+		plan              = "standard-dns"
+	  }
+	  resource "ibm_dns_custom_resolver" "test_hub_true" {
+		name              = "test-hub-true-customresolver"
+		instance_id       = ibm_resource_instance.dns-cr-instance.guid
+		description       = "new test CR - TF"
+		high_availability = true
+		enabled           = true
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub1.crn
+		  enabled    = true
+		}
+		locations {
+		  subnet_crn = ibm_is_subnet.hub_true_sub2.crn
+		  enabled    = true
+		}
+	  }
+	  // delegated vpc
+	  resource "ibm_is_vpc" "hub_false_delegated" {
+		depends_on = [ibm_dns_custom_resolver.test_hub_true]
+		name       = "%s"
+		dns {
+		  enable_hub = false
+		  resolver {
+			type = "delegated"
+			dns_binding_name = "%s"
+			vpc_crn = ibm_is_vpc.hub_true.crn
+		  }
+		}
+	  }
+	  
+	  data "ibm_resource_group" "rg" {
+		is_default = true
+	  }
+    `, vpcname1, acc.ISZoneName, acc.ISZoneName, vpcname2, dnsName)
+}