Add 'description' field to route rules

Author: jotruon

CHANGELOG.md

@@ -1,4 +1,8 @@
 ## 3.58.0 (Unreleased)
+
+### Added
+- Support for `description` field in networking routing rules in `oci_core_route_table` and `oci_core_security_list`
+
 ## 3.57.0 (January 09, 2020)
 
 ### Added

examples/networking/route_table/route_table.tf

@@ -7,6 +7,10 @@ variable "private_key_path" {}
 variable "compartment_ocid" {}
 variable "region" {}
 
+variable "route_table_route_rules_description" {
+  default = "description"
+}
+
 provider "oci" {
   tenancy_ocid     = "${var.tenancy_ocid}"
   user_ocid        = "${var.user_ocid}"
@@ -34,6 +38,7 @@ resource "oci_core_route_table" "example_route_table" {
   display_name   = "exampleRouteTable"
 
   route_rules {
+    description       = "${var.route_table_route_rules_description}"
     destination       = "0.0.0.0/0"
     destination_type  = "CIDR_BLOCK"
     network_entity_id = "${oci_core_internet_gateway.example_ig.id}"

examples/networking/security_list/security_list.tf

@@ -9,6 +9,14 @@ variable "private_key_path" {}
 variable "compartment_ocid" {}
 variable "region" {}
 
+variable "security_list_egress_security_rules_description" {
+  default = "description"
+}
+
+variable "security_list_ingress_security_rules_description" {
+  default = "description"
+}
+
 provider "oci" {
   tenancy_ocid     = "${var.tenancy_ocid}"
   user_ocid        = "${var.user_ocid}"
@@ -40,8 +48,9 @@ resource "oci_core_security_list" "example_security_list" {
 
   // allow outbound udp traffic on a port range
   egress_security_rules {
+    description = "${var.security_list_egress_security_rules_description}"
     destination = "0.0.0.0/0"
-    protocol    = "17"        // udp
+    protocol    = "17"                                                     // udp
     stateless   = true
 
     udp_options {
@@ -71,9 +80,10 @@ resource "oci_core_security_list" "example_security_list" {
 
   // allow inbound icmp traffic of a specific type
   ingress_security_rules {
-    protocol  = 1
-    source    = "0.0.0.0/0"
-    stateless = true
+    description = "${var.security_list_ingress_security_rules_description}"
+    protocol    = 1
+    source      = "0.0.0.0/0"
+    stateless   = true
 
     icmp_options {
       type = 3

oci/core_route_table_resource.go

@@ -77,6 +77,11 @@ func CoreRouteTableResource() *schema.Resource {
 							Computed:   true,
 							Deprecated: FieldDeprecatedForAnother("cidr_block", "destination"),
 						},
+						"description": {
+							Type:     schema.TypeString,
+							Optional: true,
+							Computed: true,
+						},
 						"destination": {
 							Type:     schema.TypeString,
 							Optional: true,
@@ -367,6 +372,11 @@ func (s *CoreRouteTableResourceCrud) mapToRouteRule(fieldKeyFormat string) (oci_
 		result.DestinationType = tmp
 	}
 
+	if description, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "description")); ok {
+		tmp := description.(string)
+		result.Description = &tmp
+	}
+
 	cidrBlockChanged := false
 	cidrBlock, cidrBlockPresent := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "cidr_block"))
 	if cidrBlockPresent && s.D.HasChange(fmt.Sprintf(fieldKeyFormat, "cidr_block")) {
@@ -406,6 +416,10 @@ func RouteRuleToMap(obj oci_core.RouteRule) map[string]interface{} {
 		result["cidr_block"] = string(*obj.CidrBlock)
 	}
 
+	if obj.Description != nil {
+		result["description"] = string(*obj.Description)
+	}
+
 	if obj.Destination != nil {
 		result["destination"] = string(*obj.Destination)
 	}
@@ -434,6 +448,9 @@ func routeRulesHashCodeForSets(v interface{}) int {
 	} else if destinationPresent && destination != "" {
 		buf.WriteString(fmt.Sprintf("%v-", destination))
 	}
+	if description, ok := m["description"]; ok && description != "" {
+		buf.WriteString(fmt.Sprintf("%v-", description))
+	}
 	if destinationPresent && destination != "" {
 		buf.WriteString(fmt.Sprintf("%v-", destination))
 	} else if cidrBlockPresent && cidrBlock != "" {

oci/core_route_table_test.go

@@ -46,6 +46,7 @@ var (
 	}
 	routeTableRouteRulesRepresentation = map[string]interface{}{
 		"network_entity_id": Representation{repType: Required, create: `${oci_core_internet_gateway.test_internet_gateway.id}`},
+		"description":       Representation{repType: Optional, create: `description`, update: `description2`},
 		"destination":       Representation{repType: Optional, create: `0.0.0.0/0`, update: `10.0.0.0/8`},
 		"destination_type":  Representation{repType: Optional, create: `CIDR_BLOCK`},
 	}
@@ -111,6 +112,7 @@ func TestCoreRouteTableResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttr(resourceName, "route_rules.#", "1"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "route_rules", map[string]string{
+						"description":      "description",
 						"destination":      "0.0.0.0/0",
 						"destination_type": "CIDR_BLOCK",
 					},
@@ -147,6 +149,7 @@ func TestCoreRouteTableResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttr(resourceName, "route_rules.#", "1"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "route_rules", map[string]string{
+						"description":      "description",
 						"destination":      "0.0.0.0/0",
 						"destination_type": "CIDR_BLOCK",
 					},
@@ -178,6 +181,7 @@ func TestCoreRouteTableResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttr(resourceName, "route_rules.#", "1"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "route_rules", map[string]string{
+						"description":      "description2",
 						"destination":      "10.0.0.0/8",
 						"destination_type": "CIDR_BLOCK",
 					},
@@ -216,6 +220,7 @@ func TestCoreRouteTableResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(datasourceName, "route_tables.0.id"),
 					resource.TestCheckResourceAttr(datasourceName, "route_tables.0.route_rules.#", "1"),
 					CheckResourceSetContainsElementWithProperties(datasourceName, "route_tables.0.route_rules", map[string]string{
+						"description":      "description2",
 						"destination":      "10.0.0.0/8",
 						"destination_type": "CIDR_BLOCK",
 					},

oci/core_security_list_resource.go

@@ -68,6 +68,11 @@ func CoreSecurityListResource() *schema.Resource {
 						},
 
 						// Optional
+						"description": {
+							Type:     schema.TypeString,
+							Optional: true,
+							Computed: true,
+						},
 						"destination_type": {
 							Type:     schema.TypeString,
 							Optional: true,
@@ -230,6 +235,11 @@ func CoreSecurityListResource() *schema.Resource {
 						},
 
 						// Optional
+						"description": {
+							Type:     schema.TypeString,
+							Optional: true,
+							Computed: true,
+						},
 						"icmp_options": {
 							Type:     schema.TypeList,
 							Optional: true,
@@ -675,6 +685,11 @@ func (s *CoreSecurityListResourceCrud) SetData() error {
 func (s *CoreSecurityListResourceCrud) mapToEgressSecurityRule(fieldKeyFormat string) (oci_core.EgressSecurityRule, error) {
 	result := oci_core.EgressSecurityRule{}
 
+	if description, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "description")); ok {
+		tmp := description.(string)
+		result.Description = &tmp
+	}
+
 	if destination, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "destination")); ok && destination != "" {
 		tmp := destination.(string)
 		result.Destination = &tmp
@@ -733,6 +748,10 @@ func (s *CoreSecurityListResourceCrud) mapToEgressSecurityRule(fieldKeyFormat st
 func EgressSecurityRuleToMap(obj oci_core.EgressSecurityRule) map[string]interface{} {
 	result := map[string]interface{}{}
 
+	if obj.Description != nil {
+		result["description"] = string(*obj.Description)
+	}
+
 	if obj.Destination != nil {
 		result["destination"] = string(*obj.Destination)
 	}
@@ -799,6 +818,11 @@ func IcmpOptionsToMap(obj *oci_core.IcmpOptions) map[string]interface{} {
 func (s *CoreSecurityListResourceCrud) mapToIngressSecurityRule(fieldKeyFormat string) (oci_core.IngressSecurityRule, error) {
 	result := oci_core.IngressSecurityRule{}
 
+	if description, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "description")); ok {
+		tmp := description.(string)
+		result.Description = &tmp
+	}
+
 	if icmpOptions, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "icmp_options")); ok {
 		if tmpList := icmpOptions.([]interface{}); len(tmpList) > 0 {
 			fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "icmp_options"), 0)
@@ -857,6 +881,10 @@ func (s *CoreSecurityListResourceCrud) mapToIngressSecurityRule(fieldKeyFormat s
 func IngressSecurityRuleToMap(obj oci_core.IngressSecurityRule) map[string]interface{} {
 	result := map[string]interface{}{}
 
+	if obj.Description != nil {
+		result["description"] = string(*obj.Description)
+	}
+
 	if obj.IcmpOptions != nil {
 		result["icmp_options"] = []interface{}{IcmpOptionsToMap(obj.IcmpOptions)}
 	}
@@ -1013,6 +1041,9 @@ func UdpOptionsToMap(obj *oci_core.UdpOptions) map[string]interface{} {
 func egressSecurityRulesHashCodeForSets(v interface{}) int {
 	var buf bytes.Buffer
 	m := v.(map[string]interface{})
+	if description, ok := m["description"]; ok && description != "" {
+		buf.WriteString(fmt.Sprintf("%v-", description))
+	}
 	if destination, ok := m["destination"]; ok && destination != "" {
 		buf.WriteString(fmt.Sprintf("%v-", destination))
 	}
@@ -1097,6 +1128,9 @@ func egressSecurityRulesHashCodeForSets(v interface{}) int {
 func ingressSecurityRulesHashCodeForSets(v interface{}) int {
 	var buf bytes.Buffer
 	m := v.(map[string]interface{})
+	if description, ok := m["description"]; ok && description != "" {
+		buf.WriteString(fmt.Sprintf("%v-", description))
+	}
 	if icmpOptions, ok := m["icmp_options"]; ok {
 		if tmpList := icmpOptions.([]interface{}); len(tmpList) > 0 && tmpList[0] != nil {
 			buf.WriteString("icmp_options-")

oci/core_security_list_test.go

@@ -45,6 +45,7 @@ var (
 	securityListEgressSecurityRulesICMPRepresentation = map[string]interface{}{
 		"destination":      Representation{repType: Required, create: `10.0.2.0/24`, update: `${lookup(data.oci_core_services.test_services.services[0], "cidr_block")}`},
 		"protocol":         Representation{repType: Required, create: `1`},
+		"description":      Representation{repType: Optional, create: `description`, update: `description2`},
 		"destination_type": Representation{repType: Optional, create: `CIDR_BLOCK`, update: `SERVICE_CIDR_BLOCK`},
 		"icmp_options":     RepresentationGroup{Optional, securityListEgressSecurityRulesIcmpOptionsRepresentation},
 		"stateless":        Representation{repType: Optional, create: `false`, update: `true`},
@@ -65,6 +66,7 @@ var (
 	}
 	securityListIngressSecurityRulesICMPRepresentation = map[string]interface{}{
 		"protocol":     Representation{repType: Required, create: `1`},
+		"description":  Representation{repType: Optional, create: `description`, update: `description2`},
 		"source":       Representation{repType: Required, create: `10.0.1.0/24`, update: `${lookup(data.oci_core_services.test_services.services[0], "cidr_block")}`},
 		"icmp_options": RepresentationGroup{Optional, securityListIngressSecurityRulesIcmpOptionsRepresentation},
 		"source_type":  Representation{repType: Optional, create: `CIDR_BLOCK`, update: `SERVICE_CIDR_BLOCK`},
@@ -201,6 +203,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "egress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "egress_security_rules", map[string]string{
 						"destination":         "10.0.2.0/24",
+						"description":         "description",
 						"destination_type":    "CIDR_BLOCK",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "4",
@@ -242,6 +245,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "4",
 						"icmp_options.0.type": "3",
+						"description":         "description",
 						"protocol":            "1",
 						"source":              "10.0.1.0/24",
 						"source_type":         "CIDR_BLOCK",
@@ -303,6 +307,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "display_name", "MyPrivateSubnetSecurityList"),
 					resource.TestCheckResourceAttr(resourceName, "egress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "egress_security_rules", map[string]string{
+						"description":         "description",
 						"destination":         "10.0.2.0/24",
 						"destination_type":    "CIDR_BLOCK",
 						"icmp_options.#":      "1",
@@ -316,6 +321,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttr(resourceName, "ingress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "ingress_security_rules", map[string]string{
+						"description":         "description",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "4",
 						"icmp_options.0.type": "3",
@@ -349,6 +355,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "display_name", "displayName2"),
 					resource.TestCheckResourceAttr(resourceName, "egress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "egress_security_rules", map[string]string{
+						"description":         "description2",
 						"destination_type":    "SERVICE_CIDR_BLOCK",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "0",
@@ -391,6 +398,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttr(resourceName, "ingress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(resourceName, "ingress_security_rules", map[string]string{
+						"description":         "description2",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "0",
 						"icmp_options.0.type": "3",
@@ -460,6 +468,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(datasourceName, "security_lists.0.display_name", "displayName2"),
 					resource.TestCheckResourceAttr(datasourceName, "security_lists.0.egress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(datasourceName, "security_lists.0.egress_security_rules", map[string]string{
+						"description":         "description2",
 						"destination_type":    "SERVICE_CIDR_BLOCK",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "0",
@@ -502,6 +511,7 @@ func TestCoreSecurityListResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(datasourceName, "security_lists.0.id"),
 					resource.TestCheckResourceAttr(datasourceName, "security_lists.0.ingress_security_rules.#", "3"),
 					CheckResourceSetContainsElementWithProperties(datasourceName, "security_lists.0.ingress_security_rules", map[string]string{
+						"description":         "description2",
 						"icmp_options.#":      "1",
 						"icmp_options.0.code": "0",
 						"icmp_options.0.type": "3",

website/docs/d/core_route_tables.html.markdown

@@ -62,6 +62,7 @@ The following attributes are exported:
 		Cannot be an IPv6 CIDR.
 
 		Example: `0.0.0.0/0` 
+	* `description` - An optional description of your choice for the rule. 
 	* `destination` - Conceptually, this is the range of IP addresses used for matching when routing traffic. Required if you provide a `destinationType`.
 
 		Allowed values:

website/docs/d/core_security_lists.html.markdown

@@ -51,6 +51,7 @@ The following attributes are exported:
 * `defined_tags` - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).  Example: `{"Operations.CostCenter": "42"}` 
 * `display_name` - A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. 
 * `egress_security_rules` - Rules for allowing egress IP packets.
+	* `description` - An optional description of your choice for the rule. 
 	* `destination` - Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
 
 		Allowed values:
@@ -87,6 +88,7 @@ The following attributes are exported:
 * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).  Example: `{"Department": "Finance"}` 
 * `id` - The security list's Oracle Cloud ID (OCID).
 * `ingress_security_rules` - Rules for allowing ingress IP packets.
+	* `description` - An optional description of your choice for the rule. 
 	* `icmp_options` - Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:
 		* [ICMP Parameters](http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml)
 		* [ICMPv6 Parameters](https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml)

website/docs/r/core_route_table.html.markdown

@@ -46,6 +46,7 @@ resource "oci_core_route_table" "test_route_table" {
 
 		#Optional
 		cidr_block = "${var.route_table_route_rules_cidr_block}"
+		description = "${var.route_table_route_rules_description}"
 		destination = "${var.route_table_route_rules_destination}"
 		destination_type = "${var.route_table_route_rules_destination_type}"
 	}
@@ -68,6 +69,7 @@ The following arguments are supported:
 		Cannot be an IPv6 CIDR.
 
 		Example: `0.0.0.0/0` 
+	* `description` - (Optional) (Updatable) An optional description of your choice for the rule. 
 	* `destination` - (Optional) (Updatable) Conceptually, this is the range of IP addresses used for matching when routing traffic. Required if you provide a `destinationType`.
 
 		Allowed values:
@@ -100,6 +102,7 @@ The following attributes are exported:
 		Cannot be an IPv6 CIDR.
 
 		Example: `0.0.0.0/0` 
+	* `description` - An optional description of your choice for the rule. 
 	* `destination` - Conceptually, this is the range of IP addresses used for matching when routing traffic. Required if you provide a `destinationType`.
 
 		Allowed values: