Add support for moving DNS zones and steering policies across compartments

Author: parrneet

CHANGELOG.md

@@ -13,16 +13,7 @@
 - Support for moving `core_instance` resources across compartments
 - Support for LBaaS Cookie Insertion (Sticky Cookie) 
 - Support for moving `identity_compartment` resource tree across compartments
-
-## 3.33.0 (July 10, 2019)
-
-### Added
-- Support autonomous transaction processing preview mode
-- Support load balancer attachment data source for instance pools
-- Support moving `core_route_table`, `core_security_list`, `core_subnet`, `core_vcn` resources across compartments
-- Support for Granular Security Lists using Network Security Group
-- Support for Granular Security Lists in Load Balancer
-- Support for Network Security Groups in databases
+- Support for moving `dns_zone` and `dns_steering_policy` resources across compartments
 - Support in autonomous database and object data sources for encoding downloaded binary content as base64. This works around behavior in Terraform v0.12 that could cause binary content to be corrupted if written directly to state.
 
 ### Fixed
@@ -39,6 +30,16 @@ that are maps of string values.
         - identity_user
 - Removing deprecated field `time_state_modifed` from data source `core_ip_sec_connection_device_status`.  `time_state_modified` should be used instead
 
+## 3.33.0 (July 10, 2019)
+
+### Added
+- Support autonomous transaction processing preview mode
+- Support load balancer attachment data source for instance pools
+- Support moving `core_route_table`, `core_security_list`, `core_subnet`, `core_vcn` resources across compartments
+- Support for Granular Security Lists using Network Security Group
+- Support for Granular Security Lists in Load Balancer
+- Support for Network Security Groups in databases
+
 ## 3.32.0 (July 03, 2019)
 
 ### Added

oci/dns_steering_policy_resource.go

@@ -29,7 +29,6 @@ func DnsSteeringPolicyResource() *schema.Resource {
 			"compartment_id": {
 				Type:     schema.TypeString,
 				Required: true,
-				ForceNew: true,
 			},
 			"display_name": {
 				Type:     schema.TypeString,
@@ -425,6 +424,15 @@ func (s *DnsSteeringPolicyResourceCrud) Get() error {
 }
 
 func (s *DnsSteeringPolicyResourceCrud) Update() error {
+	if compartment, ok := s.D.GetOkExists("compartment_id"); ok && s.D.HasChange("compartment_id") {
+		oldRaw, newRaw := s.D.GetChange("compartment_id")
+		if newRaw != "" && oldRaw != "" {
+			err := s.updateCompartment(compartment)
+			if err != nil {
+				return err
+			}
+		}
+	}
 	request := oci_dns.UpdateSteeringPolicyRequest{}
 
 	/* Do not uncomment until we get a solution to the terraform deficiency
@@ -1168,3 +1176,21 @@ func SteeringPolicyWeightedRuleCaseToMap(obj oci_dns.SteeringPolicyWeightedRuleC
 
 	return result
 }
+
+func (s *DnsSteeringPolicyResourceCrud) updateCompartment(compartment interface{}) error {
+	changeCompartmentRequest := oci_dns.ChangeSteeringPolicyCompartmentRequest{}
+
+	compartmentTmp := compartment.(string)
+	changeCompartmentRequest.CompartmentId = &compartmentTmp
+
+	idTmp := s.D.Id()
+	changeCompartmentRequest.SteeringPolicyId = &idTmp
+
+	changeCompartmentRequest.RequestMetadata.RetryPolicy = getRetryPolicy(s.DisableNotFoundRetries, "dns")
+
+	_, err := s.Client.ChangeSteeringPolicyCompartment(context.Background(), changeCompartmentRequest)
+	if err != nil {
+		return err
+	}
+	return nil
+}

oci/dns_steering_policy_test.go

@@ -160,6 +160,9 @@ func TestDnsSteeringPolicyResource_basic(t *testing.T) {
 	compartmentId := getEnvSettingWithBlankDefault("compartment_ocid")
 	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
 
+	compartmentIdU := getEnvSettingWithDefault("compartment_id_for_update", compartmentId)
+	compartmentIdUVariableStr := fmt.Sprintf("variable \"compartment_id_for_update\" { default = \"%s\" }\n", compartmentIdU)
+
 	resourceName := "oci_dns_steering_policy.test_steering_policy"
 
 	datasourceName := "data.oci_dns_steering_policies.test_steering_policies"
@@ -262,6 +265,79 @@ func TestDnsSteeringPolicyResource_basic(t *testing.T) {
 				),
 			},
 
+			// verify update to the compartment (the compartment will be switched back in the next step)
+			{
+				Config: config + compartmentIdVariableStr + compartmentIdUVariableStr + SteeringPolicyResourceDependencies +
+					generateResourceFromRepresentationMap("oci_dns_steering_policy", "test_steering_policy", Optional, Create,
+						representationCopyWithNewProperties(steeringPolicyRepresentation, map[string]interface{}{
+							"compartment_id": Representation{repType: Required, create: `${var.compartment_id_for_update}`},
+						})),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "answers.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "answers.0.is_disabled", "false"),
+					resource.TestCheckResourceAttr(resourceName, "answers.0.name", "name"),
+					resource.TestCheckResourceAttr(resourceName, "answers.0.pool", "pool"),
+					resource.TestCheckResourceAttr(resourceName, "answers.0.rdata", "192.0.2.1"),
+					resource.TestCheckResourceAttr(resourceName, "answers.0.rtype", "A"),
+					resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU),
+					resource.TestCheckResourceAttr(resourceName, "defined_tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "display_name", "displayName"),
+					resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+					resource.TestCheckResourceAttrSet(resourceName, "health_check_monitor_id"),
+					resource.TestCheckResourceAttr(resourceName, "rules.#", "5"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.cases.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.cases.0.answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.cases.0.answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.cases.0.answer_data.0.should_keep", "false"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.cases.0.case_condition", "query.client.address in (subnet '198.51.100.0/24')"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.default_answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.default_answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.default_answer_data.0.should_keep", "false"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.description", "filter description"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.rule_type", "FILTER"),
+					resource.TestCheckResourceAttr(resourceName, "rules.1.cases.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.1.cases.0.case_condition", "query.client.address in (subnet '198.51.100.0/24')"),
+					resource.TestCheckResourceAttr(resourceName, "rules.1.description", "health description"),
+					resource.TestCheckResourceAttr(resourceName, "rules.1.rule_type", "HEALTH"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.cases.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.cases.0.case_condition", "query.client.address in (subnet '198.51.100.0/24')"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.cases.0.count", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.default_count", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.description", "limit description"),
+					resource.TestCheckResourceAttr(resourceName, "rules.2.rule_type", "LIMIT"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.cases.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.cases.0.answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.cases.0.answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.cases.0.answer_data.0.value", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.cases.0.case_condition", "query.client.address in (subnet '198.51.100.0/24')"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.default_answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.default_answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.default_answer_data.0.value", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.description", "priority description"),
+					resource.TestCheckResourceAttr(resourceName, "rules.3.rule_type", "PRIORITY"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.cases.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.cases.0.answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.cases.0.answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.cases.0.answer_data.0.value", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.cases.0.case_condition", "query.client.address in (subnet '198.51.100.0/24')"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.default_answer_data.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.default_answer_data.0.answer_condition", "answer.name == 'sampler'"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.default_answer_data.0.value", "10"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.description", "weighted description"),
+					resource.TestCheckResourceAttr(resourceName, "rules.4.rule_type", "WEIGHTED"),
+					resource.TestCheckResourceAttr(resourceName, "template", "CUSTOM"),
+					resource.TestCheckResourceAttr(resourceName, "ttl", "10"),
+
+					func(s *terraform.State) (err error) {
+						resId2, err = fromInstanceState(s, resourceName, "id")
+						if resId != resId2 {
+							return fmt.Errorf("resource recreated when it was supposed to be updated")
+						}
+						return err
+					},
+				),
+			},
+
 			// verify updates to updatable parameters
 			{
 				Config: config + compartmentIdVariableStr + SteeringPolicyResourceDependencies +

oci/dns_zone_resource.go

@@ -27,7 +27,6 @@ func DnsZoneResource() *schema.Resource {
 			"compartment_id": {
 				Type:     schema.TypeString,
 				Required: true,
-				ForceNew: true,
 			},
 			"name": {
 				Type:     schema.TypeString,
@@ -274,6 +273,15 @@ func (s *DnsZoneResourceCrud) Get() error {
 }
 
 func (s *DnsZoneResourceCrud) Update() error {
+	if compartment, ok := s.D.GetOkExists("compartment_id"); ok && s.D.HasChange("compartment_id") {
+		oldRaw, newRaw := s.D.GetChange("compartment_id")
+		if newRaw != "" && oldRaw != "" {
+			err := s.updateCompartment(compartment)
+			if err != nil {
+				return err
+			}
+		}
+	}
 	request := oci_dns.UpdateZoneRequest{}
 
 	if compartmentId, ok := s.D.GetOkExists("compartment_id"); ok {
@@ -485,3 +493,21 @@ func TSIGToMap(obj *oci_dns.Tsig) map[string]interface{} {
 
 	return result
 }
+
+func (s *DnsZoneResourceCrud) updateCompartment(compartment interface{}) error {
+	changeCompartmentRequest := oci_dns.ChangeZoneCompartmentRequest{}
+
+	compartmentTmp := compartment.(string)
+	changeCompartmentRequest.CompartmentId = &compartmentTmp
+
+	idTmp := s.D.Id()
+	changeCompartmentRequest.ZoneId = &idTmp
+
+	changeCompartmentRequest.RequestMetadata.RetryPolicy = getRetryPolicy(s.DisableNotFoundRetries, "dns")
+
+	_, err := s.Client.ChangeZoneCompartment(context.Background(), changeCompartmentRequest)
+	if err != nil {
+		return err
+	}
+	return nil
+}

oci/dns_zone_test.go

@@ -90,6 +90,9 @@ func TestDnsZoneResource_basic(t *testing.T) {
 	compartmentId := getEnvSettingWithBlankDefault("compartment_ocid")
 	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
 
+	compartmentIdU := getEnvSettingWithDefault("compartment_id_for_update", compartmentId)
+	compartmentIdUVariableStr := fmt.Sprintf("variable \"compartment_id_for_update\" { default = \"%s\" }\n", compartmentIdU)
+
 	resourceName := "oci_dns_zone.test_zone"
 	datasourceName := "data.oci_dns_zones.test_zones"
 
@@ -171,6 +174,31 @@ func TestDnsZoneResource_basic(t *testing.T) {
 					},
 				),
 			},
+
+			// verify update to the compartment (the compartment will be switched back in the next step)
+			{
+				Config: tokenFn(config+compartmentIdVariableStr+compartmentIdUVariableStr+ZoneResourceDependencies+
+					generateResourceFromRepresentationMap("oci_dns_zone", "test_zone", Optional, Create,
+						representationCopyWithNewProperties(representationCopyWithRemovedProperties(zoneRepresentationPrimary, []string{"external_masters"}), map[string]interface{}{
+							"compartment_id": Representation{repType: Required, create: `${var.compartment_id_for_update}`},
+						})), nil),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU),
+					resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("\\.oci-zone-test")),
+					resource.TestCheckResourceAttr(resourceName, "zone_type", "PRIMARY"),
+					resource.TestCheckResourceAttr(resourceName, "defined_tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
+					resource.TestCheckResourceAttrSet(resourceName, "nameservers.#"),
+
+					func(s *terraform.State) (err error) {
+						resId2, err = fromInstanceState(s, resourceName, "id")
+						if resId != resId2 {
+							return fmt.Errorf("resource recreated when it was supposed to be updated")
+						}
+						return err
+					},
+				),
+			},
 			// verify updates to updatable parameters
 			{
 				Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDependencies+

website/docs/r/dns_steering_policy.html.markdown

@@ -80,7 +80,7 @@ The following arguments are supported:
 	* `pool` - (Optional) The freeform name of a group of one or more records in which this record is included, such as "LAX data center". An answer's `pool` property can be referenced in `answerCondition` properties of rules using `answer.pool`.
 	* `rdata` - (Required) The record's data, as whitespace-delimited tokens in type-specific presentation format. All RDATA is normalized and the returned presentation of your RDATA may differ from its initial input. For more information about RDATA, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm). 
 	* `rtype` - (Required) The canonical name for the record's type. Only A, AAAA, and CNAME are supported. For more information, see [Supported DNS Resource Record Types](https://docs.cloud.oracle.com/iaas/Content/DNS/Reference/supporteddnsresource.htm). 
-* `compartment_id` - (Required) The OCID of the compartment containing the steering policy.
+* `compartment_id` - (Required) (Updatable) The OCID of the compartment containing the steering policy.
 * `defined_tags` - (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).
 * `display_name` - (Required) (Updatable) A user-friendly name for the steering policy. Does not have to be unique and can be changed. Avoid entering confidential information. 
 * `freeform_tags` - (Optional) (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).