Skip to content

Commit 86f3837

Browse files
Terraform Team AutomationMaxrovr
Terraform Team Automation
authored and
Maxrovr
committed
Added - Support for LBaaS: HTTP healthchecks for HTTPS backendsets
1 parent caa17ba commit 86f3837

15 files changed

+126
-107
lines changed

internal/integrationtest/load_balancer_backend_set_test.go

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -53,17 +53,17 @@ var (
5353
}
5454

5555
backendSetSslConfigurationRepresentationOciCerts = map[string]interface{}{
56-
"cipher_suite_name": acctest.Representation{RepType: acctest.Optional, Create: `example_cipher_suite`, Update: `cipherSuiteName2`},
57-
"protocols": acctest.Representation{RepType: acctest.Optional, Create: []string{`protocols`}, Update: []string{`protocols2`}},
56+
"cipher_suite_name": acctest.Representation{RepType: acctest.Optional, Create: `oci-compatible-ssl-cipher-suite-v1`, Update: `oci-wider-compatible-ssl-cipher-suite-v1`},
57+
"protocols": acctest.Representation{RepType: acctest.Optional, Create: []string{`TLSv1.2`}, Update: []string{`TLSv1.2`}},
5858
"trusted_certificate_authority_ids": acctest.Representation{RepType: acctest.Optional, Create: []string{trustedCertificateAuthorityIds}, Update: []string{trustedCertificateAuthorityIds2}},
5959
"verify_depth": acctest.Representation{RepType: acctest.Optional, Create: `6`},
6060
"verify_peer_certificate": acctest.Representation{RepType: acctest.Optional, Create: `false`},
6161
}
6262

6363
backendSetSslConfigurationRepresentationLB = map[string]interface{}{
64-
"cipher_suite_name": acctest.Representation{RepType: acctest.Optional, Create: `oci-default-ssl-cipher-suite-v1`, Update: `oci-default-ssl-cipher-suite-v1`},
64+
"cipher_suite_name": acctest.Representation{RepType: acctest.Optional, Create: `oci-compatible-ssl-cipher-suite-v1`, Update: `oci-wider-compatible-ssl-cipher-suite-v1`},
6565
"protocols": acctest.Representation{RepType: acctest.Optional, Create: []string{`TLSv1.2`}, Update: []string{`TLSv1.2`}},
66-
"certificate_name": acctest.Representation{RepType: acctest.Optional, Create: "example_certificate_bundle", Update: "example_certificate_bundle"},
66+
"certificate_name": acctest.Representation{RepType: acctest.Optional, Create: "example_certificate_bundle"},
6767
"verify_depth": acctest.Representation{RepType: acctest.Optional, Create: `6`},
6868
"verify_peer_certificate": acctest.Representation{RepType: acctest.Optional, Create: `false`},
6969
}
@@ -86,6 +86,7 @@ var (
8686
backendSetHealthCheckerRepresentation = map[string]interface{}{
8787
"protocol": acctest.Representation{RepType: acctest.Required, Create: `HTTP`},
8888
"interval_ms": acctest.Representation{RepType: acctest.Optional, Create: `1000`, Update: `2000`},
89+
"is_force_plain_text": acctest.Representation{RepType: acctest.Optional, Create: `false`, Update: `true`},
8990
"port": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `11`},
9091
"response_body_regex": acctest.Representation{RepType: acctest.Optional, Create: `.*`, Update: `responseBodyRegex2`},
9192
"retries": acctest.Representation{RepType: acctest.Optional, Create: `10`, Update: `11`},
@@ -368,7 +369,7 @@ func TestLoadBalancerBackendSetResourceOciCerts_basic(t *testing.T) {
368369
resource.TestCheckResourceAttr(resourceName, "name", "backendSet1"),
369370
resource.TestCheckResourceAttr(resourceName, "policy", "LEAST_CONNECTIONS"),
370371
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.#", "1"),
371-
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "example_cipher_suite"),
372+
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-compatible-ssl-cipher-suite-v1"),
372373
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.protocols.#", "1"),
373374
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.trusted_certificate_authority_ids.#", "1"),
374375
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.verify_depth", "6"),
@@ -424,7 +425,7 @@ func TestLoadBalancerBackendSetResourceOciCerts_basic(t *testing.T) {
424425
resource.TestCheckResourceAttr(resourceName, "name", "backendSet1"),
425426
resource.TestCheckResourceAttr(resourceName, "policy", "LEAST_CONNECTIONS"),
426427
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.#", "1"),
427-
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "cipherSuiteName2"),
428+
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-wider-compatible-ssl-cipher-suite-v1"),
428429
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.protocols.#", "1"),
429430
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.trusted_certificate_authority_ids.#", "1"),
430431
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.verify_depth", "6"),
@@ -487,7 +488,7 @@ func TestLoadBalancerBackendSetResourceOciCerts_basic(t *testing.T) {
487488
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.name", "backendSet1"),
488489
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.policy", "LEAST_CONNECTIONS"),
489490
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.#", "1"),
490-
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.cipher_suite_name", "cipherSuiteName2"),
491+
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.cipher_suite_name", "oci-wider-compatible-ssl-cipher-suite-v1"),
491492
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.protocols.#", "1"),
492493
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.trusted_certificate_authority_ids.#", "1"),
493494
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.verify_depth", "6"),
@@ -674,6 +675,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
674675
Check: acctest.ComposeAggregateTestCheckFuncWrapper(
675676
resource.TestCheckResourceAttr(resourceName, "health_checker.#", "1"),
676677
resource.TestCheckResourceAttr(resourceName, "health_checker.0.interval_ms", "1000"),
678+
resource.TestCheckResourceAttr(resourceName, "health_checker.0.is_force_plain_text", "false"),
677679
resource.TestCheckResourceAttr(resourceName, "health_checker.0.port", "10"),
678680
resource.TestCheckResourceAttr(resourceName, "health_checker.0.protocol", "HTTP"),
679681
resource.TestCheckResourceAttr(resourceName, "health_checker.0.response_body_regex", ".*"),
@@ -738,7 +740,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
738740
resource.TestCheckResourceAttr(resourceName, "name", "backendSet1"),
739741
resource.TestCheckResourceAttr(resourceName, "policy", "LEAST_CONNECTIONS"),
740742
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.#", "1"),
741-
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-default-ssl-cipher-suite-v1"),
743+
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-compatible-ssl-cipher-suite-v1"),
742744
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.protocols.#", "1"),
743745
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.certificate_name", "example_certificate_bundle"),
744746
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.verify_depth", "6"),
@@ -775,6 +777,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
775777
}),
776778
resource.TestCheckResourceAttr(resourceName, "health_checker.#", "1"),
777779
resource.TestCheckResourceAttr(resourceName, "health_checker.0.interval_ms", "2000"),
780+
resource.TestCheckResourceAttr(resourceName, "health_checker.0.is_force_plain_text", "true"),
778781
resource.TestCheckResourceAttr(resourceName, "health_checker.0.port", "11"),
779782
resource.TestCheckResourceAttr(resourceName, "health_checker.0.protocol", "HTTP"),
780783
resource.TestCheckResourceAttr(resourceName, "health_checker.0.response_body_regex", "responseBodyRegex2"),
@@ -794,7 +797,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
794797
resource.TestCheckResourceAttr(resourceName, "name", "backendSet1"),
795798
resource.TestCheckResourceAttr(resourceName, "policy", "LEAST_CONNECTIONS"),
796799
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.#", "1"),
797-
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-default-ssl-cipher-suite-v1"),
800+
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.cipher_suite_name", "oci-wider-compatible-ssl-cipher-suite-v1"),
798801
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.protocols.#", "1"),
799802
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.certificate_name", "example_certificate_bundle"),
800803
resource.TestCheckResourceAttr(resourceName, "ssl_configuration.0.verify_depth", "6"),
@@ -839,6 +842,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
839842
}),
840843
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.#", "1"),
841844
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.0.interval_ms", "2000"),
845+
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.0.is_force_plain_text", "true"),
842846
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.0.port", "11"),
843847
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.0.protocol", "HTTP"),
844848
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.health_checker.0.response_body_regex", "responseBodyRegex2"),
@@ -857,7 +861,7 @@ func TestLoadBalancerBackendSetResourceLB_basic(t *testing.T) {
857861
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.name", "backendSet1"),
858862
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.policy", "LEAST_CONNECTIONS"),
859863
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.#", "1"),
860-
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.cipher_suite_name", "oci-default-ssl-cipher-suite-v1"),
864+
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.cipher_suite_name", "oci-wider-compatible-ssl-cipher-suite-v1"),
861865
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.protocols.#", "1"),
862866
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.certificate_name", "example_certificate_bundle"),
863867
resource.TestCheckResourceAttr(datasourceName, "backendsets.0.ssl_configuration.0.verify_depth", "6"),

internal/integrationtest/load_balancer_certificate_test.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88
"fmt"
99
"regexp"
1010
"strconv"
11+
"strings"
1112
"testing"
1213

1314
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
@@ -45,11 +46,10 @@ var (
4546
"public_certificate": acctest.Representation{RepType: acctest.Optional, Create: `${var.ca_certificate_value}`},
4647
}
4748

48-
caCertificate = utils.GetEnvSettingWithBlankDefault("ca_certificate")
49+
caCertificate = strings.ReplaceAll(utils.GetEnvSettingWithBlankDefault("ca_certificate"), `\\n`, `\n`)
4950
caCertificateVariableStr = fmt.Sprintf("variable \"ca_certificate_value\" { default = \"%s\" }\n", caCertificate)
50-
51-
privateKeyData = utils.GetEnvSettingWithBlankDefault("private_key_data")
52-
privateKeyVariableStr = fmt.Sprintf("variable \"private_key_value\" { default = \"%s\" }\n", privateKeyData)
51+
privateKeyData = utils.GetEnvSettingWithBlankDefault("private_key_data")
52+
privateKeyVariableStr = fmt.Sprintf("variable \"private_key_value\" { default = \"%s\" }\n", privateKeyData)
5353

5454
CertificateResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_load_balancer_load_balancer", "test_load_balancer", acctest.Required, acctest.Create, loadBalancerRepresentation) +
5555
LoadBalancerSubnetDependencies + privateKeyVariableStr + caCertificateVariableStr
@@ -97,7 +97,7 @@ func TestLoadBalancerCertificateResource_basic(t *testing.T) {
9797
resource.TestCheckResourceAttr(resourceName, "certificate_name", "example_certificate_bundle"),
9898
resource.TestCheckResourceAttrSet(resourceName, "load_balancer_id"),
9999
resource.TestCheckResourceAttr(resourceName, "passphrase", "Mysecretunlockingcode42!1!"),
100-
resource.TestMatchResourceAttr(resourceName, "private_key", regexp.MustCompile("-----BEGIN RSA.*")),
100+
resource.TestMatchResourceAttr(resourceName, "private_key", regexp.MustCompile("-----BEGIN ENCRYPTED PRIVATE KEY.*")),
101101
resource.TestMatchResourceAttr(resourceName, "public_certificate", regexp.MustCompile("-----BEGIN CERT.*")),
102102

103103
func(s *terraform.State) (err error) {

internal/integrationtest/load_balancer_load_balancer_routing_policy_test.go

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,13 +49,13 @@ var (
4949
"rules": acctest.RepresentationGroup{RepType: acctest.Required, Group: loadBalancerRoutingPolicyRulesRepresentation},
5050
}
5151
loadBalancerRoutingPolicyRulesRepresentation = map[string]interface{}{
52-
"actions": acctest.RepresentationGroup{RepType: acctest.Required, Group: loadBalancerRoutingPolicyRulesActionsRepresentation},
52+
"actions": acctest.RepresentationGroup{RepType: acctest.Required, Group: LoadBalancerLoadBalancerRoutingPolicyRulesActionsRepresentation},
5353
"condition": acctest.Representation{RepType: acctest.Required, Create: `all(http.request.url.path eq (i ''))`},
5454
"name": acctest.Representation{RepType: acctest.Required, Create: `example_routing_rules`, Update: `name2`},
5555
}
56-
loadBalancerRoutingPolicyRulesActionsRepresentation = map[string]interface{}{
57-
"name": acctest.Representation{RepType: acctest.Required, Create: `FORWARD_TO_BACKENDSET`, Update: `FORWARD_TO_BACKENDSET`},
56+
LoadBalancerLoadBalancerRoutingPolicyRulesActionsRepresentation = map[string]interface{}{
5857
"backend_set_name": acctest.Representation{RepType: acctest.Required, Create: `${oci_load_balancer_backend_set.test_backend_set.name}`},
58+
"name": acctest.Representation{RepType: acctest.Required, Create: `FORWARD_TO_BACKENDSET`, Update: `FORWARD_TO_BACKENDSET`},
5959
}
6060

6161
LoadBalancerRoutingPolicyResourceDependencies = acctest.GenerateResourceFromRepresentationMap("oci_load_balancer_backend_set", "test_backend_set", acctest.Required, acctest.Create, backendSetRepresentation) +
@@ -90,6 +90,7 @@ func TestLoadBalancerLoadBalancerRoutingPolicyResource_basic(t *testing.T) {
9090
resource.TestCheckResourceAttr(resourceName, "name", "example_routing_rules"),
9191
resource.TestCheckResourceAttr(resourceName, "rules.#", "1"),
9292
resource.TestCheckResourceAttr(resourceName, "rules.0.actions.#", "1"),
93+
resource.TestCheckResourceAttrSet(resourceName, "rules.0.actions.0.backend_set_name"),
9394
resource.TestCheckResourceAttr(resourceName, "rules.0.actions.0.name", "FORWARD_TO_BACKENDSET"),
9495
resource.TestCheckResourceAttr(resourceName, "rules.0.condition", "all(http.request.url.path eq (i ''))"),
9596
resource.TestCheckResourceAttr(resourceName, "rules.0.name", "example_routing_rules"),

0 commit comments

Comments
 (0)