Merge pull request #787 from terraform-providers/v.3.28.2-hotfix

fix `oci_core_ipsec` backward compatibility issue

Author: bowfeng

CHANGELOG.md

@@ -1,4 +1,10 @@
-## 3.28.2 (Unreleased)
+## 3.28.2 (June 07, 2019)
+
+### Added
+- `oci_core_ipsec_connection_tunnel_management` resource to manage IPSec tunnel connection
+### Fixed
+- `oci_core_ipsec` backward compatibility issue by removing `tunnel_configuration` property, which is reported by https://github.com/terraform-providers/terraform-provider-oci/issues/779
+
 ## 3.28.1 (June 05, 2019)
 
 ## Notes

examples/networking/ipsec_connections/ipsec_connection.tf

@@ -73,20 +73,6 @@ resource "oci_core_ipsec" "test_ip_sec_connection" {
   defined_tags              = "${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "${var.ip_sec_connection_defined_tags_value}")}"
   display_name              = "${var.ip_sec_connection_display_name}"
   freeform_tags             = "${var.ip_sec_connection_freeform_tags}"
-
-  tunnel_configuration {
-    #Optional
-    bgp_session_config {
-      #Optional
-      customer_bgp_asn      = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_customer_bgp_asn}"
-      customer_interface_ip = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_customer_interface_ip}"
-      oracle_interface_ip   = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_oracle_interface_ip}"
-    }
-
-    display_name  = "${var.ip_sec_connection_tunnel_configuration_display_name}"
-    routing       = "${var.ip_sec_connection_tunnel_configuration_routing}"
-    shared_secret = "${var.ip_sec_connection_tunnel_configuration_shared_secret}"
-  }
 }
 
 data "oci_core_ipsec_connections" "test_ip_sec_connections" {
@@ -100,11 +86,25 @@ data "oci_core_ipsec_connections" "test_ip_sec_connections" {
 
 data "oci_core_ipsec_connection_tunnels" "test_ip_sec_connection_tunnels" {
   ipsec_id = "${oci_core_ipsec.test_ip_sec_connection.id}"
-
-  # tunnel_id = ""
 }
 
 data "oci_core_ipsec_connection_tunnel" "test_ipsec_connection_tunnel" {
   ipsec_id  = "${oci_core_ipsec.test_ip_sec_connection.id}"
   tunnel_id = "${data.oci_core_ipsec_connection_tunnels.test_ip_sec_connection_tunnels.ip_sec_connection_tunnels.0.id}"
 }
+
+resource "oci_core_ipsec_connection_tunnel_management" "test_ipsec_connection_tunnel_management" {
+  ipsec_id  = "${oci_core_ipsec.test_ip_sec_connection.id}"
+  tunnel_id = "${data.oci_core_ipsec_connection_tunnels.test_ip_sec_connection_tunnels.ip_sec_connection_tunnels.0.id}"
+
+  #Optional
+  bgp_session_info {
+    customer_bgp_asn      = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_customer_bgp_asn}"
+    customer_interface_ip = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_customer_interface_ip}"
+    oracle_interface_ip   = "${var.ip_sec_connection_tunnel_configuration_bgp_session_config_oracle_interface_ip}"
+  }
+
+  display_name  = "${var.ip_sec_connection_tunnel_configuration_display_name}"
+  routing       = "${var.ip_sec_connection_tunnel_configuration_routing}"
+  shared_secret = "${var.ip_sec_connection_tunnel_configuration_shared_secret}"
+}

oci/core_ip_sec_connection_resource.go

@@ -3,11 +3,8 @@
 package provider
 
 import (
-	"bytes"
 	"context"
-	"fmt"
 
-	"github.com/hashicorp/terraform/helper/hashcode"
 	"github.com/hashicorp/terraform/helper/schema"
 
 	oci_core "github.com/oracle/oci-go-sdk/core"
@@ -77,77 +74,6 @@ func CoreIpSecConnectionResource() *schema.Resource {
 				Computed: true,
 				Elem:     schema.TypeString,
 			},
-			"tunnel_configuration": {
-				Type:     schema.TypeSet,
-				Optional: true,
-				Computed: true,
-				ForceNew: true,
-				MaxItems: 2,
-				MinItems: 1,
-				Set:      tunnelConfigurationHashCodeForSets,
-				Elem: &schema.Resource{
-					Schema: map[string]*schema.Schema{
-						// Required
-
-						// Optional
-						"bgp_session_config": {
-							Type:     schema.TypeList,
-							Optional: true,
-							Computed: true,
-							ForceNew: true,
-							MaxItems: 1,
-							MinItems: 1,
-							Elem: &schema.Resource{
-								Schema: map[string]*schema.Schema{
-									// Required
-
-									// Optional
-									"customer_bgp_asn": {
-										Type:     schema.TypeString,
-										Optional: true,
-										Computed: true,
-										ForceNew: true,
-									},
-									"customer_interface_ip": {
-										Type:     schema.TypeString,
-										Optional: true,
-										Computed: true,
-										ForceNew: true,
-									},
-									"oracle_interface_ip": {
-										Type:     schema.TypeString,
-										Optional: true,
-										Computed: true,
-										ForceNew: true,
-									},
-
-									// Computed
-								},
-							},
-						},
-						"display_name": {
-							Type:     schema.TypeString,
-							Optional: true,
-							Computed: true,
-							ForceNew: true,
-						},
-						"routing": {
-							Type:     schema.TypeString,
-							Optional: true,
-							Computed: true,
-							ForceNew: true,
-						},
-						"shared_secret": {
-							Type:     schema.TypeString,
-							Optional: true,
-							Computed: true,
-							ForceNew: true,
-						},
-
-						// Computed
-					},
-				},
-			},
 
 			// Computed
 			"state": {
@@ -218,6 +144,18 @@ func (s *CoreIpSecConnectionResourceCrud) CreatedTarget() []string {
 	}
 }
 
+func (s *CoreIpSecConnectionResourceCrud) UpdatedPending() []string {
+	return []string{
+		string(oci_core.IpSecConnectionLifecycleStateProvisioning),
+	}
+}
+
+func (s *CoreIpSecConnectionResourceCrud) UpdatedTarget() []string {
+	return []string{
+		string(oci_core.IpSecConnectionLifecycleStateAvailable),
+	}
+}
+
 func (s *CoreIpSecConnectionResourceCrud) DeletedPending() []string {
 	return []string{
 		string(oci_core.IpSecConnectionLifecycleStateTerminating),
@@ -286,22 +224,6 @@ func (s *CoreIpSecConnectionResourceCrud) Create() error {
 		request.StaticRoutes = tmp
 	}
 
-	if tunnelConfiguration, ok := s.D.GetOkExists("tunnel_configuration"); ok {
-		set := tunnelConfiguration.(*schema.Set)
-		interfaces := set.List()
-		tmp := make([]oci_core.CreateIpSecConnectionTunnelDetails, len(interfaces))
-		for i := range interfaces {
-			stateDataIndex := tunnelConfigurationHashCodeForSets(interfaces[i])
-			fieldKeyFormat := fmt.Sprintf("%s.%d.%%s", "tunnel_configuration", stateDataIndex)
-			converted, err := s.mapToCreateIPSecConnectionTunnelDetails(fieldKeyFormat)
-			if err != nil {
-				return err
-			}
-			tmp[i] = converted
-		}
-		request.TunnelConfiguration = tmp
-	}
-
 	request.RequestMetadata.RetryPolicy = getRetryPolicy(s.DisableNotFoundRetries, "core")
 
 	response, err := s.Client.CreateIPSecConnection(context.Background(), request)
@@ -436,123 +358,3 @@ func (s *CoreIpSecConnectionResourceCrud) SetData() error {
 
 	return nil
 }
-
-func (s *CoreIpSecConnectionResourceCrud) mapToCreateIPSecConnectionTunnelDetails(fieldKeyFormat string) (oci_core.CreateIpSecConnectionTunnelDetails, error) {
-	result := oci_core.CreateIpSecConnectionTunnelDetails{}
-
-	if bgpSessionConfig, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "bgp_session_config")); ok {
-		if tmpList := bgpSessionConfig.([]interface{}); len(tmpList) > 0 {
-			fieldKeyFormatNextLevel := fmt.Sprintf("%s.%d.%%s", fmt.Sprintf(fieldKeyFormat, "bgp_session_config"), 0)
-			tmp, err := s.mapToCreateIPSecTunnelBgpSessionDetails(fieldKeyFormatNextLevel)
-			if err != nil {
-				return result, fmt.Errorf("unable to convert bgp_session_config, encountered error: %v", err)
-			}
-			result.BgpSessionConfig = &tmp
-		}
-	}
-
-	if displayName, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "display_name")); ok {
-		tmp := displayName.(string)
-		result.DisplayName = &tmp
-	}
-
-	if routing, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "routing")); ok {
-		result.Routing = oci_core.CreateIpSecConnectionTunnelDetailsRoutingEnum(routing.(string))
-	}
-
-	if sharedSecret, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "shared_secret")); ok {
-		tmp := sharedSecret.(string)
-		result.SharedSecret = &tmp
-	}
-
-	return result, nil
-}
-
-func CreateIPSecConnectionTunnelDetailsToMap(obj oci_core.CreateIpSecConnectionTunnelDetails) map[string]interface{} {
-	result := map[string]interface{}{}
-
-	if obj.BgpSessionConfig != nil {
-		result["bgp_session_config"] = []interface{}{CreateIPSecTunnelBgpSessionDetailsToMap(obj.BgpSessionConfig)}
-	}
-
-	if obj.DisplayName != nil {
-		result["display_name"] = string(*obj.DisplayName)
-	}
-
-	result["routing"] = string(obj.Routing)
-
-	if obj.SharedSecret != nil {
-		result["shared_secret"] = string(*obj.SharedSecret)
-	}
-
-	return result
-}
-
-func (s *CoreIpSecConnectionResourceCrud) mapToCreateIPSecTunnelBgpSessionDetails(fieldKeyFormat string) (oci_core.CreateIpSecTunnelBgpSessionDetails, error) {
-	result := oci_core.CreateIpSecTunnelBgpSessionDetails{}
-
-	if customerBgpAsn, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "customer_bgp_asn")); ok {
-		tmp := customerBgpAsn.(string)
-		result.CustomerBgpAsn = &tmp
-	}
-
-	if customerInterfaceIp, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "customer_interface_ip")); ok {
-		tmp := customerInterfaceIp.(string)
-		result.CustomerInterfaceIp = &tmp
-	}
-
-	if oracleInterfaceIp, ok := s.D.GetOkExists(fmt.Sprintf(fieldKeyFormat, "oracle_interface_ip")); ok {
-		tmp := oracleInterfaceIp.(string)
-		result.OracleInterfaceIp = &tmp
-	}
-
-	return result, nil
-}
-
-func CreateIPSecTunnelBgpSessionDetailsToMap(obj *oci_core.CreateIpSecTunnelBgpSessionDetails) map[string]interface{} {
-	result := map[string]interface{}{}
-
-	if obj.CustomerBgpAsn != nil {
-		result["customer_bgp_asn"] = string(*obj.CustomerBgpAsn)
-	}
-
-	if obj.CustomerInterfaceIp != nil {
-		result["customer_interface_ip"] = string(*obj.CustomerInterfaceIp)
-	}
-
-	if obj.OracleInterfaceIp != nil {
-		result["oracle_interface_ip"] = string(*obj.OracleInterfaceIp)
-	}
-
-	return result
-}
-
-func tunnelConfigurationHashCodeForSets(v interface{}) int {
-	var buf bytes.Buffer
-	m := v.(map[string]interface{})
-	if bgpSessionConfig, ok := m["bgp_session_config"]; ok {
-		if tmpList := bgpSessionConfig.([]interface{}); len(tmpList) > 0 {
-			buf.WriteString("bgp_session_config-")
-			bgpSessionConfigRaw := tmpList[0].(map[string]interface{})
-			if customerBgpAsn, ok := bgpSessionConfigRaw["customer_bgp_asn"]; ok && customerBgpAsn != "" {
-				buf.WriteString(fmt.Sprintf("%v-", customerBgpAsn))
-			}
-			if customerInterfaceIp, ok := bgpSessionConfigRaw["customer_interface_ip"]; ok && customerInterfaceIp != "" {
-				buf.WriteString(fmt.Sprintf("%v-", customerInterfaceIp))
-			}
-			if oracleInterfaceIp, ok := bgpSessionConfigRaw["oracle_interface_ip"]; ok && oracleInterfaceIp != "" {
-				buf.WriteString(fmt.Sprintf("%v-", oracleInterfaceIp))
-			}
-		}
-	}
-	if displayName, ok := m["display_name"]; ok && displayName != "" {
-		buf.WriteString(fmt.Sprintf("%v-", displayName))
-	}
-	if routing, ok := m["routing"]; ok && routing != "" {
-		buf.WriteString(fmt.Sprintf("%v-", routing))
-	}
-	if sharedSecret, ok := m["shared_secret"]; ok && sharedSecret != "" {
-		buf.WriteString(fmt.Sprintf("%v-", sharedSecret))
-	}
-	return hashcode.String(buf.String())
-}

oci/core_ip_sec_connection_test.go

@@ -44,18 +44,6 @@ var (
 		"defined_tags":              Representation{repType: Optional, create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`},
 		"display_name":              Representation{repType: Optional, create: `MyIPSecConnection`, update: `displayName2`},
 		"freeform_tags":             Representation{repType: Optional, create: map[string]string{"Department": "Finance"}, update: map[string]string{"Department": "Accounting"}},
-		"tunnel_configuration":      RepresentationGroup{Optional, ipSecConnectionTunnelConfigurationRepresentation},
-	}
-	ipSecConnectionTunnelConfigurationRepresentation = map[string]interface{}{
-		"bgp_session_config": RepresentationGroup{Optional, ipSecConnectionTunnelConfigurationBgpSessionConfigRepresentation},
-		"display_name":       Representation{repType: Optional, create: `MyIPSecConnection`},
-		"routing":            Representation{repType: Optional, create: `BGP`},
-		"shared_secret":      Representation{repType: Optional, create: `sharedSecret`},
-	}
-	ipSecConnectionTunnelConfigurationBgpSessionConfigRepresentation = map[string]interface{}{
-		"customer_bgp_asn":      Representation{repType: Optional, create: `1587232876`},
-		"customer_interface_ip": Representation{repType: Optional, create: `10.0.0.16/31`},
-		"oracle_interface_ip":   Representation{repType: Optional, create: `10.0.0.17/31`},
 	}
 
 	IpSecConnectionResourceDependencies = CpeRequiredOnlyResource + DrgRequiredOnlyResource
@@ -120,18 +108,6 @@ func TestCoreIpSecConnectionResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttrSet(resourceName, "state"),
 					resource.TestCheckResourceAttr(resourceName, "static_routes.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "tunnel_configuration.#", "1"),
-					CheckResourceSetContainsElementWithProperties(resourceName, "tunnel_configuration", map[string]string{
-						"bgp_session_config.#": "1",
-						"display_name":         "MyIPSecConnection",
-						"routing":              "BGP",
-						"shared_secret":        "sharedSecret",
-					},
-						[]string{
-							"display_name",
-							"routing",
-							"shared_secret",
-						}),
 
 					func(s *terraform.State) (err error) {
 						resId, err = fromInstanceState(s, resourceName, "id")
@@ -156,18 +132,6 @@ func TestCoreIpSecConnectionResource_basic(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "id"),
 					resource.TestCheckResourceAttrSet(resourceName, "state"),
 					resource.TestCheckResourceAttr(resourceName, "static_routes.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "tunnel_configuration.#", "1"),
-					CheckResourceSetContainsElementWithProperties(resourceName, "tunnel_configuration", map[string]string{
-						"bgp_session_config.#": "1",
-						"display_name":         "MyIPSecConnection",
-						"routing":              "BGP",
-						"shared_secret":        "sharedSecret",
-					},
-						[]string{
-							"display_name",
-							"routing",
-							"shared_secret",
-						}),
 
 					func(s *terraform.State) (err error) {
 						resId2, err = fromInstanceState(s, resourceName, "id")
@@ -206,13 +170,11 @@ func TestCoreIpSecConnectionResource_basic(t *testing.T) {
 			},
 			// verify resource import
 			{
-				Config:            config,
-				ImportState:       true,
-				ImportStateVerify: true,
-				ImportStateVerifyIgnore: []string{
-					"tunnel_configuration",
-				},
-				ResourceName: resourceName,
+				Config:                  config,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{},
+				ResourceName:            resourceName,
 			},
 		},
 	})