Merge pull request #101 from imperva/cname_and_ttl

BrachaY · web-flow · commit 6b5e42cee187 · 2021-09-05T14:48:47.000+03:00
support sctrict_cname_reuse and fix ttl
diff --git a/incapsula/client_cache_rule.go b/incapsula/client_cache_rule.go
@@ -15,7 +15,7 @@ type CacheRule struct {
 	Action               string `json:"action"`
 	Filter               string `json:"filter"`
 	Enabled              bool   `json:"enabled"`
-	TTL                  int    `json:"ttl,omitempty"`
+	TTL                  int    `json:"ttl"`
 	IgnoredParams        string `json:"ignored_params,omitempty"`
 	Text                 string `json:"text,omitempty"`
 	DifferentiateByValue string `json:"differentiate_by_value,omitempty"`
diff --git a/incapsula/client_site.go b/incapsula/client_site.go
@@ -56,6 +56,7 @@ type SiteStatusResponse struct {
 	} `json:"original_dns"`
 	Warnings                             []interface{} `json:"warnings"`
 	Active                               string        `json:"active"`
+	RestrictedCnameReuse                 bool          `json:"restricted_cname_reuse,omitempty"`
 	SupportAllTLSVersions                bool          `json:"support_all_tls_versions"`
 	UseWildcardSanInsteadOfFullDomainSan bool          `json:"use_wildcard_san_instead_of_full_domain_san"`
 	AddNakedDomainSan                    bool          `json:"add_naked_domain_san"`
diff --git a/incapsula/resource_site.go b/incapsula/resource_site.go
@@ -113,6 +113,12 @@ func resourceSite() *schema.Resource {
 				Optional:    true,
 				Computed:    true,
 			},
+			"restricted_cname_reuse": {
+				Description: "Use this option to allow Imperva to detect and add domains that are using the Imperva-provided CNAME (not recommended). One of: true | false",
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+			},
 			"domain_redirect_to_full": {
 				Description: "true or empty string.",
 				Type:        schema.TypeString,
@@ -437,6 +443,7 @@ func resourceSiteRead(d *schema.ResourceData, m interface{}) error {
 	d.Set("wildcard_san", siteStatusResponse.UseWildcardSanInsteadOfFullDomainSan)
 	d.Set("acceleration_level", siteStatusResponse.AccelerationLevelRaw)
 	d.Set("active", siteStatusResponse.Active)
+	d.Set("restricted_cname_reuse", strconv.FormatBool(siteStatusResponse.RestrictedCnameReuse))
 	d.Set("seal_location", siteStatusResponse.SealLocation.ID)
 
 	// Set the DNS information
@@ -612,7 +619,7 @@ func resourceSiteDelete(d *schema.ResourceData, m interface{}) error {
 }
 
 func updateAdditionalSiteProperties(client *Client, d *schema.ResourceData) error {
-	updateParams := [9]string{"acceleration_level", "active", "approver", "domain_redirect_to_full", "domain_validation", "ignore_ssl", "remove_ssl", "ref_id", "seal_location"}
+	updateParams := [10]string{"acceleration_level", "active", "approver", "domain_redirect_to_full", "domain_validation", "ignore_ssl", "remove_ssl", "ref_id", "seal_location", "restricted_cname_reuse"}
 	for i := 0; i < len(updateParams); i++ {
 		param := updateParams[i]
 		if d.HasChange(param) && d.Get(param) != "" {
diff --git a/website/docs/r/site.html.markdown b/website/docs/r/site.html.markdown
@@ -62,6 +62,7 @@ The following arguments are supported:
 * `force_ssl` - (Optional) Force SSL. This option is only available for sites with manually configured IP/CNAME and for specific accounts.
 * `logs_account_id` - (Optional) Account where logs should be stored. Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters.
 * `active` - (Optional) Whether the site is active or bypassed by the Imperva network. Options are `active` and `bypass`.
+* `restricted_cname_reuse` - (Optional) Use this option to allow Imperva to detect and add domains that are using the Imperva-provided CNAME (not recommended). One of: true | false.
 * `domain_validation` - (Optional) Sets the domain validation method that will be used to generate an SSL certificate. Options are `email`, `html`, and `dns`.
 * `approver` - (Optional) Sets the approver e-mail address that will be used to perform SSL domain validation.
 * `ignore_ssl` - (Optional) Sets the ignore SSL flag (if the site is in pending-select-approver state). Pass "true" or empty string in the value parameter.
