Skip to content

Commit

Permalink
Merge branch 'main' into site-org-associations
Browse files Browse the repository at this point in the history
Signed-off-by: Giuseppe Maxia <[email protected]>
  • Loading branch information
Giuseppe Maxia committed Jun 13, 2024
2 parents 4cb44b3 + ce48b62 commit 1b23238
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 19 deletions.
1 change: 1 addition & 0 deletions .changes/v3.13.0/1240-improvements.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* Resource `vcd_nsxt_firewall` supports `REJECT` action [GH-1240]
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ require (
github.com/hashicorp/go-version v1.6.0
github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0
github.com/kr/pretty v0.3.1
github.com/vmware/go-vcloud-director/v2 v2.25.0-alpha.7
github.com/vmware/go-vcloud-director/v2 v2.25.0-alpha.8
)

require (
Expand Down Expand Up @@ -71,6 +71,6 @@ require (
google.golang.org/protobuf v1.34.0 // indirect
)

replace github.com/vmware/go-vcloud-director/v2 => github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613071728-2818fe1bf21d
replace github.com/vmware/go-vcloud-director/v2 => github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613135052-75656833dd7f

// replace github.com/vmware/go-vcloud-director/v2 => ../go-vcloud-director
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@ github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBS
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613071728-2818fe1bf21d h1:7NMjdrsEpnPKDm5hPw/ezg2R3pw5YGTf6bovL6RQhBw=
github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613071728-2818fe1bf21d/go.mod h1:vbuNYzuADDBFhi9i2dIKWeNxMK1VFF0dACq01amYBIM=
github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613135052-75656833dd7f h1:nEqmIwruwFEVjDRwfe5435pT/bTx+F70t7xsVDOQ+7k=
github.com/dataclouder/go-vcloud-director/v2 v2.17.0-alpha.3.0.20240613135052-75656833dd7f/go.mod h1:vbuNYzuADDBFhi9i2dIKWeNxMK1VFF0dACq01amYBIM=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
Expand Down
21 changes: 10 additions & 11 deletions vcd/resource_vcd_nsxt_firewall.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ func resourceVcdNsxtFirewall() *schema.Resource {
"action": {
Type: schema.TypeString,
Required: true,
Description: "Defines if the rule should 'ALLOW' or 'DROP' matching traffic",
ValidateFunc: validation.StringInSlice([]string{"ALLOW", "DROP"}, false),
Description: "Defines if the rule should 'ALLOW', 'DROP' or 'REJECT' matching traffic",
ValidateFunc: validation.StringInSlice([]string{"ALLOW", "DROP", "REJECT"}, false),
},
"enabled": {
Type: schema.TypeBool,
Expand Down Expand Up @@ -252,7 +252,6 @@ func resourceVcdNsxtFirewallImport(_ context.Context, d *schema.ResourceData, me
}

func setNsxtFirewallData(fwRules []*types.NsxtFirewallRule, d *schema.ResourceData, edgeGatewayId string) error {

dSet(d, "edge_gateway_id", edgeGatewayId)

result := make([]interface{}, len(fwRules))
Expand All @@ -270,7 +269,7 @@ func setNsxtFirewallData(fwRules []*types.NsxtFirewallRule, d *schema.ResourceDa
result[index] = map[string]interface{}{
"id": value.ID,
"name": value.Name,
"action": value.Action,
"action": value.ActionValue,
"enabled": value.Enabled,
"ip_protocol": value.IpProtocol,
"direction": value.Direction,
Expand All @@ -292,13 +291,13 @@ func getNsxtFirewallTypes(d *schema.ResourceData) []*types.NsxtFirewallRule {
oneRuleMapInterface := oneRule.(map[string]interface{})

result[index] = &types.NsxtFirewallRule{
Name: oneRuleMapInterface["name"].(string),
Action: oneRuleMapInterface["action"].(string),
Enabled: oneRuleMapInterface["enabled"].(bool),
IpProtocol: oneRuleMapInterface["ip_protocol"].(string),
Logging: oneRuleMapInterface["logging"].(bool),
Direction: oneRuleMapInterface["direction"].(string),
Version: nil,
Name: oneRuleMapInterface["name"].(string),
ActionValue: oneRuleMapInterface["action"].(string),
Enabled: oneRuleMapInterface["enabled"].(bool),
IpProtocol: oneRuleMapInterface["ip_protocol"].(string),
Logging: oneRuleMapInterface["logging"].(bool),
Direction: oneRuleMapInterface["direction"].(string),
Version: nil,
}

if oneRuleMapInterface["source_ids"] != nil {
Expand Down
6 changes: 3 additions & 3 deletions vcd/resource_vcd_nsxt_firewall_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ func TestAccVcdNsxtFirewall(t *testing.T) {
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.direction", "IN_OUT"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.ip_protocol", "IPV4_IPV6"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.logging", "false"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.action", "ALLOW"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.action", "REJECT"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.enabled", "true"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.source_ids.#", "1"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.destination_ids.#", "3"),
Expand Down Expand Up @@ -167,7 +167,7 @@ func TestAccVcdNsxtFirewall(t *testing.T) {
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.direction", "IN_OUT"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.ip_protocol", "IPV4_IPV6"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.logging", "false"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.action", "ALLOW"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.action", "REJECT"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.enabled", "false"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.source_ids.#", "1"),
resource.TestCheckResourceAttr("vcd_nsxt_firewall.testing", "rule.2.destination_ids.#", "3"),
Expand Down Expand Up @@ -295,7 +295,7 @@ resource "vcd_nsxt_firewall" "testing" {
}
rule {
action = "ALLOW"
action = "REJECT"
name = "test_rule-3"
direction = "IN_OUT"
ip_protocol = "IPV4_IPV6"
Expand Down
2 changes: 1 addition & 1 deletion website/docs/r/nsxt_firewall.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ Each Firewall Rule contains following attributes:
* `name` - (Required) Explanatory name for firewall rule (uniqueness not enforced)
* `direction` - (Required) One of `IN`, `OUT`, or `IN_OUT`
* `ip_protocol` - (Required) One of `IPV4`, `IPV6`, or `IPV4_IPV6`
* `action` - (Required) Defines if it should `ALLOW` or `DROP` traffic
* `action` - (Required) Defines if it should `ALLOW`, `DROP` or `REJECT` traffic
* `enabled` - (Optional) Defines if the rule is enabled (default `true`)
* `logging` - (Optional) Defines if logging for this rule is enabled (default `false`)
* `source_ids` - (Optional) A set of source object Firewall Groups (`IP Sets` or `Security groups`).
Expand Down

0 comments on commit 1b23238

Please sign in to comment.