From fb09a22a58a6bcac26b458d8d9c45b12efd1351d Mon Sep 17 00:00:00 2001 From: William Guilherme Date: Mon, 8 Apr 2024 14:58:28 -0700 Subject: [PATCH] fix: Fixed browser access and ba certificate resource (#442) --- CHANGELOG.md | 13 ++++++++++ GNUmakefile | 6 ++--- docs/guides/release-notes.md | 15 ++++++++++- go.mod | 2 +- go.sum | 8 +++--- zpa/data_source_zpa_ba_certificate.go | 2 ++ ..._zpa_application_segment_browser_access.go | 3 ++- zpa/resource_zpa_ba_certificate.go | 26 ++++++++++++++++++- 8 files changed, 64 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e20969ff..ed0831b8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # Changelog +## 3.1.1 (April, 8 2024) + +### Notes + +- Release date: **(April, 8 2024)** +- Supported Terraform version: **v1.x** + +### Bug Fixes + +- [PR #442](/~https://github.com/zscaler/terraform-provider-zpa/pull/442) - Fixed `zpa_ba_certificate` resource and aligned with `zpa_application_segment_browser_access` `certificate_id` attribute. + + !> **WARNING:** Notice that updating the ``cert_blob`` attribute in the `zpa_ba_certificate` will trigger a full replacement of both the certificate and the `zpa_application_segment_browser_access` along with any access policy the application segment may be associated with. + ## 3.2.0 (April, 3 2024) ### Notes diff --git a/GNUmakefile b/GNUmakefile index 9bff9916..9be10227 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -48,14 +48,14 @@ testacc: build13: GOOS=$(shell go env GOOS) build13: GOARCH=$(shell go env GOARCH) ifeq ($(OS),Windows_NT) # is Windows_NT on XP, 2000, 7, Vista, 10... -build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/3.2.0/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/3.2.1/$(GOOS)_$(GOARCH) else -build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/3.2.0/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZPA_PROVIDER_NAMESPACE)/3.2.1/$(GOOS)_$(GOARCH) endif build13: fmtcheck @echo "==> Installing plugin to $(DESTINATION)" @mkdir -p $(DESTINATION) - go build -o $(DESTINATION)/terraform-provider-zpa_v3.2.0 + go build -o $(DESTINATION)/terraform-provider-zpa_v3.2.1 coverage: test @echo "✓ Opening coverage for unit tests ..." diff --git a/docs/guides/release-notes.md b/docs/guides/release-notes.md index bf86a017..00825f4d 100644 --- a/docs/guides/release-notes.md +++ b/docs/guides/release-notes.md @@ -12,10 +12,23 @@ Track all ZPA Terraform provider's releases. New resources, features, and bug fi --- -``Last updated: v3.2.0`` +``Last updated: v3.2.1`` --- +## 3.1.1 (April, 8 2024) + +### Notes + +- Release date: **(April, 8 2024)** +- Supported Terraform version: **v1.x** + +### Bug Fixes + +- [PR #442](/~https://github.com/zscaler/terraform-provider-zpa/pull/442) - Fixed `zpa_ba_certificate` resource and aligned with `zpa_application_segment_browser_access` `certificate_id` attribute. + + !> **WARNING:** Notice that updating the ``cert_blob`` attribute in the `zpa_ba_certificate` will trigger a full replacement of both the certificate and the `zpa_application_segment_browser_access` along with any access policy the application segment may be associated with. + ## 3.2.0 (April, 3 2024) ### Notes diff --git a/go.mod b/go.mod index 78a8fea3..99725800 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/hashicorp/terraform-plugin-docs v0.18.0 github.com/hashicorp/terraform-plugin-sdk v1.17.2 github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 - github.com/zscaler/zscaler-sdk-go/v2 v2.4.33 + github.com/zscaler/zscaler-sdk-go/v2 v2.4.34 ) require ( diff --git a/go.sum b/go.sum index 20f3e1a8..de760b50 100644 --- a/go.sum +++ b/go.sum @@ -220,8 +220,8 @@ github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBM github.com/hashicorp/go-getter v1.5.3/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.6.2 h1:NOtoftovWkDheyUM/8JW3QMiXyxJK3uHRK7wV04nD2I= +github.com/hashicorp/go-hclog v1.6.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= @@ -440,8 +440,8 @@ github.com/zclconf/go-cty v1.14.2 h1:kTG7lqmBou0Zkx35r6HJHUQTvaRPr5bIAf3AoHS0izI github.com/zclconf/go-cty v1.14.2/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zclconf/go-cty-yaml v1.0.2/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= -github.com/zscaler/zscaler-sdk-go/v2 v2.4.33 h1:78Te1ne+luWggBDWp9Y9UEDmUmHck8CRSfmLPbQtM+M= -github.com/zscaler/zscaler-sdk-go/v2 v2.4.33/go.mod h1:tkYuT8WhbBCr/0itvRY123NiYp82V/BLN9it0BY48Gw= +github.com/zscaler/zscaler-sdk-go/v2 v2.4.34 h1:uJVl1R2nIkK2nk0QLgFX74xMvRASpNBV/ors6KHLHhI= +github.com/zscaler/zscaler-sdk-go/v2 v2.4.34/go.mod h1:tkYuT8WhbBCr/0itvRY123NiYp82V/BLN9it0BY48Gw= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= diff --git a/zpa/data_source_zpa_ba_certificate.go b/zpa/data_source_zpa_ba_certificate.go index 4a7c9dcb..9c072315 100644 --- a/zpa/data_source_zpa_ba_certificate.go +++ b/zpa/data_source_zpa_ba_certificate.go @@ -119,6 +119,8 @@ func dataSourceBaCertificateRead(d *schema.ResourceData, m interface{}) error { _ = d.Set("description", resp.Description) _ = d.Set("cname", resp.CName) _ = d.Set("cert_chain", resp.CertChain) + _ = d.Set("certificate", resp.Certificate) + _ = d.Set("public_key", resp.PublicKey) _ = d.Set("issued_by", resp.IssuedBy) _ = d.Set("issued_to", resp.IssuedTo) _ = d.Set("modifiedby", resp.ModifiedBy) diff --git a/zpa/resource_zpa_application_segment_browser_access.go b/zpa/resource_zpa_application_segment_browser_access.go index aa0d486d..00ab96c0 100644 --- a/zpa/resource_zpa_application_segment_browser_access.go +++ b/zpa/resource_zpa_application_segment_browser_access.go @@ -220,7 +220,8 @@ func resourceApplicationSegmentBrowserAccess() *schema.Resource { }, "certificate_id": { Type: schema.TypeString, - Required: true, + ForceNew: true, + Optional: true, Description: "ID of the BA certificate.", }, "cname": { diff --git a/zpa/resource_zpa_ba_certificate.go b/zpa/resource_zpa_ba_certificate.go index 7ddef3f3..2e42eacb 100644 --- a/zpa/resource_zpa_ba_certificate.go +++ b/zpa/resource_zpa_ba_certificate.go @@ -4,13 +4,14 @@ import ( "log" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + client "github.com/zscaler/zscaler-sdk-go/v2/zpa" "github.com/zscaler/zscaler-sdk-go/v2/zpa/services/bacertificate" ) func resourceBaCertificate() *schema.Resource { return &schema.Resource{ Create: resourceBaCertificateCreate, - ReadContext: resourceFuncNoOp, + Read: resourceBaCertificateRead, UpdateContext: resourceFuncNoOp, Delete: resourceBaCertificateDelete, Importer: nil, @@ -68,6 +69,29 @@ func resourceBaCertificateCreate(d *schema.ResourceData, m interface{}) error { return nil } +func resourceBaCertificateRead(d *schema.ResourceData, m interface{}) error { + zClient := m.(*Client) + + resp, _, err := zClient.bacertificate.Get(d.Id()) + if err != nil { + if errResp, ok := err.(*client.ErrorResponse); ok && errResp.IsObjectNotFound() { + log.Printf("[WARN] Removing ba certificate %s from state because it no longer exists in ZPA", d.Id()) + d.SetId("") + return nil + } + + return err + } + + log.Printf("[INFO] Getting ba certificate:\n%+v\n", resp) + d.SetId(resp.ID) + _ = d.Set("name", resp.Name) + _ = d.Set("description", resp.Description) + _ = d.Set("certificate", resp.Certificate) + _ = d.Set("microtenant_id", resp.MicrotenantID) + return nil +} + func resourceBaCertificateDelete(d *schema.ResourceData, m interface{}) error { service := m.(*Client).bacertificate.WithMicroTenant(GetString(d.Get("microtenant_id")))