diff --git a/Makefile b/Makefile index 17b31c80b..7e3a4611f 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,6 @@ -TEST?=$$(go list ./... |grep -v 'vendor') +GO_BIN ?= go ## Allows overriding go executable. + +TEST?=$$($(GO_BIN) list ./... |grep -v 'vendor') GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor) WEBSITE_REPO=github.com/hashicorp/terraform-website PKG_NAME=fastly @@ -9,7 +11,7 @@ VERSION_SHORT=$(shell git describe --tags --always --abbrev=0) DOCS_PROVIDER_VERSION=$(subst v,,$(VERSION_SHORT)) # Enables support for tools such as https://github.com/rakyll/gotest -TEST_COMMAND ?= go test +TEST_COMMAND ?= $(GO_BIN) test # R019: ignore large number of arguments passed to HasChanges(). # R018: replace sleep with either resource.Retry() or WaitForState(). @@ -19,8 +21,8 @@ TFPROVIDERLINT_DEFAULT_FLAGS=-R001=false -R018=false -R019=false # XAT001: missing resource.TestCase ErrorCheck. TFPROVIDERLINTX_DEFAULT_FLAGS=-XAT001=false -GOHOSTOS ?= $(shell go env GOHOSTOS || echo unknown) -GOHOSTARCH ?= $(shell go env GOHOSTARCH || echo unknown) +GOHOSTOS ?= $(shell $(GO_BIN) env GOHOSTOS || echo unknown) +GOHOSTARCH ?= $(shell $(GO_BIN) env GOHOSTARCH || echo unknown) # Use a parallelism of 4 by default for tests, overriding whatever GOMAXPROCS is # set to. For the acceptance tests especially, the main bottleneck affecting the @@ -32,7 +34,7 @@ TEST_PARALLELISM?=4 default: build build: clean - go build -o bin/terraform-provider-$(PKG_NAME)_$(VERSION) -ldflags="-X $(FULL_PKG_NAME)/$(VERSION_PLACEHOLDER)=$(VERSION)" + $(GO_BIN) build -o bin/terraform-provider-$(PKG_NAME)_$(VERSION) -ldflags="-X $(FULL_PKG_NAME)/$(VERSION_PLACEHOLDER)=$(VERSION)" @sh -c "'$(CURDIR)/scripts/generate-dev-overrides.sh'" test: @@ -65,7 +67,7 @@ clean_test: fi vet: - @go vet $$(go list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \ + @$(GO_BIN) vet $$($(GO_BIN) list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \ echo "\nVet found suspicious constructs. Please check the reported constructs"; \ echo "and fix them if necessary before submitting the code for review."; \ exit 1; \ @@ -82,7 +84,7 @@ errcheck: goreleaser-bin: @# This is the last version of goreleaser that supports Go 1.20.14 (the version used to build the provider) - go install github.com/goreleaser/goreleaser@v1.21.2 + $(GO_BIN) install github.com/goreleaser/goreleaser@v1.21.2 nilaway: @nilaway ./... @@ -107,7 +109,7 @@ test-compile: BIN=$(CURDIR)/bin $(BIN)/%: @echo "Installing tools from tools/tools.go" - @cat tools/tools.go | grep _ | awk -F '"' '{print $$2}' | GOBIN=$(BIN) xargs -tI {} go install {} + @cat tools/tools.go | grep _ | awk -F '"' '{print $$2}' | GOBIN=$(BIN) xargs -tI {} $(GO_BIN) install {} generate-docs: $(BIN)/tfplugindocs $(shell sed -e "s/__VERSION__/$(DOCS_PROVIDER_VERSION)/g" examples/index-fastly-provider.tf.tmpl > examples/index-fastly-provider.tf) diff --git a/fastly/resource_fastly_tls_mutual_authentication.go b/fastly/resource_fastly_tls_mutual_authentication.go index 8354d97a1..cf7e09a20 100644 --- a/fastly/resource_fastly_tls_mutual_authentication.go +++ b/fastly/resource_fastly_tls_mutual_authentication.go @@ -179,9 +179,11 @@ func resourceFastlyTLSMutualAuthenticationUpdate(_ context.Context, d *schema.Re CertBundle: d.Get("cert_bundle").(string), } - if d.HasChange("enforced") { - input.Enforced = d.Get("enforced").(bool) - } + // Since a boolean value is not 'optional', the input struct + // must always contain the expected value of the 'enforced' + // setting, whether it was changed or not + input.Enforced = d.Get("enforced").(bool) + if d.HasChange("name") { input.Name = d.Get("name").(string) } diff --git a/fastly/resource_fastly_tls_mutual_authentication_test.go b/fastly/resource_fastly_tls_mutual_authentication_test.go index 581549b23..854c3192c 100644 --- a/fastly/resource_fastly_tls_mutual_authentication_test.go +++ b/fastly/resource_fastly_tls_mutual_authentication_test.go @@ -23,8 +23,11 @@ func TestAccFastlyMTLS_basic(t *testing.T) { name := acctest.RandomWithPrefix(testResourcePrefix) updatedName := acctest.RandomWithPrefix(testResourcePrefix) + enforced := false + resourceTLSActivationName := "fastly_tls_activation.test" resourceMTLSName := "fastly_tls_mutual_authentication.test" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) @@ -33,23 +36,23 @@ func TestAccFastlyMTLS_basic(t *testing.T) { CheckDestroy: testAccFastlyTLSActivationCheckDestroy, Steps: []resource.TestStep{ { - Config: testAccFastlyMTLSConfig(name, name, key, name, cert, domain, mtlsCert), + Config: testAccFastlyMTLSConfig(name, name, key, name, cert, domain, mtlsCert, name, enforced), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet(resourceTLSActivationName, "certificate_id"), resource.TestCheckResourceAttrSet(resourceTLSActivationName, "configuration_id"), resource.TestCheckResourceAttr(resourceTLSActivationName, "domain", domain), resource.TestCheckResourceAttrSet(resourceTLSActivationName, "created_at"), testAccFastlyTLSActivationCheckExists(resourceTLSActivationName), - resource.TestCheckResourceAttr(resourceMTLSName, "name", "example_mtls"), - resource.TestCheckResourceAttr(resourceMTLSName, "enforced", "false"), + resource.TestCheckResourceAttr(resourceMTLSName, "name", name), + resource.TestCheckResourceAttr(resourceMTLSName, "enforced", fmt.Sprintf("%t", enforced)), ), }, { - Config: testAccFastlyMTLSConfig(name, name, key, updatedName, cert2, domain, mtlsCert), + Config: testAccFastlyMTLSConfig(name, name, key, updatedName, cert2, domain, mtlsCert, name, enforced), Check: resource.ComposeTestCheckFunc( testAccFastlyTLSActivationCheckExists(resourceTLSActivationName), - resource.TestCheckResourceAttr(resourceMTLSName, "name", "example_mtls"), - resource.TestCheckResourceAttr(resourceMTLSName, "enforced", "false"), + resource.TestCheckResourceAttr(resourceMTLSName, "name", name), + resource.TestCheckResourceAttr(resourceMTLSName, "enforced", fmt.Sprintf("%t", enforced)), ), }, { @@ -68,7 +71,55 @@ func TestAccFastlyMTLS_basic(t *testing.T) { }) } -func testAccFastlyMTLSConfig(serviceName, keyName, key, certName, cert, domain, certBundle string) string { +func TestAccFastlyMTLS_PreserveEnforcedStateDuringNameChange(t *testing.T) { + domain := fmt.Sprintf("%s.com", acctest.RandomWithPrefix(testResourcePrefix)) + key, cert, _, err := generateKeyAndMultipleCerts(domain) + require.NoError(t, err) + _, mtlsCert, err := generateKeyAndCert(domain) + require.NoError(t, err) + key = strings.ReplaceAll(key, "\n", `\n`) + cert = strings.ReplaceAll(cert, "\n", `\n`) + + name := acctest.RandomWithPrefix(testResourcePrefix) + updatedName := acctest.RandomWithPrefix(testResourcePrefix) + + enforced := true + + resourceTLSActivationName := "fastly_tls_activation.test" + resourceMTLSName := "fastly_tls_mutual_authentication.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + ProviderFactories: testAccProviders, + CheckDestroy: testAccFastlyTLSActivationCheckDestroy, + Steps: []resource.TestStep{ + { + Config: testAccFastlyMTLSConfig(name, name, key, name, cert, domain, mtlsCert, name, enforced), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet(resourceTLSActivationName, "certificate_id"), + resource.TestCheckResourceAttrSet(resourceTLSActivationName, "configuration_id"), + resource.TestCheckResourceAttr(resourceTLSActivationName, "domain", domain), + resource.TestCheckResourceAttrSet(resourceTLSActivationName, "created_at"), + testAccFastlyTLSActivationCheckExists(resourceTLSActivationName), + resource.TestCheckResourceAttr(resourceMTLSName, "name", name), + resource.TestCheckResourceAttr(resourceMTLSName, "enforced", fmt.Sprintf("%t", enforced)), + ), + }, + { + Config: testAccFastlyMTLSConfig(name, name, key, name, cert, domain, mtlsCert, updatedName, enforced), + Check: resource.ComposeTestCheckFunc( + testAccFastlyTLSActivationCheckExists(resourceTLSActivationName), + resource.TestCheckResourceAttr(resourceMTLSName, "name", updatedName), + resource.TestCheckResourceAttr(resourceMTLSName, "enforced", fmt.Sprintf("%t", enforced)), + ), + }, + }, + }) +} + +func testAccFastlyMTLSConfig(serviceName, keyName, key, certName, cert, domain, certBundle, mtlsName string, enforced bool) string { return fmt.Sprintf(` resource "fastly_service_vcl" "test" { name = "%s" @@ -103,11 +154,12 @@ resource "fastly_tls_activation" "test" { } resource "fastly_tls_mutual_authentication" "test" { + enforced = %t activation_ids = [fastly_tls_activation.test.id] cert_bundle = <