Fix testing issue

seconroy · Nov 21, 2024 · 1750c76 · 1750c76
1 parent 9e62caf
commit 1750c76
Show file tree

Hide file tree

Showing 9 changed files with 40 additions and 49 deletions.
diff --git a/docs/resources/policy_object_unified_tls_ssl_decryption.md b/docs/resources/policy_object_unified_tls_ssl_decryption.md
@@ -23,7 +23,7 @@ resource "sdwan_policy_object_unified_tls_ssl_decryption" "example" {
   untrusted_certificate         = "drop"
   certificate_revocation_status = "ocsp"
   unknown_revocation_status     = "decrypt"
-  unsupported_protocol_versions = "drop"
+  unsupported_protocol_versions = "no-decrypt"
   unsupported_cipher_suites     = "drop"
   failure_mode                  = "close"
   default_ca_certificate_bundle = true

diff --git a/examples/resources/sdwan_policy_object_unified_tls_ssl_decryption/resource.tf b/examples/resources/sdwan_policy_object_unified_tls_ssl_decryption/resource.tf
@@ -6,7 +6,7 @@ resource "sdwan_policy_object_unified_tls_ssl_decryption" "example" {
   untrusted_certificate         = "drop"
   certificate_revocation_status = "ocsp"
   unknown_revocation_status     = "decrypt"
-  unsupported_protocol_versions = "drop"
+  unsupported_protocol_versions = "no-decrypt"
   unsupported_cipher_suites     = "drop"
   failure_mode                  = "close"
   default_ca_certificate_bundle = true

diff --git a/gen/definitions/profile_parcels/policy_object_unified_advanced_inspection_profile.yaml b/gen/definitions/profile_parcels/policy_object_unified_advanced_inspection_profile.yaml
@@ -68,18 +68,15 @@ test_prerequisites: |
     ]
   }
 
-  resource "sdwan_policy_object_unified_url_filtering" "test" {
-    name                  = "TF_TEST_URL_FILTERING"
+  resource "sdwan_policy_object_unified_url_filtering" "example" {
+    name                  = "Example"
     description           = "My Example"
     feature_profile_id    = sdwan_policy_object_feature_profile.test.id
     web_categories_action = "block"
     web_categories        = ["confirmed-spam-sources"]
     web_reputation        = "suspicious"
-    url_allow_list_id     = sdwan_policy_object_security_url_allow_list.test.id
-    url_block_list_id     = sdwan_policy_object_security_url_block_list.test.id
     block_page_action     = "text"
     block_page_contents   = "Access to the requested page has been denied. Please contact your Network Administrator"
-    redirect_url          = "www.example.com"
     enable_alerts         = true
     alerts                = ["blacklist"]
   }
@@ -97,14 +94,14 @@ test_prerequisites: |
   }
 
   resource "sdwan_policy_object_unified_intrusion_prevention" "test" {
-    name                  = "TF_TEST_INTRUSION"
-    description           = "My Example"
-    feature_profile_id    = sdwan_policy_object_feature_profile.test.id
-    signature_set         = "balanced"
-    inspection_mode       = "detection"
-    ips_signature_list_id = sdwan_policy_object_security_ips_signature.test.id
-    log_level             = "error"
-    custom_signature      = false
+    name                        = "TF_TEST_INTRUSION"
+    description                 = "My Example"
+    feature_profile_id          = sdwan_policy_object_feature_profile.test.id
+    signature_set               = "balanced"
+    inspection_mode             = "detection"
+    ips_signature_allow_list_id = sdwan_policy_object_security_ips_signature.test.id
+    log_level                   = "error"
+    custom_signature            = false
   }
 
   resource "sdwan_policy_object_unified_advanced_malware_protection" "test" {

diff --git a/gen/definitions/profile_parcels/policy_object_unified_tls_ssl_decryption.yaml b/gen/definitions/profile_parcels/policy_object_unified_tls_ssl_decryption.yaml
@@ -14,17 +14,16 @@ attributes:
     example: f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac
     test_value: sdwan_policy_object_feature_profile.test.id
   - model_name: sslEnable
-    tf_name: enable_ssl
     value: true
     value_type: "global"
-    example: true
 
   - model_name: expiredCertificate
     example: drop
   - model_name: untrustedCertificate
     example: drop
 
   - model_name: certificateRevocationStatus
+    tf_name: certificate_revocation_status
     example: ocsp
   - model_name: unknownStatus
     tf_name: unknown_revocation_status
@@ -36,7 +35,7 @@ attributes:
 
 
   - model_name: unsupportedProtocolVersions
-    example: drop
+    example: no-decrypt
   - model_name: unsupportedCipherSuites
     example: drop
   - model_name: failureMode
@@ -72,6 +71,7 @@ attributes:
     example: TLSv1.2
 
   - model_name: caTpLabel
+    value_type: "global"
     value: PROXY-SIGNING-CA
 
 test_prerequisites: |

diff --git a/...rnal/provider/data_source_sdwan_policy_object_unified_advanced_inspection_profile_test.go b/...rnal/provider/data_source_sdwan_policy_object_unified_advanced_inspection_profile_test.go
@@ -77,18 +77,15 @@ resource "sdwan_policy_object_security_url_block_list" "test" {
   ]
 }
 
-resource "sdwan_policy_object_unified_url_filtering" "test" {
-  name                  = "TF_TEST_URL_FILTERING"
+resource "sdwan_policy_object_unified_url_filtering" "example" {
+  name                  = "Example"
   description           = "My Example"
   feature_profile_id    = sdwan_policy_object_feature_profile.test.id
   web_categories_action = "block"
   web_categories        = ["confirmed-spam-sources"]
   web_reputation        = "suspicious"
-  url_allow_list_id     = sdwan_policy_object_security_url_allow_list.test.id
-  url_block_list_id     = sdwan_policy_object_security_url_block_list.test.id
   block_page_action     = "text"
   block_page_contents   = "Access to the requested page has been denied. Please contact your Network Administrator"
-  redirect_url          = "www.example.com"
   enable_alerts         = true
   alerts                = ["blacklist"]
 }
@@ -106,14 +103,14 @@ resource "sdwan_policy_object_security_ips_signature" "test" {
 }
 
 resource "sdwan_policy_object_unified_intrusion_prevention" "test" {
-  name                  = "TF_TEST_INTRUSION"
-  description           = "My Example"
-  feature_profile_id    = sdwan_policy_object_feature_profile.test.id
-  signature_set         = "balanced"
-  inspection_mode       = "detection"
-  ips_signature_list_id = sdwan_policy_object_security_ips_signature.test.id
-  log_level             = "error"
-  custom_signature      = false
+  name                        = "TF_TEST_INTRUSION"
+  description                 = "My Example"
+  feature_profile_id          = sdwan_policy_object_feature_profile.test.id
+  signature_set               = "balanced"
+  inspection_mode             = "detection"
+  ips_signature_allow_list_id = sdwan_policy_object_security_ips_signature.test.id
+  log_level                   = "error"
+  custom_signature            = false
 }
 
 resource "sdwan_policy_object_unified_advanced_malware_protection" "test" {

diff --git a/internal/provider/data_source_sdwan_policy_object_unified_tls_ssl_decryption_test.go b/internal/provider/data_source_sdwan_policy_object_unified_tls_ssl_decryption_test.go
@@ -37,7 +37,7 @@ func TestAccDataSourceSdwanPolicyObjectUnifiedTLSSSLDecryptionProfileParcel(t *t
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "untrusted_certificate", "drop"))
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "certificate_revocation_status", "ocsp"))
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "unknown_revocation_status", "decrypt"))
-	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_protocol_versions", "drop"))
+	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_protocol_versions", "no-decrypt"))
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_cipher_suites", "drop"))
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "failure_mode", "close"))
 	checks = append(checks, resource.TestCheckResourceAttr("data.sdwan_policy_object_unified_tls_ssl_decryption.test", "default_ca_certificate_bundle", "true"))
@@ -79,7 +79,7 @@ func testAccDataSourceSdwanPolicyObjectUnifiedTLSSSLDecryptionProfileParcelConfi
 	config += `	untrusted_certificate = "drop"` + "\n"
 	config += `	certificate_revocation_status = "ocsp"` + "\n"
 	config += `	unknown_revocation_status = "decrypt"` + "\n"
-	config += `	unsupported_protocol_versions = "drop"` + "\n"
+	config += `	unsupported_protocol_versions = "no-decrypt"` + "\n"
 	config += `	unsupported_cipher_suites = "drop"` + "\n"
 	config += `	failure_mode = "close"` + "\n"
 	config += `	default_ca_certificate_bundle = true` + "\n"

diff --git a/internal/provider/model_sdwan_policy_object_unified_tls_ssl_decryption.go b/internal/provider/model_sdwan_policy_object_unified_tls_ssl_decryption.go
@@ -164,7 +164,7 @@ func (data PolicyObjectUnifiedTLSSSLDecryption) toBody(ctx context.Context) stri
 		}
 	}
 	if true {
-		body, _ = sjson.Set(body, path+"caTpLabel.optionType", "default")
+		body, _ = sjson.Set(body, path+"caTpLabel.optionType", "global")
 		body, _ = sjson.Set(body, path+"caTpLabel.value", "PROXY-SIGNING-CA")
 	}
 	return body

diff --git a/internal/provider/resource_sdwan_policy_object_unified_advanced_inspection_profile_test.go b/internal/provider/resource_sdwan_policy_object_unified_advanced_inspection_profile_test.go
@@ -78,18 +78,15 @@ resource "sdwan_policy_object_security_url_block_list" "test" {
   ]
 }
 
-resource "sdwan_policy_object_unified_url_filtering" "test" {
-  name                  = "TF_TEST_URL_FILTERING"
+resource "sdwan_policy_object_unified_url_filtering" "example" {
+  name                  = "Example"
   description           = "My Example"
   feature_profile_id    = sdwan_policy_object_feature_profile.test.id
   web_categories_action = "block"
   web_categories        = ["confirmed-spam-sources"]
   web_reputation        = "suspicious"
-  url_allow_list_id     = sdwan_policy_object_security_url_allow_list.test.id
-  url_block_list_id     = sdwan_policy_object_security_url_block_list.test.id
   block_page_action     = "text"
   block_page_contents   = "Access to the requested page has been denied. Please contact your Network Administrator"
-  redirect_url          = "www.example.com"
   enable_alerts         = true
   alerts                = ["blacklist"]
 }
@@ -107,14 +104,14 @@ resource "sdwan_policy_object_security_ips_signature" "test" {
 }
 
 resource "sdwan_policy_object_unified_intrusion_prevention" "test" {
-  name                  = "TF_TEST_INTRUSION"
-  description           = "My Example"
-  feature_profile_id    = sdwan_policy_object_feature_profile.test.id
-  signature_set         = "balanced"
-  inspection_mode       = "detection"
-  ips_signature_list_id = sdwan_policy_object_security_ips_signature.test.id
-  log_level             = "error"
-  custom_signature      = false
+  name                        = "TF_TEST_INTRUSION"
+  description                 = "My Example"
+  feature_profile_id          = sdwan_policy_object_feature_profile.test.id
+  signature_set               = "balanced"
+  inspection_mode             = "detection"
+  ips_signature_allow_list_id = sdwan_policy_object_security_ips_signature.test.id
+  log_level                   = "error"
+  custom_signature            = false
 }
 
 resource "sdwan_policy_object_unified_advanced_malware_protection" "test" {

diff --git a/internal/provider/resource_sdwan_policy_object_unified_tls_ssl_decryption_test.go b/internal/provider/resource_sdwan_policy_object_unified_tls_ssl_decryption_test.go
@@ -37,7 +37,7 @@ func TestAccSdwanPolicyObjectUnifiedTLSSSLDecryptionProfileParcel(t *testing.T)
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "untrusted_certificate", "drop"))
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "certificate_revocation_status", "ocsp"))
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "unknown_revocation_status", "decrypt"))
-	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_protocol_versions", "drop"))
+	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_protocol_versions", "no-decrypt"))
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "unsupported_cipher_suites", "drop"))
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "failure_mode", "close"))
 	checks = append(checks, resource.TestCheckResourceAttr("sdwan_policy_object_unified_tls_ssl_decryption.test", "default_ca_certificate_bundle", "true"))
@@ -84,7 +84,7 @@ func testAccSdwanPolicyObjectUnifiedTLSSSLDecryptionProfileParcelConfig_all() st
 	config += `	untrusted_certificate = "drop"` + "\n"
 	config += `	certificate_revocation_status = "ocsp"` + "\n"
 	config += `	unknown_revocation_status = "decrypt"` + "\n"
-	config += `	unsupported_protocol_versions = "drop"` + "\n"
+	config += `	unsupported_protocol_versions = "no-decrypt"` + "\n"
 	config += `	unsupported_cipher_suites = "drop"` + "\n"
 	config += `	failure_mode = "close"` + "\n"
 	config += `	default_ca_certificate_bundle = true` + "\n"