Merge pull request #933 from F5Networks/devel_13022024

merge devel changes
F5Networks · Feb 13, 2024 · 5e04391 · 5e04391
2 parents 8a07dda + b5d5b97
commit 5e04391
Show file tree

Hide file tree

Showing 10 changed files with 105 additions and 17 deletions.
diff --git a/bigip/datasource_bigip_waf_entity_parameters.go b/bigip/datasource_bigip_waf_entity_parameters.go
@@ -60,6 +60,16 @@ func dataSourceBigipWafEntityParameter() *schema.Resource {
 				Optional:    true,
 				Description: "Determines whether a parameter has a restricted minimum length for value.",
 			},
+			"max_value_length": {
+				Type:        schema.TypeInt,
+				Optional:    true,
+				Description: "Maximum length for value.",
+			},
+			"min_value_length": {
+				Type:        schema.TypeInt,
+				Optional:    true,
+				Description: "Minimum length for value.",
+			},
 			"data_type": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -203,6 +213,16 @@ func getEPConfig(ep *bigip.Parameter, d *schema.ResourceData) {
 	if d.Get("check_min_value_length") != nil {
 		ep.CheckMinValueLength = d.Get("check_min_value_length").(bool)
 	}
+	if d.Get("max_value_length") != nil {
+		if d.Get("check_max_value_length").(bool) && d.Get("data_type").(string) == "alpha-numeric" {
+			ep.MaximumLength = d.Get("max_value_length").(int)
+		}
+	}
+	if d.Get("min_value_length") != nil {
+		if d.Get("check_min_value_length").(bool) && d.Get("data_type").(string) == "alpha-numeric" {
+			ep.MinimumLength = d.Get("min_value_length").(int)
+		}
+	}
 	if d.Get("data_type") != nil {
 		ep.DataType = d.Get("data_type").(string)
 	}

diff --git a/bigip/resource_bigip_ltm_virtual_server.go b/bigip/resource_bigip_ltm_virtual_server.go
@@ -363,9 +363,12 @@ func resourceBigipLtmVirtualServerRead(ctx context.Context, d *schema.ResourceDa
 	_ = d.Set("ip_protocol", vs.IPProtocol)
 	_ = d.Set("name", name)
 	_ = d.Set("pool", vs.Pool)
-	if _, ok := d.GetOk("mask"); !ok {
+	if vs.Mask != "any" {
 		_ = d.Set("mask", vs.Mask)
+	} else {
+		_ = d.Set("mask", "0.0.0.0")
 	}
+	// _ = d.Set("mask", vs.Mask)
 
 	//	/* Service port is provided by the API in the destination attribute "/partition_name/virtual_server_address[%route_domain]:(port)"
 	//	   so we need to extract it
@@ -555,6 +558,10 @@ func getVirtualServerConfig(d *schema.ResourceData, config *bigip.VirtualServer)
 	var rules []string
 	if cfgRules, ok := d.GetOk("irules"); ok {
 		rules = listToStringSlice(cfgRules.([]interface{}))
+	} else {
+		if changed := d.HasChange("irules"); changed {
+			rules = listToStringSlice(append([]interface{}{}, ""))
+		}
 	}
 
 	var securityLogProfiles []string

diff --git a/bigip/version.go b/bigip/version.go
@@ -1,4 +1,4 @@
 package bigip
 
 // ProviderVersion is set at build-time in the release process
-var ProviderVersion = "1.20.2"
+var ProviderVersion = "1.20.3"
diff --git a/docs/data-sources/bigip_waf_entity_parameters.md b/docs/data-sources/bigip_waf_entity_parameters.md
@@ -37,6 +37,8 @@ data "bigip_waf_entity_parameter" "EPX" {
 * `attack_signatures_check` - Determines whether attack signatures and threat campaigns must be detected in a parameter's value.
 * `check_max_value_length` - Determines whether a parameter has a restricted maximum length for value.
 * `check_min_value_length` - Determines whether a parameter has a restricted minimum length for value.
+* `max_value_length` - Sets maximum length for value. Only applied to JSON when `check_max_value_length` is set to `true` and `data_type` is `alpha-numeric`.
+* `min_value_length` - Sets minimum length for value. Only applied to JSON when `check_min_value_length` is set to `true` and `data_type` is `alpha-numeric`.
 * `data_type` - Specifies data type of parameter's value.
 * `enable_regular_expression` - Determines whether the parameter value includes the pattern defined in regularExpression.
 * `is_base64` - Determines whether a parameter’s value contains a Base64 encoded string.

diff --git a/examples/awaf/paramtest.tf b/examples/awaf/paramtest.tf
@@ -0,0 +1,38 @@
+data "bigip_waf_entity_parameter" "Param1" {
+  name            = "Param1"
+  type            = "explicit"
+  data_type       = "alpha-numeric"
+  check_max_value_length = true
+  check_min_value_length = true
+  max_value_length = 30
+  min_value_length = 15
+  perform_staging = true
+}
+
+data "bigip_waf_entity_parameter" "Param2" {
+  name            = "Param2"
+  type            = "explicit"
+  data_type       = "alpha-numeric"
+  check_max_value_length = true
+  perform_staging = true
+}
+
+data "bigip_waf_entity_parameter" "Param3" {
+  name            = "Param3"
+  type            = "explicit"
+  data_type       = "alpha-numeric"
+  max_value_length = 30
+  min_value_length = 15
+  perform_staging = true
+}
+
+resource "bigip_waf_policy" "github925-awaf" {
+  name                 = "github925-awaf"
+  partition            = "Common"
+  template_name        = "POLICY_TEMPLATE_API_SECURITY"
+  application_language = "utf-8"
+  enforcement_mode     = "blocking"
+  description          = "Rapid Deployment-2"
+  server_technologies  = ["MySQL", "Unix/Linux", "MongoDB"]
+  parameters           = [data.bigip_waf_entity_parameter.Param1.json, data.bigip_waf_entity_parameter.Param2.json,data.bigip_waf_entity_parameter.Param3.json]
+}
diff --git a/examples/bigip_ltm_virtual_server.tf b/examples/bigip_ltm_virtual_server.tf
@@ -103,4 +103,29 @@ resource "bigip_ltm_virtual_server" "vs_tc6" {
   source_address_translation = "none"
   vlans_enabled              = true
   vlans                      = ["/Common/external"]
-}
+}
+
+resource "bigip_ltm_irule" "github923" {
+  name  = "/Common/github923-irule"
+  irule = <<EOF
+when CLIENT_ACCEPTED {
+     log local0. "test"
+}
+EOF
+}
+
+resource "bigip_ltm_virtual_server" "github923" {
+  name                         = "/Common/github923vs"
+  destination                  = "fe80::11"
+  description                  = "VirtualServer-test"
+  port                         = 9999
+  source_address_translation   = "automap"
+  ip_protocol                  = "tcp"
+  irules                       = [bigip_ltm_irule.github923.name]
+  profiles                     = ["/Common/http"]
+  client_profiles              = ["/Common/tcp"]
+  server_profiles              = ["/Common/tcp-lan-optimized"]
+  persistence_profiles         = ["/Common/source_addr", "/Common/hash"]
+  default_persistence_profile  = "/Common/hash"
+  fallback_persistence_profile = "/Common/dest_addr"
+}
diff --git a/go.mod b/go.mod
@@ -10,8 +10,8 @@ require (
 	github.com/Azure/azure-storage-blob-go v0.13.0
 	github.com/Azure/go-autorest/autorest v0.11.18
 	github.com/Azure/go-autorest/autorest/adal v0.9.13
-	github.com/f5devcentral/go-bigip v0.0.0-20240212051136-955cd7058e2a
-	github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240212051136-955cd7058e2a
+	github.com/f5devcentral/go-bigip v0.0.0-20240213064501-035c7f45b94c
+	github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240213064501-035c7f45b94c
 	github.com/google/uuid v1.3.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.25.0
 	github.com/stretchr/testify v1.8.4

diff --git a/go.sum b/go.sum
@@ -51,10 +51,10 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg=
 github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
-github.com/f5devcentral/go-bigip v0.0.0-20240212051136-955cd7058e2a h1:SlNfjnGLTVKCwJzvDrboPtULNBCrejyIXZWiQMea8PU=
-github.com/f5devcentral/go-bigip v0.0.0-20240212051136-955cd7058e2a/go.mod h1:0Lkr0fBU6O1yBxF2mt9JFwXpaFbIb/wAY7oM3dMJDdA=
-github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240212051136-955cd7058e2a h1:VyacdHzWZFC0L570IFoniaV4mXhTyKqzzYQphcYbLwY=
-github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240212051136-955cd7058e2a/go.mod h1:r7o5I22EvO+fps2u10bz4ZUlTlNHopQSWzVcW19hK3U=
+github.com/f5devcentral/go-bigip v0.0.0-20240213064501-035c7f45b94c h1:wWbL9ITo0nsAQr+MCZ1nsdlxDykBrGF8ozhG2ubGiGw=
+github.com/f5devcentral/go-bigip v0.0.0-20240213064501-035c7f45b94c/go.mod h1:0Lkr0fBU6O1yBxF2mt9JFwXpaFbIb/wAY7oM3dMJDdA=
+github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240213064501-035c7f45b94c h1:d1xnDqT9OCxjzI9xr+4rzagzOHCWGrMzGRwIPT198wE=
+github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240213064501-035c7f45b94c/go.mod h1:r7o5I22EvO+fps2u10bz4ZUlTlNHopQSWzVcW19hK3U=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=

diff --git a/vendor/github.com/f5devcentral/go-bigip/awaf.go b/vendor/github.com/f5devcentral/go-bigip/awaf.go
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -42,10 +42,10 @@ github.com/apparentlymart/go-textseg/v13/textseg
 # github.com/davecgh/go-spew v1.1.1
 ## explicit
 github.com/davecgh/go-spew/spew
-# github.com/f5devcentral/go-bigip v0.0.0-20240212051136-955cd7058e2a
+# github.com/f5devcentral/go-bigip v0.0.0-20240213064501-035c7f45b94c
 ## explicit; go 1.20
 github.com/f5devcentral/go-bigip
-# github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240212051136-955cd7058e2a
+# github.com/f5devcentral/go-bigip/f5teem v0.0.0-20240213064501-035c7f45b94c
 ## explicit; go 1.13
 github.com/f5devcentral/go-bigip/f5teem
 # github.com/fatih/color v1.13.0