fix: Edge Function initiator_type + Expand functional tests (#120)

* chore: expand functional tests * chore: add new data-source edge_firewall * fix: adding a field initiator_type in resource_edgeFunction.go #patch * chore: add new sed to domain cname func-tests * chore: add edge firewall edge functions instance * chore: update sed func-tests --------- Co-authored-by: diegoazion <[email protected]>
aziontech · Nov 1, 2023 · 7844631 · 7844631
1 parent 4b1e892
commit 7844631
Show file tree

Hide file tree

Showing 8 changed files with 183 additions and 76 deletions.
diff --git a/.gitignore b/.gitignore
@@ -7,9 +7,9 @@ terraform.tfstate.backup
 terraform-provider-azion
 /.idea/aws.xml
 /.idea/modules.xml
-/terraformScripts2/mock_files/dummy_certificate.pem
-/terraformScripts2/mock_files/dummy_private_key.pem
-/terraformScripts2/mock_files/dummy_script.txt
+/terraformScripts/mock_files/dummy_certificate.pem
+/terraformScripts/mock_files/dummy_private_key.pem
+/terraformScripts/mock_files/dummy_script.txt
 /terraformScripts2/example.tf
 /terraformScripts2/terraform.tfstate.1692629347.backup
 /terraformScripts/dummy_script.txt

diff --git a/func-tests/main.tf b/func-tests/main.tf
@@ -83,11 +83,15 @@ resource "azion_edge_application_cache_setting" "testfunc" {
 #     description = "My rule engine"
 #     behaviors = [
 #       {
-#         name = "capture_match_groups"
+#         name = "add_request_header",
 #         target_object = {
-#           regex = "2378",
-#           captured_array = "Terraform",
-#           subject = "$${device_group}"
+#           target = "X-Cache: 100"
+#         }
+#       },
+#       { 
+#         name   = "filter_request_header",
+#         target_object = {
+#           target = "X-Cache"
 #         }
 #       }
 #     ]
@@ -123,11 +127,25 @@ resource "azion_edge_function" "testfunc" {
   }
 }
 
+resource "azion_edge_function" "testfunc2firewall" {
+  edge_function = {
+    name           = "Terraform Edge Function 2 Firewall test-func"
+    code           = trimspace(file("${path.module}/mock_files/dummy_script2firewall.txt"))
+    language       = "javascript"
+    initiator_type = "edge_firewall"
+    json_args = jsonencode(
+      { "key" = "Value",
+        "key" = "example"
+    })
+    active = true
+  }
+}
+
 resource "null_resource" "update_edge_functions" {
   depends_on = [azion_edge_application_main_setting.testfunc]
 
   provisioner "local-exec" {
-    command = "sleep 10 && terraform apply -auto-approve -target='azion_edge_application_main_setting.testfunc' -var 'edge_functions_module=true'"
+    command = "sleep 20 && terraform apply -auto-approve -target='azion_edge_application_main_setting.testfunc' -var 'edge_functions_module=true'"
   }
 }
 
@@ -148,7 +166,7 @@ resource "azion_edge_application_edge_functions_instance" "testfunc" {
 resource "azion_domain" "testfunc" {
   domain = {
     cnames : [
-      "www.testterraform3x4mpl3.com"
+      "www.terraformtest-func.qa"
     ]
     name                   = "Terraform domain test-func"
     digital_certificate_id = null
@@ -172,6 +190,20 @@ resource "azion_edge_firewall_main_setting" "testfunc" {
   }
 }
 
+resource "azion_edge_firewall_edge_functions_instance" "testfunc" {
+  edge_firewall_id = azion_edge_firewall_main_setting.testfunc.results.id
+  results = {
+    name = "Terraform Test 1"
+    "edge_function_id" : azion_edge_function.testfunc2firewall.edge_function.function_id
+    "args" : jsonencode(
+    { a = "b" })
+  }
+  depends_on = [
+    azion_edge_firewall_main_setting.testfunc,
+    azion_edge_function.testfunc2firewall
+  ]
+}
+
 resource "azion_digital_certificate" "testfunc" {
   certificate_result = {
     name                = "Terraform Digital Certificate test-func"
@@ -188,13 +220,13 @@ resource "azion_intelligent_dns_zone" "testfunc" {
   }
 }
 
-resource "azion_intelligent_dns_dnssec" "testfunc" {
-  zone_id = azion_intelligent_dns_zone.testfunc.zone.id
-  dns_sec = {
-    is_enabled = true
-  }
-  depends_on = [ azion_intelligent_dns_zone.testfunc ]
-}
+# resource "azion_intelligent_dns_dnssec" "testfunc" {
+#   zone_id = azion_intelligent_dns_zone.testfunc.zone.id
+#   dns_sec = {
+#     is_enabled = true
+#   }
+#   depends_on = [azion_intelligent_dns_zone.testfunc]
+# }
 
 resource "azion_intelligent_dns_record" "testfunc" {
   zone_id = azion_intelligent_dns_zone.testfunc.zone.id
@@ -209,7 +241,7 @@ resource "azion_intelligent_dns_record" "testfunc" {
     description = "This is a description"
     ttl         = 20
   }
-  depends_on = [ azion_intelligent_dns_zone.testfunc ]
+  depends_on = [azion_intelligent_dns_zone.testfunc]
 }
 
 resource "azion_network_list" "exampleOne" {
@@ -236,6 +268,31 @@ resource "azion_network_list" "exampleTwo" {
   }
 }
 
+resource "azion_waf_rule_set" "testfunc" {
+  result = {
+    name                              = "Terraform WAF test-func",
+    mode                              = "counting",
+    active                            = true,
+    sql_injection                     = true,
+    sql_injection_sensitivity         = "medium",
+    remote_file_inclusion             = true,
+    remote_file_inclusion_sensitivity = "medium",
+    directory_traversal               = true,
+    directory_traversal_sensitivity   = "medium",
+    cross_site_scripting              = true,
+    cross_site_scripting_sensitivity  = "highest",
+    evading_tricks                    = true,
+    evading_tricks_sensitivity        = "medium",
+    file_upload                       = true,
+    file_upload_sensitivity           = "medium",
+    unwanted_access                   = true,
+    unwanted_access_sensitivity       = "high",
+    identified_attack                 = false,
+    identified_attack_sensitivity     = "medium",
+    bypass_addresses                  = ["192.168.1.67", "192.168.1.64", "192.168.1.65", "192.168.1.63", "192.168.1.66"]
+  }
+}
+
 resource "azion_environment_variable" "testfunc" {
   result = {
     key    = "key-test Terraform test-func"
@@ -299,16 +356,17 @@ data "azion_edge_function" "example" {
   id = azion_edge_function.testfunc.edge_function.function_id
 }
 
-# data "azion_edge_application_edge_functions_instance" "example" {
-#   edge_application_id = azion_edge_application_main_setting.testfunc.edge_application.application_id
-# }
+data "azion_edge_application_edge_functions_instance" "example" {
+  depends_on = [ azion_edge_application_edge_functions_instance.testfunc ]
+  edge_application_id = azion_edge_application_main_setting.testfunc.edge_application.application_id
+}
 
-# data "azion_edge_application_edge_function_instance" "example" {
-#   edge_application_id = azion_edge_application_main_setting.testfunc.edge_application.application_id
-#   results = {
-#     id = 123456
-#   }
-# }
+data "azion_edge_application_edge_function_instance" "example" {
+  edge_application_id = azion_edge_application_main_setting.testfunc.edge_application.application_id
+  results = {
+    id = azion_edge_application_edge_functions_instance.testfunc.results.id
+  }
+}
 
 data "azion_edge_firewall_main_settings" "example" {
   page      = 1
@@ -367,3 +425,33 @@ data "azion_environment_variable" "example" {
     uuid = azion_environment_variable.testfunc.result.uuid
   }
 }
+
+data "azion_waf_rule_sets" "example" {
+  page      = 1
+  page_size = 10
+}
+
+data "azion_waf_rule_set" "example" {
+  result = {
+    waf_id = azion_waf_rule_set.testfunc.result.waf_id
+  }
+}
+
+data "azion_waf_domains" "example" {
+  page      = 1
+  page_size = 10
+  waf_id    = azion_waf_rule_set.testfunc.result.waf_id
+}
+
+data "azion_edge_firewall_edge_functions_instance" "example" {
+  edge_firewall_id = azion_edge_firewall_main_setting.testfunc.results.id
+  page             = 1
+  page_size        = 10
+}
+
+data "azion_edge_firewall_edge_function_instance" "example" {
+  edge_firewall_id = azion_edge_firewall_main_setting.testfunc.results.id
+  results = {
+    edge_function_instance_id = azion_edge_firewall_edge_functions_instance.testfunc.results.id
+  }
+}
diff --git a/func-tests/mock_files/dummy_script2firewall.txt b/func-tests/mock_files/dummy_script2firewall.txt
@@ -0,0 +1,16 @@
+async function firewallHandler(event){
+    // Access the country code through geoip
+    let countryCode = event.request.metadata["geoip_country_code"]
+
+    // Do some logic here
+    // In this example, if the request comes from Brazil, we add a header to the response
+    if (countryCode === "BR"){
+        event.addResponseHeader("test", "true");
+    }
+
+    // Then, if it comes from any other country,
+    // the processing continues
+    event.continue();
+}
+
+addEventListener("firewall", (event)=>event.waitUntil(firewallHandler(event)));
diff --git a/go.mod b/go.mod
@@ -3,10 +3,10 @@ module github.com/aziontech/terraform-provider-azion
 go 1.21
 
 require (
-	github.com/aziontech/azionapi-go-sdk v0.108.0
+	github.com/aziontech/azionapi-go-sdk v0.110.0
 	github.com/hashicorp/go-changelog v0.0.0-20230630083008-522d403eacf1
 	github.com/hashicorp/terraform-plugin-docs v0.16.0
-	github.com/hashicorp/terraform-plugin-framework v1.4.0
+	github.com/hashicorp/terraform-plugin-framework v1.4.2
 	github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
 	github.com/hashicorp/terraform-plugin-go v0.19.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
@@ -34,8 +34,8 @@ require (
 	github.com/go-git/go-git/v5 v5.8.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/uuid v1.3.1 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -78,17 +78,17 @@ require (
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/zclconf/go-cty v1.14.0 // indirect
-	golang.org/x/crypto v0.13.0 // indirect
+	golang.org/x/crypto v0.14.0 // indirect
 	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
 	golang.org/x/mod v0.12.0 // indirect
-	golang.org/x/net v0.13.0 // indirect
-	golang.org/x/sync v0.1.0 // indirect
-	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/sync v0.3.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/tools v0.6.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
-	google.golang.org/grpc v1.57.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405 // indirect
+	google.golang.org/grpc v1.59.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 )