Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ipv6): added ipv6 filter data #496

Merged
merged 7 commits into from
Jun 27, 2024
Merged

feat(ipv6): added ipv6 filter data #496

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
d4495b8
Merge branch 'terraform-routeros:main' into main
danielnachtrub May 10, 2024
5398c81
Merge branch 'terraform-routeros:main' into main
danielnachtrub May 13, 2024
7049e04
Merge branch 'terraform-routeros:main' into main
danielnachtrub May 13, 2024
f081bbf
Merge branch 'terraform-routeros:main' into main
danielnachtrub Jun 6, 2024
97c4ff1
added ipv6 filter data entry
danielnachtrub Jun 17, 2024
85707d2
fixed test
danielnachtrub Jun 18, 2024
cb5ad50
docs: Small changes for the current PR
vaerh Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 0 additions & 32 deletions examples/data-sources/routeros_firewall/data-source.tf
View file
Open in desktop

This file was deleted.

32 changes: 32 additions & 0 deletions examples/data-sources/routeros_ip_firewall/data-source.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
data "routeros_ip_firewall" "fw" {
rules {
filter = {
chain = "input"
comment = "rule_2"
}
}

rules {
filter = {
chain = "forward"
}
}

nat {}
}

output "rules" {
value = [for value in data.routeros_ip_firewall.fw.rules: [value.id, value.src_address]]
}

output "nat" {
value = [for value in data.routeros_ip_firewall.fw.nat: [value.id, value.comment]]
}

resource "routeros_ip_firewall" "rule_3" {
action = "accept"
chain = "input"
comment = "rule_3"
src_address = "192.168.0.5"
place_before = "${data.routeros_ip_firewall_filter.fw.rules[0].id}"
}
23 changes: 12 additions & 11 deletions routeros/datasource_firewall.go → routeros/datasource_ip_firewall.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,38 +2,39 @@ package routeros

import (
"context"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

var firewallSections = []string{"address_list", "nat", "mangle", "rules"}
var ipFirewallSections = []string{"address_list", "nat", "mangle", "rules"}

func DatasourceFirewall() *schema.Resource {
func DatasourceIPFirewall() *schema.Resource {
return &schema.Resource{
ReadContext: datasourceFirewallFilterRead,
ReadContext: datasourceIPFirewallFilterRead,
Description: `This datasource contains all supported firewall resources:
- address_list
- nat
- mangle
- rules (aka filter)
`,
Schema: map[string]*schema.Schema{
"address_list": getFirewallAddrListSchema(),
"mangle": getFirewallMangleSchema(),
"nat": getFirewallNatSchema(),
"rules": getFirewallFilterSchema(),
"address_list": getIPFirewallAddrListSchema(),
"mangle": getIPFirewallMangleSchema(),
"nat": getIPFirewallNatSchema(),
"rules": getIPFirewallFilterSchema(),
},
}
}

func datasourceFirewallFilterRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
func datasourceIPFirewallFilterRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
var diags diag.Diagnostics
basePath := "/ip/firewall/"

s := DatasourceFirewall().Schema
s := DatasourceIPFirewall().Schema

var isEmpty = true
for _, section := range firewallSections {
for _, section := range ipFirewallSections {
isEmpty = isEmpty && len(d.Get(section).([]interface{})) == 0
}

Expand All @@ -48,7 +49,7 @@ func datasourceFirewallFilterRead(ctx context.Context, d *schema.ResourceData, m
}
}

for _, section := range firewallSections {
for _, section := range ipFirewallSections {
if len(d.Get(section).([]interface{})) == 0 {
continue
}
Expand Down
2 changes: 1 addition & 1 deletion routeros/datasource_firewall_addr_list.go → routeros/datasource_ip_firewall_addr_list.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package routeros

import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

func getFirewallAddrListSchema() *schema.Schema {
func getIPFirewallAddrListSchema() *schema.Schema {
return &schema.Schema{
Type: schema.TypeList,
Computed: true,
Expand Down
2 changes: 1 addition & 1 deletion routeros/datasource_firewall_filter.go → routeros/datasource_ip_firewall_filter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package routeros

import "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

func getFirewallFilterSchema() *schema.Schema {
func getIPFirewallFilterSchema() *schema.Schema {
return &schema.Schema{
Type: schema.TypeList,
Computed: true,
Expand Down
2 changes: 1 addition & 1 deletion routeros/datasource_firewall_mangle.go → routeros/datasource_ip_firewall_mangle.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func getFirewallMangleSchema() *schema.Schema {
func getIPFirewallMangleSchema() *schema.Schema {
return &schema.Schema{
Type: schema.TypeList,
Computed: true,
Expand Down
2 changes: 1 addition & 1 deletion routeros/datasource_firewall_nat.go → routeros/datasource_ip_firewall_nat.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func getFirewallNatSchema() *schema.Schema {
func getIPFirewallNatSchema() *schema.Schema {
return &schema.Schema{
Type: schema.TypeList,
Computed: true,
Expand Down
12 changes: 6 additions & 6 deletions routeros/datasource_firewall_test.go → routeros/datasource_ip_firewall_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ import (
"github.com/hashicorp/terraform-plugin-testing/helper/resource"
)

const testDatasourceFirewall = "data.routeros_firewall.fw"
const testDatasourceIpFirewall = "data.routeros_ip_firewall.fw"

func TestAccDatasourceFirewallTest_basic(t *testing.T) {
func TestAccDatasourceIpFirewallTest_basic(t *testing.T) {
for _, name := range testNames {
t.Run(name, func(t *testing.T) {
resource.Test(t, resource.TestCase{
Expand All @@ -19,9 +19,9 @@ func TestAccDatasourceFirewallTest_basic(t *testing.T) {
ProviderFactories: testAccProviderFactories,
Steps: []resource.TestStep{
{
Config: testAccDatasourceFirewallConfig(),
Config: testAccDatasourceIpFirewallConfig(),
Check: resource.ComposeTestCheckFunc(
testResourcePrimaryInstanceId(testDatasourceFirewall),
testResourcePrimaryInstanceId(testDatasourceIpFirewall),
),
},
},
Expand All @@ -31,9 +31,9 @@ func TestAccDatasourceFirewallTest_basic(t *testing.T) {
}
}

func testAccDatasourceFirewallConfig() string {
func testAccDatasourceIpFirewallConfig() string {
return providerConfig + `
data "routeros_firewall" "fw" {
data "routeros_ip_firewall" "fw" {
address_list {}
mangle {}
nat {}
Expand Down
76 changes: 76 additions & 0 deletions routeros/datasource_ipv6_firewall.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
package routeros

import (
"context"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

var ipv6firewallSections = []string{"rules"}

func DatasourceIPv6Firewall() *schema.Resource {
return &schema.Resource{
ReadContext: datasourceIPv6FirewallFilterRead,
Description: `This datasource contains all supported firewall resources:
- rules (aka filter)
`,
Schema: map[string]*schema.Schema{
"rules": getIPv6FirewallFilterSchema(),
},
}
}

func datasourceIPv6FirewallFilterRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
var diags diag.Diagnostics
basePath := "/ipv6/firewall/"

s := DatasourceIPv6Firewall().Schema

var isEmpty = true
for _, section := range ipv6firewallSections {
isEmpty = isEmpty && len(d.Get(section).([]interface{})) == 0
}

if isEmpty {
return diag.Diagnostics{
diag.Diagnostic{
Severity: diag.Error,
Summary: "You must specify at least one return section of the resource.",
Detail: "Please specify one or more sections of the firewall, information from which will be " +
"returned as a result of the data source query: rules{}, nat { filter = {...}}, etc.",
},
}
}

for _, section := range ipv6firewallSections {
if len(d.Get(section).([]interface{})) == 0 {
continue
}

path := basePath
// The filtering section is named 'rules' to avoid confusion: filter { filter = { ... }}.
if section == "rules" {
path += "filter"
} else {
// Kebab case!
path += SnakeToKebab(section)
}

// Snake case!
var res []MikrotikItem

for _, sectionResourceData := range d.Get(section).([]interface{}) {
filter := sectionResourceData.(map[string]interface{})[KeyFilter].(map[string]interface{})

r, err := ReadItemsFiltered(buildReadFilter(filter), path, m.(Client))
if err != nil {
return diag.FromErr(err)
}

res = append(res, *r...)
}
diags = append(diags, MikrotikResourceDataToTerraformDatasource(&res, section, s, d)...)
}
return diags
}
Loading