Add support Provider Gateway topology intentions on VCD 10.5.1 (NAT, FW, route advertisement)

.changes/v3.13.0/1239-improvements.md

@@ -0,0 +1,3 @@
+* Resource and data source `vcd_external_network_v2` add support for Provider Gateway Topology
+  intentions in VCD 10.5.1+ via fields `nat_and_firewall_service_intention` and
+  `route_advertisement_intention` [GH-1239]

go.mod

@@ -70,3 +70,5 @@ require (
 	google.golang.org/grpc v1.63.2 // indirect
 	google.golang.org/protobuf v1.34.0 // indirect
 )
+
+replace github.com/vmware/go-vcloud-director/v2 => github.com/Didainius/go-vcloud-director/v2 v2.17.0-alpha.2.0.20240613125226-d55a8679d3c2

go.sum

@@ -1,5 +1,7 @@
 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
 dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
+github.com/Didainius/go-vcloud-director/v2 v2.17.0-alpha.2.0.20240613125226-d55a8679d3c2 h1:fV0mBrSES7fvdefFp2W2k8JiqjMj4aVKnURkf5OBKwc=
+github.com/Didainius/go-vcloud-director/v2 v2.17.0-alpha.2.0.20240613125226-d55a8679d3c2/go.mod h1:vbuNYzuADDBFhi9i2dIKWeNxMK1VFF0dACq01amYBIM=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
 github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg=
@@ -148,8 +150,6 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU
 github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok=
 github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=
 github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
-github.com/vmware/go-vcloud-director/v2 v2.25.0-alpha.7 h1:tCSx1c8m7b/jnSxTl1m5rHUFScM91SnLqDAso0KhNko=
-github.com/vmware/go-vcloud-director/v2 v2.25.0-alpha.7/go.mod h1:vbuNYzuADDBFhi9i2dIKWeNxMK1VFF0dACq01amYBIM=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
 github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=

vcd/datasource_vcd_external_network_v2.go

@@ -33,6 +33,16 @@ func datasourceVcdExternalNetworkV2() *schema.Resource {
 				Computed:    true,
 				Description: "Defines if this network uses IP Spaces (VCD 10.4.1+)",
 			},
+			"nat_and_firewall_service_intention": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Defines different types of intentions to configure NAT and Firewall rules (only with IP Spaces, VCD 10.5.1+) One of `PROVIDER_GATEWAY`,`EDGE_GATEWAY`,`PROVIDER_AND_EDGE_GATEWAY`",
+			},
+			"route_advertisement_intention": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Defines intentions to configure route advertisement (only with IP Spaces, VCD 10.5.1+) One of `IP_SPACE_UPLINKS_ADVERTISED_STRICT`,`IP_SPACE_UPLINKS_ADVERTISED_FLEXIBLE`,`ALL_NETWORKS_ADVERTISED`",
+			},
 			"ip_scope": {
 				Type:        schema.TypeSet,
 				Computed:    true,

vcd/resource_vcd_external_network_v2.go

@@ -154,6 +154,20 @@ func resourceVcdExternalNetworkV2() *schema.Resource {
 				ForceNew:    true,
 				Description: "Enables IP Spaces for this network (default 'false'). VCD 10.4.1+",
 			},
+			"nat_and_firewall_service_intention": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				Computed:     true,
+				Description:  "Defines intentions to configure NAT and Firewall rules (only with IP Spaces, VCD 10.5.1+) One of `PROVIDER_GATEWAY`,`EDGE_GATEWAY`,`PROVIDER_AND_EDGE_GATEWAY`",
+				ValidateFunc: validation.StringInSlice([]string{"PROVIDER_GATEWAY", "EDGE_GATEWAY", "PROVIDER_AND_EDGE_GATEWAY"}, false),
+			},
+			"route_advertisement_intention": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				Computed:     true,
+				Description:  "Defines intentions to configure route advertisement (only with IP Spaces, VCD 10.5.1+) One of `IP_SPACE_UPLINKS_ADVERTISED_STRICT`,`IP_SPACE_UPLINKS_ADVERTISED_FLEXIBLE`,`ALL_NETWORKS_ADVERTISED`",
+				ValidateFunc: validation.StringInSlice([]string{"IP_SPACE_UPLINKS_ADVERTISED_STRICT", "IP_SPACE_UPLINKS_ADVERTISED_FLEXIBLE", "ALL_NETWORKS_ADVERTISED"}, false),
+			},
 			"ip_scope": {
 				Type:        schema.TypeSet,
 				Optional:    true, // Not required when `use_ip_spaces` is enabled
@@ -301,11 +315,16 @@ func getExternalNetworkV2Type(vcdClient *VCDClient, d *schema.ResourceData, know
 		return nil, fmt.Errorf("error getting network backing type: %s", err)
 	}
 
+	natAndFirewallIntention := d.Get("nat_and_firewall_service_intention").(string)
+	routeAdvertisementIntention := d.Get("route_advertisement_intention").(string)
+
 	newExtNet := &types.ExternalNetworkV2{
-		Name:            d.Get("name").(string),
-		Description:     d.Get("description").(string),
-		NetworkBackings: networkBackings,
-		DedicatedOrg:    &types.OpenApiReference{ID: d.Get("dedicated_org_id").(string)},
+		Name:                               d.Get("name").(string),
+		Description:                        d.Get("description").(string),
+		NetworkBackings:                    networkBackings,
+		DedicatedOrg:                       &types.OpenApiReference{ID: d.Get("dedicated_org_id").(string)},
+		NatAndFirewallServiceIntention:     natAndFirewallIntention,
+		NetworkRouteAdvertisementIntention: routeAdvertisementIntention,
 	}
 
 	usingIpSpace := d.Get("use_ip_spaces").(bool)
@@ -332,6 +351,10 @@ func getExternalNetworkV2Type(vcdClient *VCDClient, d *schema.ResourceData, know
 		return nil, fmt.Errorf("'dedicated_org_id' can only be set when 'use_ip_spaces' is enabled")
 	}
 
+	if vcdClient.Client.APIVCDMaxVersionIs("< 38.1") && (natAndFirewallIntention != "" || routeAdvertisementIntention != "") {
+		return nil, fmt.Errorf("'nat_and_firewall_service_intention' and 'route_advertisement_intention' are only supported in VCD 10.5.1+")
+	}
+
 	return newExtNet, nil
 }
 
@@ -485,6 +508,8 @@ func processIpRanges(staticIpPool *schema.Set) []types.ExternalNetworkV2IPRange
 func setExternalNetworkV2Data(d *schema.ResourceData, net *types.ExternalNetworkV2) error {
 	dSet(d, "name", net.Name)
 	dSet(d, "description", net.Description)
+	dSet(d, "nat_and_firewall_service_intention", net.NatAndFirewallServiceIntention)
+	dSet(d, "route_advertisement_intention", net.NetworkRouteAdvertisementIntention)
 
 	if net.DedicatedOrg != nil && net.DedicatedOrg.ID != "" {
 		dSet(d, "dedicated_org_id", net.DedicatedOrg.ID)