From 38fe3a31a3cdabe7773d18e4bcd17587eb9f122a Mon Sep 17 00:00:00 2001 From: graysonwu Date: Wed, 15 Nov 2023 15:53:21 -0800 Subject: [PATCH] Support multi-tenancy --- api/api_list.yaml | 27 +++ api/infra/flood_protection_profiles_client.go | 174 ++++++++++++++++++ ...cy_distributed_flood_protection_profile.go | 53 ++---- ...stributed_flood_protection_profile_test.go | 68 +++++-- ...policy_gateway_flood_protection_profile.go | 28 +-- ...y_gateway_flood_protection_profile_test.go | 68 +++++-- ...ted_flood_protection_profile.html.markdown | 27 +++ ...way_flood_protection_profile.html.markdown | 26 +++ 8 files changed, 377 insertions(+), 94 deletions(-) create mode 100644 api/infra/flood_protection_profiles_client.go diff --git a/api/api_list.yaml b/api/api_list.yaml index ddfb2404c..0d37e7862 100644 --- a/api/api_list.yaml +++ b/api/api_list.yaml @@ -877,3 +877,30 @@ supported_method: - New - List +- api_packages: + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Local + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model + type: Global + - client: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra + model: github.com/vmware/vsphere-automation-sdk-go/runtime/data + list_result_model: github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model + type: Multitenancy + model_name: StructValue + obj_name: FloodProtectionProfiles + client_name: FloodProtectionProfilesClient + list_result_name: FloodProtectionProfileListResult + model_prefix: vapiData_ + model_pass_ptr: true + file_name: FloodProtectionProfilesClient + supported_method: + - New + - Get + - Delete + - Patch + - Update + - List \ No newline at end of file diff --git a/api/infra/flood_protection_profiles_client.go b/api/infra/flood_protection_profiles_client.go new file mode 100644 index 000000000..bc3cf8e6e --- /dev/null +++ b/api/infra/flood_protection_profiles_client.go @@ -0,0 +1,174 @@ +//nolint:revive +package infra + +// The following file has been autogenerated. Please avoid any changes! +import ( + "errors" + + model0 "github.com/vmware/vsphere-automation-sdk-go/runtime/data" + vapiProtocolClient_ "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" + client1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" + lrmodel1 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/model" + client0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" + lrmodel0 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + client2 "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/orgs/projects/infra" + + utl "github.com/vmware/terraform-provider-nsxt/api/utl" +) + +type StructValueClientContext utl.ClientContext + +func NewFloodProtectionProfilesClient(sessionContext utl.SessionContext, connector vapiProtocolClient_.Connector) *StructValueClientContext { + var client interface{} + + switch sessionContext.ClientType { + + case utl.Local: + client = client0.NewFloodProtectionProfilesClient(connector) + + case utl.Global: + client = client1.NewFloodProtectionProfilesClient(connector) + + case utl.Multitenancy: + client = client2.NewFloodProtectionProfilesClient(connector) + + default: + return nil + } + return &StructValueClientContext{Client: client, ClientType: sessionContext.ClientType, ProjectID: sessionContext.ProjectID} +} + +func (c StructValueClientContext) Get(floodProtectionProfileIdParam string) (*model0.StructValue, error) { + var obj *model0.StructValue + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.Get(floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + obj, err = client.Get(floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.Get(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam) + if err != nil { + return obj, err + } + + default: + return obj, errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c StructValueClientContext) Delete(floodProtectionProfileIdParam string, overrideParam *bool) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + err = client.Delete(floodProtectionProfileIdParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + err = client.Delete(floodProtectionProfileIdParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + err = client.Delete(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c StructValueClientContext) Patch(floodProtectionProfileIdParam string, floodProtectionProfileParam *model0.StructValue, overrideParam *bool) error { + var err error + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + err = client.Patch(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + err = client.Patch(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + err = client.Patch(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return err +} + +func (c StructValueClientContext) Update(floodProtectionProfileIdParam string, floodProtectionProfileParam *model0.StructValue, overrideParam *bool) (*model0.StructValue, error) { + var err error + var obj *model0.StructValue + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.Update(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + obj, err = client.Update(floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.Update(utl.DefaultOrgID, c.ProjectID, floodProtectionProfileIdParam, floodProtectionProfileParam, overrideParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} + +func (c StructValueClientContext) List(cursorParam *string, includeMarkForDeleteObjectsParam *bool, includedFieldsParam *string, pageSizeParam *int64, sortAscendingParam *bool, sortByParam *string) (lrmodel0.FloodProtectionProfileListResult, error) { + var err error + var obj lrmodel0.FloodProtectionProfileListResult + + switch c.ClientType { + + case utl.Local: + client := c.Client.(client0.FloodProtectionProfilesClient) + obj, err = client.List(cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + case utl.Global: + client := c.Client.(client1.FloodProtectionProfilesClient) + gmObj, err := client.List(cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + if err != nil { + return obj, err + } + obj1, err1 := utl.ConvertModelBindingType(gmObj, lrmodel1.FloodProtectionProfileListResultBindingType(), lrmodel0.FloodProtectionProfileListResultBindingType()) + if err1 != nil { + return obj, err1 + } + obj = obj1.(lrmodel0.FloodProtectionProfileListResult) + + case utl.Multitenancy: + client := c.Client.(client2.FloodProtectionProfilesClient) + obj, err = client.List(utl.DefaultOrgID, c.ProjectID, cursorParam, includeMarkForDeleteObjectsParam, includedFieldsParam, pageSizeParam, sortAscendingParam, sortByParam) + + default: + err = errors.New("invalid infrastructure for model") + } + return obj, err +} diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go index 2d51a64da..a1212fe4f 100644 --- a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile.go @@ -12,9 +12,10 @@ import ( "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" "github.com/vmware/vsphere-automation-sdk-go/runtime/data" "github.com/vmware/vsphere-automation-sdk-go/runtime/protocol/client" - gm_infra "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" - "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + "github.com/vmware/terraform-provider-nsxt/api/infra" + utl "github.com/vmware/terraform-provider-nsxt/api/utl" ) func resourceNsxtPolicyDistributedFloodProtectionProfile() *schema.Resource { @@ -38,6 +39,7 @@ func getFloodProtectionProfile() map[string]*schema.Schema { "description": getDescriptionSchema(), "revision": getRevisionSchema(), "tag": getTagsSchema(), + "context": getContextSchema(), "icmp_active_flow_limit": { Type: schema.TypeInt, Description: "Active ICMP connections limit", @@ -82,15 +84,10 @@ func getDistributedFloodProtectionProfile() map[string]*schema.Schema { return baseProfile } -func resourceNsxtPolicyFloodProtectionProfileExists(id string, connector client.Connector, isGlobalManager bool) (bool, error) { - var err error - if isGlobalManager { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - _, err = client.Get(id) - } else { - client := infra.NewFloodProtectionProfilesClient(connector) - _, err = client.Get(id) - } +func resourceNsxtPolicyFloodProtectionProfileExists(sessionContext utl.SessionContext, id string, connector client.Connector) (bool, error) { + + client := infra.NewFloodProtectionProfilesClient(sessionContext, connector) + _, err := client.Get(id) if err == nil { return true, nil } @@ -144,18 +141,14 @@ func resourceNsxtPolicyDistributedFloodProtectionProfilePatch(d *schema.Resource profileStruct := profileValue.(*data.StructValue) log.Printf("[INFO] Patching DistributedFloodProtectionProfile with ID %s", id) - if isPolicyGlobalManager(m) { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - return client.Patch(id, profileStruct, nil) - } - client := infra.NewFloodProtectionProfilesClient(connector) + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) return client.Patch(id, profileStruct, nil) } func resourceNsxtPolicyDistributedFloodProtectionProfileCreate(d *schema.ResourceData, m interface{}) error { // Initialize resource Id and verify this ID is not yet used - id, err := getOrGenerateID(d, m, resourceNsxtPolicyFloodProtectionProfileExists) + id, err := getOrGenerateID2(d, m, resourceNsxtPolicyFloodProtectionProfileExists) if err != nil { return err } @@ -180,21 +173,13 @@ func resourceNsxtPolicyDistributedFloodProtectionProfileRead(d *schema.ResourceD return fmt.Errorf("Error obtaining FloodProtectionProfile ID") } - var profileStruct *data.StructValue - var err error - if isPolicyGlobalManager(m) { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - profileStruct, err = client.Get(id) - } else { - client := infra.NewFloodProtectionProfilesClient(connector) - profileStruct, err = client.Get(id) - } - + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + dpffData, err := client.Get(id) if err != nil { return handleReadError(d, "FloodProtectionProfile", id, err) } - dfppInterface, errs := converter.ConvertToGolang(profileStruct, model.DistributedFloodProtectionProfileBindingType()) + dfppInterface, errs := converter.ConvertToGolang(dpffData, model.DistributedFloodProtectionProfileBindingType()) if errs != nil { return errs[0] } @@ -239,18 +224,10 @@ func resourceNsxtPolicyFloodProtectionProfileDelete(d *schema.ResourceData, m in } connector := getPolicyConnector(m) - var err error - if isPolicyGlobalManager(m) { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - err = client.Delete(id, nil) - } else { - client := infra.NewFloodProtectionProfilesClient(connector) - err = client.Delete(id, nil) - } - + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + err := client.Delete(id, nil) if err != nil { return handleDeleteError("FloodProtectionProfile", id, err) } - return nil } diff --git a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go index 7fb082dc9..fe751a9d1 100644 --- a/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go +++ b/nsxt/resource_nsxt_policy_distributed_flood_protection_profile_test.go @@ -33,7 +33,7 @@ var accTestPolicyDistributedFloodProtectionProfileUpdateAttributes = map[string] "enable_syncache": "true", } -func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing.T) { +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_minimal(t *testing.T) { testResourceName := "nsxt_policy_distributed_flood_protection_profile.test" resource.ParallelTest(t, resource.TestCase{ @@ -44,7 +44,45 @@ func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(true), + Config: testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyDistributedFloodProtectionProfileExists(accTestPolicyDistributedFloodProtectionProfileCreateAttributes["display_name"], testResourceName), + resource.TestCheckResourceAttr(testResourceName, "description", ""), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_multitenancyBasic(t *testing.T) { + testAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_distributed_flood_protection_profile.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state, accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["display_name"]) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(true, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicyDistributedFloodProtectionProfileExists(accTestPolicyDistributedFloodProtectionProfileCreateAttributes["display_name"], testResourceName), resource.TestCheckResourceAttr(testResourceName, "display_name", accTestPolicyDistributedFloodProtectionProfileCreateAttributes["display_name"]), @@ -63,7 +101,7 @@ func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing ), }, { - Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(false), + Config: testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(false, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicyDistributedFloodProtectionProfileExists(accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["display_name"], testResourceName), resource.TestCheckResourceAttr(testResourceName, "display_name", accTestPolicyDistributedFloodProtectionProfileUpdateAttributes["display_name"]), @@ -81,17 +119,6 @@ func TestAccResourceNsxtPolicyDistributedFloodProtectionProfile_basic(t *testing resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), ), }, - { - Config: testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic(), - Check: resource.ComposeTestCheckFunc( - testAccNsxtPolicyDistributedFloodProtectionProfileExists(accTestPolicyDistributedFloodProtectionProfileCreateAttributes["display_name"], testResourceName), - resource.TestCheckResourceAttr(testResourceName, "description", ""), - resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), - resource.TestCheckResourceAttrSet(testResourceName, "path"), - resource.TestCheckResourceAttrSet(testResourceName, "revision"), - resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), - ), - }, }, }) } @@ -134,7 +161,7 @@ func testAccNsxtPolicyDistributedFloodProtectionProfileExists(displayName string return fmt.Errorf("Policy DistributedFloodProtectionProfile resource ID not set in resources") } - exists, err := resourceNsxtPolicyFloodProtectionProfileExists(resourceID, connector, testAccIsGlobalManager()) + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) if err != nil { return err } @@ -155,7 +182,7 @@ func testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state *terra } resourceID := rs.Primary.Attributes["id"] - exists, err := resourceNsxtPolicyFloodProtectionProfileExists(resourceID, connector, testAccIsGlobalManager()) + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) if err == nil { return err } @@ -167,15 +194,20 @@ func testAccNsxtPolicyDistributedFloodProtectionProfileCheckDestroy(state *terra return nil } -func testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(createFlow bool) string { +func testAccNsxtPolicyDistributedFloodProtectionProfileTemplate(createFlow, withContext bool) string { var attrMap map[string]string if createFlow { attrMap = accTestPolicyDistributedFloodProtectionProfileCreateAttributes } else { attrMap = accTestPolicyDistributedFloodProtectionProfileUpdateAttributes } + context := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + } return fmt.Sprintf(` resource "nsxt_policy_distributed_flood_protection_profile" "test" { +%s display_name = "%s" description = "%s" icmp_active_flow_limit = %s @@ -194,7 +226,7 @@ resource "nsxt_policy_distributed_flood_protection_profile" "test" { data "nsxt_policy_distributed_flood_protection_profile" "test" { display_name = "%s" depends_on = [nsxt_policy_distributed_flood_protection_profile.test] -}`, attrMap["display_name"], attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["enable_rst_spoofing"], attrMap["enable_syncache"], attrMap["display_name"]) +}`, context, attrMap["display_name"], attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["enable_rst_spoofing"], attrMap["enable_syncache"], attrMap["display_name"]) } func testAccNsxtPolicyDistributedFloodProtectionProfileMinimalistic() string { diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go index 617bc5f13..ac96413b0 100644 --- a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile.go @@ -11,9 +11,9 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/vmware/vsphere-automation-sdk-go/runtime/bindings" "github.com/vmware/vsphere-automation-sdk-go/runtime/data" - gm_infra "github.com/vmware/vsphere-automation-sdk-go/services/nsxt-gm/global_infra" - "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/infra" "github.com/vmware/vsphere-automation-sdk-go/services/nsxt/model" + + "github.com/vmware/terraform-provider-nsxt/api/infra" ) func resourceNsxtPolicyGatewayFloodProtectionProfile() *schema.Resource { @@ -85,18 +85,14 @@ func resourceNsxtPolicyGatewayFloodProtectionProfilePatch(d *schema.ResourceData profileStruct := profileValue.(*data.StructValue) log.Printf("[INFO] Patching GatewayFloodProtectionProfile with ID %s", id) - if isPolicyGlobalManager(m) { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - return client.Patch(id, profileStruct, nil) - } - client := infra.NewFloodProtectionProfilesClient(connector) + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) return client.Patch(id, profileStruct, nil) } func resourceNsxtPolicyGatewayFloodProtectionProfileCreate(d *schema.ResourceData, m interface{}) error { // Initialize resource Id and verify this ID is not yet used - id, err := getOrGenerateID(d, m, resourceNsxtPolicyFloodProtectionProfileExists) + id, err := getOrGenerateID2(d, m, resourceNsxtPolicyFloodProtectionProfileExists) if err != nil { return err } @@ -118,24 +114,16 @@ func resourceNsxtPolicyGatewayFloodProtectionProfileRead(d *schema.ResourceData, id := d.Id() if id == "" { - return fmt.Errorf("Error obtaining GatewayFloodProtectionProfile ID") - } - - var profileStruct *data.StructValue - var err error - if isPolicyGlobalManager(m) { - client := gm_infra.NewFloodProtectionProfilesClient(connector) - profileStruct, err = client.Get(id) - } else { - client := infra.NewFloodProtectionProfilesClient(connector) - profileStruct, err = client.Get(id) + return fmt.Errorf("Error obtaining FloodProtectionProfile ID") } + client := infra.NewFloodProtectionProfilesClient(getSessionContext(d, m), connector) + gpffData, err := client.Get(id) if err != nil { return handleReadError(d, "GatewayFloodProtectionProfile", id, err) } - gfppInterface, errs := converter.ConvertToGolang(profileStruct, model.GatewayFloodProtectionProfileBindingType()) + gfppInterface, errs := converter.ConvertToGolang(gpffData, model.GatewayFloodProtectionProfileBindingType()) if errs != nil { return errs[0] } diff --git a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go index 3a4b01f38..6aa507526 100644 --- a/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go +++ b/nsxt/resource_nsxt_policy_gateway_flood_protection_profile_test.go @@ -31,7 +31,7 @@ var accTestPolicyGatewayFloodProtectionProfileUpdateAttributes = map[string]stri "nat_active_conn_limit": "5", } -func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) { +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_minimal(t *testing.T) { testResourceName := "nsxt_policy_gateway_flood_protection_profile.test" resource.ParallelTest(t, resource.TestCase{ @@ -42,7 +42,45 @@ func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) }, Steps: []resource.TestStep{ { - Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(true), + Config: testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(), + Check: resource.ComposeTestCheckFunc( + testAccNsxtPolicyGatewayFloodProtectionProfileExists(accTestPolicyGatewayFloodProtectionProfileCreateAttributes["display_name"], testResourceName), + resource.TestCheckResourceAttr(testResourceName, "description", ""), + resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), + resource.TestCheckResourceAttrSet(testResourceName, "path"), + resource.TestCheckResourceAttrSet(testResourceName, "revision"), + resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), + ), + }, + }, + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t, false, func() { + testAccPreCheck(t) + }) +} + +func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_multitenancyBasic(t *testing.T) { + testAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t, true, func() { + testAccPreCheck(t) + testAccOnlyMultitenancy(t) + }) +} + +func testAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T, withContext bool, preCheck func()) { + testResourceName := "nsxt_policy_gateway_flood_protection_profile.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheck, + Providers: testAccProviders, + CheckDestroy: func(state *terraform.State) error { + return testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state, accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["display_name"]) + }, + Steps: []resource.TestStep{ + { + Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(true, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicyGatewayFloodProtectionProfileExists(accTestPolicyGatewayFloodProtectionProfileCreateAttributes["display_name"], testResourceName), resource.TestCheckResourceAttr(testResourceName, "display_name", accTestPolicyGatewayFloodProtectionProfileCreateAttributes["display_name"]), @@ -60,7 +98,7 @@ func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) ), }, { - Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(false), + Config: testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(false, withContext), Check: resource.ComposeTestCheckFunc( testAccNsxtPolicyGatewayFloodProtectionProfileExists(accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["display_name"], testResourceName), resource.TestCheckResourceAttr(testResourceName, "display_name", accTestPolicyGatewayFloodProtectionProfileUpdateAttributes["display_name"]), @@ -77,17 +115,6 @@ func TestAccResourceNsxtPolicyGatewayFloodProtectionProfile_basic(t *testing.T) resource.TestCheckResourceAttr(testResourceName, "tag.#", "1"), ), }, - { - Config: testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic(), - Check: resource.ComposeTestCheckFunc( - testAccNsxtPolicyGatewayFloodProtectionProfileExists(accTestPolicyGatewayFloodProtectionProfileCreateAttributes["display_name"], testResourceName), - resource.TestCheckResourceAttr(testResourceName, "description", ""), - resource.TestCheckResourceAttrSet(testResourceName, "nsx_id"), - resource.TestCheckResourceAttrSet(testResourceName, "path"), - resource.TestCheckResourceAttrSet(testResourceName, "revision"), - resource.TestCheckResourceAttr(testResourceName, "tag.#", "0"), - ), - }, }, }) } @@ -130,7 +157,7 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileExists(displayName string, re return fmt.Errorf("Policy GatewayFloodProtectionProfile resource ID not set in resources") } - exists, err := resourceNsxtPolicyFloodProtectionProfileExists(resourceID, connector, testAccIsGlobalManager()) + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) if err != nil { return err } @@ -151,7 +178,7 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state *terraform } resourceID := rs.Primary.Attributes["id"] - exists, err := resourceNsxtPolicyFloodProtectionProfileExists(resourceID, connector, testAccIsGlobalManager()) + exists, err := resourceNsxtPolicyFloodProtectionProfileExists(testAccGetSessionContext(), resourceID, connector) if err == nil { return err } @@ -163,15 +190,20 @@ func testAccNsxtPolicyGatewayFloodProtectionProfileCheckDestroy(state *terraform return nil } -func testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(createFlow bool) string { +func testAccNsxtPolicyGatewayFloodProtectionProfileTemplate(createFlow, withContext bool) string { var attrMap map[string]string if createFlow { attrMap = accTestPolicyGatewayFloodProtectionProfileCreateAttributes } else { attrMap = accTestPolicyGatewayFloodProtectionProfileUpdateAttributes } + context := "" + if withContext { + context = testAccNsxtPolicyMultitenancyContext() + } return fmt.Sprintf(` resource "nsxt_policy_gateway_flood_protection_profile" "test" { +%s display_name = "%s" description = "%s" icmp_active_flow_limit = %s @@ -189,7 +221,7 @@ resource "nsxt_policy_gateway_flood_protection_profile" "test" { data "nsxt_policy_gateway_flood_protection_profile" "test" { display_name = "%s" depends_on = [nsxt_policy_gateway_flood_protection_profile.test] -}`, attrMap["display_name"], attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["nat_active_conn_limit"], attrMap["display_name"]) +}`, context, attrMap["display_name"], attrMap["description"], attrMap["icmp_active_flow_limit"], attrMap["other_active_conn_limit"], attrMap["tcp_half_open_conn_limit"], attrMap["udp_active_flow_limit"], attrMap["nat_active_conn_limit"], attrMap["display_name"]) } func testAccNsxtPolicyGatewayFloodProtectionProfileMinimalistic() string { diff --git a/website/docs/r/policy_distributed_flood_protection_profile.html.markdown b/website/docs/r/policy_distributed_flood_protection_profile.html.markdown index 559358bdf..d9a9f512f 100644 --- a/website/docs/r/policy_distributed_flood_protection_profile.html.markdown +++ b/website/docs/r/policy_distributed_flood_protection_profile.html.markdown @@ -31,6 +31,33 @@ resource "nsxt_policy_distributed_flood_protection_profile" "test" { } ``` +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_distributed_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + enable_rst_spoofing = true + enable_syncache = true + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + ## Argument Reference The following arguments are supported: diff --git a/website/docs/r/policy_gateway_flood_protection_profile.html.markdown b/website/docs/r/policy_gateway_flood_protection_profile.html.markdown index 46a1c7928..59c4b3112 100644 --- a/website/docs/r/policy_gateway_flood_protection_profile.html.markdown +++ b/website/docs/r/policy_gateway_flood_protection_profile.html.markdown @@ -30,6 +30,32 @@ resource "nsxt_policy_gateway_flood_protection_profile" "test" { } ``` +## Example Usage - Multi-Tenancy + +```hcl +data "nsxt_policy_project" "demoproj" { + display_name = "demoproj" +} + +resource "nsxt_policy_gateway_flood_protection_profile" "test" { + context { + project_id = data.nsxt_policy_project.demoproj.id + } + display_name = "test" + description = "test" + icmp_active_flow_limit = 3 + other_active_conn_limit = 3 + tcp_half_open_conn_limit = 3 + udp_active_flow_limit = 3 + nat_active_conn_limit = 3 + + tag { + scope = "scope1" + tag = "tag1" + } +} +``` + ## Argument Reference The following arguments are supported: