From d189af2ccf9753d7785d9f84e178e9ad2bf48a65 Mon Sep 17 00:00:00 2001 From: sueplex Date: Thu, 13 Mar 2025 10:13:20 -0400 Subject: [PATCH 1/4] [firewall config resource] off by one error --- vercel/resource_firewall_config.go | 2 +- vercel/resource_firewall_config_test.go | 46 ++++++++++++++++++++++++- 2 files changed, 46 insertions(+), 2 deletions(-) diff --git a/vercel/resource_firewall_config.go b/vercel/resource_firewall_config.go index e6406c91..f2d44c84 100644 --- a/vercel/resource_firewall_config.go +++ b/vercel/resource_firewall_config.go @@ -808,7 +808,7 @@ func fromClient(conf client.FirewallConfig, state FirewallConfig) (FirewallConfi var stateRule = FirewallRule{ Active: types.BoolNull(), } - if state.Rules != nil && len(state.Rules.Rules)-1 > i { + if state.Rules != nil && len(state.Rules.Rules) > i { stateRule = state.Rules.Rules[i] } rules[i], err = fromFirewallRule(rule, stateRule) diff --git a/vercel/resource_firewall_config_test.go b/vercel/resource_firewall_config_test.go index 19a218c1..f3c1bb6e 100644 --- a/vercel/resource_firewall_config_test.go +++ b/vercel/resource_firewall_config_test.go @@ -240,6 +240,10 @@ func TestAcc_FirewallConfigResource(t *testing.T) { "vercel_firewall_config.custom", "rules.rule.0.condition_group.0.conditions.0.type", "path"), + resource.TestCheckResourceAttr( + "vercel_firewall_config.custom", + "rules.rule.0.condition_group.0.conditions.0.neg", + ""), resource.TestCheckResourceAttr( "vercel_firewall_config.custom", "rules.rule.0.condition_group.0.conditions.1.value", @@ -294,6 +298,14 @@ func TestAcc_FirewallConfigResource(t *testing.T) { "vercel_firewall_config.custom", "rules.rule.2.action.redirect.permanent", "false"), + resource.TestCheckResourceAttr( + "vercel_firewall_config.custom_neg", + "rules.rule.0.condition_group.0.conditions.0.neg", + "true"), + resource.TestCheckResourceAttr( + "vercel_firewall_config.custom_neg", + "rules.rule.0.condition_group.0.conditions.0.values", + "true"), resource.TestCheckResourceAttr( "vercel_firewall_config.ips", "ip_rules.rule.0.action", @@ -612,5 +624,37 @@ resource "vercel_firewall_config" "ips" { hostname = "*" } } -}`, name, teamID) +} + +resource "vercel_project" "custom_neg" { + name = "test-acc-%[1]s-custom_neg" + %[2]s +} + +resource "vercel_firewall_config" "custom_neg" { + project_id = vercel_project.custom_neg.id + %[2]s + + rules { + rule { + name = "test" + action = { + action = "deny" + } + condition_group = [{ + conditions = [{ + type = "ip_address" + op = "inc" + neg = true + values = [ + "1.2.3.4", + "3.4.5.6", + "5.6.7.7", + ] + } + }] + } + } +} +`, name, teamID) } From 9bde3a7c56ec1d8716738599dc3436b66cb49aaa Mon Sep 17 00:00:00 2001 From: sueplex Date: Thu, 13 Mar 2025 10:26:57 -0400 Subject: [PATCH 2/4] fix broken test config --- vercel/resource_firewall_config_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vercel/resource_firewall_config_test.go b/vercel/resource_firewall_config_test.go index f3c1bb6e..c34892ed 100644 --- a/vercel/resource_firewall_config_test.go +++ b/vercel/resource_firewall_config_test.go @@ -651,7 +651,7 @@ resource "vercel_firewall_config" "custom_neg" { "3.4.5.6", "5.6.7.7", ] - } + }] }] } } From 96eba9c6fdd86475cea06b48d412e1be3484e2cf Mon Sep 17 00:00:00 2001 From: sueplex Date: Thu, 13 Mar 2025 10:57:21 -0400 Subject: [PATCH 3/4] fix project name --- vercel/resource_firewall_config_test.go | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/vercel/resource_firewall_config_test.go b/vercel/resource_firewall_config_test.go index c34892ed..feef6c92 100644 --- a/vercel/resource_firewall_config_test.go +++ b/vercel/resource_firewall_config_test.go @@ -299,13 +299,17 @@ func TestAcc_FirewallConfigResource(t *testing.T) { "rules.rule.2.action.redirect.permanent", "false"), resource.TestCheckResourceAttr( - "vercel_firewall_config.custom_neg", + "vercel_firewall_config.neg", "rules.rule.0.condition_group.0.conditions.0.neg", "true"), resource.TestCheckResourceAttr( - "vercel_firewall_config.custom_neg", - "rules.rule.0.condition_group.0.conditions.0.values", - "true"), + "vercel_firewall_config.neg", + "rules.rule.0.condition_group.0.conditions.0.values.0", + "1.2.3.4"), + resource.TestCheckResourceAttr( + "vercel_firewall_config.neg", + "rules.rule.0.condition_group.0.conditions.0.values.1", + "3.4.5.6"), resource.TestCheckResourceAttr( "vercel_firewall_config.ips", "ip_rules.rule.0.action", @@ -626,13 +630,13 @@ resource "vercel_firewall_config" "ips" { } } -resource "vercel_project" "custom_neg" { - name = "test-acc-%[1]s-custom_neg" +resource "vercel_project" "neg" { + name = "test-acc-%[1]s-neg" %[2]s } -resource "vercel_firewall_config" "custom_neg" { - project_id = vercel_project.custom_neg.id +resource "vercel_firewall_config" "neg" { + project_id = vercel_project.neg.id %[2]s rules { From 2fb51be08dd56b8003b9d3d0ebeac9f8258116c5 Mon Sep 17 00:00:00 2001 From: sueplex Date: Thu, 13 Mar 2025 11:28:58 -0400 Subject: [PATCH 4/4] drop nil check --- vercel/resource_firewall_config_test.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/vercel/resource_firewall_config_test.go b/vercel/resource_firewall_config_test.go index feef6c92..8010ee5c 100644 --- a/vercel/resource_firewall_config_test.go +++ b/vercel/resource_firewall_config_test.go @@ -240,10 +240,6 @@ func TestAcc_FirewallConfigResource(t *testing.T) { "vercel_firewall_config.custom", "rules.rule.0.condition_group.0.conditions.0.type", "path"), - resource.TestCheckResourceAttr( - "vercel_firewall_config.custom", - "rules.rule.0.condition_group.0.conditions.0.neg", - ""), resource.TestCheckResourceAttr( "vercel_firewall_config.custom", "rules.rule.0.condition_group.0.conditions.1.value",