Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: application-services utm-policy policy ending with permit not being read properly #430

Closed
tagur87 opened this issue Oct 13, 2022 · 1 comment · Fixed by #433
Closed

Bug: application-services utm-policy policy ending with permit not being read properly #430

tagur87 opened this issue Oct 13, 2022 · 1 comment · Fixed by #433
Assignees
@jeremmfr
Labels
bug Something isn't working
Milestone
v1.31.1

Comments

@tagur87
Copy link
Contributor

tagur87 commented Oct 13, 2022

Terraform and Provider Versions

Terraform has been successfully initialized!
Terraform v1.3.2

Terraform Configuration Files

resource "junos_security_utm_profile_web_filtering_juniper_enhanced" "default_permit" {
  name = "default_permit"
  category {
    name   = junos_security_utm_custom_url_category.servers-allow.name
    action = "log-and-permit"
  }
  category {
    name   = junos_security_utm_custom_url_category.global-deny.name
    action = "block"
  }
 ...
  default_action       = "log-and-permit"
  custom_block_message = "The page has been blocked because the content has been deemed unsuitable or harmful to your computer. If this site was blocked in error please send the information displayed below to your Computer Help Desk."
  timeout              = 3
  no_safe_search       = true
  fallback_settings {
    default             = "block"
    server_connectivity = "block"
    timeout             = "block"
    too_many_requests   = "block"
  }
}

resource "junos_security_global_policy" "global" {
policy {
      name                               = "policy1"
      match_source_address               = "any"
      match_destination_address          = "any"
      match_application                  = "junos-http"
      match_from_zone                    = "internal"
      match_to_zone                      = "untrust     
      then                               = "permit"
      permit_application_services {
          security_intelligence_policy = "secintel-policy"
          utm_policy                   = "default_permit"
        }
      log_init  = true
    }
}

Expected Behavior

Terraform plan and apply that does not show needing changes on every run.

Actual Behavior

The terraform apply and plan consistently show the need for changes, even after running multiple times.
output is shown below.

~ policy {
            name                               = "policy1"
            # (12 unchanged attributes hidden)
          ~ permit_application_services {
              + utm_policy                   = "default_permit"
                # (4 unchanged attributes hidden)
            }
        }

Steps to Reproduce

  1. terraform apply
  2. terraform plan or terraform apply

Additional Context

Seems to be related to this case statement check: https://github.com/jeremmfr/terraform-provider-junos/blob/main/junos/resource_security_global_policy.go#L488

Since the name of the utm policy ends with "permit" it is caught in this section, and doesn't fall through to: https://github.com/jeremmfr/terraform-provider-junos/blob/main/junos/resource_security_global_policy.go#L498

Need to find a better way to handle this, to allow names with "permit" in the title.

References
@tagur87 tagur87 added the bug Something isn't working label Oct 13, 2022
@jeremmfr
Copy link
Owner

Hi 👋

Thank you for raising this issue. I'll take care of fixing it.

@jeremmfr jeremmfr self-assigned this Oct 14, 2022
@jeremmfr jeremmfr added this to the v1.31.1 milestone Oct 14, 2022
jeremmfr added a commit that referenced this issue Oct 14, 2022
@jeremmfr
r/security_global_policy: fix error reading config
751ccff 
when an element of permit_application_services have the suffix permit, deny or reject
Fix #430
@jeremmfr jeremmfr mentioned this issue Oct 14, 2022
Merged
@jeremmfr jeremmfr mentioned this issue Oct 14, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jeremmfr jeremmfr

Labels
bug Something isn't working
Projects
None yet
Milestone
v1.31.1
2 participants
@jeremmfr @tagur87