Skip to content

Commit

Permalink
azurerm_linux_function_app_slot, `azurerm_windows_function_app_slot…
Browse files Browse the repository at this point in the history 
…` - `site_config.minimum_tls_version` and `site_config.scm_minimum_tls_version` accept `1.3` as a value (hashicorp#28016)

* `azurerm_linux_function_app_slot`, `azurerm_windows_function_app_slot` -
`site_config.minimum_tls_version` and `site_config.scm_minimum_tls_version` accept `1.3` as a value

* adding test cases
  • Loading branch information
@ziyeqf
ziyeqf authored Dec 9, 2024
1 parent 8f0d6be commit 6bab2fb
Show file tree
Hide file tree
Showing 5 changed files with 112 additions and 55 deletions.
85 changes: 34 additions & 51 deletions internal/services/appservice/helpers/function_app_slot_schema.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ import (
apimValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/apimanagement/validate"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
"github.com/jackofallops/kermit/sdk/web/2022-09-01/web"
)

type SiteConfigWindowsFunctionAppSlot struct {
Expand Down Expand Up @@ -192,10 +191,10 @@ func SiteConfigSchemaWindowsFunctionAppSlot() *pluginsdk.Schema {
"managed_pipeline_mode": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.ManagedPipelineModeIntegrated),
Default: string(webapps.ManagedPipelineModeIntegrated),
ValidateFunc: validation.StringInSlice([]string{
string(web.ManagedPipelineModeClassic),
string(web.ManagedPipelineModeIntegrated),
string(webapps.ManagedPipelineModeClassic),
string(webapps.ManagedPipelineModeIntegrated),
}, false),
Description: "The Managed Pipeline mode. Possible values include: `Integrated`, `Classic`. Defaults to `Integrated`.",
},
Expand Down Expand Up @@ -255,11 +254,11 @@ func SiteConfigSchemaWindowsFunctionAppSlot() *pluginsdk.Schema {
"ftps_state": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.FtpsStateDisabled),
Default: string(webapps.FtpsStateDisabled),
ValidateFunc: validation.StringInSlice([]string{
string(web.FtpsStateAllAllowed),
string(web.FtpsStateDisabled),
string(web.FtpsStateFtpsOnly),
string(webapps.FtpsStateAllAllowed),
string(webapps.FtpsStateDisabled),
string(webapps.FtpsStateFtpsOnly),
}, false),
Description: "State of FTP / FTPS service for this function app. Possible values include: `AllAllowed`, `FtpsOnly` and `Disabled`. Defaults to `Disabled`.",
},
Expand Down Expand Up @@ -287,27 +286,19 @@ func SiteConfigSchemaWindowsFunctionAppSlot() *pluginsdk.Schema {
},

"minimum_tls_version": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.SupportedTLSVersionsOneFullStopTwo),
ValidateFunc: validation.StringInSlice([]string{
string(web.SupportedTLSVersionsOneFullStopZero),
string(web.SupportedTLSVersionsOneFullStopOne),
string(web.SupportedTLSVersionsOneFullStopTwo),
}, false),
Description: "The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.",
Type: pluginsdk.TypeString,
Optional: true,
Default: string(webapps.SupportedTlsVersionsOnePointTwo),
ValidateFunc: validation.StringInSlice(webapps.PossibleValuesForSupportedTlsVersions(), false),
Description: "The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.",
},

"scm_minimum_tls_version": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.SupportedTLSVersionsOneFullStopTwo),
ValidateFunc: validation.StringInSlice([]string{
string(web.SupportedTLSVersionsOneFullStopZero),
string(web.SupportedTLSVersionsOneFullStopOne),
string(web.SupportedTLSVersionsOneFullStopTwo),
}, false),
Description: "Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.",
Type: pluginsdk.TypeString,
Optional: true,
Default: string(webapps.SupportedTlsVersionsOnePointTwo),
ValidateFunc: validation.StringInSlice(webapps.PossibleValuesForSupportedTlsVersions(), false),
Description: "Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.",
},

"cors": CorsSettingsSchema(),
Expand Down Expand Up @@ -526,10 +517,10 @@ func SiteConfigSchemaLinuxFunctionAppSlot() *pluginsdk.Schema {
"managed_pipeline_mode": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.ManagedPipelineModeIntegrated),
Default: string(webapps.ManagedPipelineModeIntegrated),
ValidateFunc: validation.StringInSlice([]string{
string(web.ManagedPipelineModeClassic),
string(web.ManagedPipelineModeIntegrated),
string(webapps.ManagedPipelineModeClassic),
string(webapps.ManagedPipelineModeIntegrated),
}, false),
Description: "The Managed Pipeline mode. Possible values include: `Integrated`, `Classic`. Defaults to `Integrated`.",
},
Expand Down Expand Up @@ -589,11 +580,11 @@ func SiteConfigSchemaLinuxFunctionAppSlot() *pluginsdk.Schema {
"ftps_state": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.FtpsStateDisabled),
Default: string(webapps.FtpsStateDisabled),
ValidateFunc: validation.StringInSlice([]string{
string(web.FtpsStateAllAllowed),
string(web.FtpsStateDisabled),
string(web.FtpsStateFtpsOnly),
string(webapps.FtpsStateAllAllowed),
string(webapps.FtpsStateDisabled),
string(webapps.FtpsStateFtpsOnly),
}, false),
Description: "State of FTP / FTPS service for this function app. Possible values include: `AllAllowed`, `FtpsOnly` and `Disabled`. Defaults to `Disabled`.",
},
Expand Down Expand Up @@ -621,27 +612,19 @@ func SiteConfigSchemaLinuxFunctionAppSlot() *pluginsdk.Schema {
},

"minimum_tls_version": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.SupportedTLSVersionsOneFullStopTwo),
ValidateFunc: validation.StringInSlice([]string{
string(web.SupportedTLSVersionsOneFullStopZero),
string(web.SupportedTLSVersionsOneFullStopOne),
string(web.SupportedTLSVersionsOneFullStopTwo),
}, false),
Description: "The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.",
Type: pluginsdk.TypeString,
Optional: true,
Default: string(webapps.SupportedTlsVersionsOnePointTwo),
ValidateFunc: validation.StringInSlice(webapps.PossibleValuesForSupportedTlsVersions(), false),
Description: "The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.",
},

"scm_minimum_tls_version": {
Type: pluginsdk.TypeString,
Optional: true,
Default: string(web.SupportedTLSVersionsOneFullStopTwo),
ValidateFunc: validation.StringInSlice([]string{
string(web.SupportedTLSVersionsOneFullStopZero),
string(web.SupportedTLSVersionsOneFullStopOne),
string(web.SupportedTLSVersionsOneFullStopTwo),
}, false),
Description: "Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.",
Type: pluginsdk.TypeString,
Optional: true,
Default: string(webapps.SupportedTlsVersionsOnePointTwo),
ValidateFunc: validation.StringInSlice(webapps.PossibleValuesForSupportedTlsVersions(), false),
Description: "Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.",
},

"cors": CorsSettingsSchema(),
Expand Down
37 changes: 37 additions & 0 deletions internal/services/appservice/linux_function_app_slot_resource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1513,6 +1513,22 @@ func TestAccLinuxFunctionAppSlot_publicNetworkAccessUpdate(t *testing.T) {
})
}

func TestAccLinuxFunctionAppSlot_basicWithTlsOnePointThree(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_linux_function_app_slot", "test")
r := LinuxFunctionAppSlotResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.withTlsVersion(data, SkuConsumptionPlan, "1.3"),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
check.That(data.ResourceName).Key("kind").HasValue("functionapp,linux"),
),
},
data.ImportStep("site_credential.0.password"),
})
}

// Configs

func (r LinuxFunctionAppSlotResource) Exists(ctx context.Context, client *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
Expand Down Expand Up @@ -4279,3 +4295,24 @@ data "azurerm_storage_account_sas" "test" {
}
`, r.template(data, planSKU), data.RandomInteger)
}

func (r LinuxFunctionAppSlotResource) withTlsVersion(data acceptance.TestData, planSku string, tlsVersion string) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}
%s
resource "azurerm_linux_function_app_slot" "test" {
name = "acctest-LFAS-%d"
function_app_id = azurerm_linux_function_app.test.id
storage_account_name = azurerm_storage_account.test.name
storage_account_access_key = azurerm_storage_account.test.primary_access_key
site_config {
minimum_tls_version = "%s"
}
}
`, r.template(data, planSku), data.RandomInteger, tlsVersion)
}
37 changes: 37 additions & 0 deletions internal/services/appservice/windows_function_app_slot_resource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1311,6 +1311,22 @@ func TestAccWindowsFunctionAppSlot_publicNetworkAccessUpdate(t *testing.T) {
})
}

func TestAccWindowsFunctionAppSlot_basicWithTlsOnePointThree(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_windows_function_app_slot", "test")
r := WindowsFunctionAppSlotResource{}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.withTlsVersion(data, SkuConsumptionPlan, "1.3"),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
check.That(data.ResourceName).Key("kind").HasValue("functionapp"),
),
},
data.ImportStep("site_credential.0.password"),
})
}

// Exists

func (r WindowsFunctionAppSlotResource) Exists(ctx context.Context, client *clients.Client, state *pluginsdk.InstanceState) (*bool, error) {
Expand Down Expand Up @@ -3399,3 +3415,24 @@ data "azurerm_storage_account_sas" "test" {
}
`, r.template(data, planSKU), data.RandomInteger)
}

func (r WindowsFunctionAppSlotResource) withTlsVersion(data acceptance.TestData, planSku string, tlsVersion string) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}
%s
resource "azurerm_windows_function_app_slot" "test" {
name = "acctest-WFAS-%d"
function_app_id = azurerm_windows_function_app.test.id
storage_account_name = azurerm_storage_account.test.name
storage_account_access_key = azurerm_storage_account.test.primary_access_key
site_config {
minimum_tls_version = "%s"
}
}
`, r.template(data, planSku), data.RandomInteger, tlsVersion)
}
4 changes: 2 additions & 2 deletions website/docs/r/linux_function_app_slot.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -493,7 +493,7 @@ A `site_config` block supports the following:

* `managed_pipeline_mode` - (Optional) The Managed Pipeline mode. Possible values include: `Integrated`, `Classic`. Defaults to `Integrated`.

* `minimum_tls_version` - (Optional) The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
* `minimum_tls_version` - (Optional) The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.

* `pre_warmed_instance_count` - (Optional) The number of pre-warmed instances for this function app. Only affects apps on an Elastic Premium plan.

Expand All @@ -509,7 +509,7 @@ A `site_config` block supports the following:

* `scm_ip_restriction_default_action` - (Optional) The Default action for traffic that does not match any `scm_ip_restriction` rule. possible values include `Allow` and `Deny`. Defaults to `Allow`.

* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.

* `scm_type` - The SCM Type in use by the Linux Function App.

Expand Down
4 changes: 2 additions & 2 deletions website/docs/r/windows_function_app_slot.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -486,7 +486,7 @@ A `site_config` block supports the following:

* `managed_pipeline_mode` - (Optional) The Managed Pipeline mode. Possible values include: `Integrated`, `Classic`. Defaults to `Integrated`.

* `minimum_tls_version` - (Optional) The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
* `minimum_tls_version` - (Optional) The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.

* `pre_warmed_instance_count` - (Optional) The number of pre-warmed instances for this function app. Only affects apps on an Elastic Premium plan.

Expand All @@ -502,7 +502,7 @@ A `site_config` block supports the following:

* `scm_ip_restriction_default_action` - (Optional) The Default action for traffic that does not match any `scm_ip_restriction` rule. possible values include `Allow` and `Deny`. Defaults to `Allow`.

* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`.
* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, `1.2` and `1.3`. Defaults to `1.2`.

* `scm_type` - The SCM Type in use by the Windows Function App.

Expand Down

0 comments on commit 6bab2fb

Please sign in to comment.