Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQUEST] AppFW Signatures: Not possible to enable / disable a Signature using terraform #1113

Closed
kaiAsmOne opened this issue Dec 4, 2023 · 3 comments · Fixed by #1147
Closed

[FEATURE REQUEST] AppFW Signatures: Not possible to enable / disable a Signature using terraform #1113

kaiAsmOne opened this issue Dec 4, 2023 · 3 comments · Fixed by #1147
Assignees
@rohit-myali
Labels
In-Progress ..being worked upon

Comments

@kaiAsmOne
Copy link

kaiAsmOne commented Dec 4, 2023
edited
Loading

Contact us

For any immediate issues or help , reach out to us at [email protected] !

Feature Request

When a Netscaler is fully deployed and configured using terraform there is no way to modify the WAF Signature File for a given web application.

I need to be able to change the xml file with the signatures.

I need to be able to have a terraform resource where i can specify the signature name (name of signature in gui) , the SignatureRule id

And allow me to specify the rule id actions Enabled / Block / Log / Stats / Remove / xout options for a specific rule id.
@kaiAsmOne
Copy link
Author

After doing some nstrace it would be enough for me to have the functions / attributes of the appfwsignatures API implemented . (ruleid , category , enabled, action)

https://developer-docs.netscaler.com/en-us/adc-nitro-api/13-1/configuration/appfw/appfwsignatures

@rohit-myali rohit-myali added the In-Progress ..being worked upon label Apr 16, 2024
@rohit-myali rohit-myali linked a pull request Apr 19, 2024 that will close this issue
Updated appfwsignatures resource to support additional attributes #1147
Merged
@rohit-myali
Copy link
Contributor

Hello @kaiAsmOne
Thanks for raising this feature request.
We have released this and it is now available in the terraform registry. Please download the latest terraform-provider-citrixadc version v1.38.0.

Link to documentation HERE

@rohit-myali rohit-myali self-assigned this May 8, 2024
@kaiAsmOne
Copy link
Author

kaiAsmOne commented May 14, 2024
edited
Loading

@rohit-myali : I have tried upgrading to 1.39.0 provider but for every terraform apply the provider now wants to replace the signatures on each run.. The provider seems to belive config is changed on each run.

Further more the terraform apply fails on every run..

The Netscaler provider wants to change this on every run..

module.netscaler-adc-waf-fqdn_company_no.citrixadc_appfwsignatures.app_waf must be replaced
-/+ resource "citrixadc_appfwsignatures" "app_waf" {
+ action = (known after apply) # forces replacement
+ autoenablenewsignatures = (known after apply)
+ category = (known after apply)
+ enabled = (known after apply)
~ id = "waf_sig_fqdn.company.no" -> (known after apply)
+ mergedefault = (known after apply)
name = "waf_sig_fqdn.company.no"
+ ruleid = (known after apply) # forces replacement
+ sha1 = (known after apply)
+ vendortype = (known after apply)
+ xslt = (known after apply)
# (5 unchanged attributes hidden)
}

Resulting in

Error: Provider produced inconsistent result after apply

│ When applying changes to module.netscaler-adc-waf-fqdn_company_no.citrixadc_appfwsignatures.app_waf, provider "provider["registry.terraform.io/citrix/citrixadc"]" produced an unexpected new value: Root resource was present, but now
│ absent.

│ This is a bug in the provider, which should be reported in the provider's own issue tracker.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rohit-myali rohit-myali

Labels
In-Progress ..being worked upon
Projects
None yet
Milestone
No milestone
2 participants
@kaiAsmOne @rohit-myali