Prevent SSL related fields from being sent empty to the Fastly API. (#…

…622) * fix use_ssl * comment about port 80
fastly · Nov 28, 2022 · 44b0514 · 44b0514
1 parent 9bea039
commit 44b0514
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 7 deletions.
diff --git a/fastly/block_fastly_service_backend.go b/fastly/block_fastly_service_backend.go
@@ -279,9 +279,7 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string,
 		MaxConn:             gofastly.Int(resource["max_conn"].(int)),
 		Name:                gofastly.String(resource["name"].(string)),
 		Port:                gofastly.Int(resource["port"].(int)),
-		SSLCertHostname:     gofastly.String(resource["ssl_cert_hostname"].(string)),
 		SSLCheckCert:        gofastly.CBool(resource["ssl_check_cert"].(bool)),
-		SSLSNIHostname:      gofastly.String(resource["ssl_sni_hostname"].(string)),
 		ServiceID:           service,
 		ServiceVersion:      latestVersion,
 		Shield:              gofastly.String(resource["shield"].(string)),
@@ -304,6 +302,9 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string,
 	if resource["ssl_ca_cert"].(string) != "" {
 		opts.SSLCACert = gofastly.String(resource["ssl_ca_cert"].(string))
 	}
+	if resource["ssl_cert_hostname"].(string) != "" {
+		opts.SSLCertHostname = gofastly.String(resource["ssl_cert_hostname"].(string))
+	}
 	if resource["ssl_ciphers"].(string) != "" {
 		opts.SSLCiphers = gofastly.String(resource["ssl_ciphers"].(string))
 	}
@@ -313,6 +314,9 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string,
 	if resource["ssl_client_key"].(string) != "" {
 		opts.SSLClientKey = gofastly.String(resource["ssl_client_key"].(string))
 	}
+	if resource["ssl_sni_hostname"].(string) != "" {
+		opts.SSLSNIHostname = gofastly.String(resource["ssl_sni_hostname"].(string))
+	}
 
 	if h.GetServiceMetadata().serviceType == ServiceTypeVCL {
 		opts.RequestCondition = gofastly.String(resource["request_condition"].(string))

diff --git a/fastly/block_fastly_service_backend_test.go b/fastly/block_fastly_service_backend_test.go
@@ -171,6 +171,10 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) {
 	backendName := fmt.Sprintf("backend-tf-%s", acctest.RandString(10))
 	backendAddress := "httpbin.org"
 
+	// The following backends are what we expect to exist after all our Terraform
+	// configuration settings have been applied. We expect them to correlate to
+	// the specific backend definitions in the Terraform configuration.
+
 	b1 := gofastly.Backend{
 		Address: backendAddress,
 		Name:    backendName,
@@ -187,7 +191,7 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) {
 	}
 	b2 := gofastly.Backend{
 		Address: backendAddress,
-		Name:    backendName + " updated",
+		Name:    backendName + " new",
 		Port:    443,
 
 		// NOTE: The following are defaults applied by the API.
@@ -199,6 +203,27 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) {
 		SSLCheckCert:        true,
 		Weight:              100,
 	}
+	b3 := gofastly.Backend{
+		Address: backendAddress,
+		Name:    backendName + " new with use ssl",
+		// NOTE: We don't set the port attribute in the Terraform configuration, and
+		// so the Terraform provider defaults to setting that to port 80. This test
+		// validates that the Fastly API currently accepts port 80 (although the
+		// setting of use_ssl would otherwise cause you to expect some kind of API
+		// validation to prevent port 80 from being used).
+		Port:            80,
+		SSLCertHostname: "httpbin.org",
+		UseSSL:          true,
+
+		// NOTE: The following are defaults applied by the API.
+		BetweenBytesTimeout: 10000,
+		ConnectTimeout:      1000,
+		FirstByteTimeout:    15000,
+		Hostname:            backendAddress,
+		MaxConn:             200,
+		SSLCheckCert:        true,
+		Weight:              100,
+	}
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck: func() {
@@ -221,8 +246,8 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) {
 				Config: testAccServiceVCLBackendUpdate(serviceName, domainName, backendAddress, backendName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckServiceVCLExists("fastly_service_vcl.foo", &service),
-					resource.TestCheckResourceAttr("fastly_service_vcl.foo", "backend.#", "2"),
-					testAccCheckFastlyServiceVCLBackendAttributes(&service, []*gofastly.Backend{&b1, &b2}),
+					resource.TestCheckResourceAttr("fastly_service_vcl.foo", "backend.#", "3"),
+					testAccCheckFastlyServiceVCLBackendAttributes(&service, []*gofastly.Backend{&b1, &b2, &b3}),
 				),
 			},
 		},
@@ -271,12 +296,19 @@ resource "fastly_service_vcl" "foo" {
 
   backend {
     address = "%s"
-    name    = "%s updated"
+    name    = "%s new"
     port    = 443
   }
 
+  backend {
+    address           = "%s"
+    name              = "%s new with use ssl"
+    use_ssl           = true
+    ssl_cert_hostname = "httpbin.org"
+  }
+
   force_destroy = true
-}`, serviceName, domainName, backendAddress, backendName, backendAddress, backendName)
+}`, serviceName, domainName, backendAddress, backendName, backendAddress, backendName, backendAddress, backendName)
 }
 
 func testAccCheckFastlyServiceVCLBackendAttributes(service *gofastly.ServiceDetail, want []*gofastly.Backend) resource.TestCheckFunc {