From 5d871c60c751bdad446b25bf17006604313741e1 Mon Sep 17 00:00:00 2001 From: Integralist Date: Mon, 28 Nov 2022 12:11:13 +0000 Subject: [PATCH 1/2] fix use_ssl --- fastly/block_fastly_service_backend.go | 8 +++-- fastly/block_fastly_service_backend_test.go | 37 ++++++++++++++++++--- 2 files changed, 38 insertions(+), 7 deletions(-) diff --git a/fastly/block_fastly_service_backend.go b/fastly/block_fastly_service_backend.go index 8b2dc15ab..f7eb87a9c 100644 --- a/fastly/block_fastly_service_backend.go +++ b/fastly/block_fastly_service_backend.go @@ -279,9 +279,7 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string, MaxConn: gofastly.Int(resource["max_conn"].(int)), Name: gofastly.String(resource["name"].(string)), Port: gofastly.Int(resource["port"].(int)), - SSLCertHostname: gofastly.String(resource["ssl_cert_hostname"].(string)), SSLCheckCert: gofastly.CBool(resource["ssl_check_cert"].(bool)), - SSLSNIHostname: gofastly.String(resource["ssl_sni_hostname"].(string)), ServiceID: service, ServiceVersion: latestVersion, Shield: gofastly.String(resource["shield"].(string)), @@ -304,6 +302,9 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string, if resource["ssl_ca_cert"].(string) != "" { opts.SSLCACert = gofastly.String(resource["ssl_ca_cert"].(string)) } + if resource["ssl_cert_hostname"].(string) != "" { + opts.SSLCertHostname = gofastly.String(resource["ssl_cert_hostname"].(string)) + } if resource["ssl_ciphers"].(string) != "" { opts.SSLCiphers = gofastly.String(resource["ssl_ciphers"].(string)) } @@ -313,6 +314,9 @@ func (h *BackendServiceAttributeHandler) buildCreateBackendInput(service string, if resource["ssl_client_key"].(string) != "" { opts.SSLClientKey = gofastly.String(resource["ssl_client_key"].(string)) } + if resource["ssl_sni_hostname"].(string) != "" { + opts.SSLSNIHostname = gofastly.String(resource["ssl_sni_hostname"].(string)) + } if h.GetServiceMetadata().serviceType == ServiceTypeVCL { opts.RequestCondition = gofastly.String(resource["request_condition"].(string)) diff --git a/fastly/block_fastly_service_backend_test.go b/fastly/block_fastly_service_backend_test.go index 6692bbbd9..944a889f1 100644 --- a/fastly/block_fastly_service_backend_test.go +++ b/fastly/block_fastly_service_backend_test.go @@ -171,6 +171,10 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) { backendName := fmt.Sprintf("backend-tf-%s", acctest.RandString(10)) backendAddress := "httpbin.org" + // The following backends are what we expect to exist after all our Terraform + // configuration settings have been applied. We expect them to correlate to + // the specific backend definitions in the Terraform configuration. + b1 := gofastly.Backend{ Address: backendAddress, Name: backendName, @@ -187,7 +191,7 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) { } b2 := gofastly.Backend{ Address: backendAddress, - Name: backendName + " updated", + Name: backendName + " new", Port: 443, // NOTE: The following are defaults applied by the API. @@ -199,6 +203,22 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) { SSLCheckCert: true, Weight: 100, } + b3 := gofastly.Backend{ + Address: backendAddress, + Name: backendName + " new with use ssl", + Port: 80, + SSLCertHostname: "httpbin.org", + UseSSL: true, + + // NOTE: The following are defaults applied by the API. + BetweenBytesTimeout: 10000, + ConnectTimeout: 1000, + FirstByteTimeout: 15000, + Hostname: backendAddress, + MaxConn: 200, + SSLCheckCert: true, + Weight: 100, + } resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -221,8 +241,8 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) { Config: testAccServiceVCLBackendUpdate(serviceName, domainName, backendAddress, backendName), Check: resource.ComposeTestCheckFunc( testAccCheckServiceVCLExists("fastly_service_vcl.foo", &service), - resource.TestCheckResourceAttr("fastly_service_vcl.foo", "backend.#", "2"), - testAccCheckFastlyServiceVCLBackendAttributes(&service, []*gofastly.Backend{&b1, &b2}), + resource.TestCheckResourceAttr("fastly_service_vcl.foo", "backend.#", "3"), + testAccCheckFastlyServiceVCLBackendAttributes(&service, []*gofastly.Backend{&b1, &b2, &b3}), ), }, }, @@ -271,12 +291,19 @@ resource "fastly_service_vcl" "foo" { backend { address = "%s" - name = "%s updated" + name = "%s new" port = 443 } + backend { + address = "%s" + name = "%s new with use ssl" + use_ssl = true + ssl_cert_hostname = "httpbin.org" + } + force_destroy = true -}`, serviceName, domainName, backendAddress, backendName, backendAddress, backendName) +}`, serviceName, domainName, backendAddress, backendName, backendAddress, backendName, backendAddress, backendName) } func testAccCheckFastlyServiceVCLBackendAttributes(service *gofastly.ServiceDetail, want []*gofastly.Backend) resource.TestCheckFunc { From 5257323585590e385d77f6534d1688c7d4a40dc2 Mon Sep 17 00:00:00 2001 From: Integralist Date: Mon, 28 Nov 2022 12:21:59 +0000 Subject: [PATCH 2/2] comment about port 80 --- fastly/block_fastly_service_backend_test.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/fastly/block_fastly_service_backend_test.go b/fastly/block_fastly_service_backend_test.go index 944a889f1..f7412c146 100644 --- a/fastly/block_fastly_service_backend_test.go +++ b/fastly/block_fastly_service_backend_test.go @@ -204,8 +204,13 @@ func TestAccFastlyServiceVCLBackend_basic(t *testing.T) { Weight: 100, } b3 := gofastly.Backend{ - Address: backendAddress, - Name: backendName + " new with use ssl", + Address: backendAddress, + Name: backendName + " new with use ssl", + // NOTE: We don't set the port attribute in the Terraform configuration, and + // so the Terraform provider defaults to setting that to port 80. This test + // validates that the Fastly API currently accepts port 80 (although the + // setting of use_ssl would otherwise cause you to expect some kind of API + // validation to prevent port 80 from being used). Port: 80, SSLCertHostname: "httpbin.org", UseSSL: true,