Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(webaclv2): WAFv2 rule loss when making an update." #39283

Merged
merged 6 commits into from
Oct 25, 2024
Merged

fix(webaclv2): WAFv2 rule loss when making an update." #39283

merged 6 commits into from
Oct 25, 2024
+126 −13

Conversation

fyqtian
Copy link
Contributor

@fyqtian fyqtian commented Sep 12, 2024
edited
Loading

Description

After creating WAFv2 with the rule_json field, updating other fields will set the rules to empty."

Relations

Closes #0000

References

Output from Acceptance Testing

 make testacc TESTS=TestAccWAFV2WebACL_basic PKG=wafv2                                                                                                                                                                               INT ✘  15:48:44 
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.6 test ./internal/service/wafv2/... -v -count 1 -parallel 20 -run='TestAccWAFV2WebACL_basic'  -timeout 360m
=== RUN   TestAccWAFV2WebACL_basic
=== PAUSE TestAccWAFV2WebACL_basic
=== CONT  TestAccWAFV2WebACL_basic
--- PASS: TestAccWAFV2WebACL_basic (36.76s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/wafv2      40.515s

...

@fyqtian fyqtian requested a review from a team as a code owner September 12, 2024 07:29
@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added service/wafv2 Issues and PRs that pertain to the wafv2 service. needs-triage Waiting for first response or review from a maintainer. labels Sep 12, 2024
github-actions[bot]
github-actions bot reviewed Sep 12, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @fyqtian 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@justinretzolk justinretzolk added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Oct 11, 2024
@ewbankkit ewbankkit self-assigned this Oct 25, 2024
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Oct 25, 2024
ewbankkit
ewbankkit approved these changes Oct 25, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccWAFV2WebACL_' PKG=wafv2 ACCTEST_PARALLELISM=4
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/wafv2/... -v -count 1 -parallel 4  -run=TestAccWAFV2WebACL_ -timeout 360m
2024/10/25 15:03:34 Initializing Terraform AWS Provider...
=== RUN   TestAccWAFV2WebACL_basic
=== PAUSE TestAccWAFV2WebACL_basic
=== RUN   TestAccWAFV2WebACL_Update_rule
=== PAUSE TestAccWAFV2WebACL_Update_rule
=== RUN   TestAccWAFV2WebACL_Update_ruleProperties
=== PAUSE TestAccWAFV2WebACL_Update_ruleProperties
=== RUN   TestAccWAFV2WebACL_Update_nameForceNew
=== PAUSE TestAccWAFV2WebACL_Update_nameForceNew
=== RUN   TestAccWAFV2WebACL_disappears
=== PAUSE TestAccWAFV2WebACL_disappears
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== RUN   TestAccWAFV2WebACL_minimal
=== PAUSE TestAccWAFV2WebACL_minimal
=== RUN   TestAccWAFV2WebACL_RateBased_basic
=== PAUSE TestAccWAFV2WebACL_RateBased_basic
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_basic
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_basic
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_body
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_body
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== RUN   TestAccWAFV2WebACL_GeoMatch_basic
=== PAUSE TestAccWAFV2WebACL_GeoMatch_basic
=== RUN   TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== PAUSE TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== RUN   TestAccWAFV2WebACL_LabelMatchStatement
=== PAUSE TestAccWAFV2WebACL_LabelMatchStatement
=== RUN   TestAccWAFV2WebACL_RuleLabels
=== PAUSE TestAccWAFV2WebACL_RuleLabels
=== RUN   TestAccWAFV2WebACL_IPSetReference_basic
=== PAUSE TestAccWAFV2WebACL_IPSetReference_basic
=== RUN   TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== PAUSE TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== RUN   TestAccWAFV2WebACL_RateBased_customKeys
=== PAUSE TestAccWAFV2WebACL_RateBased_customKeys
=== RUN   TestAccWAFV2WebACL_RateBased_forwardedIP
=== PAUSE TestAccWAFV2WebACL_RateBased_forwardedIP
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_basic
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_basic
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== RUN   TestAccWAFV2WebACL_Custom_requestHandling
=== PAUSE TestAccWAFV2WebACL_Custom_requestHandling
=== RUN   TestAccWAFV2WebACL_Custom_response
=== PAUSE TestAccWAFV2WebACL_Custom_response
=== RUN   TestAccWAFV2WebACL_tags
=== PAUSE TestAccWAFV2WebACL_tags
=== RUN   TestAccWAFV2WebACL_RateBased_maxNested
=== PAUSE TestAccWAFV2WebACL_RateBased_maxNested
=== RUN   TestAccWAFV2WebACL_Operators_maxNested
=== PAUSE TestAccWAFV2WebACL_Operators_maxNested
=== RUN   TestAccWAFV2WebACL_tokenDomains
=== PAUSE TestAccWAFV2WebACL_tokenDomains
=== RUN   TestAccWAFV2WebACL_associationConfigCloudFront
=== PAUSE TestAccWAFV2WebACL_associationConfigCloudFront
=== RUN   TestAccWAFV2WebACL_associationConfigRegional
=== PAUSE TestAccWAFV2WebACL_associationConfigRegional
=== RUN   TestAccWAFV2WebACL_CloudFrontScope
=== PAUSE TestAccWAFV2WebACL_CloudFrontScope
=== RUN   TestAccWAFV2WebACL_ruleJSON
=== PAUSE TestAccWAFV2WebACL_ruleJSON
=== RUN   TestAccWAFV2WebACL_ruleJSONToRule
=== PAUSE TestAccWAFV2WebACL_ruleJSONToRule
=== CONT  TestAccWAFV2WebACL_basic
=== CONT  TestAccWAFV2WebACL_LabelMatchStatement
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== CONT  TestAccWAFV2WebACL_GeoMatch_forwardedIP
--- PASS: TestAccWAFV2WebACL_basic (16.41s)
=== CONT  TestAccWAFV2WebACL_GeoMatch_basic
--- PASS: TestAccWAFV2WebACL_LabelMatchStatement (28.81s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion (29.66s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_body
--- PASS: TestAccWAFV2WebACL_GeoMatch_forwardedIP (33.65s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
--- PASS: TestAccWAFV2WebACL_GeoMatch_basic (27.08s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_headerOrder (27.11s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_basic
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_body (27.44s)
=== CONT  TestAccWAFV2WebACL_RateBased_basic
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_jsonBody (27.54s)
=== CONT  TestAccWAFV2WebACL_minimal
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint (27.70s)
=== CONT  TestAccWAFV2WebACL_Custom_response
--- PASS: TestAccWAFV2WebACL_minimal (13.47s)
=== CONT  TestAccWAFV2WebACL_ruleJSONToRule
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_basic (27.73s)
=== CONT  TestAccWAFV2WebACL_ruleJSON
--- PASS: TestAccWAFV2WebACL_RateBased_basic (27.76s)
=== CONT  TestAccWAFV2WebACL_CloudFrontScope
    web_acl_test.go:3004: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_CloudFrontScope (0.00s)
=== CONT  TestAccWAFV2WebACL_associationConfigRegional
--- PASS: TestAccWAFV2WebACL_ruleJSONToRule (24.42s)
=== CONT  TestAccWAFV2WebACL_associationConfigCloudFront
    web_acl_test.go:2907: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_associationConfigCloudFront (0.00s)
=== CONT  TestAccWAFV2WebACL_tokenDomains
--- PASS: TestAccWAFV2WebACL_associationConfigRegional (17.67s)
=== CONT  TestAccWAFV2WebACL_Operators_maxNested
--- PASS: TestAccWAFV2WebACL_Custom_response (39.03s)
=== CONT  TestAccWAFV2WebACL_RateBased_maxNested
--- PASS: TestAccWAFV2WebACL_ruleJSON (27.07s)
=== CONT  TestAccWAFV2WebACL_tags
--- PASS: TestAccWAFV2WebACL_tokenDomains (15.95s)
=== CONT  TestAccWAFV2WebACL_IPSetReference_forwardedIP
--- PASS: TestAccWAFV2WebACL_Operators_maxNested (17.65s)
=== CONT  TestAccWAFV2WebACL_RateBased_customKeys
--- PASS: TestAccWAFV2WebACL_RateBased_maxNested (17.99s)
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
--- PASS: TestAccWAFV2WebACL_tags (35.98s)
=== CONT  TestAccWAFV2WebACL_Custom_requestHandling
--- PASS: TestAccWAFV2WebACL_IPSetReference_forwardedIP (52.72s)
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule (42.60s)
=== CONT  TestAccWAFV2WebACL_RateBased_forwardedIP
--- PASS: TestAccWAFV2WebACL_RateBased_forwardedIP (27.80s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_basic
--- PASS: TestAccWAFV2WebACL_Custom_requestHandling (52.33s)
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_basic
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation (51.00s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
--- PASS: TestAccWAFV2WebACL_RateBased_customKeys (105.59s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl (14.23s)
=== CONT  TestAccWAFV2WebACL_IPSetReference_basic
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_basic (36.10s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_basic (47.96s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
--- PASS: TestAccWAFV2WebACL_IPSetReference_basic (17.39s)
=== CONT  TestAccWAFV2WebACL_Update_nameForceNew
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet (28.13s)
=== CONT  TestAccWAFV2WebACL_disappears
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet (28.05s)
=== CONT  TestAccWAFV2WebACL_Update_ruleProperties
--- PASS: TestAccWAFV2WebACL_disappears (14.37s)
=== CONT  TestAccWAFV2WebACL_RuleLabels
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig (28.18s)
=== CONT  TestAccWAFV2WebACL_Update_rule
--- PASS: TestAccWAFV2WebACL_Update_nameForceNew (24.90s)
--- PASS: TestAccWAFV2WebACL_RuleLabels (28.20s)
--- PASS: TestAccWAFV2WebACL_Update_rule (29.13s)
--- PASS: TestAccWAFV2WebACL_Update_ruleProperties (42.85s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/wafv2	311.323s

Before fix

% make testacc TESTARGS='-run=TestAccWAFV2WebACL_ruleJSONToRule' PKG=wafv2
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/wafv2/... -v -count 1 -parallel 20  -run=TestAccWAFV2WebACL_ruleJSONToRule -timeout 360m
2024/10/25 14:18:05 Initializing Terraform AWS Provider...
=== RUN   TestAccWAFV2WebACL_ruleJSONToRule
=== PAUSE TestAccWAFV2WebACL_ruleJSONToRule
=== CONT  TestAccWAFV2WebACL_ruleJSONToRule
    web_acl_test.go:3095: Step 2/2 error: Error running apply: exit status 1
        
        Error: expanding WAFv2 WebACL JSON rule (1d4514d6-40e6-4030-8beb-d6afac6a7fc8): decoding JSON: unexpected end of JSON input
        
          with aws_wafv2_web_acl.test,
          on terraform_plugin_test.tf line 12, in resource "aws_wafv2_web_acl" "test":
          12: resource "aws_wafv2_web_acl" "test" {
        
--- FAIL: TestAccWAFV2WebACL_ruleJSONToRule (18.78s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/wafv2	24.121s
FAIL
make: *** [testacc] Error 1

@ewbankkit
Copy link
Contributor

@fyqtian Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 7d695f8 into hashicorp:main Oct 25, 2024
40 checks passed
@github-actions github-actions bot added this to the v5.74.0 milestone Oct 25, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Oct 31, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.74.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
bug Addresses a defect in current functionality. service/wafv2 Issues and PRs that pertain to the wafv2 service.
Projects
None yet
Milestone
v5.74.0
Development

Successfully merging this pull request may close these issues.
3 participants
@fyqtian @ewbankkit @justinretzolk