enhancement: Custom BYOIP changes, added reserved ip validation for c…

…idrs and delegate_vpc to allowed values of action
IBM-Cloud · Mar 17, 2021 · e2e60da · e2e60da
1 parent ebffedd
commit e2e60da
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 1 deletion.
diff --git a/ibm/resource_ibm_is_vpc_address_prefix.go b/ibm/resource_ibm_is_vpc_address_prefix.go
@@ -92,6 +92,13 @@ func resourceIBMISAddressPrefixValidator() *ResourceValidator {
 			Type:                       TypeString,
 			ForceNew:                   true,
 			Required:                   true})
+	validateSchema = append(validateSchema,
+		ValidateSchema{
+			Identifier:                 isVPCAddressPrefixCIDR,
+			ValidateFunctionIdentifier: ValidateOverlappingAddress,
+			Type:                       TypeString,
+			ForceNew:                   true,
+			Required:                   true})
 
 	ibmISAddressPrefixResourceValidator := ResourceValidator{ResourceName: "ibm_is_address_prefix", Schema: validateSchema}
 	return &ibmISAddressPrefixResourceValidator

diff --git a/ibm/resource_ibm_is_vpc_address_prefix_test.go b/ibm/resource_ibm_is_vpc_address_prefix_test.go
@@ -6,6 +6,7 @@ package ibm
 import (
 	"errors"
 	"fmt"
+	"regexp"
 	"testing"
 
 	"github.com/IBM/vpc-go-sdk/vpcclassicv1"
@@ -42,6 +43,26 @@ func TestAccIBMISVPCAddressPrefix_basic(t *testing.T) {
 						"ibm_is_vpc_address_prefix.testacc_vpc_address_prefix", "name", prefixName1),
 				),
 			},
+			{
+				Config:      testAccCheckIBMISVPCAddressPrefixConfig1(name1, prefixName1),
+				ExpectError: regexp.MustCompile(fmt.Sprintf("the request is overlapping with reserved address ranges")),
+			},
+		},
+	})
+}
+
+func TestAccIBMISVPCAddressPrefix_InvalidCidr(t *testing.T) {
+	name1 := fmt.Sprintf("tfvpcuat-%d", acctest.RandIntRange(10, 100))
+	prefixName2 := fmt.Sprintf("tfaddprename-%d", acctest.RandIntRange(10, 100))
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config:      testAccCheckIBMISVPCAddressPrefixConfig1(name1, prefixName2),
+				ExpectError: regexp.MustCompile(fmt.Sprintf("the request is overlapping with reserved address ranges")),
+			},
 		},
 	})
 }
@@ -157,3 +178,16 @@ resource "ibm_is_vpc_address_prefix" "testacc_vpc_address_prefix" {
 	cidr = "%s"
 }`, name, prefixName, ISZoneName, ISAddressPrefixCIDR)
 }
+
+func testAccCheckIBMISVPCAddressPrefixConfig1(name, prefixName string) string {
+	return fmt.Sprintf(`
+resource "ibm_is_vpc" "testacc_vpc" {
+    name = "%s"
+}
+resource "ibm_is_vpc_address_prefix" "testacc_vpc_address_prefix" {
+    name = "%s"
+    zone = "%s"
+    vpc = "${ibm_is_vpc.testacc_vpc.id}"
+	cidr = "127.0.0.0/8"
+}`, name, prefixName, ISZoneName)
+}
diff --git a/ibm/resource_ibm_is_vpc_routing_table_route.go b/ibm/resource_ibm_is_vpc_routing_table_route.go
@@ -117,7 +117,7 @@ func resourceIBMISVPCRoutingTableRoute() *schema.Resource {
 func resourceIBMISVPCRoutingTableRouteValidator() *ResourceValidator {
 
 	validateSchema := make([]ValidateSchema, 2)
-	actionAllowedValues := "delegate, deliver, drop"
+	actionAllowedValues := "delegate, delegate_vpc, deliver, drop"
 
 	validateSchema = append(validateSchema,
 		ValidateSchema{

diff --git a/ibm/validators.go b/ibm/validators.go
@@ -405,6 +405,28 @@ func validateCIDRAddress() schema.SchemaValidateFunc {
 	}
 }
 
+//validateOverlappingAddress...
+func validateOverlappingAddress() schema.SchemaValidateFunc {
+	return func(v interface{}, k string) (ws []string, errors []error) {
+		nonOverlappingCIDR := map[string]bool{
+			"127.0.0.0/8":    true,
+			"161.26.0.0/16":  true,
+			"166.8.0.0/14":   true,
+			"169.254.0.0/16": true,
+			"224.0.0.0/4":    true,
+		}
+
+		address := v.(string)
+		_, found := nonOverlappingCIDR[address]
+		if found {
+			errors = append(errors, fmt.Errorf(
+				"%q the request is overlapping with reserved address ranges",
+				k))
+		}
+		return
+	}
+}
+
 //validateRemoteIP...
 func validateRemoteIP(v interface{}, k string) (ws []string, errors []error) {
 	_, err1 := validateCIDR(v, k)
@@ -1068,6 +1090,7 @@ const (
 	ValidateJSONString
 	ValidateJSONParam
 	ValidateBindedPackageName
+	ValidateOverlappingAddress
 )
 
 // ValueType -- Copied from Terraform for now. You can refer to Terraform ValueType directly.
@@ -1234,6 +1257,8 @@ func invokeValidatorInternal(schema ValidateSchema) schema.SchemaValidateFunc {
 		return validateJSONString()
 	case ValidateBindedPackageName:
 		return validateBindedPackageName()
+	case ValidateOverlappingAddress:
+		return validateOverlappingAddress()
 
 	default:
 		return nil