search

fortinetdev / terraform-provider-fortios

Terraform Fortios provider
https://www.terraform.io/docs/providers/fortios/
Mozilla Public License 2.0
69 stars 50 forks source link

Upgrade from 1.14 -> 1.15 multiple nullification issues #245

Closed MilesTails closed 2 years ago

MilesTails commented 2 years ago

Since upgrading to 1.15.0 running on a 6.4.9 estate we're seeing nullification issues under multiple resources. Applying does not clear any of them out. Plans are currently unreadable due to this change. We've noticed this on three resource types so far.

Interfaces - ipv6 block is attempting to be nullified on all interface if it's not set. 

  ~ resource "fortios_system_interface" "x2" {
        id                                         = "x2"
        name                                       = "x2"
        # (156 unchanged attributes hidden)

      - ipv6 {
          - autoconf                  = "disable" -> null
          - cli_conn6_status          = 0 -> null
          - dhcp6_information_request = "disable" -> null
          - dhcp6_prefix_delegation   = "disable" -> null
          - dhcp6_prefix_hint         = "::/0" -> null
          - dhcp6_prefix_hint_plt     = 604800 -> null
          - dhcp6_prefix_hint_vlt     = 2592000 -> null
          - dhcp6_relay_service       = "disable" -> null
          - dhcp6_relay_type          = "regular" -> null
          - icmp6_send_redirect       = "enable" -> null
          - interface_identifier      = "::" -> null
          - ip6_address               = "::/0" -> null
          - ip6_default_life          = 1800 -> null
          - ip6_delegated_prefix_iaid = 0 -> null
          - ip6_dns_server_override   = "enable" -> null
          - ip6_hop_limit             = 0 -> null
          - ip6_link_mtu              = 0 -> null
          - ip6_manage_flag           = "disable" -> null
          - ip6_max_interval          = 600 -> null
          - ip6_min_interval          = 198 -> null
          - ip6_mode                  = "static" -> null
          - ip6_other_flag            = "disable" -> null
          - ip6_reachable_time        = 0 -> null
          - ip6_retrans_time          = 0 -> null
          - ip6_send_adv              = "disable" -> null
          - ip6_subnet                = "::/0" -> null
          - nd_cga_modifier           = "0065636473612D776974682D73686132" -> null
          - nd_mode                   = "basic" -> null
          - nd_security_level         = 0 -> null
          - nd_timestamp_delta        = 300 -> null
          - nd_timestamp_fuzz         = 1 -> null
          - ra_send_mtu               = "enable" -> null
          - unique_autoconf_addr      = "disable" -> null
          - vrip6_link_local          = "::" -> null
          - vrrp_virtual_mac6         = "disable" -> null
        }
    }

Webfilter profile:

  ~ resource "fortios_webfilter_profile" "webfilter " {
        id                            = "webfilter"
        name                          = "webfilter "
        # (26 unchanged attributes hidden)

      - antiphish {
          - check_basic_auth    = "disable" -> null
          - check_uri           = "disable" -> null
          - check_username_only = "disable" -> null
          - default_action      = "exempt" -> null
          - max_body_len        = 65536 -> null
          - status              = "disable" -> null
        }

      - override {
          - ovrd_cookie       = "deny" -> null
          - ovrd_dur          = "15m" -> null
          - ovrd_dur_mode     = "constant" -> null
          - ovrd_scope        = "user" -> null
          - profile_attribute = "Login-LAT-Service" -> null
          - profile_type      = "list" -> null
        }

        # (2 unchanged blocks hidden)
    }

Address objects:


      - end_mac               = "00:00:00:00:00:00" -> null
        id                    = "address1"
        name                  = "address1"
      - start_mac             = "00:00:00:00:00:00" -> null
        # (12 unchanged attributes hidden)
    }
lix-fortinet commented 2 years ago

Hi @MilesTails,

Thank you for raising this issue. Team is working on this issue. We will fix it in the next release.

Thanks, Xing

MilesTails commented 2 years ago

I can confirm that this is fixed for 6.4.9 and 7.0.7 when using 1.16.0! @lix-fortinet thank you so much ❤

lix-fortinet commented 2 years ago

Hi @MilesTails,

Thank you for your confirmation!

Best regards, Xing