search

fortinetdev / terraform-provider-fortios

Terraform Fortios provider
https://www.terraform.io/docs/providers/fortios/
Mozilla Public License 2.0
67 stars 49 forks source link

Removing route_map_out from a fortios_router_bgp neighbor has no effect #332

Open ebarrett-Ocient opened 1 month ago

ebarrett-Ocient commented 1 month ago

If route_map_out is configured under a neighbor within the fortios_router_bgp resource and subsequently removed, executing terraform apply does not reflect this change.

Steps to Reproduce:

  1. Use the following Terraform configuration:
resource "fortios_router_bgp" "bgp_config" {
  as          = "123"
  router_id   = "10.10.10.10"
  neighbor {
    ip              = "10.30.2.2"
    remote_as       = 398300
    route_map_out   = "neighbor-out"
  }
}

resource "fortios_router_prefixlist" "neighbor_out" {
  name = "neighbor-out"
  rule {
    id     = "100"
    prefix = "deny"
  }
}
  1. Run terraform apply.

Remove the line route_map_out = "neighbor-out" from the configuration:

resource "fortios_router_bgp" "bgp_config" {
  as          = "123"
  router_id   = "10.10.10.10"
  neighbor {
    ip              = "10.30.2.2"
    remote_as       = 398300
  }
}

resource "fortios_router_prefixlist" "neighbor_out" {
  name = "neighbor-out"
  rule {
    id     = "100"
    prefix = "deny"
  }
}
  1. Run terraform apply again.

Expected Behavior: Terraform should detect the removal of route_map_out and apply the change accordingly.

Actual Behavior: Terraform finds no changes to apply, despite the removal of route_map_out from the configuration.

I have experienced this issue on versions 1.16.0 and 1.20.0.

MaxxLiu22 commented 1 month ago

Hi @ebarrett-Ocient ,

Thank you for bringing this issue to our attention. Currently, Terraform FOS does not support the unset function, such as unset route_map_out in CLI. However, I have reported this issue to the development team, and they are considering adding this feature. Sorry for any inconvenience.

Thanks, Maxx

ebarrett-Ocient commented 1 month ago

Thanks for the info. Would I have the same issue if I used fortios_routerbgp_neighbor instead of defining my neighbors under fortios_router_bgp?

MaxxLiu22 commented 1 month ago

Hi @ebarrett-Ocient ,

I believe that the issue also occurs when using fortios_routerbgp_neighbor. If it is feasible in your environment, you might consider deleting the fortios_routerbgp_neighbor and then recreating it to achieve the unset function for now. Sorry for the inconvenience.

Thanks, Maxx

misastovicek commented 3 days ago

I think this is the case at multiple places. For example if you add a rule before another rule to a route map and the new rule does not have a property set which has been set on the former one, you'll end up with a wrong rule configuration. It would be nice if the provider called unset in appropriate places in case the property is not defined or is set to null.

MaxxLiu22 commented 3 days ago

Hi @misastovicek ,

Thank you for your valuable suggestion. We’re pleased to inform you that the development team has included the unset function in our Terraform provider for the upcoming release. If an argument does not have a default value and can be set to empty, Terraform will handle it accordingly.

Thanks, Maxx