Added - Support for DNS Secondary Egress and creating DNS zones from zone files

Author: Terraform Team Automation

examples/dns/global/zone.tf

@@ -17,35 +17,35 @@ resource "oci_dns_zone" "zone1" {
   zone_type      = "PRIMARY"
 }
 
-resource "oci_dns_zone" "zone3" {
-  compartment_id = var.compartment_ocid
-  name           = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example3-primary.oci-dns1"
-  zone_type      = "PRIMARY"
-}
-
 resource "oci_dns_tsig_key" "test_tsig_key" {
   algorithm      = "hmac-sha1"
   compartment_id = var.compartment_ocid
-  name           = "${random_string.random_prefix.result}-test_tsig_key-name"
+  name           = "${random_string.random_prefix.result}-test-tsig-key-name"
   secret         = "c2VjcmV0"
 }
 
 resource "oci_dns_zone" "zone2" {
   compartment_id = var.compartment_ocid
-  name           = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example-secondary.oci-dns2"
-  zone_type      = "SECONDARY"
+  name           = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example2-primary.oci-dns2"
+  zone_type      = "PRIMARY"
 
-  external_masters {
+  external_downstreams {
     address     = "77.64.12.1"
     tsig_key_id = oci_dns_tsig_key.test_tsig_key.id
   }
 
-  external_masters {
+  external_downstreams {
     address     = "77.64.12.2"
     tsig_key_id = oci_dns_tsig_key.test_tsig_key.id
   }
 }
 
+resource "oci_dns_zone" "zone3" {
+  compartment_id = var.compartment_ocid
+  name           = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example3-primary.oci-dns1"
+  zone_type      = "PRIMARY"
+}
+
 data "oci_dns_zones" "zs" {
   compartment_id = var.compartment_ocid
   name_contains  = "example"

examples/dns/zone_file/provider.tf

@@ -0,0 +1,33 @@
+// Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+/*
+ * Provider config for dns sample
+ */
+
+variable "tenancy_ocid" {
+}
+
+variable "user_ocid" {
+}
+
+variable "fingerprint" {
+}
+
+variable "private_key_path" {
+}
+
+variable "compartment_ocid" {
+}
+
+variable "region" {
+}
+
+provider "oci" {
+  region           = var.region
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+}
+

examples/dns/zone_file/zone.tf

@@ -0,0 +1,40 @@
+// Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+/*
+ * This file demonstrates creating a zone from a zone file using terraform.
+ */
+
+/*
+ * Step 1: Create the zone from the zone file.
+ *         Run Terraform plan/apply and wait until the zone has been created. Note the OCID of the zone.
+ * Step 2: Uncomment the oci_dns_zone below, and comment out the oci_dns_action_create_zone_from_zone_file
+           Run `terraform import oci_dns_zone.zone ZONE_OCID`, replacing ZONE_OCID with the OCID of the zone from step 1.
+ * Step 3: Run Terraform plan/apply.
+           Terraform will show that it is deleting the oci_dns_action_create_zone_from_zone_file resource, but the zone will not be deleted. The zone is now fully managed by the oci_dns_zone resource.
+ */
+
+resource "random_string" "random_prefix" {
+  length  = 4
+  number  = false
+  special = false
+}
+
+data "oci_identity_tenancy" "tenancy" {
+  tenancy_id = var.tenancy_ocid
+}
+
+locals {
+  zone_name = "${data.oci_identity_tenancy.tenancy.name}-${random_string.random_prefix.result}-tf-example-primary.oci-dns1"
+}
+
+resource "oci_dns_action_create_zone_from_zone_file" "zonefile" {
+  compartment_id = var.compartment_ocid
+  create_zone_from_zone_file_details = "$ORIGIN ${local.zone_name}.\n$TTL 3600\n${local.zone_name}.	IN	SOA	ns1.${local.zone_name}. admin.${local.zone_name}. ( 1 7200 3600 14400 3600)\n${local.zone_name}.	IN	NS	ns1.${local.zone_name}."
+}
+
+#resource "oci_dns_zone" "zone" {
+#  name = local.zone_name
+#  compartment_id = var.compartment_ocid
+#  zone_type = "PRIMARY"
+#}

internal/integrationtest/dns_action_create_zone_from_zone_file_test.go

@@ -0,0 +1,85 @@
+// Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+package integrationtest
+
+import (
+	"fmt"
+	"strconv"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+
+	"github.com/oracle/terraform-provider-oci/httpreplay"
+	"github.com/oracle/terraform-provider-oci/internal/acctest"
+	"github.com/oracle/terraform-provider-oci/internal/resourcediscovery"
+
+	"github.com/oracle/terraform-provider-oci/internal/utils"
+)
+
+var (
+	DnsActionCreateZoneFromZoneFileRequiredOnlyResource = acctest.GenerateResourceFromRepresentationMap("oci_dns_action_create_zone_from_zone_file", "test_action_create_zone_from_zone_file", acctest.Required, acctest.Create, DnsActionCreateZoneFromZoneFileRepresentation)
+
+	DnsActionCreateZoneFromZoneFileRepresentation = map[string]interface{}{
+		"create_zone_from_zone_file_details": acctest.Representation{RepType: acctest.Required, Create: `createZoneFromZoneFileDetails`},
+		"compartment_id":                     acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`},
+		"scope":                              acctest.Representation{RepType: acctest.Optional, Create: `GLOBAL`},
+	}
+)
+
+// issue-routing-tag: dns/default
+func TestDnsActionCreateZoneFromZoneFileResource_basic(t *testing.T) {
+	t.Skip("This test will not work as the oci_dns_action_create_zone_from_zone_file must be imported to a oci_dns_zone resource to manage the zone beyond creation")
+	httpreplay.SetScenario("TestDnsActionCreateZoneFromZoneFileResource_basic")
+	defer httpreplay.SaveScenario()
+
+	config := acctest.ProviderTestConfig()
+
+	compartmentId := utils.GetEnvSettingWithBlankDefault("compartment_ocid")
+	compartmentIdVariableStr := fmt.Sprintf("variable \"compartment_id\" { default = \"%s\" }\n", compartmentId)
+
+	resourceName := "oci_dns_action_create_zone_from_zone_file.test_action_create_zone_from_zone_file"
+
+	var resId string
+	// Save TF content to Create resource with optional properties. This has to be exactly the same as the config part in the "create with optionals" step in the test.
+	acctest.SaveConfigContent(config+compartmentIdVariableStr+
+		acctest.GenerateResourceFromRepresentationMap("oci_dns_action_create_zone_from_zone_file", "test_action_create_zone_from_zone_file", acctest.Optional, acctest.Create, DnsActionCreateZoneFromZoneFileRepresentation), "dns", "actionCreateZoneFromZoneFile", t)
+
+	acctest.ResourceTest(t, nil, []resource.TestStep{
+		// verify Create
+		{
+			Config: config + compartmentIdVariableStr +
+				acctest.GenerateResourceFromRepresentationMap("oci_dns_action_create_zone_from_zone_file", "test_action_create_zone_from_zone_file", acctest.Required, acctest.Create, DnsActionCreateZoneFromZoneFileRepresentation),
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttr(resourceName, "create_zone_from_zone_file_details", "createZoneFromZoneFileDetails"),
+				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+			),
+		},
+
+		// delete before next Create
+		{
+			Config: config + compartmentIdVariableStr,
+		},
+		// verify Create with optionals
+		{
+			Config: config + compartmentIdVariableStr +
+				acctest.GenerateResourceFromRepresentationMap("oci_dns_action_create_zone_from_zone_file", "test_action_create_zone_from_zone_file", acctest.Optional, acctest.Create, DnsActionCreateZoneFromZoneFileRepresentation),
+			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
+				resource.TestCheckResourceAttr(resourceName, "create_zone_from_zone_file_details", "createZoneFromZoneFileDetails"),
+				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "scope", "GLOBAL"),
+
+				func(s *terraform.State) (err error) {
+					resId, err = acctest.FromInstanceState(s, resourceName, "id")
+					if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment {
+						if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil {
+							return errExport
+						}
+					}
+					return err
+				},
+			),
+		},
+	})
+}

internal/integrationtest/dns_zone_resource_test.go

@@ -48,16 +48,22 @@ var (
 	})
 
 	zoneRepresentationPrimaryDefault = map[string]interface{}{
-		"compartment_id":   acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`},
-		"name":             acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_tenancy.test_tenancy.name}.{{.token}}.oci-zone-test`},
-		"zone_type":        acctest.Representation{RepType: acctest.Required, Create: `PRIMARY`},
-		"defined_tags":     acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`},
-		"external_masters": acctest.RepresentationGroup{RepType: acctest.Optional, Group: DnsZoneExternalMastersRepresentation},
-		"freeform_tags":    acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"freeformTags": "freeformTags"}, Update: map[string]string{"freeformTags2": "freeformTags2"}},
+		"compartment_id":       acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id}`},
+		"name":                 acctest.Representation{RepType: acctest.Required, Create: `${data.oci_identity_tenancy.test_tenancy.name}.{{.token}}.oci-zone-test`},
+		"zone_type":            acctest.Representation{RepType: acctest.Required, Create: `PRIMARY`},
+		"defined_tags":         acctest.Representation{RepType: acctest.Optional, Create: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "value")}`, Update: `${map("${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}", "updatedValue")}`},
+		"external_downstreams": acctest.RepresentationGroup{RepType: acctest.Optional, Group: zoneExternalDownstreamsRepresentation},
+		"freeform_tags":        acctest.Representation{RepType: acctest.Optional, Create: map[string]string{"freeformTags": "freeformTags"}, Update: map[string]string{"freeformTags2": "freeformTags2"}},
 	}
 
 	zoneRepresentationDefault = acctest.GetUpdatedRepresentationCopy("zone_type", acctest.Representation{RepType: acctest.Required, Create: `SECONDARY`}, zoneRepresentationPrimaryDefault)
 
+	zoneExternalDownstreamsRepresentation = map[string]interface{}{
+		"address":     acctest.Representation{RepType: acctest.Required, Create: `1.2.3.4`, Update: `2.3.4.5`},
+		"port":        acctest.Representation{RepType: acctest.Optional, Create: `53`},
+		"tsig_key_id": acctest.Representation{RepType: acctest.Optional, Create: `${oci_dns_tsig_key.test_tsig_key.id}`},
+	}
+
 	ZoneResourceDependenciesDefault = acctest.GenerateResourceFromRepresentationMap("oci_dns_tsig_key", "test_tsig_key", acctest.Required, acctest.Create, DnsTsigKeyRepresentation) +
 		DefinedTagsDependencies + `
 data "oci_identity_tenancy" "test_tenancy" {
@@ -103,15 +109,15 @@ func TestDnsZoneResource_default(t *testing.T) {
 		},
 		{
 			Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDependenciesDefault+
-				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create, zoneRepresentationDefault), nil),
+				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create, zoneRepresentationPrimaryDefault), nil),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
-				resource.TestCheckResourceAttr(resourceName, "external_masters.#", "1"),
-				resource.TestCheckResourceAttr(resourceName, "external_masters.0.address", "77.64.12.1"),
-				resource.TestCheckResourceAttr(resourceName, "external_masters.0.port", "53"),
-				resource.TestCheckResourceAttrSet(resourceName, "external_masters.0.tsig_key_id"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.address", "1.2.3.4"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.port", "53"),
+				resource.TestCheckResourceAttrSet(resourceName, "external_downstreams.0.tsig_key_id"),
 				resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("\\.oci-zone-test")),
-				resource.TestCheckResourceAttr(resourceName, "zone_type", "SECONDARY"),
+				resource.TestCheckResourceAttr(resourceName, "zone_type", "PRIMARY"),
 
 				func(s *terraform.State) (err error) {
 					resId2, err = acctest.FromInstanceState(s, resourceName, "id")
@@ -131,10 +137,13 @@ func TestDnsZoneResource_default(t *testing.T) {
 		// verify Create with optionals
 		{
 			Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDependenciesDefault+
-				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create,
-					acctest.RepresentationCopyWithRemovedProperties(zoneRepresentationPrimaryDefault, []string{"external_masters"})), nil),
+				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create, zoneRepresentationPrimaryDefault), nil),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.address", "1.2.3.4"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.port", "53"),
+				resource.TestCheckResourceAttrSet(resourceName, "external_downstreams.0.tsig_key_id"),
 				resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("\\.oci-zone-test")),
 				resource.TestCheckResourceAttr(resourceName, "zone_type", "PRIMARY"),
 				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
@@ -163,11 +172,15 @@ func TestDnsZoneResource_default(t *testing.T) {
 		{
 			Config: tokenFn(config+compartmentIdVariableStr+compartmentIdUVariableStr+ZoneResourceDependenciesDefault+
 				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Create,
-					acctest.RepresentationCopyWithNewProperties(acctest.RepresentationCopyWithRemovedProperties(zoneRepresentationPrimaryDefault, []string{"external_masters"}), map[string]interface{}{
+					acctest.RepresentationCopyWithNewProperties(zoneRepresentationPrimaryDefault, map[string]interface{}{
 						"compartment_id": acctest.Representation{RepType: acctest.Required, Create: `${var.compartment_id_for_update}`},
 					})), nil),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentIdU),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.address", "1.2.3.4"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.port", "53"),
+				resource.TestCheckResourceAttrSet(resourceName, "external_downstreams.0.tsig_key_id"),
 				resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("\\.oci-zone-test")),
 				resource.TestCheckResourceAttr(resourceName, "zone_type", "PRIMARY"),
 				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
@@ -194,10 +207,13 @@ func TestDnsZoneResource_default(t *testing.T) {
 		// verify updates to updatable parameters
 		{
 			Config: tokenFn(config+compartmentIdVariableStr+ZoneResourceDependenciesDefault+
-				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Update,
-					acctest.RepresentationCopyWithRemovedProperties(zoneRepresentationPrimaryDefault, []string{"external_masters"})), nil),
+				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Optional, acctest.Update, zoneRepresentationPrimaryDefault), nil),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.address", "2.3.4.5"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.port", "53"),
+				resource.TestCheckResourceAttrSet(resourceName, "external_downstreams.0.tsig_key_id"),
 				resource.TestCheckResourceAttr(resourceName, "freeform_tags.%", "1"),
 				resource.TestCheckResourceAttr(resourceName, "zone_type", "PRIMARY"),
 				resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("\\.oci-zone-test")),
@@ -227,6 +243,10 @@ func TestDnsZoneResource_default(t *testing.T) {
 				acctest.GenerateResourceFromRepresentationMap("oci_dns_zone", "test_zone", acctest.Required, acctest.Create, zoneRepresentationPrimaryDefault), nil),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(datasourceName, "compartment_id", compartmentId),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.#", "1"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.address", "2.3.4.5"),
+				resource.TestCheckResourceAttr(resourceName, "external_downstreams.0.port", "53"),
+				resource.TestCheckResourceAttrSet(resourceName, "external_downstreams.0.tsig_key_id"),
 				resource.TestCheckResourceAttr(datasourceName, "zones.#", "1"),
 				resource.TestCheckResourceAttr(datasourceName, "zones.0.freeform_tags.%", "1"),
 				resource.TestCheckResourceAttrSet(datasourceName, "zones.0.id"),