Bug Fix - Fixed network-source/Domains/Polices resource discovery issue.

Author: rohith kumar veligeti

internal/integrationtest/identity_domain_test.go

@@ -65,12 +65,16 @@ var (
 		"state":                     acctest.Representation{RepType: acctest.Optional, Update: `INACTIVE`},
 	}
 
+	IdentityDomainReplicationToRegionRepresentation1 = map[string]interface{}{
+		"domain_id":      acctest.Representation{RepType: acctest.Required, Create: `${oci_identity_domain.test_domain.id}`},
+		"replica_region": acctest.Representation{RepType: acctest.Required, Create: `us-sanjose-1`},
+	}
+
 	IdentityDomainResourceDependencies = DefinedTagsDependencies
 )
 
 // issue-routing-tag: identity/default
 func TestIdentityDomainResource_basic(t *testing.T) {
-	t.Skip("Skip this test because henosis tenancy is needed")
 	httpreplay.SetScenario("TestIdentityDomainResource_basic")
 	defer httpreplay.SaveScenario()
 
@@ -121,7 +125,8 @@ func TestIdentityDomainResource_basic(t *testing.T) {
 		// verify Create with optionals
 		{
 			Config: config + compartmentIdVariableStr + IdentityDomainResourceDependencies +
-				acctest.GenerateResourceFromRepresentationMap("oci_identity_domain", "test_domain", acctest.Optional, acctest.Create, IdentityDomainRepresentation),
+				acctest.GenerateResourceFromRepresentationMap("oci_identity_domain", "test_domain", acctest.Optional, acctest.Create, IdentityDomainRepresentation) +
+				acctest.GenerateResourceFromRepresentationMap("oci_identity_domain_replication_to_region", "test_domain_replication_to_region", acctest.Optional, acctest.Create, IdentityDomainReplicationToRegionRepresentation1),
 			Check: acctest.ComposeAggregateTestCheckFuncWrapper(
 				resource.TestCheckResourceAttr(resourceName, "admin_email", "adminEmail@test.com"),
 				resource.TestCheckResourceAttr(resourceName, "admin_first_name", "adminFirstName"),
@@ -180,6 +185,10 @@ func TestIdentityDomainResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttrSet(resourceName, "time_created"),
 				resource.TestCheckResourceAttrSet(resourceName, "type"),
 				resource.TestCheckResourceAttrSet(resourceName, "url"),
+				resource.TestCheckResourceAttrSet(resourceName, "replica_regions.0.regional_url"),
+				resource.TestCheckResourceAttrSet(resourceName, "replica_regions.0.url"),
+				resource.TestCheckResourceAttr(resourceName, "replica_regions.0.state", "REPLICATION_ENABLED"),
+				resource.TestCheckResourceAttr(resourceName, "replica_regions.0.region", "us-sanjose-1"),
 
 				func(s *terraform.State) (err error) {
 					resId2, err = acctest.FromInstanceState(s, resourceName, "id")
@@ -214,6 +223,10 @@ func TestIdentityDomainResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttrSet(resourceName, "time_created"),
 				resource.TestCheckResourceAttrSet(resourceName, "type"),
 				resource.TestCheckResourceAttrSet(resourceName, "url"),
+				resource.TestCheckResourceAttrSet(resourceName, "replica_regions.0.regional_url"),
+				resource.TestCheckResourceAttrSet(resourceName, "replica_regions.0.url"),
+				resource.TestCheckResourceAttr(resourceName, "replica_regions.0.state", "REPLICATION_ENABLED"),
+				resource.TestCheckResourceAttr(resourceName, "replica_regions.0.region", "us-sanjose-1"),
 
 				func(s *terraform.State) (err error) {
 					resId2, err = acctest.FromInstanceState(s, resourceName, "id")
@@ -254,6 +267,10 @@ func TestIdentityDomainResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttrSet(datasourceName, "domains.0.time_created"),
 				resource.TestCheckResourceAttrSet(datasourceName, "domains.0.type"),
 				resource.TestCheckResourceAttrSet(datasourceName, "domains.0.url"),
+				resource.TestCheckResourceAttrSet(datasourceName, "domains.0.replica_regions.0.regional_url"),
+				resource.TestCheckResourceAttrSet(datasourceName, "domains.0.replica_regions.0.url"),
+				resource.TestCheckResourceAttr(datasourceName, "domains.0.replica_regions.0.state", "REPLICATION_ENABLED"),
+				resource.TestCheckResourceAttr(datasourceName, "domains.0.replica_regions.0.region", "us-sanjose-1"),
 			),
 		},
 		// verify singular datasource
@@ -276,6 +293,10 @@ func TestIdentityDomainResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "time_created"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "type"),
 				resource.TestCheckResourceAttrSet(singularDatasourceName, "url"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "replica_regions.0.regional_url"),
+				resource.TestCheckResourceAttrSet(singularDatasourceName, "replica_regions.0.url"),
+				resource.TestCheckResourceAttr(singularDatasourceName, "replica_regions.0.state", "REPLICATION_ENABLED"),
+				resource.TestCheckResourceAttr(singularDatasourceName, "replica_regions.0.region", "us-sanjose-1"),
 			),
 		},
 		// verify resource import

internal/integrationtest/identity_network_source_test.go

@@ -55,14 +55,19 @@ var (
 		"public_source_list":  acctest.Representation{RepType: acctest.Optional, Create: []string{`128.2.13.5`}, Update: []string{`128.2.13.5`, `128.2.13.6`}},
 		"services":            acctest.Representation{RepType: acctest.Optional, Create: []string{`none`}, Update: []string{`all`}},
 		"virtual_source_list": acctest.RepresentationGroup{RepType: acctest.Optional, Group: IdentityNetworkVirtualSourceListRepresentation},
+		"lifecycle":           acctest.RepresentationGroup{RepType: acctest.Required, Group: IdentityNetworkSourceIgnoreChangesRepresentation},
 	}
 
 	IdentityNetworkVirtualSourceListRepresentation = map[string]interface{}{
 		"vcn_id":    acctest.Representation{RepType: acctest.Required, Create: `${oci_core_vcn.test_vcn.id}`},
 		"ip_ranges": acctest.Representation{RepType: acctest.Required, Create: []string{`10.0.0.0/16`}},
 	}
 
-	IdentityNetworkSourceResourceDependencies = DefinedTagsDependencies // + VcnRequiredOnlyResource
+	IdentityNetworkSourceIgnoreChangesRepresentation = map[string]interface{}{ // This may vary depending on the tenancy settings
+		"ignore_changes": acctest.Representation{RepType: acctest.Required, Create: []string{`defined_tags`, `freeform_tags`}},
+	}
+
+	IdentityNetworkSourceResourceDependencies = DefinedTagsDependencies + acctest.GenerateResourceFromRepresentationMap("oci_core_vcn", "test_vcn", acctest.Required, acctest.Create, CoreVcnRepresentation)
 )
 
 // issue-routing-tag: identity/default
@@ -125,7 +130,7 @@ func TestIdentityNetworkSourceResource_basic(t *testing.T) {
 				func(s *terraform.State) (err error) {
 					resId, err = acctest.FromInstanceState(s, resourceName, "id")
 					if isEnableExportCompartment, _ := strconv.ParseBool(utils.GetEnvSettingWithDefault("enable_export_compartment", "true")); isEnableExportCompartment {
-						if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &compartmentId, resourceName); errExport != nil {
+						if errExport := resourcediscovery.TestExportCompartmentWithResourceName(&resId, &tenancyId, resourceName); errExport != nil {
 							return errExport
 						}
 					}
@@ -178,6 +183,7 @@ func TestIdentityNetworkSourceResource_basic(t *testing.T) {
 				resource.TestCheckResourceAttr(datasourceName, "network_sources.0.name", "corpnet"),
 				resource.TestCheckResourceAttr(datasourceName, "network_sources.0.public_source_list.#", "2"),
 				resource.TestCheckResourceAttr(datasourceName, "network_sources.0.services.#", "1"),
+				resource.TestCheckResourceAttrSet(datasourceName, "network_sources.0.state"),
 				resource.TestCheckResourceAttrSet(datasourceName, "network_sources.0.time_created"),
 				resource.TestCheckResourceAttr(datasourceName, "network_sources.0.virtual_source_list.#", "1"),
 			),

internal/resourcediscovery/export_compartment_test.go

@@ -2706,7 +2706,7 @@ func TestUnitGetDiscoverResourceWithGraphSteps(t *testing.T) {
 		ctx.Services = []string{"identity"}
 		result, err := getDiscoverResourceWithGraphSteps(ctx)
 		assert.NoError(t, err)
-		assert.Equal(t, 0, len(result))
+		assert.Equal(t, 1, len(result))
 	})
 
 	// With targetResource

internal/service/identity/identity_domain_resource.go

@@ -132,6 +132,10 @@ func IdentityDomainResource() *schema.Resource {
 							Type:     schema.TypeString,
 							Computed: true,
 						},
+						"regional_url": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
 						"state": {
 							Type:     schema.TypeString,
 							Computed: true,
@@ -674,6 +678,10 @@ func ReplicatedRegionDetailsToMap(obj oci_identity.ReplicatedRegionDetails) map[
 		result["region"] = string(*obj.Region)
 	}
 
+	if obj.RegionalUrl != nil {
+		result["regional_url"] = string(*obj.RegionalUrl)
+	}
+
 	result["state"] = string(obj.State)
 
 	if obj.Url != nil {

internal/service/identity/identity_export.go

@@ -29,6 +29,7 @@ func init() {
 	exportIdentityTagHints.ProcessDiscoveredResourcesFn = processTagDefinitions
 	tf_export.RegisterTenancyGraphs("identity", identityResourceGraph)
 	tf_export.RegisterCompartmentGraphs("tagging", taggingResourceGraph)
+	tf_export.RegisterCompartmentGraphs("identity", identityCompartmentResourceGraph)
 	tf_export.BuildAvailabilityResourceGraph("oci_identity_compartment", customAssociationIdentityCompartment)
 }
 
@@ -509,6 +510,13 @@ var identityResourceGraph = tf_export.TerraformResourceGraph{
 	},
 }
 
+var identityCompartmentResourceGraph = tf_export.TerraformResourceGraph{
+	"oci_identity_compartment": {
+		{TerraformResourceHints: exportIdentityPolicyHints},
+		{TerraformResourceHints: exportIdentityDomainHints},
+	},
+}
+
 var taggingResourceGraph = tf_export.TerraformResourceGraph{
 	"oci_identity_compartment": {
 		{TerraformResourceHints: exportIdentityTagDefaultHints},

internal/service/identity/identity_network_sources_data_source.go

@@ -132,6 +132,8 @@ func (s *IdentityNetworkSourcesDataSourceCrud) SetData() error {
 
 		networkSource["services"] = r.Services
 
+		networkSource["state"] = r.LifecycleState
+
 		if r.TimeCreated != nil {
 			networkSource["time_created"] = r.TimeCreated.String()
 		}

website/docs/d/identity_allowed_domain_license_types.html.markdown

@@ -10,12 +10,11 @@ description: |-
 # Data Source: oci_identity_allowed_domain_license_types
 This data source provides the list of Allowed Domain License Types in Oracle Cloud Infrastructure Identity service.
 
-List the allowed domain license types supported by Oracle Cloud Infrastructure If {@code currentLicenseTypeName} provided, returns allowed license types a domain with the specified license type name can migrate to.
-If {@code name} is provided, it filters and returns resources that match the given license type name.
-Otherwise, returns all valid license types that are currently supported.
+(For tenancies that support identity domains) Lists the license types for identity domains supported by Oracle Cloud Infrastructure. 
+(License types are also referred to as domain types.)
 
-- If license type details are retrieved sucessfully, return 202 ACCEPTED.
-- If any internal error occurs, return 500 INTERNAL SERVER ERROR.
+If `currentLicenseTypeName` is provided, then the request returns license types that the identity domain with the specified license 
+type name can change to. Otherwise, the request returns all valid license types currently supported.
 
 
 ## Example Usage
@@ -32,7 +31,7 @@ data "oci_identity_allowed_domain_license_types" "test_allowed_domain_license_ty
 
 The following arguments are supported:
 
-* `current_license_type_name` - (Optional) The domain license type
+* `current_license_type_name` - (Optional) The license type of the identity domain.
 
 
 ## Attributes Reference

website/docs/d/identity_auth_tokens.html.markdown

@@ -41,6 +41,8 @@ The following attributes are exported:
 The following attributes are exported:
 
 * `description` - The description you assign to the auth token. Does not have to be unique, and it's changeable.
+
+	(For tenancies that support identity domains) You can have an empty description. 
 * `id` - The OCID of the auth token.
 * `inactive_state` - The detailed status of INACTIVE lifecycleState.
 * `state` - The token's current state.

website/docs/d/identity_authentication_policy.html.markdown

@@ -10,7 +10,7 @@ description: |-
 # Data Source: oci_identity_authentication_policy
 This data source provides details about a specific Authentication Policy resource in Oracle Cloud Infrastructure Identity service.
 
-Gets the authentication policy for the given tenancy. You must specify your tenant’s OCID as the value for
+Gets the authentication policy for the given tenancy. You must specify your tenant's OCID as the value for
 the compartment ID (remember that the tenancy is simply the root compartment).
 
 
@@ -35,7 +35,7 @@ The following arguments are supported:
 The following attributes are exported:
 
 * `compartment_id` - Compartment OCID.
-* `network_policy` - Network policy, Consists of a list of Network Source ids. 
+* `network_policy` - Network policy, which consists of a list of network source IDs. 
 	* `network_source_ids` - Network Source ids 
 * `password_policy` - Password policy, currently set for the given compartment. 
 	* `is_lowercase_characters_required` - At least one lower case character required.

website/docs/d/identity_cost_tracking_tags.html.markdown

@@ -11,7 +11,7 @@ description: |-
 This data source provides the list of Cost Tracking Tags in Oracle Cloud Infrastructure Identity service.
 
 Lists all the tags enabled for cost-tracking in the specified tenancy. For information about
-cost-tracking tags, see [Using Cost-tracking Tags](https://docs.cloud.oracle.com/iaas/Content/Identity/Concepts/taggingoverview.htm#costs).
+cost-tracking tags, see [Using Cost-tracking Tags](https://docs.cloud.oracle.com/iaas/Content/Tagging/Tasks/usingcosttrackingtags.htm).
 
 
 ## Example Usage
@@ -46,13 +46,13 @@ The following attributes are exported:
 * `freeform_tags` - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm).  Example: `{"Department": "Finance"}` 
 * `id` - The OCID of the tag definition.
 * `is_cost_tracking` - Indicates whether the tag is enabled for cost tracking. 
-* `is_retired` - Indicates whether the tag is retired. See [Retiring Key Definitions and Namespace Definitions](https://docs.cloud.oracle.com/iaas/Content/Identity/Concepts/taggingoverview.htm#Retiring). 
+* `is_retired` - Indicates whether the tag is retired. See [Retiring Key Definitions and Namespace Definitions](https://docs.cloud.oracle.com/iaas/Content/Tagging/Tasks/managingtagsandtagnamespaces.htm#retiringkeys). 
 * `name` - The name assigned to the tag during creation. This is the tag key definition. The name must be unique within the tag namespace and cannot be changed. 
 * `state` - The tag's current state. After creating a tag, make sure its `lifecycleState` is ACTIVE before using it. After retiring a tag, make sure its `lifecycleState` is INACTIVE before using it. If you delete a tag, you cannot delete another tag until the deleted tag's `lifecycleState` changes from DELETING to DELETED.
 * `tag_namespace_id` - The OCID of the namespace that contains the tag definition.
 * `tag_namespace_name` - The name of the tag namespace that contains the tag definition. 
 * `time_created` - Date and time the tag was created, in the format defined by RFC3339.  Example: `2016-08-25T21:10:29.600Z` 
-* `validator` - Validates a definedTag value. Each validator performs validation steps in addition to the standard validation for definedTag values. For more information, see [Limits on Tags](https://docs.cloud.oracle.com/iaas/Content/Identity/Concepts/taggingoverview.htm#Limits).
+* `validator` - Validates a definedTag value. Each validator performs validation steps in addition to the standard validation for definedTag values. For more information, see [Limits on Tags](https://docs.cloud.oracle.com/iaas/Content/Tagging/Concepts/taggingoverview.htm#limits).
 
 	If you define a validator after a value has been set for a defined tag, then any updates that attempt to change the value must pass the additional validation defined by the current rule. Previously set values (even those that would fail the current validation) are not updated. You can still update other attributes to resources that contain a non-valid defined tag.