feat: Added Auto-Activation to all supported resources (#330)

* feat: Added Auto-Activation to all supported resources

* feat: Added Activation to user management

* Disabled VPN Credential Test

* fix: Fixed firewall filtering rule test

* feat: Added pre and post activation for user enrolment

* feat: Added improved vpn credential importing method

* fix: VPN Credential test

* fix: Adjusted test timeout

.github/workflows/zia-test.yml

@@ -18,71 +18,71 @@ on:
   workflow_dispatch:
 
 jobs:
-  zia-zsbeta-tests:
-    environment: ZIA_ZSBETA
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        goVersion: ["1.21"]
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: ${{ matrix.goVersion }}
-
-      - name: Set Go env
-        run: |
-          echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV
-          echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
-
-      - name: Setup Go Tools
-        run: make tools
-
-      - name: Download Go Dependencies
-        run: |
-          go mod tidy && go mod vendor
-
-      - name: Setup Go Tools
-        run: make tools
-
-      - name: Check Formatting
-        run: make fmtcheck
-
-      - name: Vet Code
-        run: make vet
-
-      - name: Lint Code
-        run: make lint
-
-      - name: Check Build
-        run: make build
-
-      - name: Run tests with retry
-        uses: nick-fields/retry@v3
-        with:
-          max_attempts: 3
-          timeout_minutes: 60
-          command: |
-            make sweep
-            go test -v -cover ./zia -v -parallel 30 -timeout 60m
-            make sweep
-
-        env:
-          ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
-          ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
-          ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
-          ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
-          ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
-          ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
-          ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
-          ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
-          ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
-          TF_ACC: ${{ secrets.TF_ACC }}
-          ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
+  # zia-zsbeta-tests:
+  #   environment: ZIA_ZSBETA
+  #   runs-on: ubuntu-latest
+  #   strategy:
+  #     fail-fast: false
+  #     matrix:
+  #       goVersion: ["1.21"]
+  #   steps:
+  #     - name: Checkout code
+  #       uses: actions/checkout@v4
+
+  #     - name: Setup Go
+  #       uses: actions/setup-go@v5
+  #       with:
+  #         go-version: ${{ matrix.goVersion }}
+
+  #     - name: Set Go env
+  #       run: |
+  #         echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV
+  #         echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
+
+  #     - name: Setup Go Tools
+  #       run: make tools
+
+  #     - name: Download Go Dependencies
+  #       run: |
+  #         go mod tidy && go mod vendor
+
+  #     - name: Setup Go Tools
+  #       run: make tools
+
+  #     - name: Check Formatting
+  #       run: make fmtcheck
+
+  #     - name: Vet Code
+  #       run: make vet
+
+  #     - name: Lint Code
+  #       run: make lint
+
+  #     - name: Check Build
+  #       run: make build
+
+  #     - name: Run tests with retry
+  #       uses: nick-fields/retry@v3
+  #       with:
+  #         max_attempts: 3
+  #         timeout_minutes: 45
+  #         command: |
+  #           make sweep
+  #           go test -v -cover ./zia -v -parallel 10 -timeout 60m
+  #           make sweep
+
+  #       env:
+  #         ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
+  #         ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
+  #         ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
+  #         ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
+  #         ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
+  #         ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
+  #         ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
+  #         ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
+  #         ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
+  #         TF_ACC: ${{ secrets.TF_ACC }}
+  #         ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
 
   zia-test-tenants:
     runs-on: ubuntu-latest
@@ -135,10 +135,10 @@ jobs:
         uses: nick-fields/retry@v3
         with:
           max_attempts: 3
-          timeout_minutes: 60 # Adjust as needed
+          timeout_minutes: 45 # Adjust as needed
           command: |
             make sweep
-            go test -v -cover ./zia -v -parallel 30 -timeout 60m
+            go test -v -cover ./zia -v -parallel 10 -timeout 60m
             make sweep
         env:
           ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
@@ -152,8 +152,8 @@ jobs:
           ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
           TF_ACC: ${{ secrets.TF_ACC }}
           ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-    needs:
-      - zia-zsbeta-tests
+    # needs:
+    #   - zia-zsbeta-tests
 
   zia-zscalerone-test:
     runs-on: ubuntu-latest
@@ -204,7 +204,7 @@ jobs:
         uses: nick-fields/retry@v3
         with:
           max_attempts: 3
-          timeout_minutes: 60 # Adjust as needed
+          timeout_minutes: 45 # Adjust as needed
           command: |
             make sweep
             make test:integration:zscalerone
@@ -221,8 +221,8 @@ jobs:
           ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
           TF_ACC: ${{ secrets.TF_ACC }}
           ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-    needs:
-      - zia-zsbeta-tests
+    # needs:
+    #   - zia-zsbeta-tests
 
   zia-zscalertwo-test:
     runs-on: ubuntu-latest
@@ -273,7 +273,7 @@ jobs:
         uses: nick-fields/retry@v3
         with:
           max_attempts: 3
-          timeout_minutes: 60 # Adjust as needed
+          timeout_minutes: 45 # Adjust as needed
           command: |
             make sweep
             make test:integration:zscalertwo
@@ -290,5 +290,5 @@ jobs:
           ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
           TF_ACC: ${{ secrets.TF_ACC }}
           ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-    needs:
-      - zia-zsbeta-tests
+    # needs:
+    #   - zia-zsbeta-tests

CHANGELOG.md

@@ -1,5 +1,20 @@
 # Changelog
 
+## 2.8.0 (March, 27 2024)
+
+### Notes
+
+- Release date: **(March, 27 2024)**
+- Supported Terraform version: **v1.x**
+
+### Enhacements
+
+- [PR #330](https://github.com/zscaler/terraform-provider-zia/330) - Implemented auto activation functionality to all supported resources. Configurations will now be activated during `CREATE`, `UPDATE` AND `DELETE` actions when executing `terraform apply` or `terraform destroy`, which removes the need of out of band activation or the use of the resource: `zia_activation_status`.
+
+### Fixes
+
+- [PR #330](https://github.com/zscaler/terraform-provider-zia/330) - Fixed `zia_user_management` resource to support activation pre and post user enrolment using `BASIC` authentication method.
+
 ## 2.7.33 (March, 6 2024)
 
 ### Notes

GNUmakefile

@@ -43,7 +43,7 @@ test:
 		xargs -t -n4 go test $(TESTARGS) $(TEST_FILTER) -timeout=30s -parallel=10
 
 testacc:
-	TF_ACC=1 go test $(TEST) $(TESTARGS) $(TEST_FILTER) -timeout 120m
+	TF_ACC=1 go test $(TEST) $(TESTARGS) $(TEST_FILTER) -timeout 30m
 
 # Default set of integration tests to run for ZscalerOne
 DEFAULT_INTEGRATION_TESTS?=\
@@ -113,7 +113,7 @@ integration_tests := $(subst $(space),\|,$(INTEGRATION_TESTS))
 # Target to run integration tests for ZscalerOne
 test\:integration\:zscalerone:
 	@echo "Running integration tests for ZscalerOne..."
-	@TF_ACC=1 go test -v -cover ./zia -timeout 120m -run ^$(integration_tests)$$
+	@TF_ACC=1 go test -v -cover ./zia -timeout 30m -run ^$(integration_tests)$$
 
 # Default set of integration tests to run for ZscalerOne
 ZS2_INTEGRATION_TESTS?=\
@@ -184,19 +184,19 @@ integration_zs2_tests := $(subst $(space),\|,$(ZS_INTEGRATION_TESTS))
 # Target to run integration tests for ZscalerTwo
 test\:integration\:zscalertwo:
 	@echo "Running integration tests for ZscalerTwo..."
-	@TF_ACC=1 go test -v -cover ./zia -timeout 120m -run ^$(integration_zs2_tests)$$
+	@TF_ACC=1 go test -v -cover ./zia -timeout 30m -run ^$(integration_zs2_tests)$$
 
 build13: GOOS=$(shell go env GOOS)
 build13: GOARCH=$(shell go env GOARCH)
 ifeq ($(OS),Windows_NT)  # is Windows_NT on XP, 2000, 7, Vista, 10...
-build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.33/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.8.0/$(GOOS)_$(GOARCH)
 else
-build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.33/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.8.0/$(GOOS)_$(GOARCH)
 endif
 build13: fmtcheck
 	@echo "==> Installing plugin to $(DESTINATION)"
 	@mkdir -p $(DESTINATION)
-	go build -o $(DESTINATION)/terraform-provider-zia_v2.7.33
+	go build -o $(DESTINATION)/terraform-provider-zia_v2.8.0
 
 coverage: test
 	@echo "✓ Opening coverage for unit tests ..."

docs/guides/release-notes.md

@@ -12,10 +12,25 @@ description: |-
 Track all ZIA Terraform provider's releases. New resources, features, and bug fixes will be tracked here.
 
 ---
-``Last updated: v2.7.33``
+``Last updated: v2.8.0``
 
 ---
 
+## 2.8.0 (March, 27 2024)
+
+### Notes
+
+- Release date: **(March, 27 2024)**
+- Supported Terraform version: **v1.x**
+
+### Enhacements
+
+- [PR #330](https://github.com/zscaler/terraform-provider-zia/330) - Implemented auto activation functionality to all supported resources. Configurations will now be activated during `CREATE`, `UPDATE` AND `DELETE` actions when executing `terraform apply` or `terraform destroy`, which removes the need of out of band activation or the use of the resource: `zia_activation_status`.
+
+### Fixes
+
+- [PR #330](https://github.com/zscaler/terraform-provider-zia/330) - Fixed `zia_user_management` resource to support activation pre and post user enrolment using `BASIC` authentication method.
+
 ## 2.7.33 (March, 6 2024)
 
 ### Notes

docs/guides/support.md

@@ -19,5 +19,5 @@ Urgent, production related Terraform issues can be resolved via direct interacti
 
 ## Contact
 
-For questions or requests that cannot be submitted via GitHub Issues, please contact zscaler-partner-labs@z-bd.com with zia-terraform-provider" in the subject line.
+For questions or requests that cannot be submitted via GitHub Issues, please contact devrel@zscaler.com with zia-terraform-provider" in the subject line.
 We also provide a [private Slack channel](https://docs.google.com/forms/d/e/1FAIpQLSfkd3EMkLQdIWMNQ7QCr8TrH_xVSwSYcQshfBPDEZFOaF28qA/viewform?usp=sf_link) where you can submit your questions to the provider maintainers. Notice that this form will be reviewed and approved by Zscaler Technology Alliances team.

docs/resources/zia_traffic_forwarding_vpn_credentials.md

@@ -69,8 +69,28 @@ The following arguments are supported:
 Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
 [Visit](https://github.com/zscaler/zscaler-terraformer)
 
-**zia_traffic_forwarding_vpn_credentials** can be imported by using `<VPN_ID>` as the import ID.
+**zia_traffic_forwarding_vpn_credentials** can be imported by using one of the following prefixes as the import ID:
+
+* `'IP'` - Imports all VPN Credentials of type IP
+
+```shell
+$ terraform import zia_traffic_forwarding_vpn_credentials.example 'IP'
+```
+
+* `'UFQDN'` - Imports all VPN Credentials of type UFQDN
+
+```shell
+$ terraform import zia_traffic_forwarding_vpn_credentials.this 'UFQDN'
+```
+
+* `UFQDN'` - Imports a VPN Credentials of type UFQDN containing a specific UFQDN address
+
+```shell
+$ terraform import zia_traffic_forwarding_vpn_credentials.example 'testvpn@example.com'
+```
+
+* `IP Address'` - Imports a VPN Credentials of type IP containing a specific IP address
 
 ```shell
-terraform import zia_traffic_forwarding_vpn_credentials.example <vpn_id>
+$ terraform import zia_traffic_forwarding_vpn_credentials.example '1.1.1.1'
 ```

docs/resources/zia_user_management.md

@@ -27,7 +27,7 @@ resource "zia_user_management" "john_ashcroft" {
  name         = "John Ashcroft"
  email        = "john.ashcroft@acme.com"
  password     = "P@ssw0rd123*"
- auth_methods = ["BASIC", "DIGEST"]
+ auth_methods = ["BASIC"]
  groups {
   id = data.zia_group_management.normal_internet.id
   }
@@ -59,7 +59,7 @@ The following attributes are supported:
 
 * `comments` - (Optional) Additional information about this user.
 * `temp_auth_email` - (Optional) Temporary Authentication Email. If you enabled one-time tokens or links, enter the email address to which the Zscaler service sends the tokens or links. If this is empty, the service will send the email to the User email.
-* `auth_methods` - (Optional) Type of authentication method to be enabled. Supported values are: ``BASIC`` and ``DIGEST``
+* `auth_methods` - (Optional) Type of authentication method to be enabled. Supported values is: ``BASIC``
 
 ## Import
 

examples/zia_location_management/location_management_vpn_credentials_type_ip.tf

@@ -21,14 +21,14 @@ resource "zia_location_management" "usa_sjc37"{
 
 resource "zia_traffic_forwarding_vpn_credentials" "usa_sjc37"{
     type        = "IP"
-    ip_address  =  zia_traffic_forwarding_static_ip.usa_sjc37.ip_address 
+    ip_address  =  zia_traffic_forwarding_static_ip.usa_sjc37.ip_address
     depends_on = [ zia_traffic_forwarding_static_ip.usa_sjc37 ]
     comments    = "Created via Terraform"
     pre_shared_key = "newPassword123!"
 }
 
 resource "zia_traffic_forwarding_static_ip" "usa_sjc37"{
-    ip_address =  "1.1.1.1"
+    ip_address =  "185.211.32.39"
     routable_ip = true
     comment = "SJC37 - Static IP"
     geo_override = false

examples/zia_user_management/zia_user_management_data/basic.tf

@@ -2,7 +2,7 @@ resource "zia_user_management" "john_ashcroft" {
  name = "John Ashcroft"
  email = "john.ashcroft@acme.com"
  password = "P@ssw0rd123*"
- auth_methods = ["BASIC", "DIGEST"]
+ auth_methods = ["BASIC"]
  groups {
   id = [ data.zia_group_management.normal_internet.id,
          data.zia_group_management.devops.id ]

go.mod

@@ -11,7 +11,7 @@ require (
 	github.com/hashicorp/go-hclog v1.6.2
 	github.com/hashicorp/terraform-plugin-sdk v1.17.2
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0
-	github.com/zscaler/zscaler-sdk-go/v2 v2.4.31
+	github.com/zscaler/zscaler-sdk-go/v2 v2.4.32
 )
 
 require (

go.sum

@@ -387,8 +387,8 @@ github.com/zclconf/go-cty v1.14.2 h1:kTG7lqmBou0Zkx35r6HJHUQTvaRPr5bIAf3AoHS0izI
 github.com/zclconf/go-cty v1.14.2/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
 github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
 github.com/zclconf/go-cty-yaml v1.0.2/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0=
-github.com/zscaler/zscaler-sdk-go/v2 v2.4.31 h1:1fEyDsVZe5MNJEvZVqO1Q04n6C+i+Lx20Qabcb0Fua0=
-github.com/zscaler/zscaler-sdk-go/v2 v2.4.31/go.mod h1:tkYuT8WhbBCr/0itvRY123NiYp82V/BLN9it0BY48Gw=
+github.com/zscaler/zscaler-sdk-go/v2 v2.4.32 h1:kUzJ5qj94zUCcUPeTKr+KS+SqHffkcFVIbuU94UnlKo=
+github.com/zscaler/zscaler-sdk-go/v2 v2.4.32/go.mod h1:tkYuT8WhbBCr/0itvRY123NiYp82V/BLN9it0BY48Gw=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=

version

@@ -1 +1 @@
-2.5.0
+2.8.0