provider/openstack: Ensure CIDRs Are Lower Case (#6864)

This commit ensures that CIDR arguments are converted into lower
case values, specifically for IPv6 addresses.

builtin/providers/openstack/resource_openstack_compute_secgroup_v2.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"fmt"
 	"log"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/terraform/helper/hashcode"
@@ -66,6 +67,9 @@ func resourceComputeSecGroupV2() *schema.Resource {
 							Type:     schema.TypeString,
 							Optional: true,
 							ForceNew: false,
+							StateFunc: func(v interface{}) string {
+								return strings.ToLower(v.(string))
+							},
 						},
 						"from_group_id": &schema.Schema{
 							Type:     schema.TypeString,
@@ -355,7 +359,7 @@ func secgroupRuleV2Hash(v interface{}) int {
 	buf.WriteString(fmt.Sprintf("%d-", m["from_port"].(int)))
 	buf.WriteString(fmt.Sprintf("%d-", m["to_port"].(int)))
 	buf.WriteString(fmt.Sprintf("%s-", m["ip_protocol"].(string)))
-	buf.WriteString(fmt.Sprintf("%s-", m["cidr"].(string)))
+	buf.WriteString(fmt.Sprintf("%s-", strings.ToLower(m["cidr"].(string))))
 	buf.WriteString(fmt.Sprintf("%s-", m["from_group_id"].(string)))
 	buf.WriteString(fmt.Sprintf("%t-", m["self"].(bool)))
 

builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go

@@ -124,6 +124,26 @@ func TestAccComputeV2SecGroup_icmpZero(t *testing.T) {
 	})
 }
 
+func TestAccComputeV2SecGroup_lowerCaseCIDR(t *testing.T) {
+	var secgroup secgroups.SecurityGroup
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckComputeV2SecGroupDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccComputeV2SecGroup_lowerCaseCIDR,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup),
+					resource.TestCheckResourceAttr(
+						"openstack_compute_secgroup_v2.test_group_1", "rule.3862435458.cidr", "2001:558:fc00::/39"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckComputeV2SecGroupDestroy(s *terraform.State) error {
 	config := testAccProvider.Meta().(*Config)
 	computeClient, err := config.computeV2Client(OS_REGION_NAME)
@@ -334,3 +354,15 @@ var testAccComputeV2SecGroup_icmpZero = fmt.Sprintf(`
 			cidr = "0.0.0.0/0"
 		}
 	}`)
+
+var testAccComputeV2SecGroup_lowerCaseCIDR = fmt.Sprintf(`
+	resource "openstack_compute_secgroup_v2" "test_group_1" {
+		name = "test_group_1"
+		description = "first test security group"
+		rule {
+			from_port = 0
+			to_port = 0
+			ip_protocol = "icmp"
+			cidr = "2001:558:FC00::/39"
+		}
+	}`)

builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2.go

@@ -3,6 +3,7 @@ package openstack
 import (
 	"fmt"
 	"log"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/terraform/helper/resource"
@@ -64,6 +65,9 @@ func resourceNetworkingSecGroupRuleV2() *schema.Resource {
 				Optional: true,
 				ForceNew: true,
 				Computed: true,
+				StateFunc: func(v interface{}) string {
+					return strings.ToLower(v.(string))
+				},
 			},
 			"security_group_id": &schema.Schema{
 				Type:     schema.TypeString,

builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2_test.go

@@ -35,6 +35,28 @@ func TestAccNetworkingV2SecGroupRule_basic(t *testing.T) {
 	})
 }
 
+func TestAccNetworkingV2SecGroupRule_lowerCaseCIDR(t *testing.T) {
+	var security_group_1 groups.SecGroup
+	var security_group_rule_1 rules.SecGroupRule
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckNetworkingV2SecGroupRuleDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccNetworkingV2SecGroupRule_lowerCaseCIDR,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckNetworkingV2SecGroupExists(t, "openstack_networking_secgroup_v2.sg_foo", &security_group_1),
+					testAccCheckNetworkingV2SecGroupRuleExists(t, "openstack_networking_secgroup_rule_v2.sr_foo", &security_group_rule_1),
+					resource.TestCheckResourceAttr(
+						"openstack_networking_secgroup_rule_v2.sr_foo", "remote_ip_prefix", "2001:558:fc00::/39"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckNetworkingV2SecGroupRuleDestroy(s *terraform.State) error {
 	config := testAccProvider.Meta().(*Config)
 	networkingClient, err := config.networkingV2Client(OS_REGION_NAME)
@@ -109,9 +131,24 @@ var testAccNetworkingV2SecGroupRule_basic = fmt.Sprintf(`
   resource "openstack_networking_secgroup_rule_v2" "sr_bar" {
     direction = "ingress"
     ethertype = "IPv4"
-    port_range_max = 80 
+    port_range_max = 80
     port_range_min = 80
     protocol = "tcp"
     remote_group_id = "${openstack_networking_secgroup_v2.sg_foo.id}"
     security_group_id = "${openstack_networking_secgroup_v2.sg_bar.id}"
   }`)
+
+var testAccNetworkingV2SecGroupRule_lowerCaseCIDR = fmt.Sprintf(`
+  resource "openstack_networking_secgroup_v2" "sg_foo" {
+    name = "security_group_1"
+    description = "terraform security group rule acceptance test"
+  }
+  resource "openstack_networking_secgroup_rule_v2" "sr_foo" {
+    direction = "ingress"
+    ethertype = "IPv6"
+    port_range_max = 22
+    port_range_min = 22
+    protocol = "tcp"
+    remote_ip_prefix = "2001:558:FC00::/39"
+    security_group_id = "${openstack_networking_secgroup_v2.sg_foo.id}"
+  }`)