feat(specs): Add spec, tests and examples for panos_qos_policy

Author: kklimonda-cl

assets/terraform/examples/resources/panos_qos_policy/import.sh

@@ -0,0 +1,16 @@
+# The entire QoS policy can be imported by providing the following base64 encoded object as the ID
+# {
+#     location = {
+#         device_group = {
+#         name = "example-device-group"
+#         rulebase = "pre-rulebase"
+#         panorama_device = "localhost.localdomain"
+#         }
+#     }
+#
+#
+#     names = [
+#         "qos-rule-1", <- the first rule in the policy
+#     ]
+# }
+terraform import panos_qos_policy.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain","rulebase":"pre-rulebase"}},"names":["qos-rule-1"]}' | base64)

assets/terraform/examples/resources/panos_qos_policy/resource.tf

@@ -0,0 +1,59 @@
+# Manages the entire QoS policy
+resource "panos_qos_policy" "example" {
+  location = {
+    device_group = {
+      name = panos_device_group.example.name
+    }
+  }
+
+  rules = [
+    {
+      name        = "qos-rule-1"
+      description = "QoS rule for high priority traffic"
+
+      source_zones          = ["trust"]
+      source_addresses      = ["any"]
+      destination_zones     = ["untrust"]
+      destination_addresses = ["any"]
+      applications          = ["ssl"]
+      services              = ["application-default"]
+
+      action = {
+        class = "4"
+      }
+
+      dscp_tos = {
+        codepoints = [
+          {
+            name = "ef-marking"
+            ef = {
+              codepoint = "ef"
+            }
+          }
+        ]
+      }
+    },
+    {
+      name = "qos-rule-2"
+
+      source_zones          = ["any"]
+      source_addresses      = ["any"]
+      destination_zones     = ["any"]
+      destination_addresses = ["any"]
+      applications          = ["any"]
+      services              = ["any"]
+
+      action = {
+        class = "1"
+      }
+    }
+  ]
+}
+
+resource "panos_device_group" "example" {
+  location = {
+    panorama = {}
+  }
+
+  name = "example-device-group"
+}

assets/terraform/examples/resources/panos_qos_policy_rules/import.sh

@@ -0,0 +1,18 @@
+# A set of QoS rules can be imported by providing the following base64 encoded object as the ID
+# {
+#     location = {
+#         device_group = {
+#         name = "example-device-group"
+#         rulebase = "pre-rulebase"
+#         panorama_device = "localhost.localdomain"
+#         }
+#     }
+#
+#     position = { where = "after", directly = true, pivot = "existing-rule" }
+#
+#     names = [
+#         "qos-rule-8",
+#         "qos-rule-9"
+#     ]
+# }
+terraform import panos_qos_policy_rules.example $(echo '{"location":{"device_group":{"name":"example-device-group","panorama_device":"localhost.localdomain","rulebase":"pre-rulebase"}},"names":["qos-rule-8","qos-rule-9"],"position":{"directly":true,"pivot":"existing-rule","where":"after"}}' | base64)

assets/terraform/examples/resources/panos_qos_policy_rules/resource.tf

@@ -0,0 +1,90 @@
+# Manage a group of QoS policy rules.
+
+## Place the rule group at the top
+resource "panos_qos_policy_rules" "example-1" {
+  location = {
+    device_group = {
+      name = panos_device_group.example.name
+    }
+  }
+
+  position = {
+    where = "first" # first, last, after, before
+  }
+
+  rules = [
+    {
+      name        = "qos-rule-1"
+      description = "High priority VoIP traffic"
+
+      source_zones          = ["trust"]
+      source_addresses      = ["any"]
+      destination_zones     = ["untrust"]
+      destination_addresses = ["any"]
+      applications          = ["sip", "h323"]
+      services              = ["application-default"]
+
+      action = {
+        class = "7"
+      }
+
+      dscp_tos = {
+        codepoints = [
+          {
+            name = "ef-marking"
+            ef = {
+              codepoint = "ef"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
+
+## Place the rule group directly after an existing rule
+resource "panos_qos_policy_rules" "example-2" {
+  location = {
+    device_group = {
+      name = panos_device_group.example.name
+    }
+  }
+
+  position = { where = "after", directly = true, pivot = "existing-rule" }
+
+  rules = [for k in ["web", "database", "default"] :
+    {
+      name = "qos-${k}"
+
+      source_zones          = ["any"]
+      source_addresses      = ["any"]
+      destination_zones     = ["any"]
+      destination_addresses = ["any"]
+      applications          = ["any"]
+      services              = ["any"]
+
+      action = {
+        class = k == "web" ? "5" : k == "database" ? "4" : "1"
+      }
+
+      dscp_tos = {
+        codepoints = [
+          {
+            name = "${k}-codepoint"
+            af = {
+              codepoint = k == "web" ? "af21" : k == "database" ? "af31" : "af11"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
+
+resource "panos_device_group" "example" {
+  location = {
+    panorama = {}
+  }
+
+  name = "example-device-group"
+}