From 55dcdcbd27c94d0a2c2ee3f64bc291a78d0dead3 Mon Sep 17 00:00:00 2001
From: Jeremy Muriel <jeremy@jeremm.fr>
Date: Mon, 17 Feb 2025 13:51:43 +0100
Subject: [PATCH] r/security: add routing_instance argument in
 idp_security_package block

fix #754
---
 .changes/issue-754.md                             |  4 ++++
 docs/resources/security.md                        |  2 ++
 internal/providerfwk/resource_security.go         | 15 +++++++++++++++
 .../TestAccResourceSecurity_basic/4/main.tf       |  3 +++
 4 files changed, 24 insertions(+)
 create mode 100644 .changes/issue-754.md

diff --git a/.changes/issue-754.md b/.changes/issue-754.md
new file mode 100644
index 000000000..37af4dcc5
--- /dev/null
+++ b/.changes/issue-754.md
@@ -0,0 +1,4 @@
+<!-- markdownlint-disable-file MD013 MD041 -->
+ENHANCEMENTS:
+
+* **resource/junos_security**: add `routing_instance` argument in `idp_security_package` block (Fix [#754](https://github.com/jeremmfr/terraform-provider-junos/issues/754))
diff --git a/docs/resources/security.md b/docs/resources/security.md
index a34f693bd..bb99d4870 100644
--- a/docs/resources/security.md
+++ b/docs/resources/security.md
@@ -308,6 +308,8 @@ The following arguments are supported:
   Skip version check when attack database gets installed.
 - **proxy_profile** (Optional, String)  
   Proxy profile of security package download.
+- **routing_instance** (Optional, String)  
+  Routing instance for security-package download.
 - **source_address** (Optional, String)  
   Source address to be used for sending download request.
 - **url** (Optional, String)  
diff --git a/internal/providerfwk/resource_security.go b/internal/providerfwk/resource_security.go
index 7994e3616..0048ad773 100644
--- a/internal/providerfwk/resource_security.go
+++ b/internal/providerfwk/resource_security.go
@@ -652,6 +652,14 @@ func (rsc *security) Schema(
 							tfvalidator.StringDoubleQuoteExclusion(),
 						},
 					},
+					"routing_instance": schema.StringAttribute{
+						Optional:    true,
+						Description: "Routing instance for security-package download.",
+						Validators: []validator.String{
+							stringvalidator.LengthBetween(1, 63),
+							tfvalidator.StringFormat(tfvalidator.DefaultFormat),
+						},
+					},
 					"source_address": schema.StringAttribute{
 						Optional:    true,
 						Description: "Source address to be used for sending download request.",
@@ -1452,6 +1460,7 @@ type securityBlockIdpSecurityPackage struct {
 	AutomaticStartTime        types.String `tfsdk:"automatic_start_time"`
 	InstallIgnoreVersionCheck types.Bool   `tfsdk:"install_ignore_version_check"`
 	ProxyProfile              types.String `tfsdk:"proxy_profile"`
+	RoutingInstance           types.String `tfsdk:"routing_instance"`
 	SourceAddress             types.String `tfsdk:"source_address"`
 	URL                       types.String `tfsdk:"url"`
 }
@@ -2486,6 +2495,9 @@ func (block *securityBlockIdpSecurityPackage) configSet() []string {
 	if v := block.ProxyProfile.ValueString(); v != "" {
 		configSet = append(configSet, setPrefix+"proxy-profile \""+v+"\"")
 	}
+	if v := block.RoutingInstance.ValueString(); v != "" {
+		configSet = append(configSet, setPrefix+"routing-instance "+v)
+	}
 	if v := block.SourceAddress.ValueString(); v != "" {
 		configSet = append(configSet, setPrefix+"source-address "+v)
 	}
@@ -3214,6 +3226,7 @@ func (securityBlockIdpSecurityPackage) junosLines() []string {
 		"idp security-package automatic",
 		"idp security-package install",
 		"idp security-package proxy-profile",
+		"idp security-package routing-instance",
 		"idp security-package source-address",
 		"idp security-package url",
 	}
@@ -3236,6 +3249,8 @@ func (block *securityBlockIdpSecurityPackage) read(itemTrim string) (err error)
 		block.InstallIgnoreVersionCheck = types.BoolValue(true)
 	case balt.CutPrefixInString(&itemTrim, "proxy-profile "):
 		block.ProxyProfile = types.StringValue(strings.Trim(itemTrim, "\""))
+	case balt.CutPrefixInString(&itemTrim, "routing-instance "):
+		block.RoutingInstance = types.StringValue(itemTrim)
 	case balt.CutPrefixInString(&itemTrim, "source-address "):
 		block.SourceAddress = types.StringValue(itemTrim)
 	case balt.CutPrefixInString(&itemTrim, "url "):
diff --git a/internal/providerfwk/testdata/TestAccResourceSecurity_basic/4/main.tf b/internal/providerfwk/testdata/TestAccResourceSecurity_basic/4/main.tf
index ed559dbad..14095f7e4 100644
--- a/internal/providerfwk/testdata/TestAccResourceSecurity_basic/4/main.tf
+++ b/internal/providerfwk/testdata/TestAccResourceSecurity_basic/4/main.tf
@@ -27,6 +27,9 @@ resource "junos_security" "testacc_security" {
       }
     }
   }
+  idp_security_package {
+    routing_instance = junos_routing_instance.testacc_security.name
+  }
   idp_sensor_configuration {
     log_suppression {
       include_destination_address = true