Merge pull request #1 from cloudflare/master

merge upstream
nuggien · May 18, 2022 · a6cc7e3 · a6cc7e3
2 parents 11b95b9 + ddfea30
commit a6cc7e3
Show file tree

Hide file tree

Showing 132 changed files with 2,816 additions and 2,249 deletions.
diff --git a/.changelog/1585.txt b/.changelog/1585.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_device_posture_rule: Add `expiration` to device posture rule
+```
diff --git a/.changelog/1589.txt b/.changelog/1589.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/cloudflare_access_group: allow github access groups to be created without a list of teams
+```
diff --git a/.changelog/1592.txt b/.changelog/1592.txt
@@ -0,0 +1,3 @@
+```release-note:note
+provider: internally swapped to using `diag.Diagnostics` for CRUD return types and using `context.Context` passed in from the provider itself instead of instantiating our own in each operation
+```
diff --git a/.changelog/1597.txt b/.changelog/1597.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_logpush_job: allow r2 logpush destinations without ownership validation
+```
diff --git a/.changelog/1599.txt b/.changelog/1599.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/cloudflare_spectrum_application: prevent panic when configuration does not include `edge_ips.connectivity`
+```
diff --git a/.changelog/1601.txt b/.changelog/1601.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/cloudflare_access_rule: Fix lifecycle of access_rule update
+```
diff --git a/.changelog/1620.txt b/.changelog/1620.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/ruleset: add support for `origin` and `host_header` attributes
+```
diff --git a/.changelog/1622.txt b/.changelog/1622.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/cloudflare_teams_rule: fixed detection of deleted teams rules
+```
diff --git a/.changelog/1627.txt b/.changelog/1627.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_logpush_job: add support for managing `network_analytics_logs`
+```
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,5 @@
+
+# Own a service and want to be defined as an owner here? Open a PR or 
+# hit up @jacobbednarz to add your team.
+
+*  @jacobbednarz
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,25 @@
-## 3.14.0 (Unreleased)
+## 3.16.0 (Unreleased)
+
+## 3.15.0 (May 18th, 2022)
+
+NOTES:
+
+* provider: internally swapped to using `diag.Diagnostics` for CRUD return types and using `context.Context` passed in from the provider itself instead of instantiating our own in each operation ([#1592](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1592))
+
+ENHANCEMENTS:
+
+* resource/cloudflare_device_posture_rule: Add `expiration` to device posture rule ([#1585](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1585))
+* resource/cloudflare_logpush_job: add support for managing `network_analytics_logs` ([#1627](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1627))
+* resource/cloudflare_logpush_job: allow r2 logpush destinations without ownership validation ([#1597](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1597))
+* resource/ruleset: add support for `origin` and `host_header` attributes ([#1620](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1620))
+
+BUG FIXES:
+
+* resource/cloudflare_access_rule: Fix lifecycle of access_rule update ([#1601](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1601))
+* resource/cloudflare_spectrum_application: prevent panic when configuration does not include `edge_ips.connectivity` ([#1599](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1599))
+* resource/cloudflare_teams_rule: fixed detection of deleted teams rules ([#1622](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1622))
+
+## 3.14.0 (May 4th, 2022)
 
 FEATURES:
 
@@ -13,6 +34,8 @@ ENHANCEMENTS:
 BUG FIXES:
 
 * cloudflare_tunnel_routes: Fix reads matching routers with larger CIDRs ([#1581](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1581))
+* resource/cloudflare_access_group: allow github access groups to be created without a list of teams ([#1589](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1589))
+* resource/cloudflare_logpush_job: make ownership challenge check for https not required ([#1588](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1588))
 * resource/cloudflare_tunnel_route: Fix importing resource ([#1580](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1580))
 * resource/cloudflare_zone: update plan identifier for professional rate plans ([#1583](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1583))
 

diff --git a/cloudflare/config.go b/cloudflare/config.go
@@ -26,7 +26,7 @@ func (c *Config) Client() (*cloudflare.API, error) {
 		client, err = cloudflare.New(c.APIKey, c.Email, c.Options...)
 	}
 	if err != nil {
-		return nil, fmt.Errorf("Error creating new Cloudflare client: %s", err)
+		return nil, fmt.Errorf("Error creating new Cloudflare client: %w", err)
 	}
 
 	if c.APIUserServiceKey != "" {

diff --git a/cloudflare/data_source_access_identity_provider.go b/cloudflare/data_source_access_identity_provider.go
@@ -5,37 +5,38 @@ import (
 	"fmt"
 
 	"github.com/cloudflare/cloudflare-go"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
 func dataSourceCloudflareAccessIdentityProvider() *schema.Resource {
 	return &schema.Resource{
-		Schema: dataSourceCloudflareAccessIdentityProviderSchema(),
-		Read:   dataSourceCloudflareAccessIdentityProviderRead,
+		Schema:      dataSourceCloudflareAccessIdentityProviderSchema(),
+		ReadContext: dataSourceCloudflareAccessIdentityProviderRead,
 	}
 }
 
-func dataSourceCloudflareAccessIdentityProviderRead(d *schema.ResourceData, meta interface{}) error {
+func dataSourceCloudflareAccessIdentityProviderRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*cloudflare.API)
 	identifier, err := initIdentifier(d)
 	name := d.Get("name").(string)
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	var providers []cloudflare.AccessIdentityProvider
 	if identifier.Type == AccountType {
-		providers, err = client.AccessIdentityProviders(context.Background(), identifier.Value)
+		providers, err = client.AccessIdentityProviders(ctx, identifier.Value)
 	} else {
-		providers, err = client.ZoneLevelAccessIdentityProviders(context.Background(), identifier.Value)
+		providers, err = client.ZoneLevelAccessIdentityProviders(ctx, identifier.Value)
 	}
 
 	if err != nil {
-		return fmt.Errorf("error listing Access Identity Providers: %s", err)
+		return diag.FromErr(fmt.Errorf("error listing Access Identity Providers: %w", err))
 	}
 
 	if len(providers) == 0 {
-		return fmt.Errorf("no Access Identity Providers found")
+		return diag.FromErr(fmt.Errorf("no Access Identity Providers found"))
 	}
 
 	var accessIdentityProvider cloudflare.AccessIdentityProvider
@@ -47,7 +48,7 @@ func dataSourceCloudflareAccessIdentityProviderRead(d *schema.ResourceData, meta
 	}
 
 	if accessIdentityProvider.ID == "" {
-		return fmt.Errorf("no Access Identity Provider matching name %q", name)
+		return diag.FromErr(fmt.Errorf("no Access Identity Provider matching name %q", name))
 	}
 
 	d.SetId(accessIdentityProvider.ID)

diff --git a/cloudflare/data_source_account_roles.go b/cloudflare/data_source_account_roles.go
@@ -6,12 +6,13 @@ import (
 	"log"
 
 	"github.com/cloudflare/cloudflare-go"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
 func dataSourceCloudflareAccountRoles() *schema.Resource {
 	return &schema.Resource{
-		Read: dataSourceCloudflareAccountRolesRead,
+		ReadContext: dataSourceCloudflareAccountRolesRead,
 
 		Schema: map[string]*schema.Schema{
 			"account_id": {
@@ -43,14 +44,14 @@ func dataSourceCloudflareAccountRoles() *schema.Resource {
 	}
 }
 
-func dataSourceCloudflareAccountRolesRead(d *schema.ResourceData, meta interface{}) error {
+func dataSourceCloudflareAccountRolesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*cloudflare.API)
 	accountID := d.Get("account_id").(string)
 
 	log.Printf("[DEBUG] Reading Account Roles")
-	roles, err := client.AccountRoles(context.Background(), accountID)
+	roles, err := client.AccountRoles(ctx, accountID)
 	if err != nil {
-		return fmt.Errorf("error listing Account Roles: %s", err)
+		return diag.FromErr(fmt.Errorf("error listing Account Roles: %w", err))
 	}
 
 	roleIds := make([]string, 0)
@@ -67,7 +68,7 @@ func dataSourceCloudflareAccountRolesRead(d *schema.ResourceData, meta interface
 
 	err = d.Set("roles", roleDetails)
 	if err != nil {
-		return fmt.Errorf("error setting roles: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting roles: %w", err))
 	}
 
 	d.SetId(stringListChecksum(roleIds))

diff --git a/cloudflare/data_source_api_token_permission_groups.go b/cloudflare/data_source_api_token_permission_groups.go
@@ -6,12 +6,13 @@ import (
 	"log"
 
 	"github.com/cloudflare/cloudflare-go"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
 func dataSourceCloudflareApiTokenPermissionGroups() *schema.Resource {
 	return &schema.Resource{
-		Read: dataSourceCloudflareApiTokenPermissionGroupsRead,
+		ReadContext: dataSourceCloudflareApiTokenPermissionGroupsRead,
 
 		Schema: map[string]*schema.Schema{
 			"permissions": {
@@ -22,13 +23,13 @@ func dataSourceCloudflareApiTokenPermissionGroups() *schema.Resource {
 	}
 }
 
-func dataSourceCloudflareApiTokenPermissionGroupsRead(d *schema.ResourceData, meta interface{}) error {
+func dataSourceCloudflareApiTokenPermissionGroupsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	log.Printf("[DEBUG] Reading API Token Permission Groups")
 	client := meta.(*cloudflare.API)
 
 	permissions, err := client.ListAPITokensPermissionGroups(context.Background())
 	if err != nil {
-		return fmt.Errorf("error listing API Token Permission Groups: %s", err)
+		return diag.FromErr(fmt.Errorf("error listing API Token Permission Groups: %w", err))
 	}
 
 	permissionDetails := make(map[string]interface{}, 0)
@@ -40,7 +41,7 @@ func dataSourceCloudflareApiTokenPermissionGroupsRead(d *schema.ResourceData, me
 
 	err = d.Set("permissions", permissionDetails)
 	if err != nil {
-		return fmt.Errorf("error setting API Token Permission Groups: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting API Token Permission Groups: %w", err))
 	}
 
 	d.SetId(stringListChecksum(ids))

diff --git a/cloudflare/data_source_devices.go b/cloudflare/data_source_devices.go
@@ -5,25 +5,26 @@ import (
 	"fmt"
 
 	cloudflare "github.com/cloudflare/cloudflare-go"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
 func dataSourceCloudflareDevices() *schema.Resource {
 	return &schema.Resource{
-		Schema: resoureceCloudflareDevicesSchema(),
-		Read:   dataResourceCloudflareDevicesRead,
+		Schema:      resoureceCloudflareDevicesSchema(),
+		ReadContext: dataResourceCloudflareDevicesRead,
 	}
 }
 
-func dataResourceCloudflareDevicesRead(d *schema.ResourceData, meta interface{}) error {
+func dataResourceCloudflareDevicesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*cloudflare.API)
 	accountID := d.Get("account_id").(string)
 	d.SetId(accountID)
 
-	devices, err := client.ListTeamsDevices(context.Background(), accountID)
+	devices, err := client.ListTeamsDevices(ctx, accountID)
 
 	if err != nil {
-		return fmt.Errorf("error finding devices in account %q: %w", accountID, err)
+		return diag.FromErr(fmt.Errorf("error finding devices in account %q: %w", accountID, err))
 	}
 
 	deviceDetails := make([]interface{}, 0)
@@ -48,7 +49,7 @@ func dataResourceCloudflareDevicesRead(d *schema.ResourceData, meta interface{})
 	}
 
 	if err = d.Set("devices", deviceDetails); err != nil {
-		return fmt.Errorf("error setting device details: %w", err)
+		return diag.FromErr(fmt.Errorf("error setting device details: %w", err))
 	}
 
 	return nil

diff --git a/cloudflare/data_source_ip_ranges.go b/cloudflare/data_source_ip_ranges.go
@@ -1,12 +1,14 @@
 package cloudflare
 
 import (
+	"context"
 	"fmt"
 	"sort"
 	"strconv"
 	"strings"
 
 	"github.com/cloudflare/cloudflare-go"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
@@ -17,7 +19,7 @@ const (
 
 func dataSourceCloudflareIPRanges() *schema.Resource {
 	return &schema.Resource{
-		Read: dataSourceCloudflareIPRangesRead,
+		ReadContext: dataSourceCloudflareIPRangesRead,
 
 		Schema: map[string]*schema.Schema{
 			"cidr_blocks": {
@@ -49,10 +51,10 @@ func dataSourceCloudflareIPRanges() *schema.Resource {
 	}
 }
 
-func dataSourceCloudflareIPRangesRead(d *schema.ResourceData, meta interface{}) error {
+func dataSourceCloudflareIPRangesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	ranges, err := cloudflare.IPs()
 	if err != nil {
-		return fmt.Errorf("failed to fetch Cloudflare IP ranges: %s", err)
+		return diag.FromErr(fmt.Errorf("failed to fetch Cloudflare IP ranges: %w", err))
 	}
 
 	IPv4s := ranges.IPv4CIDRs
@@ -72,23 +74,23 @@ func dataSourceCloudflareIPRangesRead(d *schema.ResourceData, meta interface{})
 	d.SetId(strconv.Itoa(hashCodeString(strings.Join(all, "|"))))
 
 	if err := d.Set("cidr_blocks", all); err != nil {
-		return fmt.Errorf("error setting all cidr blocks: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting all cidr blocks: %w", err))
 	}
 
 	if err := d.Set("ipv4_cidr_blocks", IPv4s); err != nil {
-		return fmt.Errorf("error setting ipv4 cidr blocks: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting ipv4 cidr blocks: %w", err))
 	}
 
 	if err := d.Set("ipv6_cidr_blocks", IPv6s); err != nil {
-		return fmt.Errorf("error setting ipv6 cidr blocks: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting ipv6 cidr blocks: %w", err))
 	}
 
 	if err := d.Set("china_ipv4_cidr_blocks", chinaIPv4s); err != nil {
-		return fmt.Errorf("error setting china ipv4 cidr blocks: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting china ipv4 cidr blocks: %w", err))
 	}
 
 	if err := d.Set("china_ipv6_cidr_blocks", chinaIPv6s); err != nil {
-		return fmt.Errorf("error setting china ipv6 cidr blocks: %s", err)
+		return diag.FromErr(fmt.Errorf("error setting china ipv6 cidr blocks: %w", err))
 	}
 
 	return nil

diff --git a/cloudflare/data_source_ip_ranges_test.go b/cloudflare/data_source_ip_ranges_test.go
@@ -16,7 +16,7 @@ func TestAccCloudflareIPRanges(t *testing.T) {
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
-			resource.TestStep{
+			{
 				Config: testAccCloudflareIPRangesConfig,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCloudflareIPRanges("data.cloudflare_ip_ranges.some"),
@@ -47,15 +47,13 @@ func testAccCloudflareIPRanges(n string) resource.TestCheckFunc {
 		var cidrBlocks sort.StringSlice = make([]string, cidrBlockSize)
 
 		for i := range make([]string, cidrBlockSize) {
-
 			block := a[fmt.Sprintf("cidr_blocks.%d", i)]
 
 			if _, _, err := net.ParseCIDR(block); err != nil {
-				return fmt.Errorf("malformed CIDR block %s: %s", block, err)
+				return fmt.Errorf("malformed CIDR block %s: %w", block, err)
 			}
 
 			cidrBlocks[i] = block
-
 		}
 
 		if !sort.IsSorted(cidrBlocks) {