Skip to content

Fix ruleset for the v5 provider #851

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 1, 2025
Merged

Fix ruleset for the v5 provider #851

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
22c7e97
fix: ruleset for v5 provider
musa-cf Mar 26, 2025
9831394
fix: Add default path param value
musa-cf Apr 1, 2025
f4c7fcc
fix: Init v4 Go client in sharedPreRun
musa-cf Apr 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion internal/app/cf-terraforming/cmd/generate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,12 @@ func generateResources() func(cmd *cobra.Command, args []string) {
resourceCount := 0
var jsonStructData []interface{}

if strings.HasPrefix(providerVersionString, "5") {
// The ruleset API has many gotchas that are accounted for in how we build
// the 'response' object that feeds into the HCL generation, and it's difficult
// to ensure the same compatability using the generated SDK.
useOldSDK := resourceType == "cloudflare_ruleset"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it better copy the remapping logic instead of forcing this to use the old conditions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After a bit too much toiling, it appears so. Based on how we've built the V5 support in so far, I have to circumvent many assumptions we make about using the newer Go SDK. I thought this was the less bad option.


if strings.HasPrefix(providerVersionString, "5") && !useOldSDK {
if resourceToEndpoint[resourceType]["list"] == "" && resourceToEndpoint[resourceType]["get"] == "" {
log.WithFields(logrus.Fields{
"resource": resourceType,
Expand Down Expand Up @@ -948,6 +953,18 @@ func generateResources() func(cmd *cobra.Command, args []string) {
log.Fatal(err)
}

if strings.HasPrefix(providerVersionString, "5") {
for i := 0; i < resourceCount; i++ {
rules := jsonStructData[i].(map[string]interface{})["rules"]
if rules != nil {
for ruleCounter := range rules.([]interface{}) {
rules.([]interface{})[ruleCounter].(map[string]interface{})["id"] = nil
}
}
}
continue
}

// Make the rules have the correct header structure
for i, ruleset := range jsonStructData {
if ruleset.(map[string]interface{})["rules"] != nil {
Expand Down
86 changes: 48 additions & 38 deletions internal/app/cf-terraforming/cmd/generate_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -314,44 +314,44 @@ func TestResourceGenerationV5(t *testing.T) {
"cloudflare dns record simple": {identiferType: "zone", resourceType: "cloudflare_dns_record", testdataFilename: "cloudflare_dns_record"},
// "cloudflare dns record subdomain": {identiferType: "zone", resourceType: "cloudflare_dns_record", testdataFilename: "cloudflare_dns_record_subdomain"},
// "cloudflare dns record TXT SPF": {identiferType: "zone", resourceType: "cloudflare_dns_record", testdataFilename: "cloudflare_dns_record_txt_spf"},
"cloudflare dns zone transfers acl": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_acl", testdataFilename: "cloudflare_dns_zone_transfers_acl"},
"cloudflare dns zone transfers incoming": {identiferType: "zone", resourceType: "cloudflare_dns_zone_transfers_incoming", testdataFilename: "cloudflare_dns_zone_transfers_incoming"},
"cloudflare dns zone transfers outgoing": {identiferType: "zone", resourceType: "cloudflare_dns_zone_transfers_outgoing", testdataFilename: "cloudflare_dns_zone_transfers_outgoing"},
"cloudflare dns zone transfers peer": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_peer", testdataFilename: "cloudflare_dns_zone_transfers_peer"},
"cloudflare dns zone transfers tsig": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_tsig", testdataFilename: "cloudflare_dns_zone_transfers_tsig"},
"cloudflare leaked credential check": {identiferType: "zone", resourceType: "cloudflare_leaked_credential_check", testdataFilename: "cloudflare_leaked_credential_check"},
"cloudflare leaked credential check rule": {identiferType: "zone", resourceType: "cloudflare_leaked_credential_check_rule", testdataFilename: "cloudflare_leaked_credential_check_rule"},
"cloudflare list": {identiferType: "account", resourceType: "cloudflare_list", testdataFilename: "cloudflare_list"},
"cloudflare logpush job": {identiferType: "account", resourceType: "cloudflare_logpush_job", testdataFilename: "cloudflare_logpush_job"},
"cloudflare logpull retention": {identiferType: "zone", resourceType: "cloudflare_logpull_retention", testdataFilename: "cloudflare_logpull_retention"},
"cloudflare notification policy": {identiferType: "account", resourceType: "cloudflare_notification_policy", testdataFilename: "cloudflare_notification_policy"},
"cloudflare notification policy webhooks": {identiferType: "account", resourceType: "cloudflare_notification_policy_webhooks", testdataFilename: "cloudflare_notification_policy_webhooks"},
"cloudflare pages project": {identiferType: "account", resourceType: "cloudflare_pages_project", testdataFilename: "cloudflare_pages_project"},
"cloudflare page shield policy": {identiferType: "zone", resourceType: "cloudflare_page_shield_policy", testdataFilename: "cloudflare_page_shield_policy"},
"cloudflare r2 bucket": {identiferType: "account", resourceType: "cloudflare_r2_bucket", testdataFilename: "cloudflare_r2_bucket"},
"cloudflare page rule": {identiferType: "zone", resourceType: "cloudflare_page_rule", testdataFilename: "cloudflare_page_rule"},
// "cloudflare ruleset (ddos_l7)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_ddos_l7"},
// "cloudflare ruleset (http_log_custom_fields)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_log_custom_fields"},
// "cloudflare ruleset (http_ratelimit)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_ratelimit"},
// "cloudflare ruleset (http_request_cache_settings)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_http_request_cache_settings"},
// "cloudflare ruleset (http_request_firewall_custom)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_firewall_custom"},
// "cloudflare ruleset (http_request_firewall_managed)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_firewall_managed"},
// "cloudflare ruleset (http_request_late_transform)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_late_transform"},
// "cloudflare ruleset (http_request_sanitize)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_sanitize"},
// "cloudflare ruleset (no configuration)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_no_configuration"},
// "cloudflare ruleset (override remapping = disabled)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_override_remapping_disabled"},
// "cloudflare ruleset (override remapping = enabled)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_override_remapping_enabled"},
// "cloudflare ruleset (rewrite to empty query string)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_rewrite_to_empty_query_parameter"},
// "cloudflare ruleset": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone"},
"cloudflare stream": {identiferType: "account", resourceType: "cloudflare_stream", testdataFilename: "cloudflare_stream"},
"cloudflare stream keys": {identiferType: "account", resourceType: "cloudflare_stream_key", testdataFilename: "cloudflare_stream_key"},
"cloudflare stream live input": {identiferType: "account", resourceType: "cloudflare_stream_live_input", testdataFilename: "cloudflare_stream_live_input"},
"cloudflare stream webhook": {identiferType: "account", resourceType: "cloudflare_stream_webhook", testdataFilename: "cloudflare_stream_webhook"},
"cloudflare snippets": {identiferType: "zone", resourceType: "cloudflare_snippets", testdataFilename: "cloudflare_snippets"},
"cloudflare snippet rules": {identiferType: "zone", resourceType: "cloudflare_snippet_rules", testdataFilename: "cloudflare_snippet_rules"},
"cloudflare tiered cache": {identiferType: "zone", resourceType: "cloudflare_tiered_cache", testdataFilename: "cloudflare_tiered_cache"},
"cloudflare regional hostnames": {identiferType: "zone", resourceType: "cloudflare_regional_hostname", testdataFilename: "cloudflare_regional_hostname"},
"cloudflare regional tiered cache": {identiferType: "zone", resourceType: "cloudflare_regional_tiered_cache", testdataFilename: "cloudflare_regional_tiered_cache"},
"cloudflare dns zone transfers acl": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_acl", testdataFilename: "cloudflare_dns_zone_transfers_acl"},
"cloudflare dns zone transfers incoming": {identiferType: "zone", resourceType: "cloudflare_dns_zone_transfers_incoming", testdataFilename: "cloudflare_dns_zone_transfers_incoming"},
"cloudflare dns zone transfers outgoing": {identiferType: "zone", resourceType: "cloudflare_dns_zone_transfers_outgoing", testdataFilename: "cloudflare_dns_zone_transfers_outgoing"},
"cloudflare dns zone transfers peer": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_peer", testdataFilename: "cloudflare_dns_zone_transfers_peer"},
"cloudflare dns zone transfers tsig": {identiferType: "account", resourceType: "cloudflare_dns_zone_transfers_tsig", testdataFilename: "cloudflare_dns_zone_transfers_tsig"},
"cloudflare leaked credential check": {identiferType: "zone", resourceType: "cloudflare_leaked_credential_check", testdataFilename: "cloudflare_leaked_credential_check"},
"cloudflare leaked credential check rule": {identiferType: "zone", resourceType: "cloudflare_leaked_credential_check_rule", testdataFilename: "cloudflare_leaked_credential_check_rule"},
"cloudflare list": {identiferType: "account", resourceType: "cloudflare_list", testdataFilename: "cloudflare_list"},
"cloudflare logpush job": {identiferType: "account", resourceType: "cloudflare_logpush_job", testdataFilename: "cloudflare_logpush_job"},
"cloudflare logpull retention": {identiferType: "zone", resourceType: "cloudflare_logpull_retention", testdataFilename: "cloudflare_logpull_retention"},
"cloudflare notification policy": {identiferType: "account", resourceType: "cloudflare_notification_policy", testdataFilename: "cloudflare_notification_policy"},
"cloudflare notification policy webhooks": {identiferType: "account", resourceType: "cloudflare_notification_policy_webhooks", testdataFilename: "cloudflare_notification_policy_webhooks"},
"cloudflare pages project": {identiferType: "account", resourceType: "cloudflare_pages_project", testdataFilename: "cloudflare_pages_project"},
"cloudflare page shield policy": {identiferType: "zone", resourceType: "cloudflare_page_shield_policy", testdataFilename: "cloudflare_page_shield_policy"},
"cloudflare r2 bucket": {identiferType: "account", resourceType: "cloudflare_r2_bucket", testdataFilename: "cloudflare_r2_bucket"},
"cloudflare page rule": {identiferType: "zone", resourceType: "cloudflare_page_rule", testdataFilename: "cloudflare_page_rule"},
"cloudflare ruleset (ddos_l7)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_ddos_l7"},
"cloudflare ruleset (http_log_custom_fields)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_log_custom_fields"},
"cloudflare ruleset (http_ratelimit)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_ratelimit"},
"cloudflare ruleset (http_request_cache_settings)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_http_request_cache_settings"},
"cloudflare ruleset (http_request_firewall_custom)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_firewall_custom"},
"cloudflare ruleset (http_request_firewall_managed)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_firewall_managed"},
"cloudflare ruleset (http_request_late_transform)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_late_transform"},
"cloudflare ruleset (http_request_sanitize)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_http_request_sanitize"},
"cloudflare ruleset (no configuration)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_no_configuration"},
"cloudflare ruleset (override remapping = disabled)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_override_remapping_disabled"},
"cloudflare ruleset (override remapping = enabled)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_override_remapping_enabled"},
"cloudflare ruleset (rewrite to empty query string)": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset_zone_rewrite_to_empty_query_parameter"},
"cloudflare ruleset": {identiferType: "zone", resourceType: "cloudflare_ruleset", testdataFilename: "cloudflare_ruleset"},
"cloudflare stream": {identiferType: "account", resourceType: "cloudflare_stream", testdataFilename: "cloudflare_stream"},
"cloudflare stream keys": {identiferType: "account", resourceType: "cloudflare_stream_key", testdataFilename: "cloudflare_stream_key"},
"cloudflare stream live input": {identiferType: "account", resourceType: "cloudflare_stream_live_input", testdataFilename: "cloudflare_stream_live_input"},
"cloudflare stream webhook": {identiferType: "account", resourceType: "cloudflare_stream_webhook", testdataFilename: "cloudflare_stream_webhook"},
"cloudflare snippets": {identiferType: "zone", resourceType: "cloudflare_snippets", testdataFilename: "cloudflare_snippets"},
"cloudflare snippet rules": {identiferType: "zone", resourceType: "cloudflare_snippet_rules", testdataFilename: "cloudflare_snippet_rules"},
"cloudflare tiered cache": {identiferType: "zone", resourceType: "cloudflare_tiered_cache", testdataFilename: "cloudflare_tiered_cache"},
"cloudflare regional hostnames": {identiferType: "zone", resourceType: "cloudflare_regional_hostname", testdataFilename: "cloudflare_regional_hostname"},
"cloudflare regional tiered cache": {identiferType: "zone", resourceType: "cloudflare_regional_tiered_cache", testdataFilename: "cloudflare_regional_tiered_cache"},
// "cloudflare spectrum application": {identiferType: "zone", resourceType: "cloudflare_spectrum_application", testdataFilename: "cloudflare_spectrum_application"},
// "cloudflare teams list": {identiferType: "account", resourceType: "cloudflare_teams_list", testdataFilename: "cloudflare_teams_list"},
// "cloudflare teams location": {identiferType: "account", resourceType: "cloudflare_teams_location", testdataFilename: "cloudflare_teams_location"},
Expand Down Expand Up @@ -480,6 +480,11 @@ func TestResourceGenerationV5(t *testing.T) {
Transport: r,
},
))
apiV0, _ = cfv0.New(viper.GetString("key"), viper.GetString("email"), cfv0.HTTPClient(
Copy link
Contributor

@jacobbednarz jacobbednarz Mar 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it looks like it assumes we're using API key + email for the old client. shouldn't it be initialising the same credentials we already have for the newer client?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that's just for the unit tests though, which in the V4 test, only uses the key/email auth scheme.

On this commit, there's a fix for API client initializations to be the same outside of test runs: f4c7fcc

&http.Client{
Transport: r,
},
))

output, _ = executeCommandC(rootCmd, "generate", "--resource-type", tc.resourceType, "--account", cloudflareTestAccountID)
} else {
Expand All @@ -489,6 +494,11 @@ func TestResourceGenerationV5(t *testing.T) {
Transport: r,
},
))
apiV0, _ = cfv0.New(viper.GetString("key"), viper.GetString("email"), cfv0.HTTPClient(
&http.Client{
Transport: r,
},
))
if tc.cliFlags != "" {
output, _ = executeCommandC(rootCmd, "generate",
"--resource-type", tc.resourceType,
Expand Down
Loading