Skip to content

Commit

Permalink
Merge branch 'master' of github.com:cloudflare/terraform-provider-clo…
Browse files Browse the repository at this point in the history 
…udflare into custom-error-responses

| Conflicts:
|	docs/resources/ruleset.md
  • Loading branch information
@jacobbednarz
jacobbednarz committed Aug 8, 2022
2 parents b04714a + 1ce776c commit cccf890
Show file tree
Hide file tree
Showing 7 changed files with 49 additions and 2 deletions.
3 changes: 3 additions & 0 deletions .changelog/1816.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/cloudflare_ruleset: add support for sni override in route action
```
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ BREAKING CHANGES:
ENHANCEMENTS:

* resource/cloudflare_custom_ssl: handle when remote ID changes during updates ([#1824](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1824))
* resource/cloudflare_ruleset: add support for sni override in route action ([#1816](https://github.com/cloudflare/terraform-provider-cloudflare/issues/1816))

BUG FIXES:

Expand Down
11 changes: 10 additions & 1 deletion docs/resources/ruleset.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@ resource "cloudflare_ruleset" "http_custom_error_example" {
action_parameters {
content = "some error html"
content_type = "text/html"
status_code = 530
status_code = "530"
}
expression = "(http.request.uri.path matches \"^/api/\")"
description = "serve some error response"
Expand Down Expand Up @@ -476,6 +476,7 @@ Optional:
- `ruleset` (String) Which ruleset ID to target.
- `rulesets` (Set of String) List of managed WAF rule IDs to target. Only valid when the `"action"` is set to skip.
- `serve_stale` (Block List, Max: 1) List of serve stale parameters to apply to the request. (see [below for nested schema](#nestedblock--rules--action_parameters--serve_stale))
- `sni` (Block List, Max: 1) List of properties to manange Server Name Indication. (see [below for nested schema](#nestedblock--rules--action_parameters--sni))
- `status_code` (Number) HTTP status code of the custom error response.
- `uri` (Block List, Max: 1) List of URI properties to configure for the ruleset rule when performing URL rewrite transformations. (see [below for nested schema](#nestedblock--rules--action_parameters--uri))
- `version` (String) Version of the ruleset to deploy.
Expand Down Expand Up @@ -706,6 +707,14 @@ Optional:
- `disable_stale_while_updating` (Boolean) Disable stale while updating.


<a id="nestedblock--rules--action_parameters--sni"></a>
### Nested Schema for `rules.action_parameters.sni`

Optional:

- `value` (String) Value to define for SNI.


<a id="nestedblock--rules--action_parameters--uri"></a>
### Nested Schema for `rules.action_parameters.uri`

Expand Down
2 changes: 1 addition & 1 deletion examples/resources/cloudflare_ruleset/resource.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -356,7 +356,7 @@ resource "cloudflare_ruleset" "http_custom_error_example" {
action_parameters {
content = "some error html"
content_type = "text/html"
status_code = 530
status_code = "530"
}
expression = "(http.request.uri.path matches \"^/api/\")"
description = "serve some error response"
Expand Down
15 changes: 15 additions & 0 deletions internal/provider/resource_cloudflare_ruleset.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,7 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
matchedData []map[string]interface{}
response []map[string]interface{}
origin []map[string]interface{}
sni []map[string]interface{}
requestFields []string
responseFields []string
cookieFields []string
Expand Down Expand Up @@ -359,6 +360,12 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
})
}

if !reflect.ValueOf(r.ActionParameters.SNI).IsNil() {
sni = append(sni, map[string]interface{}{
"value": r.ActionParameters.SNI.Value,
})
}

if !reflect.ValueOf(r.ActionParameters.RequestFields).IsNil() {
requestFields = make([]string, 0)
for _, v := range r.ActionParameters.RequestFields {
Expand Down Expand Up @@ -524,6 +531,7 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
"response": response,
"version": r.ActionParameters.Version,
"host_header": r.ActionParameters.HostHeader,
"sni": sni,
"origin": origin,
"request_fields": requestFields,
"response_fields": responseFields,
Expand Down Expand Up @@ -797,6 +805,13 @@ func buildRulesetRulesFromResource(d *schema.ResourceData) ([]cloudflare.Ruleset
}
}

case "sni":
for i := range pValue.([]interface{}) {
rule.ActionParameters.SNI = &cloudflare.RulesetRuleActionParametersSni{
Value: pValue.([]interface{})[i].(map[string]interface{})["value"].(string),
}
}

case "cache":
if value, ok := d.GetOk(fmt.Sprintf("rules.%d.action_parameters.0.cache", rulesCounter)); ok {
rule.ActionParameters.Cache = cloudflare.BoolPtr(value.(bool))
Expand Down
4 changes: 4 additions & 0 deletions internal/provider/resource_cloudflare_ruleset_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -853,6 +853,7 @@ func TestAccCloudflareRuleset_RequestOrigin(t *testing.T) {
resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.origin.#", "1"),
resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.origin.0.host", rnd+".terraform.cfapi.net"),
resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.origin.0.port", "80"),
resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.sni.0.value", rnd+".terraform.cfapi.net"),
resource.TestCheckResourceAttr(resourceName, "rules.0.expression", "(http.request.uri.path matches \"^/api/\")"),
resource.TestCheckResourceAttr(resourceName, "rules.0.description", "example http request origin"),
),
Expand Down Expand Up @@ -2453,6 +2454,9 @@ func testAccCheckCloudflareRulesetOrigin(rnd, name, zoneID, zoneName string) str
host = "%[1]s.terraform.cfapi.net"
port = 80
}
sni {
value = "%[1]s.terraform.cfapi.net"
}
}
expression = "(http.request.uri.path matches \"^/api/\")"
description = "example http request origin"
Expand Down
15 changes: 15 additions & 0 deletions internal/provider/schema_cloudflare_ruleset.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,6 +418,21 @@ func resourceCloudflareRulesetSchema() map[string]*schema.Schema {
},
},
},
"sni": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Description: "List of properties to manange Server Name Indication.",
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"value": {
Type: schema.TypeString,
Optional: true,
Description: "Value to define for SNI.",
},
},
},
},
"request_fields": {
Type: schema.TypeSet,
Optional: true,
Expand Down

0 comments on commit cccf890

Please sign in to comment.