Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support strictness setting in access application scim mappings #4419

Merged
merged 1 commit into from
Nov 13, 2024
Merged

Support strictness setting in access application scim mappings #4419

merged 1 commit into from
Nov 13, 2024
+57 −23

Conversation

khiller-cf
Copy link
Contributor

No description provided.

@khiller-cf khiller-cf changed the title AUTH-6559 support strictness setting in access application scim mappings Support strictness setting in access application scim mappings Oct 25, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 25, 2024
edited
Loading

changelog detected ✅

jacobbednarz
jacobbednarz reviewed Nov 11, 2024
View reviewed changes
internal/sdkv2provider/resource_cloudflare_access_application_test.go Outdated
@@ -339,7 +340,7 @@ func TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2(t *testing.T) {
resource.TestCheckResourceAttr(name, "scim_config.0.deactivate_on_delete", "true"),
resource.TestCheckResourceAttr(name, "scim_config.0.authentication.0.scheme", "oauth2"),
resource.TestCheckResourceAttr(name, "scim_config.0.authentication.0.client_id", "beepboop"),
resource.TestCheckResourceAttrSet(name, "scim_config.0.authentication.0.client_secret"),
//resource.TestCheckResourceAttrSet(name, "scim_config.0.authentication.0.client_secret"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what are we doing here? should this be fixed now?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, these tests should be fixed now

@khiller-cf khiller-cf force-pushed the master branch 2 times, most recently from 673309d to ac926c4 Compare November 11, 2024 18:54
@jacobbednarz
Copy link
Member

looks like this has fixed one issue but regressed another

TF_ACC=1 go test ./internal/sdkv2provider -v -run "^TestAccCloudflareAccessApplication_" -count 1 -timeout 120m -parallel 1
=== RUN   TestAccCloudflareAccessApplication_BasicZone
--- PASS: TestAccCloudflareAccessApplication_BasicZone (4.44s)
=== RUN   TestAccCloudflareAccessApplication_BasicAccount
--- PASS: TestAccCloudflareAccessApplication_BasicAccount (2.85s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic (4.19s)
=== RUN   TestAccCloudflareAccessApplication_UpdateSCIMConfig
--- PASS: TestAccCloudflareAccessApplication_UpdateSCIMConfig (16.65s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema (1.37s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired (1.42s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken (3.94s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2 (11.50s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired (1.37s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid (1.38s)
=== RUN   TestAccCloudflareAccessApplication_WithCORS
--- PASS: TestAccCloudflareAccessApplication_WithCORS (2.75s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas (2.97s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas (8.01s)
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity
    resource_cloudflare_access_application_test.go:641: Step 1/1 error: After applying this test step, the refresh plan was not empty.
        stdout
        
        
        Terraform used the selected providers to generate the following execution
        plan. Resource actions are indicated with the following symbols:
          + create
        
        Terraform will perform the following actions:
        
          # cloudflare_zero_trust_access_application.norqvctnnq will be created
          + resource "cloudflare_zero_trust_access_application" "norqvctnnq" {
              + account_id                   = (known after apply)
              + allowed_idps                 = [
                  + "9d791815-1ded-473d-a447-f795a2b6dc75",
                ]
              + app_launcher_visible         = true
              + aud                          = (known after apply)
              + auto_redirect_to_identity    = true
              + domain                       = "norqvctnnq.terraform.cfapi.net"
              + enable_binding_cookie        = false
              + id                           = (known after apply)
              + name                         = "norqvctnnq"
              + options_preflight_bypass     = false
              + service_auth_401_redirect    = false
              + session_duration             = "24h"
              + skip_app_launcher_login_page = false
              + skip_interstitial            = false
              + type                         = "self_hosted"
              + zone_id                      = "0da42c8d2132a9ddaf714f9e7c920711"
            }
        
        Plan: 1 to add, 0 to change, 0 to destroy.
    panic.go:626: Error running post-test destroy, there may be dangling resources: exit status 1
        
        Error: error deleting Access Application for zones "0da42c8d2132a9ddaf714f9e7c920711": error from makeRequest: access.api.error.unknown_application (11021)
        
--- FAIL: TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity (3.03s)
=== RUN   TestAccCloudflareAccessApplication_WithEnableBindingCookie
--- PASS: TestAccCloudflareAccessApplication_WithEnableBindingCookie (2.85s)
=== RUN   TestAccCloudflareAccessApplication_WithCustomDenyFields
--- PASS: TestAccCloudflareAccessApplication_WithCustomDenyFields (3.00s)
=== RUN   TestAccCloudflareAccessApplication_WithADefinedIdps
--- PASS: TestAccCloudflareAccessApplication_WithADefinedIdps (7.01s)
=== RUN   TestAccCloudflareAccessApplication_WithMultipleIdpsReordered
--- PASS: TestAccCloudflareAccessApplication_WithMultipleIdpsReordered (8.79s)
=== RUN   TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute (7.81s)
=== RUN   TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse
--- PASS: TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse (2.96s)
=== RUN   TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute (3.06s)
=== RUN   TestAccCloudflareAccessApplication_WithLogoURL
--- PASS: TestAccCloudflareAccessApplication_WithLogoURL (7.51s)
=== RUN   TestAccCloudflareAccessApplication_WithSkipInterstitial
--- PASS: TestAccCloudflareAccessApplication_WithSkipInterstitial (3.01s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherVisible
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherVisible (2.88s)
=== RUN   TestAccCloudflareAccessApplication_WithTargetContexts
--- PASS: TestAccCloudflareAccessApplication_WithTargetContexts (2.80s)
=== RUN   TestAccCloudflareAccessApplication_WithSelfHostedDomains
--- PASS: TestAccCloudflareAccessApplication_WithSelfHostedDomains (5.10s)
=== RUN   TestAccCloudflareAccessApplication_WithDefinedTags
--- PASS: TestAccCloudflareAccessApplication_WithDefinedTags (4.18s)
=== RUN   TestAccCloudflareAccessApplication_WithReusablePolicies
--- PASS: TestAccCloudflareAccessApplication_WithReusablePolicies (7.05s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherCustomization
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherCustomization (2.74s)
=== RUN   TestAccCloudflareAccessApplication_AuthTypeForcesNewResource
--- PASS: TestAccCloudflareAccessApplication_AuthTypeForcesNewResource (6.14s)
=== CONT  TestAccCloudflareAccessApplication_WithSAMLSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas_Import (3.60s)
=== CONT  TestAccCloudflareAccessApplication_WithOIDCSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas_Import (3.71s)
FAIL
FAIL	github.com/cloudflare/terraform-provider-cloudflare/internal/sdkv2provider	151.586s
FAIL
make: *** [testacc] Error 1

@jacobbednarz
Copy link
Member

test cases all passing now

TF_ACC=1 go test ./internal/sdkv2provider -v -run "^TestAccCloudflareAccessApplication_" -count 1 -timeout 120m -parallel 1
=== RUN   TestAccCloudflareAccessApplication_BasicZone
--- PASS: TestAccCloudflareAccessApplication_BasicZone (3.95s)
=== RUN   TestAccCloudflareAccessApplication_BasicAccount
--- PASS: TestAccCloudflareAccessApplication_BasicAccount (3.06s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic (4.47s)
=== RUN   TestAccCloudflareAccessApplication_UpdateSCIMConfig
--- PASS: TestAccCloudflareAccessApplication_UpdateSCIMConfig (6.86s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema (1.43s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired (1.42s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken (4.15s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2 (9.10s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired (1.35s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid (1.59s)
=== RUN   TestAccCloudflareAccessApplication_WithCORS
--- PASS: TestAccCloudflareAccessApplication_WithCORS (8.04s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas (3.06s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas (3.17s)
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity
--- PASS: TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity (4.24s)
=== RUN   TestAccCloudflareAccessApplication_WithEnableBindingCookie
--- PASS: TestAccCloudflareAccessApplication_WithEnableBindingCookie (3.05s)
=== RUN   TestAccCloudflareAccessApplication_WithCustomDenyFields
--- PASS: TestAccCloudflareAccessApplication_WithCustomDenyFields (2.97s)
=== RUN   TestAccCloudflareAccessApplication_WithADefinedIdps
--- PASS: TestAccCloudflareAccessApplication_WithADefinedIdps (4.36s)
=== RUN   TestAccCloudflareAccessApplication_WithMultipleIdpsReordered
--- PASS: TestAccCloudflareAccessApplication_WithMultipleIdpsReordered (8.52s)
=== RUN   TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute (3.09s)
=== RUN   TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse
--- PASS: TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse (2.92s)
=== RUN   TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute (4.26s)
=== RUN   TestAccCloudflareAccessApplication_WithLogoURL
--- PASS: TestAccCloudflareAccessApplication_WithLogoURL (8.14s)
=== RUN   TestAccCloudflareAccessApplication_WithSkipInterstitial
--- PASS: TestAccCloudflareAccessApplication_WithSkipInterstitial (3.04s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherVisible
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherVisible (4.60s)
=== RUN   TestAccCloudflareAccessApplication_WithTargetContexts
--- PASS: TestAccCloudflareAccessApplication_WithTargetContexts (2.88s)
=== RUN   TestAccCloudflareAccessApplication_WithSelfHostedDomains
--- PASS: TestAccCloudflareAccessApplication_WithSelfHostedDomains (7.82s)
=== RUN   TestAccCloudflareAccessApplication_WithDefinedTags
--- PASS: TestAccCloudflareAccessApplication_WithDefinedTags (4.45s)
=== RUN   TestAccCloudflareAccessApplication_WithReusablePolicies
--- PASS: TestAccCloudflareAccessApplication_WithReusablePolicies (5.40s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherCustomization
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherCustomization (2.99s)
=== RUN   TestAccCloudflareAccessApplication_AuthTypeForcesNewResource
--- PASS: TestAccCloudflareAccessApplication_AuthTypeForcesNewResource (9.78s)
=== CONT  TestAccCloudflareAccessApplication_WithSAMLSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas_Import (4.40s)
=== CONT  TestAccCloudflareAccessApplication_WithOIDCSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas_Import (5.79s)
PASS
ok  	github.com/cloudflare/terraform-provider-cloudflare/internal/sdkv2provider	145.648s

@jacobbednarz jacobbednarz merged commit f39ab07 into cloudflare:master Nov 13, 2024
7 checks passed
@github-actions github-actions bot added this to the v4.47.0 milestone Nov 13, 2024
@jacobbednarz jacobbednarz mentioned this pull request Nov 13, 2024
Closed
@allwalte allwalte mentioned this pull request Nov 26, 2024
Open
3 tasks
@github-actions GitHub Actions
Copy link
Contributor

This functionality has been released in v4.47.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 27, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jacobbednarz jacobbednarz jacobbednarz left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v4.47.0
Development

Successfully merging this pull request may close these issues.
2 participants
@khiller-cf @jacobbednarz