Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds universal_ssl to cloudflare_zone_settings_override #658

Merged
merged 11 commits into from
Apr 20, 2020
Merged

Adds universal_ssl to cloudflare_zone_settings_override #658

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
72b6e61
adds new resource_cloudflare_universal_ssl
Apr 18, 2020
e40a9d1
adds test
Apr 18, 2020
87a6c06
adds website documentation
Apr 18, 2020
a0173c8
removes resource_cloudflare_universal_ssl
Apr 18, 2020
ad39036
adds universal_ssl to zone_settings_override
Apr 18, 2020
5be8def
Merge remote-tracking branch 'terraform-provider-cloudflare-upstream/…
Apr 18, 2020
27f5a98
fixed typos
Apr 18, 2020
73e31f0
removed docs
Apr 18, 2020
a96e4ea
check if ussl is set before removing element from slice
Apr 18, 2020
b356832
adds universal_ssl to docs
Apr 19, 2020
a4ab3fe
adds test for universal_ssl to zone_settings_override
Apr 19, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 75 additions & 0 deletions cloudflare/resource_cloudflare_zone_settings_override.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -364,6 +364,13 @@ var resourceCloudflareZoneSettingsSchema = map[string]*schema.Schema{
ValidateFunc: validation.StringInSlice([]string{"off", "flexible", "full", "strict", "origin_pull"}, false), // depends on plan
},

"universal_ssl": {
Type: schema.TypeString,
Optional: true,
Computed: true,
ValidateFunc: validation.StringInSlice([]string{"on", "off"}, false),
},

"tls_client_auth": {
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice([]string{"on", "off"}, false),
Expand Down Expand Up @@ -502,11 +509,17 @@ func resourceCloudflareZoneSettingsOverrideCreate(d *schema.ResourceData, meta i
return err
}

// pulling USSL status and wrapping it into a cloudflare.ZoneSetting that we can set initial_settings
if err = updateZoneSettingsResponseWithUniversalSSLSettings(zoneSettings, d.Id(), client); err != nil {
return err
}

log.Printf("[DEBUG] Read CloudflareZone initial settings: %#v", zoneSettings)

if err := d.Set("initial_settings", flattenZoneSettings(d, zoneSettings.Result, true)); err != nil {
log.Printf("[WARN] Error setting initial_settings for zone %q: %s", d.Id(), err)
}

d.Set("initial_settings_read_at", time.Now().UTC().Format(time.RFC3339Nano))

// set readonly setting so that update can behave correctly
Expand All @@ -530,6 +543,23 @@ func updateZoneSettingsResponseWithSingleZoneSettings(zoneSettings *cloudflare.Z
return nil
}

func updateZoneSettingsResponseWithUniversalSSLSettings(zoneSettings *cloudflare.ZoneSettingResponse, zoneId string, client *cloudflare.API) error {
ussl, err := client.UniversalSSLSettingDetails(zoneId)
if err != nil {
return errors.Wrap(err, fmt.Sprintf("Error reading initial Universal SSL settings for zone %q", zoneId))
}

usslToZoneSetting := cloudflare.ZoneSetting{
ID: "universal_ssl",
Value: stringFromBool(ussl.Enabled),
Editable: true,
}

zoneSettings.Result = append(zoneSettings.Result, usslToZoneSetting)

return nil
}

func resourceCloudflareZoneSettingsOverrideRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*cloudflare.API)

Expand Down Expand Up @@ -557,6 +587,10 @@ func resourceCloudflareZoneSettingsOverrideRead(d *schema.ResourceData, meta int
return err
}

if err = updateZoneSettingsResponseWithUniversalSSLSettings(zoneSettings, d.Id(), client); err != nil {
return err
}

log.Printf("[DEBUG] Read CloudflareZone Settings: %#v", zoneSettings)

d.Set("status", zone.Status)
Expand Down Expand Up @@ -652,6 +686,25 @@ func updateSingleZoneSettings(zoneSettings []cloudflare.ZoneSetting, client *clo
return zoneSettings, nil
}

func updateUniversalSSLSetting(zoneSettings []cloudflare.ZoneSetting, client *cloudflare.API, zoneID string) ([]cloudflare.ZoneSetting, error) {
indexToCut := -1
for i, setting := range zoneSettings {
if setting.ID == "universal_ssl" {
_, err := client.EditUniversalSSLSetting(zoneID, cloudflare.UniversalSSLSetting{Enabled: boolFromString(setting.Value.(string))})
if err != nil {
return zoneSettings, err
}
indexToCut = i
}
}

if indexToCut != -1 {
zoneSettings = append(zoneSettings[:indexToCut], zoneSettings[indexToCut+1:]...)
}

return zoneSettings, nil
}

func resourceCloudflareZoneSettingsOverrideUpdate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*cloudflare.API)

Expand All @@ -669,6 +722,10 @@ func resourceCloudflareZoneSettingsOverrideUpdate(d *schema.ResourceData, meta i
return err
}

if zoneSettings, err = updateUniversalSSLSetting(zoneSettings, client, d.Id()); err != nil {
return err
}

if len(zoneSettings) > 0 {
_, err = client.UpdateZoneSettings(d.Id(), zoneSettings)
if err != nil {
Expand Down Expand Up @@ -778,6 +835,10 @@ func resourceCloudflareZoneSettingsOverrideDelete(d *schema.ResourceData, meta i
return err
}

if zoneSettings, err = updateUniversalSSLSetting(zoneSettings, client, d.Id()); err != nil {
return err
}

if len(zoneSettings) > 0 {
_, err = client.UpdateZoneSettings(d.Id(), zoneSettings)
if err != nil {
Expand Down Expand Up @@ -834,3 +895,17 @@ func schemaValueEquals(a, b interface{}) bool {

return reflect.DeepEqual(a, b)
}

func boolFromString(status string) bool {
if status == "on" {
return true
}
return false
}

func stringFromBool(status bool) string {
if status {
return "on"
}
return "off"
}
11 changes: 11 additions & 0 deletions cloudflare/resource_cloudflare_zone_settings_override_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ func TestAccCloudflareZoneSettingsOverride_Full(t *testing.T) {
name, "settings.0.h2_prioritization", "on"),
resource.TestCheckResourceAttr(
name, "settings.0.zero_rtt", "off"),
resource.TestCheckResourceAttr(
name, "settings.0.universal_ssl", "off"),
),
},
},
Expand Down Expand Up @@ -181,6 +183,10 @@ func testAccGetInitialZoneSettings(t *testing.T, zoneID string, settings map[str
return err
}

if err = updateZoneSettingsResponseWithUniversalSSLSettings(foundZone, zoneID, client); err != nil {
return err
}

for _, zs := range foundZone.Result {
settings[zs.ID] = zs.Value
}
Expand All @@ -205,6 +211,10 @@ func testAccCheckInitialZoneSettings(zoneID string, initialSettings map[string]i
return err
}

if err = updateZoneSettingsResponseWithUniversalSSLSettings(foundZone, zoneID, client); err != nil {
return err
}

for _, zs := range foundZone.Result {
if !reflect.DeepEqual(zs.Value, initialSettings[zs.ID]) {
return fmt.Errorf("Final setting for %q: %+v not equal to initial setting: %+v", zs.ID, zs.Value, initialSettings[zs.ID])
Expand Down Expand Up @@ -232,6 +242,7 @@ resource "cloudflare_zone_settings_override" "test" {
opportunistic_encryption = "on"
automatic_https_rewrites = "on"
h2_prioritization = "on"
universal_ssl = "off"
minify {
css = "on"
js = "off"
Expand Down
1 change: 1 addition & 0 deletions website/docs/r/zone_settings_override.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ These can be specified as "on" or "off" string. Similar to boolean values, but h
* `sort_query_string_for_cache` (default: `off`)
* `tls_client_auth` (default: `on`)
* `true_client_ip_header` (default: `off`)
* `universal_ssl` (default: `on`)
* `waf` (default: `off`)
* `webp` (default: `off`). Note that the value specified will be ignored unless `polish` is turned on (i.e. is "lossless" or "lossy")
* `websockets` (default: `off`)
Expand Down