add resource 'api_token' and data source 'permission_groups' #862

UrosSimovic · 2020-11-05T14:15:47Z

No description provided.

jacobbednarz · 2020-11-08T21:29:14Z

marking as draft as this isn't yet ready for review

reifnir · 2020-11-10T19:29:22Z

marking as draft as this isn't yet ready for review

What is required in order for this to be ready for review?

jacobbednarz · 2020-11-10T21:00:37Z

Let's start with a pull request description as to what the change is and any context associated with it. From there we need to:

cleanup the comments where functionality isn't used but has been left behind
remove the dependency changes to go.mod/go.sum as they come in automatically
add documentation for these two new pieces of functionality
"WIP" removed from the title

Once we get those things underway, we can start looking at the code itself. Doing these things before someone spends time reviewing the code and approach cuts down on the unnecessary back and forth or scribbling the metaphorical red ink all of the PR.

jacobbednarz · 2020-11-12T23:11:47Z

Once you remove your changes to go.{mod,sum} you can merge in the latest master and it will include those changes from cloudflare-go.

# Conflicts: # go.mod # go.sum

UrosSimovic · 2020-11-19T18:09:35Z

I think this PR can be reviewed (and docs linted) now:

cleanup the comments where functionality isn't used but has been left behind
remove the dependency changes to go.mod/go.sum as they come in automatically
add documentation for these two new pieces of functionality
"WIP" removed from the title

cloudflare/data_source_api_token_permission_groups.go

cloudflare/resource_cloudflare_api_token.go

cloudflare/resource_cloudflare_api_token_test.go

website/docs/d/api_token_permission_groups.html.md

website/docs/r/api_token.html.markdown

Co-authored-by: Jacob Bednarz <jacob.bednarz@gmail.com>

UrosSimovic · 2020-11-20T12:06:53Z

I hope I've got all proposed changes done.

website/cloudflare.erb

website/docs/d/api_token_permission_groups.html.md

jacobbednarz · 2020-11-22T20:17:16Z

Nearly there! It looks like the test state isn't matching up with the assertions right now.

=== RUN   TestAccAPIToken
    testing.go:705: Step 1 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: cloudflare_api_token.uikfrstsfs
          condition.#:                                                                         "1" => "0"
          condition.0.request_ip.#:                                                            "1" => ""
          condition.0.request_ip.0.in.#:                                                       "0" => ""
          condition.0.request_ip.0.not_in.#:                                                   "0" => ""
          id:                                                                                  "b20c3f79a90b9bc33a0cb001ce0606ac" => "b20c3f79a90b9bc33a0cb001ce0606ac"
          name:                                                                                "uikfrstsfs" => "uikfrstsfs"
          policy.#:                                                                            "1" => "1"
          policy.0.effect:                                                                     "deny" => "deny"
          policy.0.permission_groups.#:                                                        "1" => "1"
          policy.0.permission_groups.0:                                                        "82e64a83756745bbbb1c9c2701bf816b" => "82e64a83756745bbbb1c9c2701bf816b"
          policy.0.resources.com.cloudflare.api.account.zone.0da42c8d2132a9ddaf714f9e7c920711: "*" => "*"
          status:                                                                              "active" => "active"
          value:                                                                               "mgdSw-BoxExx7F2Q1me4SAqXDGpfoc07NDDBCV74" => "mgdSw-BoxExx7F2Q1me4SAqXDGpfoc07NDDBCV74"



        STATE:

        cloudflare_api_token.uikfrstsfs:
          ID = b20c3f79a90b9bc33a0cb001ce0606ac
          provider = provider.cloudflare
          condition.# = 1
          condition.0.request_ip.# = 1
          name = uikfrstsfs
          policy.# = 1
          policy.0.effect = deny
          policy.0.permission_groups.# = 1
          policy.0.permission_groups.0 = 82e64a83756745bbbb1c9c2701bf816b
          policy.0.resources.com.cloudflare.api.account.zone.0da42c8d2132a9ddaf714f9e7c920711 = *
          status = active
          value = mgdSw-BoxExx7F2Q1me4SAqXDGpfoc07NDDBCV74
--- FAIL: TestAccAPIToken (9.48s)
=== RUN   TestAccAPITokenAllowDeny
    testing.go:705: Step 0 error: After applying this step and refreshing, the plan was not empty:

        DIFF:

        UPDATE: cloudflare_api_token.ywpzjtdhmx
          condition.#:                                                                         "1" => "0"
          condition.0.request_ip.#:                                                            "1" => ""
          condition.0.request_ip.0.in.#:                                                       "0" => ""
          condition.0.request_ip.0.not_in.#:                                                   "0" => ""
          id:                                                                                  "6aa4d5d28e95f8fd56f8bd27ccdb70e1" => "6aa4d5d28e95f8fd56f8bd27ccdb70e1"
          name:                                                                                "ywpzjtdhmx" => "ywpzjtdhmx"
          policy.#:                                                                            "1" => "1"
          policy.0.effect:                                                                     "allow" => "allow"
          policy.0.permission_groups.#:                                                        "1" => "1"
          policy.0.permission_groups.0:                                                        "82e64a83756745bbbb1c9c2701bf816b" => "82e64a83756745bbbb1c9c2701bf816b"
          policy.0.resources.com.cloudflare.api.account.zone.0da42c8d2132a9ddaf714f9e7c920711: "*" => "*"
          status:                                                                              "active" => "active"
          value:                                                                               "bysG-69wNNXXOagUicOqRlXONjKKmNGYjP9dGDvB" => "bysG-69wNNXXOagUicOqRlXONjKKmNGYjP9dGDvB"



        STATE:

        cloudflare_api_token.ywpzjtdhmx:
          ID = 6aa4d5d28e95f8fd56f8bd27ccdb70e1
          provider = provider.cloudflare
          condition.# = 1
          condition.0.request_ip.# = 1
          name = ywpzjtdhmx
          policy.# = 1
          policy.0.effect = allow
          policy.0.permission_groups.# = 1
          policy.0.permission_groups.0 = 82e64a83756745bbbb1c9c2701bf816b
          policy.0.resources.com.cloudflare.api.account.zone.0da42c8d2132a9ddaf714f9e7c920711 = *
          status = active
          value = bysG-69wNNXXOagUicOqRlXONjKKmNGYjP9dGDvB
--- FAIL: TestAccAPITokenAllowDeny (4.17s)
FAIL
FAIL	github.com/cloudflare/terraform-provider-cloudflare/cloudflare	13.690s
FAIL

UrosSimovic · 2020-11-23T10:16:23Z

Had to make some if checks. And to change policy blocks from list to hash set, as CF is returning policies unordered.

jacobbednarz · 2020-11-23T21:35:23Z

nice one! looks like we're all green on the integration test suite.

=== RUN   TestAccAPIToken
--- PASS: TestAccAPIToken (12.25s)
=== RUN   TestAccAPITokenAllowDeny
--- PASS: TestAccAPITokenAllowDeny (20.38s)
PASS
ok  	github.com/cloudflare/terraform-provider-cloudflare/cloudflare	32.661s

jacobbednarz · 2020-11-23T21:38:51Z

Datasource is also green now after fixing the ID

=== RUN   TestAccCloudflareApiTokenPermissionGroups
--- PASS: TestAccCloudflareApiTokenPermissionGroups (2.41s)
PASS
ok  	github.com/cloudflare/terraform-provider-cloudflare/cloudflare	2.433s

website/docs/r/api_token.html.markdown

jacobbednarz · 2020-11-23T21:56:00Z

Thanks for the persistence on this one @UrosSimovic! Appreciate your contribution here 👍

add reasource 'api_token' and data source 'permission_groups'

Unverified

This user has not yet uploaded their public signing key.

GPG key ID: 7AF6CD6A8B93F50D

Learn about vigilant mode

7b84398

UrosSimovic mentioned this pull request Nov 5, 2020

Ability to create custom API tokens using terraform #856

Closed

jacobbednarz marked this pull request as draft November 8, 2020 21:29

uros.simovic added 6 commits November 15, 2020 09:39

Merge branch 'master' into uros/api_tokens

Unverified

This user has not yet uploaded their public signing key.

GPG key ID: 7AF6CD6A8B93F50D

Learn about vigilant mode

27e1d2f

# Conflicts: # go.mod # go.sum

remove comments

Unverified

This user has not yet uploaded their public signing key.

GPG key ID: 7AF6CD6A8B93F50D

Learn about vigilant mode

8b0c56d

refactor permission resources

681beba

Merge branch 'master' into uros/api_tokens

c50deb0

go fmt

126001f

add docs

5b71cbf

UrosSimovic changed the title ~~WIP: add reasource 'api_token' and data source 'permission_groups'~~ add reasource 'api_token' and data source 'permission_groups' Nov 19, 2020

jacobbednarz reviewed Nov 19, 2020

View reviewed changes

cloudflare/data_source_api_token_permission_groups.go Outdated Show resolved Hide resolved

jacobbednarz reviewed Nov 19, 2020

View reviewed changes

cloudflare/data_source_api_token_permission_groups.go Outdated Show resolved Hide resolved

jacobbednarz reviewed Nov 19, 2020

View reviewed changes

cloudflare/resource_cloudflare_api_token.go Outdated Show resolved Hide resolved

jacobbednarz reviewed Nov 19, 2020

View reviewed changes

cloudflare/resource_cloudflare_api_token.go Outdated Show resolved Hide resolved