resource/cloudfare_api_token: allow empty conditions #902
+159
−68
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In the initial PR for adding API token support to Terraform (#862), an assumption was made that empty `condition` blocks would allow all traffic; this is incorrect and puts the end user in a state where no traffic is allowed. To address this, we need to conditionally build the API token based on what fields are non-zero values. This requires a bit of a rewrite as this assumption ran deep into the methods and the structure of the code itself. While this increases the test coverage, we do now have a restriction in the API itself whereby if you create an API token with IP restrictions and then wish to remove them, you cannot -- you must recreate the token. This issue is outside the scope of this work so I'll leave it as a known factor for now. Closes #897
jacobbednarz
added a commit
to jacobbednarz/cloudflare-go
that referenced
this pull request
Jan 3, 2021
Updates the `APITokenRequestIPCondition` fields to be omitted when empty to support only setting one of the values. Supports the changes in cloudflare/terraform-provider-cloudflare#902
jacobbednarz
added a commit
to jacobbednarz/cloudflare-go
that referenced
this pull request
Jan 3, 2021
Updates the `APITokenRequestIPCondition` fields to be omitted when empty to support only setting one of the values. Supports the changes in cloudflare/terraform-provider-cloudflare#902
patryk
pushed a commit
to cloudflare/cloudflare-go
that referenced
this pull request
Jan 4, 2021
) Updates the `APITokenRequestIPCondition` fields to be omitted when empty to support only setting one of the values. Supports the changes in cloudflare/terraform-provider-cloudflare#902
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In the initial PR for adding API token support to Terraform (#862), an
assumption was made that empty
conditionblocks would allow alltraffic; this is incorrect and puts the end user in a state where no
traffic is allowed.
To address this, we need to conditionally build the API token based on
what fields are non-zero values. This requires a bit of a rewrite as
this assumption ran deep into the methods and the structure of the code
itself.
While this increases the test coverage, we do now have a restriction in
the API itself whereby if you create an API token with IP restrictions
and then wish to remove them, you cannot -- you must recreate the token.
This issue is outside the scope of this work so I'll leave it as a known
factor for now.
Depends on cloudflare/cloudflare-go#569
Closes #87