Merge pull request #1744 from orium/dsousa/FLPROD-472-add-from-list

Add `from_list` rule paramenter to support `redirect` action.
cloudflare · Jul 4, 2022 · c2710a2 · c2710a2
2 parents bdd61d9 + 5f730c8
commit c2710a2
Show file tree

Hide file tree

Showing 6 changed files with 171 additions and 20 deletions.
diff --git a/.changelog/1744.txt b/.changelog/1744.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_ruleset: add support for `from_list` action parameter when using redirect action
+```
diff --git a/docs/resources/ruleset.md b/docs/resources/ruleset.md
@@ -330,6 +330,27 @@ resource "cloudflare_ruleset" "cache_settings_example" {
     enabled = true
   }
 }
+
+resource "cloudflare_ruleset" "redirect_from_list_example" {
+  account_id  = "f037e56e89293a057740de681ac9abbe"
+  name        = "redirects"
+  description = "Redirect ruleset"
+  kind        = "root"
+  phase       = "http_request_redirect"
+
+  rules {
+    action = "redirect"
+    action_parameters {
+      from_list {
+        name = "redirect_list"
+        key = "http.request.full_uri"
+      }
+    }
+    expression = "http.request.full_uri in $redirect_list"
+    description = "Apply redirects from redirect_list"
+    enabled = true
+  }
+}
 ```
 
 <!-- schema generated by tfplugindocs -->
@@ -386,6 +407,7 @@ Optional:
 - `cache_key` (Block List, Max: 1) List of cache key parameters to apply to the request. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key))
 - `cookie_fields` (Set of String) List of cookie values to include as part of custom fields logging.
 - `edge_ttl` (Block List, Max: 1) List of edge TTL parameters to apply to the request. (see [below for nested schema](#nestedblock--rules--action_parameters--edge_ttl))
+- `from_list` (Block List, Max: 1) Use a list to lookup information for the action. (see [below for nested schema](#nestedblock--rules--action_parameters--from_list))
 - `headers` (Block List) List of HTTP header modifications to perform in the ruleset rule. (see [below for nested schema](#nestedblock--rules--action_parameters--headers))
 - `host_header` (String) Host Header that request origin receives.
 - `id` (String) Identifier of the action parameter to modify.
@@ -430,27 +452,27 @@ Optional:
 - `ignore_query_strings_order` (Boolean) Ignore query strings order.
 
 <a id="nestedblock--rules--action_parameters--cache_key--custom_key"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order`
+### Nested Schema for `rules.action_parameters.cache_key.custom_key`
 
 Optional:
 
-- `cookie` (Block List, Max: 1) Cookie parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--cookie))
-- `header` (Block List, Max: 1) Header parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--header))
-- `host` (Block List, Max: 1) Host parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--host))
-- `query_string` (Block List, Max: 1) Query string parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--query_string))
-- `user` (Block List, Max: 1) User parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--user))
+- `cookie` (Block List, Max: 1) Cookie parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--custom_key--cookie))
+- `header` (Block List, Max: 1) Header parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--custom_key--header))
+- `host` (Block List, Max: 1) Host parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--custom_key--host))
+- `query_string` (Block List, Max: 1) Query string parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--custom_key--query_string))
+- `user` (Block List, Max: 1) User parameters for the custom key. (see [below for nested schema](#nestedblock--rules--action_parameters--cache_key--custom_key--user))
 
-<a id="nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--cookie"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order.cookie`
+<a id="nestedblock--rules--action_parameters--cache_key--custom_key--cookie"></a>
+### Nested Schema for `rules.action_parameters.cache_key.custom_key.cookie`
 
 Optional:
 
 - `check_presence` (List of String) List of cookies to check for presence in the custom key.
 - `include` (List of String) List of cookies to include in the custom key.
 
 
-<a id="nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--header"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order.header`
+<a id="nestedblock--rules--action_parameters--cache_key--custom_key--header"></a>
+### Nested Schema for `rules.action_parameters.cache_key.custom_key.header`
 
 Optional:
 
@@ -459,25 +481,25 @@ Optional:
 - `include` (List of String) List of headers to include in the custom key.
 
 
-<a id="nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--host"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order.host`
+<a id="nestedblock--rules--action_parameters--cache_key--custom_key--host"></a>
+### Nested Schema for `rules.action_parameters.cache_key.custom_key.host`
 
 Optional:
 
 - `resolved` (Boolean) Resolve hostname to IP address.
 
 
-<a id="nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--query_string"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order.query_string`
+<a id="nestedblock--rules--action_parameters--cache_key--custom_key--query_string"></a>
+### Nested Schema for `rules.action_parameters.cache_key.custom_key.query_string`
 
 Optional:
 
 - `exclude` (List of String) List of query string parameters to exclude from the custom key. Conflicts with "include".
 - `include` (List of String) List of query string parameters to include in the custom key. Conflicts with "exclude".
 
 
-<a id="nestedblock--rules--action_parameters--cache_key--ignore_query_strings_order--user"></a>
-### Nested Schema for `rules.action_parameters.cache_key.ignore_query_strings_order.user`
+<a id="nestedblock--rules--action_parameters--cache_key--custom_key--user"></a>
+### Nested Schema for `rules.action_parameters.cache_key.custom_key.user`
 
 Optional:
 
@@ -523,6 +545,15 @@ Optional:
 
 
 
+<a id="nestedblock--rules--action_parameters--from_list"></a>
+### Nested Schema for `rules.action_parameters.from_list`
+
+Required:
+
+- `key` (String) Expression to use for the list lookup.
+- `name` (String) Name of the list.
+
+
 <a id="nestedblock--rules--action_parameters--headers"></a>
 ### Nested Schema for `rules.action_parameters.headers`
 
@@ -563,7 +594,7 @@ Optional:
 - `status` (String) Defines if the current ruleset-level override enables or disables the ruleset. Available values: `enabled`, `disabled`. Defaults to `""`.
 
 <a id="nestedblock--rules--action_parameters--overrides--categories"></a>
-### Nested Schema for `rules.action_parameters.overrides.status`
+### Nested Schema for `rules.action_parameters.overrides.categories`
 
 Optional:
 
@@ -574,7 +605,7 @@ Optional:
 
 
 <a id="nestedblock--rules--action_parameters--overrides--rules"></a>
-### Nested Schema for `rules.action_parameters.overrides.status`
+### Nested Schema for `rules.action_parameters.overrides.rules`
 
 Optional:
 
@@ -615,7 +646,7 @@ Optional:
 - `query` (Block List, Max: 1) Query string configuration when performing a URL rewrite. (see [below for nested schema](#nestedblock--rules--action_parameters--uri--query))
 
 <a id="nestedblock--rules--action_parameters--uri--path"></a>
-### Nested Schema for `rules.action_parameters.uri.query`
+### Nested Schema for `rules.action_parameters.uri.path`
 
 Optional:
 

diff --git a/examples/resources/cloudflare_ruleset/resource.tf b/examples/resources/cloudflare_ruleset/resource.tf
@@ -294,4 +294,25 @@ resource "cloudflare_ruleset" "cache_settings_example" {
     description = "set cache settings rule"
     enabled = true
   }
-}
+}
+
+resource "cloudflare_ruleset" "redirect_from_list_example" {
+  account_id  = "f037e56e89293a057740de681ac9abbe"
+  name        = "redirects"
+  description = "Redirect ruleset"
+  kind        = "root"
+  phase       = "http_request_redirect"
+
+  rules {
+    action = "redirect"
+    action_parameters {
+      from_list {
+        name = "redirect_list"
+        key = "http.request.full_uri"
+      }
+    }
+    expression = "http.request.full_uri in $redirect_list"
+    description = "Apply redirects from redirect_list"
+    enabled = true
+  }
+}
diff --git a/internal/provider/resource_cloudflare_ruleset.go b/internal/provider/resource_cloudflare_ruleset.go
@@ -254,6 +254,7 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
 				browserTTLFields       []map[string]interface{}
 				serveStaleFields       []map[string]interface{}
 				cacheKeyFields         []map[string]interface{}
+				fromListFields         []map[string]interface{}
 			)
 			actionParameterRules := make(map[string]string)
 
@@ -489,6 +490,13 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
 				cacheKeyFields = append(cacheKeyFields, cacheKey)
 			}
 
+			if !reflect.ValueOf(r.ActionParameters.FromList).IsNil() {
+				fromListFields = append(origin, map[string]interface{}{
+					"name": r.ActionParameters.FromList.Name,
+					"key":  r.ActionParameters.FromList.Key,
+				})
+			}
+
 			actionParameters = append(actionParameters, map[string]interface{}{
 				"id":                         r.ActionParameters.ID,
 				"increment":                  r.ActionParameters.Increment,
@@ -515,6 +523,7 @@ func buildStateFromRulesetRules(rules []cloudflare.RulesetRule) interface{} {
 				"respect_strong_etags":       r.ActionParameters.RespectStrongETags,
 				"cache_key":                  cacheKeyFields,
 				"origin_error_page_passthru": r.ActionParameters.OriginErrorPagePassthru,
+				"from_list":                  fromListFields,
 			})
 
 			rule["action_parameters"] = actionParameters
@@ -1038,6 +1047,14 @@ func buildRulesetRulesFromResource(d *schema.ResourceData) ([]cloudflare.Ruleset
 						}
 						rule.ActionParameters.CookieFields = fields
 
+					case "from_list":
+						for i := range pValue.([]interface{}) {
+							rule.ActionParameters.FromList = &cloudflare.RulesetRuleActionParametersFromList{
+								Name: pValue.([]interface{})[i].(map[string]interface{})["name"].(string),
+								Key:  pValue.([]interface{})[i].(map[string]interface{})["key"].(string),
+							}
+						}
+
 					default:
 						log.Printf("[DEBUG] unknown key encountered in buildRulesetRulesFromResource for action parameters: %s", pKey)
 					}

diff --git a/internal/provider/resource_cloudflare_ruleset_test.go b/internal/provider/resource_cloudflare_ruleset_test.go
@@ -1683,6 +1683,34 @@ func TestAccCloudflareRuleset_CacheSettings(t *testing.T) {
 	})
 }
 
+func TestAccCloudflareRuleset_Redirect(t *testing.T) {
+	t.Parallel()
+	rnd := generateRandomResourceName()
+	accountId := os.Getenv("CLOUDFLARE_ACCOUNT_ID")
+	resourceName := "cloudflare_ruleset." + rnd
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: providerFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCloudflareRulesetRedirectFromList(rnd, accountId),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "name", rnd),
+					resource.TestCheckResourceAttr(resourceName, "kind", "root"),
+					resource.TestCheckResourceAttr(resourceName, "phase", "http_request_redirect"),
+
+					resource.TestCheckResourceAttr(resourceName, "rules.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.action", "redirect"),
+
+					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.from_list.0.name", "redirect_list_"+rnd),
+					resource.TestCheckResourceAttr(resourceName, "rules.0.action_parameters.0.from_list.0.key", "http.request.full_uri"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckCloudflareRulesetMagicTransitSingle(rnd, name, accountID string) string {
 	return fmt.Sprintf(`
   resource "cloudflare_ruleset" "%[1]s" {
@@ -2932,3 +2960,34 @@ func testAccCloudflareRulesetCacheSettingsCustomKeyEmpty(rnd, accountID, zoneID
     }
   }`, rnd, accountID, zoneID)
 }
+
+func testAccCloudflareRulesetRedirectFromList(rnd, accountID string) string {
+	return fmt.Sprintf(`
+  resource "cloudflare_list" "list-%[1]s" {
+    account_id = "%[2]s"
+    name = "redirect_list_%[1]s"
+    description = "%[1]s list description"
+    kind = "redirect"
+  }
+
+  resource "cloudflare_ruleset" "%[1]s" {
+	account_id  = "%[2]s"
+    name        = "%[1]s"
+    description = "%[1]s ruleset description"
+    kind        = "root"
+    phase       = "http_request_redirect"
+
+    rules {
+      action = "redirect"
+      action_parameters {
+        from_list {
+      	  name = cloudflare_list.list-%[1]s.name
+      	  key = "http.request.full_uri"
+        }
+      }
+      expression = "http.request.full_uri in $redirect_list_%[1]s"
+      description = "Apply redirects from redirect list"
+      enabled = true
+    }
+  }`, rnd, accountID)
+}
diff --git a/internal/provider/schema_cloudflare_ruleset.go b/internal/provider/schema_cloudflare_ruleset.go
@@ -693,6 +693,26 @@ func resourceCloudflareRulesetSchema() map[string]*schema.Schema {
 									Optional:    true,
 									Description: "Pass-through error page for origin",
 								},
+								"from_list": {
+									Type:        schema.TypeList,
+									Optional:    true,
+									MaxItems:    1,
+									Description: "Use a list to lookup information for the action.",
+									Elem: &schema.Resource{
+										Schema: map[string]*schema.Schema{
+											"name": {
+												Type:        schema.TypeString,
+												Description: "Name of the list.",
+												Required:    true,
+											},
+											"key": {
+												Type:        schema.TypeString,
+												Description: "Expression to use for the list lookup.",
+												Required:    true,
+											},
+										},
+									},
+								},
 							},
 						},
 					},