Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix retrieval of enabled for cloudflare_authenticated_origin_pulls #1861

Merged
merged 3 commits into from Sep 1, 2022
Merged

fix retrieval of enabled for cloudflare_authenticated_origin_pulls #1861

merged 3 commits into from Sep 1, 2022

Conversation

nickysemenza
Copy link
Member

@nickysemenza nickysemenza commented Aug 25, 2022
edited 

// GetOk returns the data for the given key and whether or not the key
// has been set to a non-zero value at some point.

if the tfstate explicitly has enabled = false, then it technically stays at the zero value, which means that the second return value from GetOk (ok) returns false. If hostname is an empty string (such as whencloudflare_authenticated_origin_pulls_certificate has type = "per-zone" (as opposed to per-hostname), then those 2 cancel each other out:

switch false {
  case false:
     // uh oh this evaluates

resource/cloudflare_authenticated_origin_pulls: fix improper handling of enabled=false

Resolves #1832

@nickysemenza nickysemenza changed the title fix retrieval of enabledVal fix retrieval of enabled for cloudflare_authenticated_origin_pulls Aug 25, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Aug 25, 2022
edited

changelog detected ✅

@nickysemenza nickysemenza marked this pull request as draft August 25, 2022 23:47
@nickysemenza
fix retrieval of enabledVal
965c316 
```
// GetOk returns the data for the given key and whether or not the key
// has been set to a non-zero value at some point.
```

if the tfstate explicitly has `enabled = false`, then it technically stays at the zero value, which means that the second return value from `GetOk` (`ok`) returns false. If `hostname` is an empty string  (such as when`cloudflare_authenticated_origin_pulls_certificate` has `type = "per-zone"` (as opposed to `per-hostname`), then those 2 cancel each other out:

```
switch false {
  case false:
     // uh oh this evaluates
```


```release-note:bug
resource/cloudflare_authenticated_origin_pulls: fix improper handling of enabled=false
```


Resolves cloudflare#1832
@nickysemenza nickysemenza marked this pull request as ready for review August 31, 2022 23:43
@gitguardian
Copy link

gitguardian bot commented Aug 31, 2022
edited

⚠️ GitGuardian has uncovered 3 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id Secret Commit Filename
- Generic High Entropy Secret 3ba5bd2 examples/resources/cloudflare_pages_project/resource.tf View secret
- Generic High Entropy Secret 3ba5bd2 internal/provider/resource_cloudflare_pages_project_test.go View secret
- Generic High Entropy Secret 3ba5bd2 internal/provider/resource_cloudflare_pages_project_test.go View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@nickysemenza
Copy link
Member Author

using the example in the linked issue:

Terraform will perform the following actions:

  # cloudflare_authenticated_origin_pulls.foo will be updated in-place
  ~ resource "cloudflare_authenticated_origin_pulls" "foo" {
      ~ enabled                                = true -> false
        id                                     = "181f5c8ccd67aeb7bd487f4a10a77a14"
        # (2 unchanged attributes hidden)
    }

@jacobbednarz jacobbednarz merged commit eaacdf1 into cloudflare:master Sep 1, 2022
@github-actions github-actions bot added this to the v3.23.0 milestone Sep 1, 2022
github-actions bot pushed a commit that referenced this pull request Sep 1, 2022
Update CHANGELOG.md for #1861
a3e080c
@github-actions
Copy link
Contributor

github-actions bot commented Sep 7, 2022

This functionality has been released in v3.23.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhaynespls dhaynespls dhaynespls approved these changes

@jacobbednarz jacobbednarz Awaiting requested review from jacobbednarz jacobbednarz is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v3.23.0
Development

Successfully merging this pull request may close these issues.

cloudflare_authenticated_origin_pulls per zone certificates setting for enabled cannot be changed
3 participants
@nickysemenza @dhaynespls @jacobbednarz