Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create Total TLS Resource #1979

Merged
merged 6 commits into from
Oct 28, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/1979.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
cloudflare_total_tls
```
37 changes: 37 additions & 0 deletions docs/resources/total_tls.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
---
page_title: "cloudflare_total_tls Resource - Cloudflare"
subcategory: ""
description: |-
Provides a resource which manages Total TLS for a zone.
---

# cloudflare_total_tls (Resource)

Provides a resource which manages Total TLS for a zone.

Cyb3r-Jak3 marked this conversation as resolved.
Show resolved Hide resolved
## Example Usage

```terraform
resource "cloudflare_total_tls" "example" {
zone_id = "0da42c8d2132a9ddaf714f9e7c920711"
enabled = true
certificate_authority = "lets_encrypt"
}
```
<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `enabled` (Boolean) Enable Total TLS for the zone.
- `zone_id` (String) The zone identifier to target for the resource.

### Optional

- `certificate_authority` (String) The Certificate Authority that Total TLS certificates will be issued through. Available values: `google`, `lets_encrypt`.

### Read-Only

- `id` (String) The ID of this resource.


5 changes: 5 additions & 0 deletions examples/resources/cloudflare_total_tls/resource.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
resource "cloudflare_total_tls" "example" {
zone_id = "0da42c8d2132a9ddaf714f9e7c920711"
enabled = true
certificate_authority = "lets_encrypt"
}
1 change: 1 addition & 0 deletions internal/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -254,6 +254,7 @@ func New(version string) func() *schema.Provider {
"cloudflare_teams_location": resourceCloudflareTeamsLocation(),
"cloudflare_teams_proxy_endpoint": resourceCloudflareTeamsProxyEndpoint(),
"cloudflare_teams_rule": resourceCloudflareTeamsRule(),
"cloudflare_total_tls": resourceCloudflareTotalTLS(),
"cloudflare_tunnel_route": resourceCloudflareTunnelRoute(),
"cloudflare_tunnel_virtual_network": resourceCloudflareTunnelVirtualNetwork(),
"cloudflare_user_agent_blocking_rule": resourceCloudflareUserAgentBlockingRules(),
Expand Down
67 changes: 67 additions & 0 deletions internal/provider/resource_cloudflare_total_tls.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
package provider

import (
"context"
"fmt"

"github.com/MakeNowJust/heredoc/v2"
"github.com/cloudflare/cloudflare-go"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func resourceCloudflareTotalTLS() *schema.Resource {
return &schema.Resource{
Schema: resourceCloudflareTotalTLSSchema(),
CreateContext: resourceCloudflareTotalSSLUpdate,
ReadContext: resourceCloudflareTotalSSLRead,
UpdateContext: resourceCloudflareTotalSSLUpdate,
DeleteContext: resourceCloudflareTotalSSLDelete,
Cyb3r-Jak3 marked this conversation as resolved.
Show resolved Hide resolved
Description: heredoc.Doc(`
Provides a resource which manages Total TLS for a zone.
`),
}
}

func resourceCloudflareTotalSSLUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*cloudflare.API)
zoneID := d.Get("zone_id").(string)
settings := cloudflare.TotalTLS{
Enabled: cloudflare.BoolPtr(d.Get("enabled").(bool)),
}
if certificateAuthority, ok := d.GetOk("certificate_authority"); ok {
settings.CertificateAuthority = certificateAuthority.(string)
}
_, err := client.SetTotalTLS(ctx, cloudflare.ZoneIdentifier(zoneID), settings)
if err != nil {
return diag.FromErr(fmt.Errorf("error creating updating total TLS: %w", err))
}
d.SetId(zoneID)
return resourceCloudflareTotalSSLRead(ctx, d, meta)
}

func resourceCloudflareTotalSSLRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*cloudflare.API)
zoneID := d.Get("zone_id").(string)

result, err := client.GetTotalTLS(ctx, cloudflare.ZoneIdentifier(zoneID))
if err != nil {
return diag.FromErr(fmt.Errorf("error creating updating total TLS: %w", err))
}
d.SetId(zoneID)
d.Set("enabled", result.Enabled)
d.Set("certificate_authority", result.CertificateAuthority)
return nil
}

func resourceCloudflareTotalSSLDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
client := meta.(*cloudflare.API)
zoneID := d.Get("zone_id").(string)

_, err := client.SetTotalTLS(ctx, cloudflare.ZoneIdentifier(zoneID), cloudflare.TotalTLS{Enabled: cloudflare.BoolPtr(false)})
if err != nil {
return diag.FromErr(fmt.Errorf("error creating deleting total TLS: %w", err))
}

return nil
}
39 changes: 39 additions & 0 deletions internal/provider/resource_cloudflare_total_tls_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
package provider

import (
"fmt"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"os"
"testing"
)

func testTotalTLS(rnd, zoneID string) string {
return fmt.Sprintf(`
resource "cloudflare_total_tls" "%[1]s" {
zone_id = "%[2]s"
enabled = true
certificate_authority = "google"
}
`, rnd, zoneID)
}

func TestAccCloudflareTotalTLS(t *testing.T) {
rnd := generateRandomResourceName()
name := "cloudflare_total_tls." + rnd
zoneID := os.Getenv("CLOUDFLARE_ZONE_ID")

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
ProviderFactories: providerFactories,
Steps: []resource.TestStep{
{
Config: testTotalTLS(rnd, zoneID),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(name, "zone_id", zoneID),
resource.TestCheckResourceAttr(name, "enabled", "true"),
resource.TestCheckResourceAttr(name, "certificate_authority", "google"),
),
},
},
})
}
30 changes: 30 additions & 0 deletions internal/provider/schema_cloudflare_total_tls.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
package provider

import (
"fmt"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)

func resourceCloudflareTotalTLSSchema() map[string]*schema.Schema {
return map[string]*schema.Schema{
"zone_id": {
Description: "The zone identifier to target for the resource.",
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"enabled": {
Description: "Enable Total TLS for the zone.",
Type: schema.TypeBool,
Required: true,
},
"certificate_authority": {
Description: fmt.Sprintf("The Certificate Authority that Total TLS certificates will be issued through. %s", renderAvailableDocumentationValuesStringSlice([]string{"google", "lets_encrypt"})),
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"google", "lets_encrypt"}, false),
},
}
}