Skip to content

Commit

Permalink
Fix Access app domain and self_hosted_domains import
Browse files Browse the repository at this point in the history
  • Loading branch information
Jesse Li committed Dec 4, 2024
1 parent 6576989 commit b607a74
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 7 deletions.
3 changes: 3 additions & 0 deletions .changelog/4708.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/access_application: fix domain and self_hosted_domains drift after import
```
16 changes: 9 additions & 7 deletions internal/sdkv2provider/resource_cloudflare_access_application.go
Original file line number Diff line number Diff line change
Expand Up @@ -193,6 +193,10 @@ func resourceCloudflareAccessApplicationCreate(ctx context.Context, d *schema.Re
}

func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
return resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, false)
}

func resourceCloudflareAccessApplicationReadHelper(ctx context.Context, d *schema.ResourceData, meta interface{}, importing bool) diag.Diagnostics {
client := meta.(*cloudflare.API)

identifier, err := initIdentifier(d)
Expand All @@ -215,7 +219,7 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso
d.Set("name", accessApplication.Name)
d.Set("aud", accessApplication.AUD)
d.Set("session_duration", accessApplication.SessionDuration)
if _, domainWasSet := d.GetOk("domain"); domainWasSet {
if _, domainWasSet := d.GetOk("domain"); domainWasSet || importing {
// Only set the domain if it was set in the configuration, as apps can be created without a domain
// if they define a non-empty self_hosted_domains array
d.Set("domain", accessApplication.Domain)
Expand Down Expand Up @@ -273,7 +277,9 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso
return diag.FromErr(fmt.Errorf("error setting Access Application Infrastructure app configuration: %w", targetContextsErr))
}

if _, ok := d.GetOk("self_hosted_domains"); ok {
if _, ok := d.GetOk("destinations"); ok || importing {
d.Set("destinations", convertDestinationsToSchema(accessApplication.Destinations))
} else if _, ok := d.GetOk("self_hosted_domains"); ok || importing {
publicDomains := make([]string, 0, len(accessApplication.Destinations))
for _, dest := range accessApplication.Destinations {
if dest.Type == cloudflare.AccessDestinationPublic {
Expand All @@ -283,10 +289,6 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso
d.Set("self_hosted_domains", publicDomains)
}

if _, ok := d.GetOk("destinations"); ok {
d.Set("destinations", convertDestinationsToSchema(accessApplication.Destinations))
}

scimConfig := convertScimConfigStructToSchema(accessApplication.SCIMConfig)

if scimConfigErr := d.Set("scim_config", scimConfig); scimConfigErr != nil {
Expand Down Expand Up @@ -474,7 +476,7 @@ func resourceCloudflareAccessApplicationImport(ctx context.Context, d *schema.Re
d.Set(consts.AccountIDSchemaKey, accountID)
d.SetId(accessApplicationID)

resourceCloudflareAccessApplicationRead(ctx, d, meta)
resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, true)

return []*schema.ResourceData{d}, nil
}
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,47 @@ func TestAccCloudflareAccessApplication_BasicAccount(t *testing.T) {
})
}

func TestAccCloudflareAccessApplication_BasicAccount_Import(t *testing.T) {
t.Parallel()
accountID := os.Getenv("CLOUDFLARE_ACCOUNT_ID")
rnd := generateRandomResourceName()
name := "cloudflare_zero_trust_access_application." + rnd

checkFn := resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID),
resource.TestCheckResourceAttr(name, "name", rnd),
resource.TestCheckResourceAttr(name, "domain", fmt.Sprintf("%s.%s", rnd, domain)),
resource.TestCheckResourceAttr(name, "type", "self_hosted"),
resource.TestCheckResourceAttr(name, "session_duration", "24h"),
resource.TestCheckResourceAttr(name, "cors_headers.#", "0"),
resource.TestCheckResourceAttr(name, "sass_app.#", "0"),
resource.TestCheckResourceAttr(name, "auto_redirect_to_identity", "false"),
resource.TestCheckResourceAttr(name, "allow_authenticate_via_warp", "false"),
resource.TestCheckResourceAttr(name, "options_preflight_bypass", "false"),
)

resource.Test(t, resource.TestCase{
PreCheck: func() {
testAccPreCheck(t)
testAccPreCheckAccount(t)
},
ProviderFactories: providerFactories,
Steps: []resource.TestStep{
{
Config: testAccCloudflareAccessApplicationConfigBasicImport(rnd, domain, cloudflare.AccountIdentifier(accountID)),
Check: checkFn,
},
{
ImportState: true,
ImportStateVerify: true,
ResourceName: name,
ImportStateIdPrefix: fmt.Sprintf("%s/", accountID),
Check: checkFn,
},
},
})
}

func TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic(t *testing.T) {
rnd := generateRandomResourceName()
name := fmt.Sprintf("cloudflare_zero_trust_access_application.%s", rnd)
Expand Down Expand Up @@ -1177,6 +1218,22 @@ resource "cloudflare_zero_trust_access_application" "%[1]s" {
`, rnd, domain, identifier.Type, identifier.Identifier)
}

func testAccCloudflareAccessApplicationConfigBasicImport(rnd string, domain string, identifier *cloudflare.ResourceContainer) string {
return fmt.Sprintf(`
resource "cloudflare_zero_trust_access_application" "%[1]s" {
%[3]s_id = "%[4]s"
name = "%[1]s"
domain = "%[1]s.%[2]s"
destinations {
uri = "%[1]s.%[2]s"
}
type = "self_hosted"
session_duration = "24h"
auto_redirect_to_identity = false
}
`, rnd, domain, identifier.Type, identifier.Identifier)
}

func testAccCloudflareAccessApplicationConfigWithCORS(rnd, zoneID, domain string) string {
return fmt.Sprintf(`
resource "cloudflare_zero_trust_access_application" "%[1]s" {
Expand Down

0 comments on commit b607a74

Please sign in to comment.