From f035fa816fc8271948d210f9d0030f98c2f70e7d Mon Sep 17 00:00:00 2001 From: Jesse Li Date: Tue, 3 Dec 2024 18:21:02 -0500 Subject: [PATCH] Fix Access app domain and self_hosted_domains import --- .../resource_cloudflare_access_application.go | 10 +++- ...urce_cloudflare_access_application_test.go | 55 +++++++++++++++++++ 2 files changed, 62 insertions(+), 3 deletions(-) diff --git a/internal/sdkv2provider/resource_cloudflare_access_application.go b/internal/sdkv2provider/resource_cloudflare_access_application.go index 22c22d8eb12..25e47853e2a 100644 --- a/internal/sdkv2provider/resource_cloudflare_access_application.go +++ b/internal/sdkv2provider/resource_cloudflare_access_application.go @@ -177,6 +177,10 @@ func resourceCloudflareAccessApplicationCreate(ctx context.Context, d *schema.Re } func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + return resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, false) +} + +func resourceCloudflareAccessApplicationReadHelper(ctx context.Context, d *schema.ResourceData, meta interface{}, importing bool) diag.Diagnostics { client := meta.(*cloudflare.API) identifier, err := initIdentifier(d) @@ -199,7 +203,7 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso d.Set("name", accessApplication.Name) d.Set("aud", accessApplication.AUD) d.Set("session_duration", accessApplication.SessionDuration) - if _, domainWasSet := d.GetOk("domain"); domainWasSet { + if _, domainWasSet := d.GetOk("domain"); domainWasSet || importing { // Only set the domain if it was set in the configuration, as apps can be created without a domain // if they define a non-empty self_hosted_domains array d.Set("domain", accessApplication.Domain) @@ -257,7 +261,7 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso return diag.FromErr(fmt.Errorf("error setting Access Application Infrastructure app configuration: %w", targetContextsErr)) } - if _, ok := d.GetOk("self_hosted_domains"); ok { + if _, ok := d.GetOk("self_hosted_domains"); ok || importing { d.Set("self_hosted_domains", accessApplication.SelfHostedDomains) } @@ -432,7 +436,7 @@ func resourceCloudflareAccessApplicationImport(ctx context.Context, d *schema.Re d.Set(consts.AccountIDSchemaKey, accountID) d.SetId(accessApplicationID) - resourceCloudflareAccessApplicationRead(ctx, d, meta) + resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, true) return []*schema.ResourceData{d}, nil } diff --git a/internal/sdkv2provider/resource_cloudflare_access_application_test.go b/internal/sdkv2provider/resource_cloudflare_access_application_test.go index a101aaa5d86..528a54987ba 100644 --- a/internal/sdkv2provider/resource_cloudflare_access_application_test.go +++ b/internal/sdkv2provider/resource_cloudflare_access_application_test.go @@ -136,6 +136,47 @@ func TestAccCloudflareAccessApplication_BasicAccount(t *testing.T) { }) } +func TestAccCloudflareAccessApplication_BasicAccount_Import(t *testing.T) { + t.Parallel() + accountID := os.Getenv("CLOUDFLARE_ACCOUNT_ID") + rnd := generateRandomResourceName() + name := "cloudflare_zero_trust_access_application." + rnd + + checkFn := resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), + resource.TestCheckResourceAttr(name, "name", rnd), + resource.TestCheckResourceAttr(name, "domain", fmt.Sprintf("%s.%s", rnd, domain)), + resource.TestCheckResourceAttr(name, "type", "self_hosted"), + resource.TestCheckResourceAttr(name, "session_duration", "24h"), + resource.TestCheckResourceAttr(name, "cors_headers.#", "0"), + resource.TestCheckResourceAttr(name, "sass_app.#", "0"), + resource.TestCheckResourceAttr(name, "auto_redirect_to_identity", "false"), + resource.TestCheckResourceAttr(name, "allow_authenticate_via_warp", "false"), + resource.TestCheckResourceAttr(name, "options_preflight_bypass", "false"), + ) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAccount(t) + }, + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: testAccCloudflareAccessApplicationConfigBasicImport(rnd, domain, cloudflare.AccountIdentifier(accountID)), + Check: checkFn, + }, + { + ImportState: true, + ImportStateVerify: true, + ResourceName: name, + ImportStateIdPrefix: fmt.Sprintf("%s/", accountID), + Check: checkFn, + }, + }, + }) +} + func TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic(t *testing.T) { rnd := generateRandomResourceName() name := fmt.Sprintf("cloudflare_zero_trust_access_application.%s", rnd) @@ -1125,6 +1166,20 @@ resource "cloudflare_zero_trust_access_application" "%[1]s" { `, rnd, domain, identifier.Type, identifier.Identifier) } +func testAccCloudflareAccessApplicationConfigBasicImport(rnd string, domain string, identifier *cloudflare.ResourceContainer) string { + return fmt.Sprintf(` +resource "cloudflare_zero_trust_access_application" "%[1]s" { + %[3]s_id = "%[4]s" + name = "%[1]s" + domain = "%[1]s.%[2]s" + self_hosted_domains = ["%[1]s.%[2]s"] + type = "self_hosted" + session_duration = "24h" + auto_redirect_to_identity = false +} +`, rnd, domain, identifier.Type, identifier.Identifier) +} + func testAccCloudflareAccessApplicationConfigWithCORS(rnd, zoneID, domain string) string { return fmt.Sprintf(` resource "cloudflare_zero_trust_access_application" "%[1]s" {