Fix Access app domain and self_hosted_domains import

cloudflare · Dec 3, 2024 · 4cfb177 · 4cfb177
1 parent e9e6d6a
commit 4cfb177
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 3 deletions.
diff --git a/internal/sdkv2provider/resource_cloudflare_access_application.go b/internal/sdkv2provider/resource_cloudflare_access_application.go
@@ -177,6 +177,10 @@ func resourceCloudflareAccessApplicationCreate(ctx context.Context, d *schema.Re
 }
 
 func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	return resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, false)
+}
+
+func resourceCloudflareAccessApplicationReadHelper(ctx context.Context, d *schema.ResourceData, meta interface{}, importing bool) diag.Diagnostics {
 	client := meta.(*cloudflare.API)
 
 	identifier, err := initIdentifier(d)
@@ -199,7 +203,7 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso
 	d.Set("name", accessApplication.Name)
 	d.Set("aud", accessApplication.AUD)
 	d.Set("session_duration", accessApplication.SessionDuration)
-	if _, domainWasSet := d.GetOk("domain"); domainWasSet {
+	if _, domainWasSet := d.GetOk("domain"); domainWasSet || importing {
 		// Only set the domain if it was set in the configuration, as apps can be created without a domain
 		// if they define a non-empty self_hosted_domains array
 		d.Set("domain", accessApplication.Domain)
@@ -257,7 +261,7 @@ func resourceCloudflareAccessApplicationRead(ctx context.Context, d *schema.Reso
 		return diag.FromErr(fmt.Errorf("error setting Access Application Infrastructure app configuration: %w", targetContextsErr))
 	}
 
-	if _, ok := d.GetOk("self_hosted_domains"); ok {
+	if _, ok := d.GetOk("self_hosted_domains"); ok || importing {
 		d.Set("self_hosted_domains", accessApplication.SelfHostedDomains)
 	}
 
@@ -432,7 +436,7 @@ func resourceCloudflareAccessApplicationImport(ctx context.Context, d *schema.Re
 	d.Set(consts.AccountIDSchemaKey, accountID)
 	d.SetId(accessApplicationID)
 
-	resourceCloudflareAccessApplicationRead(ctx, d, meta)
+	resourceCloudflareAccessApplicationReadHelper(ctx, d, meta, true)
 
 	return []*schema.ResourceData{d}, nil
 }
diff --git a/internal/sdkv2provider/resource_cloudflare_access_application_test.go b/internal/sdkv2provider/resource_cloudflare_access_application_test.go
@@ -136,6 +136,47 @@ func TestAccCloudflareAccessApplication_BasicAccount(t *testing.T) {
 	})
 }
 
+func TestAccCloudflareAccessApplication_BasicAccount_Import(t *testing.T) {
+	t.Parallel()
+	accountID := os.Getenv("CLOUDFLARE_ACCOUNT_ID")
+	rnd := generateRandomResourceName()
+	name := "cloudflare_zero_trust_access_application." + rnd
+
+	checkFn := resource.ComposeTestCheckFunc(
+		resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID),
+		resource.TestCheckResourceAttr(name, "name", rnd),
+		resource.TestCheckResourceAttr(name, "domain", fmt.Sprintf("%s.%s", rnd, domain)),
+		resource.TestCheckResourceAttr(name, "type", "self_hosted"),
+		resource.TestCheckResourceAttr(name, "session_duration", "24h"),
+		resource.TestCheckResourceAttr(name, "cors_headers.#", "0"),
+		resource.TestCheckResourceAttr(name, "sass_app.#", "0"),
+		resource.TestCheckResourceAttr(name, "auto_redirect_to_identity", "false"),
+		resource.TestCheckResourceAttr(name, "allow_authenticate_via_warp", "false"),
+		resource.TestCheckResourceAttr(name, "options_preflight_bypass", "false"),
+	)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+			testAccPreCheckAccount(t)
+		},
+		ProviderFactories: providerFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCloudflareAccessApplicationConfigBasicImport(rnd, domain, cloudflare.AccountIdentifier(accountID)),
+				Check:  checkFn,
+			},
+			{
+				ImportState:         true,
+				ImportStateVerify:   true,
+				ResourceName:        name,
+				ImportStateIdPrefix: fmt.Sprintf("%s/", accountID),
+				Check:               checkFn,
+			},
+		},
+	})
+}
+
 func TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic(t *testing.T) {
 	rnd := generateRandomResourceName()
 	name := fmt.Sprintf("cloudflare_zero_trust_access_application.%s", rnd)
@@ -1125,6 +1166,20 @@ resource "cloudflare_zero_trust_access_application" "%[1]s" {
 `, rnd, domain, identifier.Type, identifier.Identifier)
 }
 
+func testAccCloudflareAccessApplicationConfigBasicImport(rnd string, domain string, identifier *cloudflare.ResourceContainer) string {
+	return fmt.Sprintf(`
+resource "cloudflare_zero_trust_access_application" "%[1]s" {
+  %[3]s_id                  = "%[4]s"
+  name                      = "%[1]s"
+  domain                    = "%[1]s.%[2]s"
+  self_hosted_domains       = ["%[1]s.%[2]s"]
+  type                      = "self_hosted"
+  session_duration          = "24h"
+  auto_redirect_to_identity = false
+}
+`, rnd, domain, identifier.Type, identifier.Identifier)
+}
+
 func testAccCloudflareAccessApplicationConfigWithCORS(rnd, zoneID, domain string) string {
 	return fmt.Sprintf(`
 resource "cloudflare_zero_trust_access_application" "%[1]s" {