Skip to content

Commit

Permalink
feat(zero_trust_access_groups): data source for cloudflare zero trust…
Browse files Browse the repository at this point in the history
… access groups
  • Loading branch information
bootswithdefer committed Sep 23, 2024
1 parent 3ead20c commit 64ac054
Show file tree
Hide file tree
Showing 10 changed files with 231 additions and 3 deletions.
3 changes: 3 additions & 0 deletions .changelog/4101.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:dependency
provider: bump actions/checkout from 3 to 4
```
3 changes: 3 additions & 0 deletions .changelog/4103.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-data-source
cloudflare_zero_trust_access_groups
```
5 changes: 2 additions & 3 deletions .github/workflows/semgrep.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

on:
pull_request: {}
workflow_dispatch: {}
Expand All @@ -12,7 +11,7 @@ name: Semgrep config
jobs:
semgrep:
name: semgrep/ci
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
SEMGREP_URL: https://cloudflare.semgrep.dev
Expand All @@ -21,5 +20,5 @@ jobs:
container:
image: returntocorp/semgrep
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- run: semgrep ci
40 changes: 40 additions & 0 deletions docs/data-sources/zero_trust_access_groups.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
---
page_title: "cloudflare_zero_trust_access_groups Data Source - Cloudflare"
subcategory: ""
description: |-
Use this data source to look up Zero Trust Access Groups https://developers.cloudflare.com/cloudflare-one/identity/users/groups/.
Commonly used as references within cloudflare_zero_trust_access_policy resources.
---

# cloudflare_zero_trust_access_groups (Data Source)

Use this data source to look up [Zero Trust Access Groups](https://developers.cloudflare.com/cloudflare-one/identity/users/groups/).
Commonly used as references within [`cloudflare_zero_trust_access_policy`](/docs/providers/cloudflare/r/zero_trust_access_policy.html) resources.

## Example Usage

```terraform
data "cloudflare_zero_trust_access_groups" "example" {
account_id = "f037e56e89293a057740de681ac9abbe"
}
```
<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `account_id` (String) Cloudflare Account ID

### Read-Only

- `groups` (Attributes List) A list of Zero Trust Access Groups. (see [below for nested schema](#nestedatt--groups))

<a id="nestedatt--groups"></a>
### Nested Schema for `groups`

Read-Only:

- `id` (String) The identifier for this group.
- `name` (String) The name of the group.


Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
data "cloudflare_zero_trust_access_groups" "example" {
account_id = "f037e56e89293a057740de681ac9abbe"
}
2 changes: 2 additions & 0 deletions internal/framework/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ import (
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/user"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/workers_for_platforms_dispatch_namespace"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/workers_for_platforms_dispatch_namespace_deprecated"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/zero_trust_access_groups"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/zero_trust_access_mtls_hostname_settings"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/zero_trust_risk_behavior"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/zero_trust_risk_score_integration"
Expand Down Expand Up @@ -393,6 +394,7 @@ func (p *CloudflareProvider) DataSources(ctx context.Context) []func() datasourc
gateway_categories.NewDataSource,
gateway_app_types.NewDataSource,
dcv_delegation.NewDataSource,
zero_trust_access_groups.NewDataSource,
}
}

Expand Down
82 changes: 82 additions & 0 deletions internal/framework/service/zero_trust_access_groups/data_source.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
package zero_trust_access_groups

import (
"context"
"fmt"

"github.com/cloudflare/cloudflare-go/v2"
"github.com/cloudflare/cloudflare-go/v2/zero_trust"
"github.com/cloudflare/terraform-provider-cloudflare/internal/framework/muxclient"
"github.com/hashicorp/terraform-plugin-framework/datasource"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/hashicorp/terraform-plugin-log/tflog"
)

// Ensure provider defined types fully satisfy framework interfaces.
var _ datasource.DataSource = &ZeroTrustAccessGroupsDataSource{}

func NewDataSource() datasource.DataSource {
return &ZeroTrustAccessGroupsDataSource{}
}

// ZeroTrustAccessGroupsDataSource defines the data source implementation.
type ZeroTrustAccessGroupsDataSource struct {
client *muxclient.Client
}

func (d *ZeroTrustAccessGroupsDataSource) Metadata(ctx context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) {
resp.TypeName = req.ProviderTypeName + "_zero_trust_access_groups"
}

func (d *ZeroTrustAccessGroupsDataSource) Configure(ctx context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) {
if req.ProviderData == nil {
return
}

client, ok := req.ProviderData.(*muxclient.Client)

if !ok {
resp.Diagnostics.AddError(
"unexpected resource configure type",
fmt.Sprintf("Expected *muxclient.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData),
)

return
}

d.client = client
}

func (d *ZeroTrustAccessGroupsDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
tflog.Debug(ctx, fmt.Sprintf("Reading Zero Trust Access Group"))
var data ZeroTrustAccessGroupsModel

resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
if resp.Diagnostics.HasError() {
return
}

params := zero_trust.AccessGroupListParams{
AccountID: cloudflare.F(data.AccountID.ValueString()),
}

iter := d.client.V2.ZeroTrust.Access.Groups.ListAutoPaging(ctx, params)
var groups []ZeroTrustAccessGroupModel

for iter.Next() {
group := iter.Current()

groups = append(groups, ZeroTrustAccessGroupModel{
ID: types.StringValue(group.ID),
Name: types.StringValue(group.Name),
})
}
if err := iter.Err(); err != nil {
resp.Diagnostics.AddError("Failed to fetch Zero Trust Access Groups", err.Error())
return
}

data.Groups = groups

resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
package zero_trust_access_groups_test

import (
"fmt"
"os"
"testing"

"github.com/cloudflare/terraform-provider-cloudflare/internal/acctest"
"github.com/hashicorp/terraform-plugin-testing/helper/resource"
)

func TestAccCloudflareAccessGroups_DataSource(t *testing.T) {
accountID := os.Getenv("CLOUDFLARE_ACCOUNT_ID")

if accountID == "" {
t.Fatal("CLOUDFLARE_ACCOUNT_ID must be set for acceptance tests")
}

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.TestAccPreCheck(t) },
ProtoV6ProviderFactories: acctest.TestAccProtoV6ProviderFactories,
Steps: []resource.TestStep{
{
Config: testAccCheckCloudflareZeroTrustAccessGroupsDataSourceConfig(accountID),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet("data.cloudflare_zero_trust_access_groups.this", "account_id"),
resource.TestCheckResourceAttrSet("data.cloudflare_zero_trust_access_groups.this", "groups.#"),
),
},
},
})
}

func testAccCheckCloudflareZeroTrustAccessGroupsDataSourceConfig(accountID string) string {
return fmt.Sprintf(`
data "cloudflare_zero_trust_access_groups" "this" {
account_id = "%s"
}
`, accountID)
}
15 changes: 15 additions & 0 deletions internal/framework/service/zero_trust_access_groups/model.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
package zero_trust_access_groups

import "github.com/hashicorp/terraform-plugin-framework/types"

// ZeroTrustAccessGroupModel describes the data source data model for groups
type ZeroTrustAccessGroupsModel struct {
AccountID types.String `tfsdk:"account_id"`
Groups []ZeroTrustAccessGroupModel `tfsdk:"groups"`
}

// ZeroTrustAccessGroupModel describes the data source data model for a group
type ZeroTrustAccessGroupModel struct {
ID types.String `tfsdk:"id"`
Name types.String `tfsdk:"name"`
}
41 changes: 41 additions & 0 deletions internal/framework/service/zero_trust_access_groups/schema.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
package zero_trust_access_groups

import (
"context"

"github.com/MakeNowJust/heredoc/v2"
"github.com/hashicorp/terraform-plugin-framework/datasource"
"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
)

func (r *ZeroTrustAccessGroupsDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
resp.Schema = schema.Schema{
// This description is used by the documentation generator and the language server.
Description: heredoc.Docf(`
Use this data source to look up [Zero Trust Access Groups](https://developers.cloudflare.com/cloudflare-one/identity/users/groups/).
Commonly used as references within [%s](/docs/providers/cloudflare/r/zero_trust_access_policy.html) resources.
`, "`cloudflare_zero_trust_access_policy`"),
Attributes: map[string]schema.Attribute{
"account_id": schema.StringAttribute{
Required: true,
Description: "Cloudflare Account ID",
},
"groups": schema.ListNestedAttribute{
Computed: true,
Description: "A list of Zero Trust Access Groups.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"id": schema.StringAttribute{
Computed: true,
Description: "The identifier for this group.",
},
"name": schema.StringAttribute{
Computed: true,
Description: "The name of the group.",
},
},
},
},
},
}
}

0 comments on commit 64ac054

Please sign in to comment.