Add terraform resource and data source changes to support infrastructure application

[SaiDadireddy]

This pull request updates the cloudflare_zero_trust_access_application and cloudflare_zero_trust_access_policy resources to support infrastructure applications.

These changes are dependent on related cloudflare-go changes -> cloudflare/cloudflare-go#3250

New changes:

1. Adds target_criteria to access application schema
2. Adds connection_rules to access policy schema
3. Updates CRUD resources to parse these schemas to API structs

provider "cloudflare" {
  # api_token = ""
}

# Access policy for an infrastructure application
resource "cloudflare_access_policy" "infra-app-example-allow" {
  application_id = cloudflare_zero_trust_access_application.infra-app-example.id
  account_id = "0da42c8d2132a9ddaf714f9e7c920711"
  name       = "infra-app-example-allow"
  decision   = "allow"
  precedence = 1

  include {
    email = ["[email protected]"]
  }

  connection_rules {
    ssh {
      usernames = ["ec2-user"]
    }
  }
}

# Infrastructure application configuration for infra-app-example-allow
resource "cloudflare_zero_trust_access_application" "infra-app-example" {
  account_id = "0da42c8d2132a9ddaf714f9e7c920711"
  name       = "infra-app"
  type       = "infrastructure"
  
  target_criteria {
    port     = 22
    protocol = "SSH"
    target_attributes {
      name = "hostname"
      values = ["tfgo-tests-useast", "tfgo-tests-uswest"]
    }
  }

  # specify existing access policies by id
  policies = []
}

[github-actions]

changelog detected ✅

[github-actions]

This project handles dependency version bumps (including upstream changes from cloudflare-go) independently of the standard PR process using automation. This allows the dependency upgrades to land without causing merge conflicts in multiple branches and handled in a consistent way. The exception to this is security related dependency upgrades but they should be co-ordinated with the maintainer team privately.

Please remove the changes to the go.mod or go.sum files from this PR in order to proceed with review and merging.

[jacobbednarz]

with everything shimmed in, acceptance tests are green

TF_ACC=1 go test ./internal/sdkv2provider -v -run "^TestAccCloudflareAccess(Application|Policy)_" -count 1 -timeout 120m -parallel 1
=== RUN   TestAccCloudflareAccessApplication_BasicZone
--- PASS: TestAccCloudflareAccessApplication_BasicZone (2.73s)
=== RUN   TestAccCloudflareAccessApplication_BasicAccount
--- PASS: TestAccCloudflareAccessApplication_BasicAccount (7.69s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasic (4.20s)
=== RUN   TestAccCloudflareAccessApplication_UpdateSCIMConfig
--- PASS: TestAccCloudflareAccessApplication_UpdateSCIMConfig (11.48s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigInvalidMappingSchema (1.34s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigHttpBasicMissingRequired (1.32s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuthBearerToken (4.07s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2 (4.05s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigOAuth2MissingRequired (1.33s)
=== RUN   TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid
--- PASS: TestAccCloudflareAccessApplication_WithSCIMConfigAuthenticationInvalid (1.36s)
=== RUN   TestAccCloudflareAccessApplication_WithCORS
--- PASS: TestAccCloudflareAccessApplication_WithCORS (2.90s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas (3.03s)
=== RUN   TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithSAMLSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas (3.09s)
=== RUN   TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== PAUSE TestAccCloudflareAccessApplication_WithOIDCSaas_Import
=== RUN   TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity
--- PASS: TestAccCloudflareAccessApplication_WithAutoRedirectToIdentity (4.09s)
=== RUN   TestAccCloudflareAccessApplication_WithEnableBindingCookie
--- PASS: TestAccCloudflareAccessApplication_WithEnableBindingCookie (2.91s)
=== RUN   TestAccCloudflareAccessApplication_WithCustomDenyFields
--- PASS: TestAccCloudflareAccessApplication_WithCustomDenyFields (2.71s)
=== RUN   TestAccCloudflareAccessApplication_WithADefinedIdps
--- PASS: TestAccCloudflareAccessApplication_WithADefinedIdps (3.97s)
=== RUN   TestAccCloudflareAccessApplication_WithMultipleIdpsReordered
--- PASS: TestAccCloudflareAccessApplication_WithMultipleIdpsReordered (13.22s)
=== RUN   TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithHttpOnlyCookieAttribute (2.56s)
=== RUN   TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse
--- PASS: TestAccCloudflareAccessApplication_WithHTTPOnlyCookieAttributeSetToFalse (2.76s)
=== RUN   TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute
--- PASS: TestAccCloudflareAccessApplication_WithSameSiteCookieAttribute (2.67s)
=== RUN   TestAccCloudflareAccessApplication_WithLogoURL
--- PASS: TestAccCloudflareAccessApplication_WithLogoURL (2.86s)
=== RUN   TestAccCloudflareAccessApplication_WithSkipInterstitial
--- PASS: TestAccCloudflareAccessApplication_WithSkipInterstitial (2.87s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherVisible
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherVisible (2.93s)
=== RUN   TestAccCloudflareAccessApplication_WithTargetContexts
--- PASS: TestAccCloudflareAccessApplication_WithTargetContexts (2.67s)
=== RUN   TestAccCloudflareAccessApplication_WithSelfHostedDomains
--- PASS: TestAccCloudflareAccessApplication_WithSelfHostedDomains (4.53s)
=== RUN   TestAccCloudflareAccessApplication_WithDefinedTags
--- PASS: TestAccCloudflareAccessApplication_WithDefinedTags (8.86s)
=== RUN   TestAccCloudflareAccessApplication_WithReusablePolicies
--- PASS: TestAccCloudflareAccessApplication_WithReusablePolicies (4.71s)
=== RUN   TestAccCloudflareAccessApplication_WithAppLauncherCustomization
--- PASS: TestAccCloudflareAccessApplication_WithAppLauncherCustomization (2.68s)
=== RUN   TestAccCloudflareAccessApplication_AuthTypeForcesNewResource
--- PASS: TestAccCloudflareAccessApplication_AuthTypeForcesNewResource (5.86s)
=== RUN   TestAccCloudflareAccessPolicy_ServiceToken
--- PASS: TestAccCloudflareAccessPolicy_ServiceToken (4.71s)
=== RUN   TestAccCloudflareAccessPolicy_AnyServiceToken
--- PASS: TestAccCloudflareAccessPolicy_AnyServiceToken (8.18s)
=== RUN   TestAccCloudflareAccessPolicy_WithZoneID
--- PASS: TestAccCloudflareAccessPolicy_WithZoneID (6.32s)
=== RUN   TestAccCloudflareAccessPolicy_Group
--- PASS: TestAccCloudflareAccessPolicy_Group (5.20s)
=== RUN   TestAccCloudflareAccessPolicy_MTLS
--- PASS: TestAccCloudflareAccessPolicy_MTLS (8.87s)
=== RUN   TestAccCloudflareAccessPolicy_CommonName
--- PASS: TestAccCloudflareAccessPolicy_CommonName (3.86s)
=== RUN   TestAccCloudflareAccessPolicy_EmailDomain
--- PASS: TestAccCloudflareAccessPolicy_EmailDomain (8.94s)
=== RUN   TestAccCloudflareAccessPolicy_Emails
--- PASS: TestAccCloudflareAccessPolicy_Emails (8.11s)
=== RUN   TestAccCloudflareAccessPolicy_Everyone
--- PASS: TestAccCloudflareAccessPolicy_Everyone (3.94s)
=== RUN   TestAccCloudflareAccessPolicy_IPs
--- PASS: TestAccCloudflareAccessPolicy_IPs (3.96s)
=== RUN   TestAccCloudflareAccessPolicy_AuthMethod
--- PASS: TestAccCloudflareAccessPolicy_AuthMethod (3.76s)
=== RUN   TestAccCloudflareAccessPolicy_Geo
--- PASS: TestAccCloudflareAccessPolicy_Geo (3.67s)
=== RUN   TestAccCloudflareAccessPolicy_Okta
--- PASS: TestAccCloudflareAccessPolicy_Okta (8.71s)
=== RUN   TestAccCloudflareAccessPolicy_PurposeJustification
--- PASS: TestAccCloudflareAccessPolicy_PurposeJustification (4.26s)
=== RUN   TestAccCloudflareAccessPolicy_ApprovalGroup
--- PASS: TestAccCloudflareAccessPolicy_ApprovalGroup (4.21s)
=== RUN   TestAccCloudflareAccessPolicy_Reusable
--- PASS: TestAccCloudflareAccessPolicy_Reusable (1.81s)
=== RUN   TestAccCloudflareAccessPolicy_ExternalEvaluation
--- PASS: TestAccCloudflareAccessPolicy_ExternalEvaluation (3.95s)
=== RUN   TestAccCloudflareAccessPolicy_ConnectionRules
--- PASS: TestAccCloudflareAccessPolicy_ConnectionRules (3.63s)
=== RUN   TestAccCloudflareAccessPolicy_IsolationRequired
--- PASS: TestAccCloudflareAccessPolicy_IsolationRequired (9.38s)
=== CONT  TestAccCloudflareAccessApplication_WithSAMLSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithSAMLSaas_Import (3.50s)
=== CONT  TestAccCloudflareAccessApplication_WithOIDCSaas_Import
--- PASS: TestAccCloudflareAccessApplication_WithOIDCSaas_Import (3.31s)
PASS
ok  	github.com/cloudflare/terraform-provider-cloudflare/internal/sdkv2provider	234.271s

[github-actions]

This functionality has been released in v4.43.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!