Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove http_request_sbfm phase from ruleset documentation #4860

Merged
merged 3 commits into from
Jan 20, 2025
Merged

Remove http_request_sbfm phase from ruleset documentation #4860

merged 3 commits into from
Jan 20, 2025

Conversation

gcloudflare
Copy link

@gcloudflare gcloudflare commented Jan 9, 2025
edited
Loading

The V4 API no longer supports configuring SBFM rulesets. We have sent emails to customers with this information and now the sunset date has reached.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 9, 2025
edited
Loading

changelog detected ✅

@gcloudflare gcloudflare force-pushed the gb/remove-sbfm-documentation branch from ec87b42 to 73a19b3 Compare January 9, 2025 17:36
@gcloudflare gcloudflare force-pushed the gb/remove-sbfm-documentation branch from 73a19b3 to a9928d4 Compare January 10, 2025 15:53
@gcloudflare gcloudflare marked this pull request as ready for review January 10, 2025 20:12
jacobbednarz
jacobbednarz reviewed Jan 13, 2025
View reviewed changes
internal/framework/service/rulesets/schema.go
@@ -90,7 +90,6 @@ func (r *RulesetResource) Schema(ctx context.Context, req resource.SchemaRequest
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive(cfv1.RulesetPhaseValues()...),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we'll need to remove the value from https://github.com/cloudflare/cloudflare-go/blob/master/rulesets.go#L38 as that is where the available values come from today.

jacobbednarz
jacobbednarz reviewed Jan 13, 2025
View reviewed changes
docs/data-sources/rulesets.md
@@ -43,7 +43,7 @@ Optional:
- `id` (String) The ID of the Ruleset to target.
- `kind` (String) Type of Ruleset to create. Available values: `custom`, `managed`, `root`, `zone`.
- `name` (String) Name of the ruleset.
- `phase` (String) Point in the request/response lifecycle where the ruleset will be created. Available values: `ddos_l4`, `ddos_l7`, `http_config_settings`, `http_custom_errors`, `http_log_custom_fields`, `http_ratelimit`, `http_request_cache_settings`, `http_request_dynamic_redirect`, `http_request_firewall_custom`, `http_request_firewall_managed`, `http_request_late_transform`, `http_request_origin`, `http_request_redirect`, `http_request_sanitize`, `http_request_sbfm`, `http_request_transform`, `http_response_compression`, `http_response_firewall_managed`, `http_response_headers_transform`, `magic_transit`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

once the phase is removed from the cloudflare-go lib, this should automatically generate the new values for you from the schema.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Understood, I will create the PR for cloudflare-go first

jacobbednarz
jacobbednarz reviewed Jan 13, 2025
View reviewed changes
internal/framework/service/rulesets/migrate.go
@@ -167,7 +167,6 @@ func (r *RulesetResource) UpgradeState(ctx context.Context) map[int64]resource.S
Required: true,
Validators: []validator.String{
stringvalidator.OneOfCaseInsensitive(cfv1.RulesetPhaseValues()...),
sbfmDeprecationWarningValidator{},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should leave this one in place for now as it was a part of a migrate.

@jacobbednarz
Copy link
Member

on top of this, we'll also need to add a migration to remove any rules that reference the phase if it's been possible to configure it given we may have customer states referencing it to prevent them from breaking.

@gcloudflare
Copy link
Author

on top of this, we'll also need to add a migration to remove any rules that reference the phase if it's been possible to configure it given we may have customer states referencing it to prevent them from breaking.

We already sent out emails to customers saying configuring SBFM rulesets won't be allowed using the cloudflare_ruleset resource and that they need to use the cloudflare_bot_management resource instead.

@jacobbednarz
Copy link
Member

acceptance tests all passing

=== RUN   TestAccCloudflareRuleset_WAFBasic
--- PASS: TestAccCloudflareRuleset_WAFBasic (4.16s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRuleset
--- PASS: TestAccCloudflareRuleset_WAFManagedRuleset (3.69s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetWithoutDescription
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetWithoutDescription (3.14s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetOWASP
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetOWASP (3.57s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetOWASPBlockXSSWithAnomalyOver60
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetOWASPBlockXSSWithAnomalyOver60 (3.71s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetOWASPOnlyPL1
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetOWASPOnlyPL1 (3.42s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetDeployMultiple
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetDeployMultiple (3.80s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetDeployMultipleWithSkip
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetDeployMultipleWithSkip (4.03s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetDeployMultipleWithTopSkipAndLastSkip
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetDeployMultipleWithTopSkipAndLastSkip (4.33s)
=== RUN   TestAccCloudflareRuleset_SkipPhaseAndProducts
--- PASS: TestAccCloudflareRuleset_SkipPhaseAndProducts (3.84s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetWithCategoryAndRuleBasedOverrides
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetWithCategoryAndRuleBasedOverrides (3.38s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetWithIDBasedOverrides
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetWithIDBasedOverrides (3.40s)
=== RUN   TestAccCloudflareRuleset_MagicTransitUpdateWithHigherPriority
    acctest.go:112: Skipping acceptance test for default account (f037e56e89293a057740de681ac9abbe). Default account is not configured for Magic Transit.
--- SKIP: TestAccCloudflareRuleset_MagicTransitUpdateWithHigherPriority (0.00s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetWithPayloadLogging
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetWithPayloadLogging (3.35s)
=== RUN   TestAccCloudflareRuleset_RateLimit
--- PASS: TestAccCloudflareRuleset_RateLimit (4.06s)
=== RUN   TestAccCloudflareRuleset_RateLimitScorePerPeriod
--- PASS: TestAccCloudflareRuleset_RateLimitScorePerPeriod (3.35s)
=== RUN   TestAccCloudflareRuleset_RateLimitMitigationTimeoutOfZero
=== PAUSE TestAccCloudflareRuleset_RateLimitMitigationTimeoutOfZero
=== RUN   TestAccCloudflareRuleset_CustomErrors
--- PASS: TestAccCloudflareRuleset_CustomErrors (3.20s)
=== RUN   TestAccCloudflareRuleset_RequestOrigin
--- PASS: TestAccCloudflareRuleset_RequestOrigin (3.54s)
=== RUN   TestAccCloudflareRuleset_RequestOriginPortWithoutHost
--- PASS: TestAccCloudflareRuleset_RequestOriginPortWithoutHost (3.37s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleURIPath
--- PASS: TestAccCloudflareRuleset_TransformationRuleURIPath (3.28s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleURIQuery
--- PASS: TestAccCloudflareRuleset_TransformationRuleURIQuery (3.17s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleURIPathAndQueryCombination
--- PASS: TestAccCloudflareRuleset_TransformationRuleURIPathAndQueryCombination (3.04s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleRequestHeaders
--- PASS: TestAccCloudflareRuleset_TransformationRuleRequestHeaders (3.22s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleResponseHeaders
--- PASS: TestAccCloudflareRuleset_TransformationRuleResponseHeaders (3.38s)
=== RUN   TestAccCloudflareRuleset_ResponseCompression
--- PASS: TestAccCloudflareRuleset_ResponseCompression (3.15s)
=== RUN   TestAccCloudflareRuleset_ActionParametersMultipleSkips
--- PASS: TestAccCloudflareRuleset_ActionParametersMultipleSkips (4.24s)
=== RUN   TestAccCloudflareRuleset_ActionParametersOverridesAction
--- PASS: TestAccCloudflareRuleset_ActionParametersOverridesAction (3.33s)
=== RUN   TestAccCloudflareRuleset_ActionParametersHTTPDDoSOverride
--- PASS: TestAccCloudflareRuleset_ActionParametersHTTPDDoSOverride (4.43s)
=== RUN   TestAccCloudflareRuleset_ActionParametersOverrideAllRulesetRules
--- PASS: TestAccCloudflareRuleset_ActionParametersOverrideAllRulesetRules (3.39s)
=== RUN   TestAccCloudflareRuleset_AccountLevelCustomWAFRule
--- PASS: TestAccCloudflareRuleset_AccountLevelCustomWAFRule (5.14s)
=== RUN   TestAccCloudflareRuleset_ExposedCredentialCheck
--- PASS: TestAccCloudflareRuleset_ExposedCredentialCheck (2.50s)
=== RUN   TestAccCloudflareRuleset_Logging
--- PASS: TestAccCloudflareRuleset_Logging (3.23s)
=== RUN   TestAccCloudflareRuleset_ConditionallySetActionParameterVersion
--- PASS: TestAccCloudflareRuleset_ConditionallySetActionParameterVersion (5.79s)
=== RUN   TestAccCloudflareRuleset_WAFManagedRulesetWithActionManagedChallenge
--- PASS: TestAccCloudflareRuleset_WAFManagedRulesetWithActionManagedChallenge (7.17s)
=== RUN   TestAccCloudflareRuleset_LogCustomField
--- PASS: TestAccCloudflareRuleset_LogCustomField (3.13s)
=== RUN   TestAccCloudflareRuleset_ActionParametersOverridesThrashingStatus
--- PASS: TestAccCloudflareRuleset_ActionParametersOverridesThrashingStatus (18.20s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsAllEnabled
--- PASS: TestAccCloudflareRuleset_CacheSettingsAllEnabled (4.23s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsOptionalsEmpty
--- PASS: TestAccCloudflareRuleset_CacheSettingsOptionalsEmpty (3.25s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsCacheReserveFalse
--- PASS: TestAccCloudflareRuleset_CacheSettingsCacheReserveFalse (3.21s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsOnlyExludeOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsOnlyExludeOrigin (3.41s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsEdgeTTLRespectOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsEdgeTTLRespectOrigin (3.49s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsNoCacheForStatus
--- PASS: TestAccCloudflareRuleset_CacheSettingsNoCacheForStatus (3.32s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsStatusRangeGreaterThan
--- PASS: TestAccCloudflareRuleset_CacheSettingsStatusRangeGreaterThan (3.68s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsStatusRangeLessThan
--- PASS: TestAccCloudflareRuleset_CacheSettingsStatusRangeLessThan (3.38s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsFalse
--- PASS: TestAccCloudflareRuleset_CacheSettingsFalse (3.27s)
=== RUN   TestAccCloudflareRuleset_Config
--- PASS: TestAccCloudflareRuleset_Config (3.17s)
=== RUN   TestAccCloudflareRuleset_Redirect
--- PASS: TestAccCloudflareRuleset_Redirect (4.55s)
=== RUN   TestAccCloudflareRuleset_DynamicRedirect
--- PASS: TestAccCloudflareRuleset_DynamicRedirect (3.45s)
=== RUN   TestAccCloudflareRuleset_DynamicRedirectWithoutPreservingQueryString
--- PASS: TestAccCloudflareRuleset_DynamicRedirectWithoutPreservingQueryString (3.75s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleURIStripOffQueryString
--- PASS: TestAccCloudflareRuleset_TransformationRuleURIStripOffQueryString (3.32s)
=== RUN   TestAccCloudflareRuleset_TransformationRuleURIStripOffPath
--- PASS: TestAccCloudflareRuleset_TransformationRuleURIStripOffPath (3.20s)
=== RUN   TestAccCloudflareRuleset_ConfigSingleFalseyValue
--- PASS: TestAccCloudflareRuleset_ConfigSingleFalseyValue (3.42s)
=== RUN   TestAccCloudflareRuleset_ConfigConflictingCacheByDevice
--- PASS: TestAccCloudflareRuleset_ConfigConflictingCacheByDevice (0.24s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsMissingEdgeTTLWithOverrideOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsMissingEdgeTTLWithOverrideOrigin (0.16s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsMissingBrowserTTLWithOverrideOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsMissingBrowserTTLWithOverrideOrigin (0.16s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsInvalidEdgeTTLWithOverrideOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsInvalidEdgeTTLWithOverrideOrigin (0.16s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsEdgeTTLWithBypassByDefault
--- PASS: TestAccCloudflareRuleset_CacheSettingsEdgeTTLWithBypassByDefault (3.19s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsInvalidEdgeTTLWithBypassByDefault
--- PASS: TestAccCloudflareRuleset_CacheSettingsInvalidEdgeTTLWithBypassByDefault (0.22s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsBrowserTTLWithBypass
--- PASS: TestAccCloudflareRuleset_CacheSettingsBrowserTTLWithBypass (3.14s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsInvalidBrowserTTLWithBypass
--- PASS: TestAccCloudflareRuleset_CacheSettingsInvalidBrowserTTLWithBypass (0.21s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsInvalidBrowserTTLWithOverrideOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsInvalidBrowserTTLWithOverrideOrigin (0.16s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsDefinedQueryStringExcludeKeys
--- PASS: TestAccCloudflareRuleset_CacheSettingsDefinedQueryStringExcludeKeys (3.61s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsDefinedQueryStringIncludeKeys
--- PASS: TestAccCloudflareRuleset_CacheSettingsDefinedQueryStringIncludeKeys (4.04s)
=== RUN   TestAccCloudflareRuleset_CacheSettingsHandleDefaultHeaderExcludeOrigin
--- PASS: TestAccCloudflareRuleset_CacheSettingsHandleDefaultHeaderExcludeOrigin (13.55s)
=== RUN   TestAccCloudflareRuleset_ImportHandlesMissingValues
--- PASS: TestAccCloudflareRuleset_ImportHandlesMissingValues (0.28s)
=== CONT  TestAccCloudflareRuleset_RateLimitMitigationTimeoutOfZero
--- PASS: TestAccCloudflareRuleset_RateLimitMitigationTimeoutOfZero (4.33s)
PASS
ok      github.com/cloudflare/terraform-provider-cloudflare/internal/framework/service/rulesets 235.921s

@jacobbednarz jacobbednarz merged commit f033b9a into cloudflare:master Jan 20, 2025
7 checks passed
@github-actions github-actions bot added this to the v4.51.0 milestone Jan 20, 2025
@github-actions GitHub Actions
Copy link

This functionality has been released in v4.51.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 22, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jacobbednarz jacobbednarz jacobbednarz left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v4.51.0
Development

Successfully merging this pull request may close these issues.
2 participants
@gcloudflare @jacobbednarz