feat(terraform)!: Update Terraform cloudflare to 4.2.0

[jarvis-plus-bot]

This PR contains the following updates:

Package	Type	Update	Change
cloudflare (source)	required_provider	major	~> 3.0 -> ~> 4.0

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

cloudflare/terraform-provider-cloudflare

v4.2.0

Compare Source

BREAKING CHANGES:

• resource/cloudflare_ruleset: status has been removed in favour of enabled now that the workaround for zero values is no longer required (#​2271)

NOTES:

• cloudflare_ruleset has been migrated to the terraform-plugin-framework in doing so addresses issues with the internal representation of zero values. A downside to this is that to get the full benefits, you will need to remove the resource from your Terraform state (terraform state rm ...) and then import the resource back into your state. Along with this, you will need to update any references to status which was the previous workaround for the enabled values. If you have status = "enabled" you will need to replace it with enabled = true and similar for status = "disabled" to be replaced with enabled = false. (#​2271)

FEATURES:

• New Data Source: cloudflare_list (#​2296)
• New Data Source: cloudflare_lists (#​2296)
• New Resource: cloudflare_address_map (#​2290)
• New Resource: cloudflare_list_item (#​2304)

ENHANCEMENTS:

• resource/access_organization: add ui_read_only_toggle_reason field (#​2175)
• resource/cloudflare_device_posture_rule: Support check_disks in the input block schema. (#​2280)
• resource/cloudflare_notification_policy_webhooks: ensure url triggers recreation, not in-place updates (#​2302)
• resource/cloudflare_tunnel: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#​2281)
• resource/cloudflare_tunnel_config: add support for import of cloudflare_tunnel_config (#​2298)
• resource/cloudflare_tunnel_config: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#​2281)
• resource/cloudflare_tunnel_route: rename references of cloudflare_argo_tunnel to cloudflare_tunnel in documentation (#​2281)
• resource/cloudflare_worker_script: Add compatibility_date attribute (#​2300)

BUG FIXES:

• resource/cloudflare_ruleset: support cache rules for status range >= and =< operations (#​2307)
• resource/cloudflare_teams_account: fixes an issue where accounts that had never configured DLP payload logging would error upon reading this resource (#​2284)

INTERNAL:

• resource/cloudflare_ruleset: migrate from SDKv2 to terraform-plugin-framework (#​2271)
• test: swap SDKv2 testing harness to github.com/hashicorp/terraform-plugin-testing (#​2272)

DEPENDENCIES:

• provider: bumps actions/setup-go from 3 to 4 (#​2291)
• provider: bumps github.com/cloudflare/cloudflare-go from 0.62.0 to 0.63.0 (#​2289)
• provider: bumps github.com/hashicorp/terraform-plugin-framework from 1.1.1 to 1.2.0 (#​2314)
• provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.25.1-0.20230317190757-53a4ec42ea7e to 2.26.0 (#​2308)
• provider: bumps github.com/hashicorp/terraform-plugin-sdk/v2 from 2.26.0 to 2.26.1 (#​2315)

v4.1.0

Compare Source

ENHANCEMENTS:

• resource/cloudflare_cloudflare_teams_rules: Add untrusted_cert setting to teams rules settings (#​2256)
• resource/cloudflare_teams_account: Add support for DLP payload logging public key (#​2267)
• resource/cloudflare_teams_rule: Add support for enabling DLP payload logging per-rule (#​2267)
• resource/cloudflare_waiting_room: add 'ru-RU' and 'fa-IR' to default_template_language field (#​2262)

BUG FIXES:

• resource/cloudflare_access_group: fixes an issue where Azure group rules with different identity provider ids would override each other (#​2270)
• resource/cloudflare_notification_policy: ensure all emails are saved if multiple email_integration values specified (#​2248)

DEPENDENCIES:

• provider: bumps github.com/cloudflare/cloudflare-go from 0.61.0 to 0.62.0 (#​2268)
• provider: bumps github.com/stretchr/testify from 1.8.1 to 1.8.2 (#​2263)
• provider: bumps golang.org/x/net from 0.7.0 to 0.8.0 (#​2274)

v4.0.0

Compare Source

Warning Prior to upgrading you should ensure you have adequate backups in the event you need to rollback to version 3. This is a major version bump and involves backwards incompatible changes.

3.x to 4.x upgrade guide

BREAKING CHANGES:

• datasource/cloudflare_waf_groups: removed in favour of cloudflare_rulesets (#​2138)
• datasource/cloudflare_waf_packages: removed in favour of cloudflare_rulesets (#​2138)
• datasource/cloudflare_waf_rules: removed in favour of cloudflare_rulesets (#​2138)
• provider: account_id is no longer available as a global configuration option. Instead, use the resource specific attributes. (#​2139)
• resource/cloudflare_access_bookmark: resource has been removed in favour of configuration on cloudflare_access_application (#​2136)
• resource/cloudflare_access_rule: require explicit zone_id or account_id and remove implicit fallback to user level rules (#​2157)
• resource/cloudflare_account_member: account_id is now required (#​2153)
• resource/cloudflare_account_member: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_argo_tunnel: resource has been renamed to cloudflare_tunnel (#​2135)
• resource/cloudflare_ip_list: removed in favour of cloudflare_list (#​2137)
• resource/cloudflare_load_balancer: Migrate session_affinity_attributes from TypeMap to TypeSet (#​1959)
• resource/cloudflare_load_balancer: session_affinity_attributes.drain_duration is now TypeInt instead of TypeString (#​1959)
• resource/cloudflare_load_balancer_monitor: account_id is now required (#​2153)
• resource/cloudflare_load_balancer_monitor: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_load_balancer_pool: account_id is now required (#​2153)
• resource/cloudflare_load_balancer_pool: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_spectrum_application: edge_ip_connectivity is now nested under edge_ips as connectivity (#​2219)
• resource/cloudflare_spectrum_application: edge_ips.type is now a required field (#​2219)
• resource/cloudflare_spectrum_application: edge_ips now contains nested attributes other than IP ranges. type and connectivity have been added. edge_ips.ips contains the static IP addresses that used to reside at edge_ips. (#​2219)
• resource/cloudflare_waf_group: removed in favour of cloudflare_ruleset (#​2138)
• resource/cloudflare_waf_override: removed in favour of cloudflare_ruleset (#​2138)
• resource/cloudflare_waf_package: removed in favour of cloudflare_ruleset (#​2138)
• resource/cloudflare_waf_rule: removed in favour of cloudflare_ruleset (#​2138)
• resource/cloudflare_workers_kv: account_id is now required (#​2153)
• resource/cloudflare_workers_kv: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_workers_kv_namespace: account_id is now required (#​2153)
• resource/cloudflare_workers_kv_namespace: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_workers_script: account_id is now required (#​2153)
• resource/cloudflare_workers_script: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)
• resource/cloudflare_zone: account_id is now required (#​2153)
• resource/cloudflare_zone: no longer sets client.AccountID internally and relies on the resource provided value (#​2154)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[jarvis-plus-bot]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
⚠️ REPOSITORY	checkov	yes		409	35.83s
✅ REPOSITORY	dustilock	yes		no	0.26s
✅ REPOSITORY	git_diff	yes		no	0.07s
✅ REPOSITORY	secretlint	yes		no	4.05s
⚠️ REPOSITORY	trivy	yes		1	92.7s
✅ SPELL	misspell	1		0	0.06s
✅ TERRAFORM	terraform-fmt	1		0	0.24s
✅ TERRAFORM	tflint	1		0	2.16s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by