Merge branch 'master' into domainAllowlist

DataDog · Nov 8, 2024 · 4286ebb · 4286ebb
2 parents 467db0f + aecf0c4
commit 4286ebb
Show file tree

Hide file tree

Showing 34 changed files with 710 additions and 555 deletions.
diff --git a/datadog/fwprovider/resource_datadog_integration_cloudflare_account.go b/datadog/fwprovider/resource_datadog_integration_cloudflare_account.go
@@ -4,10 +4,12 @@ import (
 	"context"
 
 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
+	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/diag"
 	frameworkPath "github.com/hashicorp/terraform-plugin-framework/path"
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/listdefault"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
@@ -26,10 +28,11 @@ type integrationCloudflareAccountResource struct {
 }
 
 type integrationCloudflareAccountModel struct {
-	ID     types.String `tfsdk:"id"`
-	ApiKey types.String `tfsdk:"api_key"`
-	Email  types.String `tfsdk:"email"`
-	Name   types.String `tfsdk:"name"`
+	ID        types.String `tfsdk:"id"`
+	ApiKey    types.String `tfsdk:"api_key"`
+	Email     types.String `tfsdk:"email"`
+	Name      types.String `tfsdk:"name"`
+	Resources types.List   `tfsdk:"resources"`
 }
 
 func NewIntegrationCloudflareAccountResource() resource.Resource {
@@ -67,6 +70,13 @@ func (r *integrationCloudflareAccountResource) Schema(_ context.Context, _ resou
 				},
 			},
 			"id": utils.ResourceIDAttribute(),
+			"resources": schema.ListAttribute{
+				ElementType: types.StringType,
+				Optional:    true,
+				Computed:    true,
+				Description: "An allowlist of resources to restrict pulling metrics for including `web`, `dns`, `lb` (load balancer), `worker`)",
+				Default:     listdefault.StaticValue(types.ListValueMust(types.StringType, []attr.Value{})),
+			},
 		},
 	}
 }
@@ -193,6 +203,10 @@ func (r *integrationCloudflareAccountResource) updateState(ctx context.Context,
 	if name, ok := attributes.GetNameOk(); ok {
 		state.Name = types.StringValue(*name)
 	}
+
+	if resources, ok := attributes.GetResourcesOk(); ok {
+		state.Resources, _ = types.ListValueFrom(ctx, types.StringType, resources)
+	}
 }
 
 func (r *integrationCloudflareAccountResource) buildIntegrationCloudflareAccountRequestBody(ctx context.Context, state *integrationCloudflareAccountModel) (*datadogV2.CloudflareAccountCreateRequest, diag.Diagnostics) {
@@ -205,6 +219,12 @@ func (r *integrationCloudflareAccountResource) buildIntegrationCloudflareAccount
 	}
 	attributes.SetName(state.Name.ValueString())
 
+	if !state.Resources.IsNull() {
+		var resources []string
+		diags.Append(state.Resources.ElementsAs(ctx, &resources, false)...)
+		attributes.SetResources(resources)
+	}
+
 	req := datadogV2.NewCloudflareAccountCreateRequestWithDefaults()
 	req.Data = *datadogV2.NewCloudflareAccountCreateRequestDataWithDefaults()
 	req.Data.SetAttributes(*attributes)
@@ -221,6 +241,12 @@ func (r *integrationCloudflareAccountResource) buildIntegrationCloudflareAccount
 		attributes.SetEmail(state.Email.ValueString())
 	}
 
+	if !state.Resources.IsNull() {
+		var resources []string
+		diags.Append(state.Resources.ElementsAs(ctx, &resources, false)...)
+		attributes.SetResources(resources)
+	}
+
 	req := datadogV2.NewCloudflareAccountUpdateRequestWithDefaults()
 	req.Data = *datadogV2.NewCloudflareAccountUpdateRequestDataWithDefaults()
 	req.Data.SetAttributes(*attributes)

diff --git a/datadog/fwprovider/resource_datadog_integration_gcp.go b/datadog/fwprovider/resource_datadog_integration_gcp.go
@@ -39,18 +39,19 @@ type integrationGcpResource struct {
 }
 
 type integrationGcpModel struct {
-	ID                             types.String `tfsdk:"id"`
-	ProjectID                      types.String `tfsdk:"project_id"`
-	PrivateKeyId                   types.String `tfsdk:"private_key_id"`
-	PrivateKey                     types.String `tfsdk:"private_key"`
-	ClientEmail                    types.String `tfsdk:"client_email"`
-	ClientId                       types.String `tfsdk:"client_id"`
-	Automute                       types.Bool   `tfsdk:"automute"`
-	HostFilters                    types.String `tfsdk:"host_filters"`
-	CloudRunRevisionFilters        types.Set    `tfsdk:"cloud_run_revision_filters"`
-	ResourceCollectionEnabled      types.Bool   `tfsdk:"resource_collection_enabled"`
-	CspmResourceCollectionEnabled  types.Bool   `tfsdk:"cspm_resource_collection_enabled"`
-	IsSecurityCommandCenterEnabled types.Bool   `tfsdk:"is_security_command_center_enabled"`
+	ID                                types.String `tfsdk:"id"`
+	ProjectID                         types.String `tfsdk:"project_id"`
+	PrivateKeyId                      types.String `tfsdk:"private_key_id"`
+	PrivateKey                        types.String `tfsdk:"private_key"`
+	ClientEmail                       types.String `tfsdk:"client_email"`
+	ClientId                          types.String `tfsdk:"client_id"`
+	Automute                          types.Bool   `tfsdk:"automute"`
+	HostFilters                       types.String `tfsdk:"host_filters"`
+	CloudRunRevisionFilters           types.Set    `tfsdk:"cloud_run_revision_filters"`
+	ResourceCollectionEnabled         types.Bool   `tfsdk:"resource_collection_enabled"`
+	CspmResourceCollectionEnabled     types.Bool   `tfsdk:"cspm_resource_collection_enabled"`
+	IsSecurityCommandCenterEnabled    types.Bool   `tfsdk:"is_security_command_center_enabled"`
+	IsResourceChangeCollectionEnabled types.Bool   `tfsdk:"is_resource_change_collection_enabled"`
 }
 
 func NewIntegrationGcpResource() resource.Resource {
@@ -69,6 +70,9 @@ func (r *integrationGcpResource) Metadata(_ context.Context, request resource.Me
 
 func (r *integrationGcpResource) Schema(_ context.Context, _ resource.SchemaRequest, response *resource.SchemaResponse) {
 	response.Schema = schema.Schema{
+		// Avoid using default values for bool settings to prevent breaking changes for existing customers.
+		// Customers who have previously modified these settings via the UI should not be impacted
+		// https://github.com/DataDog/terraform-provider-datadog/pull/2424#issuecomment-2150871460
 		Description: "This resource is deprecated—use the `datadog_integration_gcp_sts` resource instead. Provides a Datadog - Google Cloud Platform integration resource. This can be used to create and manage Datadog - Google Cloud Platform integration.",
 		Attributes: map[string]schema.Attribute{
 			"project_id": schema.StringAttribute{
@@ -141,6 +145,11 @@ func (r *integrationGcpResource) Schema(_ context.Context, _ resource.SchemaRequ
 				Computed:    true,
 				Default:     booldefault.StaticBool(false),
 			},
+			"is_resource_change_collection_enabled": schema.BoolAttribute{
+				Description: "When enabled, Datadog scans for all resource change data in your Google Cloud environment.",
+				Optional:    true,
+				Computed:    true,
+			},
 			"id": utils.ResourceIDAttribute(),
 		},
 	}
@@ -292,6 +301,7 @@ func (r *integrationGcpResource) updateState(ctx context.Context, state *integra
 	state.CspmResourceCollectionEnabled = types.BoolValue(resp.GetIsCspmEnabled())
 	state.ResourceCollectionEnabled = types.BoolValue(resp.GetResourceCollectionEnabled())
 	state.IsSecurityCommandCenterEnabled = types.BoolValue(resp.GetIsSecurityCommandCenterEnabled())
+	state.IsResourceChangeCollectionEnabled = types.BoolValue(resp.GetIsResourceChangeCollectionEnabled())
 
 	// Non-computed values
 	if clientId, ok := resp.GetClientIdOk(); ok {
@@ -327,9 +337,10 @@ func (r *integrationGcpResource) getGCPIntegration(state integrationGcpModel) (*
 }
 
 func (r *integrationGcpResource) buildIntegrationGcpRequestBodyBase(state integrationGcpModel) *datadogV1.GCPAccount {
-	body := datadogV1.NewGCPAccountWithDefaults()
-	body.SetProjectId(state.ProjectID.ValueString())
-	body.SetClientEmail(state.ClientEmail.ValueString())
+	body := &datadogV1.GCPAccount{
+		ProjectId:   state.ProjectID.ValueStringPointer(),
+		ClientEmail: state.ClientEmail.ValueStringPointer(),
+	}
 
 	return body
 }
@@ -365,5 +376,9 @@ func (r *integrationGcpResource) addOptionalFieldsToBody(ctx context.Context, bo
 		body.SetResourceCollectionEnabled(state.ResourceCollectionEnabled.ValueBool())
 	}
 
+	if !state.IsResourceChangeCollectionEnabled.IsUnknown() {
+		body.SetIsResourceChangeCollectionEnabled(state.IsResourceChangeCollectionEnabled.ValueBool())
+	}
+
 	return diags
 }
diff --git a/datadog/fwprovider/resource_datadog_integration_gcp_sts.go b/datadog/fwprovider/resource_datadog_integration_gcp_sts.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"sync"
 
+	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault"
 
 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
@@ -29,17 +30,24 @@ type integrationGcpStsResource struct {
 	Auth context.Context
 }
 
+type MetricNamespaceConfigModel struct {
+	ID       types.String `tfsdk:"id"`
+	Disabled types.Bool   `tfsdk:"disabled"`
+}
+
 type integrationGcpStsModel struct {
-	ID                             types.String `tfsdk:"id"`
-	AccountTags                    types.Set    `tfsdk:"account_tags"`
-	Automute                       types.Bool   `tfsdk:"automute"`
-	ClientEmail                    types.String `tfsdk:"client_email"`
-	DelegateAccountEmail           types.String `tfsdk:"delegate_account_email"`
-	HostFilters                    types.Set    `tfsdk:"host_filters"`
-	CloudRunRevisionFilters        types.Set    `tfsdk:"cloud_run_revision_filters"`
-	IsCspmEnabled                  types.Bool   `tfsdk:"is_cspm_enabled"`
-	IsSecurityCommandCenterEnabled types.Bool   `tfsdk:"is_security_command_center_enabled"`
-	ResourceCollectionEnabled      types.Bool   `tfsdk:"resource_collection_enabled"`
+	ID                                types.String                  `tfsdk:"id"`
+	AccountTags                       types.Set                     `tfsdk:"account_tags"`
+	Automute                          types.Bool                    `tfsdk:"automute"`
+	ClientEmail                       types.String                  `tfsdk:"client_email"`
+	DelegateAccountEmail              types.String                  `tfsdk:"delegate_account_email"`
+	HostFilters                       types.Set                     `tfsdk:"host_filters"`
+	CloudRunRevisionFilters           types.Set                     `tfsdk:"cloud_run_revision_filters"`
+	MetricNamespaceConfigs            []*MetricNamespaceConfigModel `tfsdk:"metric_namespace_configs"`
+	IsCspmEnabled                     types.Bool                    `tfsdk:"is_cspm_enabled"`
+	IsSecurityCommandCenterEnabled    types.Bool                    `tfsdk:"is_security_command_center_enabled"`
+	IsResourceChangeCollectionEnabled types.Bool                    `tfsdk:"is_resource_change_collection_enabled"`
+	ResourceCollectionEnabled         types.Bool                    `tfsdk:"resource_collection_enabled"`
 }
 
 func NewIntegrationGcpStsResource() resource.Resource {
@@ -58,6 +66,9 @@ func (r *integrationGcpStsResource) Metadata(_ context.Context, request resource
 
 func (r *integrationGcpStsResource) Schema(_ context.Context, _ resource.SchemaRequest, response *resource.SchemaResponse) {
 	response.Schema = schema.Schema{
+		// Avoid using default values for bool settings to prevent breaking changes for existing customers.
+		// Customers who have previously modified these settings via the UI should not be impacted
+		// https://github.com/DataDog/terraform-provider-datadog/pull/2424#issuecomment-2150871460
 		Description: "Provides a Datadog Integration GCP Sts resource. This can be used to create and manage Datadog - Google Cloud Platform integration.",
 		Attributes: map[string]schema.Attribute{
 			"account_tags": schema.SetAttribute{
@@ -94,6 +105,16 @@ func (r *integrationGcpStsResource) Schema(_ context.Context, _ resource.SchemaR
 				Description: "Tags to filter which Cloud Run revisions are imported into Datadog. Only revisions that meet specified criteria are monitored.",
 				ElementType: types.StringType,
 			},
+			"metric_namespace_configs": schema.SetAttribute{
+				Optional:    true,
+				Description: "Configuration for a GCP metric namespace.",
+				ElementType: types.ObjectType{
+					AttrTypes: map[string]attr.Type{
+						"id":       types.StringType,
+						"disabled": types.BoolType,
+					},
+				},
+			},
 			"is_cspm_enabled": schema.BoolAttribute{
 				Optional:    true,
 				Computed:    true,
@@ -105,6 +126,11 @@ func (r *integrationGcpStsResource) Schema(_ context.Context, _ resource.SchemaR
 				Computed:    true,
 				Default:     booldefault.StaticBool(false),
 			},
+			"is_resource_change_collection_enabled": schema.BoolAttribute{
+				Description: "When enabled, Datadog scans for all resource change data in your Google Cloud environment.",
+				Optional:    true,
+				Computed:    true,
+			},
 			"resource_collection_enabled": schema.BoolAttribute{
 				Description: "When enabled, Datadog scans for all resources in your GCP environment.",
 				Optional:    true,
@@ -285,12 +311,24 @@ func (r *integrationGcpStsResource) updateState(ctx context.Context, state *inte
 	if runFilters, ok := attributes.GetCloudRunRevisionFiltersOk(); ok && len(*runFilters) > 0 {
 		state.CloudRunRevisionFilters, _ = types.SetValueFrom(ctx, types.StringType, *runFilters)
 	}
+	if namespaceConfigs, ok := attributes.GetMetricNamespaceConfigsOk(); ok && len(*namespaceConfigs) > 0 {
+		state.MetricNamespaceConfigs = make([]*MetricNamespaceConfigModel, len(*namespaceConfigs))
+		for i, namespaceConfig := range *namespaceConfigs {
+			state.MetricNamespaceConfigs[i] = &MetricNamespaceConfigModel{
+				ID:       types.StringValue(namespaceConfig.GetId()),
+				Disabled: types.BoolValue(namespaceConfig.GetDisabled()),
+			}
+		}
+	}
 	if isCspmEnabled, ok := attributes.GetIsCspmEnabledOk(); ok {
 		state.IsCspmEnabled = types.BoolValue(*isCspmEnabled)
 	}
 	if isSecurityCommandCenterEnabled, ok := attributes.GetIsSecurityCommandCenterEnabledOk(); ok {
 		state.IsSecurityCommandCenterEnabled = types.BoolValue(*isSecurityCommandCenterEnabled)
 	}
+	if isResourceChangeCollectionEnabled, ok := attributes.GetIsResourceChangeCollectionEnabledOk(); ok {
+		state.IsResourceChangeCollectionEnabled = types.BoolValue(*isResourceChangeCollectionEnabled)
+	}
 	if resourceCollectionEnabled, ok := attributes.GetResourceCollectionEnabledOk(); ok {
 		state.ResourceCollectionEnabled = types.BoolValue(*resourceCollectionEnabled)
 	}
@@ -325,9 +363,23 @@ func (r *integrationGcpStsResource) buildIntegrationGcpStsRequestBody(ctx contex
 	}
 	attributes.SetCloudRunRevisionFilters(runFilters)
 
+	namespaceConfigs := make([]datadogV2.GCPMetricNamespaceConfig, 0)
+	if len(state.MetricNamespaceConfigs) > 0 {
+		for _, namespaceConfig := range state.MetricNamespaceConfigs {
+			namespaceConfigs = append(namespaceConfigs, datadogV2.GCPMetricNamespaceConfig{
+				Id:       namespaceConfig.ID.ValueStringPointer(),
+				Disabled: namespaceConfig.Disabled.ValueBoolPointer(),
+			})
+		}
+	}
+	attributes.SetMetricNamespaceConfigs(namespaceConfigs)
+
 	if !state.IsSecurityCommandCenterEnabled.IsUnknown() {
 		attributes.SetIsSecurityCommandCenterEnabled(state.IsSecurityCommandCenterEnabled.ValueBool())
 	}
+	if !state.IsResourceChangeCollectionEnabled.IsUnknown() {
+		attributes.SetIsResourceChangeCollectionEnabled(state.IsResourceChangeCollectionEnabled.ValueBool())
+	}
 	if !state.ResourceCollectionEnabled.IsUnknown() {
 		attributes.SetResourceCollectionEnabled(state.ResourceCollectionEnabled.ValueBool())
 	}

diff --git a/datadog/fwprovider/resource_datadog_user_role.go b/datadog/fwprovider/resource_datadog_user_role.go
@@ -182,7 +182,7 @@ func (r *userRoleResource) Delete(ctx context.Context, request resource.DeleteRe
 	response.Diagnostics.Append(response.State.Set(ctx, &state)...)
 }
 
-func (r *userRoleResource) buildUserRoleRequestBody(ctx context.Context, state *UserRoleModel) (*datadogV2.RelationshipToUser, diag.Diagnostics) {
+func (r *userRoleResource) buildUserRoleRequestBody(_ context.Context, state *UserRoleModel) (*datadogV2.RelationshipToUser, diag.Diagnostics) {
 	diags := diag.Diagnostics{}
 
 	relationship := &datadogV2.RelationshipToUser{

diff --git a/datadog/resource_datadog_dashboard.go b/datadog/resource_datadog_dashboard.go
@@ -8066,10 +8066,12 @@ func buildDatadogToplistStyle(terraformToplistStyle map[string]interface{}) data
 		if v, ok := display[0].(map[string]interface{}); ok && len(v) > 0 {
 			if t, ok := v["type"].(string); ok && len(t) != 0 {
 				if t == "stacked" {
+					toplistWidgetStacked := &datadogV1.ToplistWidgetStacked{
+						Legend: datadogV1.TOPLISTWIDGETLEGEND_AUTOMATIC.Ptr(),
+						Type:   datadogV1.TOPLISTWIDGETSTACKEDTYPE_STACKED,
+					}
 					datadogToplistStyle.SetDisplay(datadogV1.ToplistWidgetDisplay{
-						ToplistWidgetStacked: datadogV1.NewToplistWidgetStacked(
-							datadogV1.TOPLISTWIDGETSTACKEDTYPE_STACKED,
-						),
+						ToplistWidgetStacked: toplistWidgetStacked,
 					})
 				} else if t == "flat" {
 					datadogToplistStyle.SetDisplay(datadogV1.ToplistWidgetDisplay{

diff --git a/datadog/resource_datadog_synthetics_test_.go b/datadog/resource_datadog_synthetics_test_.go
@@ -2936,8 +2936,11 @@ func buildTerraformConfigVariables(configVariables []datadogV1.SyntheticsConfigV
 			// If the variable is secure, the example and pattern are not returned by the API,
 			// so we need to keep the values from the terraform config.
 			if v, ok := localVariable["secure"].(bool); ok && v {
-				localVariable["example"] = oldConfigVariables[i].(map[string]interface{})["example"].(string)
-				localVariable["pattern"] = oldConfigVariables[i].(map[string]interface{})["pattern"].(string)
+				// There is no previous state to fallback on during import
+				if i < len(oldConfigVariables) && oldConfigVariables[i] != nil {
+					localVariable["example"] = oldConfigVariables[i].(map[string]interface{})["example"].(string)
+					localVariable["pattern"] = oldConfigVariables[i].(map[string]interface{})["pattern"].(string)
+				}
 			} else {
 				if v, ok := configVariable.GetExampleOk(); ok {
 					localVariable["example"] = *v
@@ -3114,7 +3117,11 @@ func buildDatadogTestOptions(d *schema.ResourceData) *datadogV1.SyntheticsTestOp
 			if rawTimeframes, ok := scheduling.(map[string]interface{})["timeframes"]; ok {
 				var timeFrames []datadogV1.SyntheticsTestOptionsSchedulingTimeframe
 				for _, tf := range rawTimeframes.(*schema.Set).List() {
-					timeframe := datadogV1.NewSyntheticsTestOptionsSchedulingTimeframe(int32(tf.(map[string]interface{})["day"].(int)), tf.(map[string]interface{})["from"].(string), tf.(map[string]interface{})["to"].(string))
+					timeframe := datadogV1.NewSyntheticsTestOptionsSchedulingTimeframe(
+						int32(tf.(map[string]interface{})["day"].(int)),
+						tf.(map[string]interface{})["from"].(string),
+						tf.(map[string]interface{})["to"].(string),
+					)
 					timeFrames = append(timeFrames, *timeframe)
 				}
 				optionsScheduling.SetTimeframes(timeFrames)

diff --git a/datadog/tests/cassettes/TestAccDatadogCatalogEntity_Order.freeze b/datadog/tests/cassettes/TestAccDatadogCatalogEntity_Order.freeze
@@ -1 +1 @@
-2024-08-27T15:43:03.269833-04:00
+2024-11-06T08:46:56.750396-05:00
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		2024-08-27T15:43:03.269833-04:00
		2024-11-06T08:46:56.750396-05:00