Merge branch 'next' into dependabot/go_modules/next/github.com/hashic…

…orp/terraform-plugin-sdk/v2-2.34.0

Signed-off-by: Ricardo Band <[email protected]>

.github/dependabot.yml

@@ -8,12 +8,12 @@ updates:
     schedule:
       interval: "weekly"
     commit-message:
-      prefix: "gh-action"
+      prefix: "go"
     labels:
-      - "golang"
+      - "go"
       - "dependencies"
     reviewers:
-      - "idealo/transport"
+      - "idealo/transit"
   - package-ecosystem: "github-actions"
     directory: "/"
     target-branch: "next"
@@ -25,4 +25,4 @@ updates:
       - "gh-action"
       - "dependencies"
     reviewers:
-      - "idealo/transport"
+      - "idealo/transit"

.github/workflows/release.yml

@@ -4,7 +4,7 @@ on:
   push:
     # run only against tags
     tags:
-      - 'v[0-9]+.[0-9]+.[0-9]+'
+      - '[0-9]+.[0-9]+.[0-9]+'
 
 permissions:
   contents: write

.github/workflows/test.yml

@@ -75,6 +75,9 @@ jobs:
           - '1.4.*'
           - '1.5.*'
           - '1.6.*'
+          - '1.7.*'
+          - '1.8.*'
+          - '1.9.*'
     steps:
     - name: Check out code into the Go module directory
       uses: actions/checkout@v4
@@ -85,7 +88,7 @@ jobs:
         go-version-file: "go.mod"
         cache: true
     - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v3.0.0
+      uses: hashicorp/setup-terraform@v3.1.1
       with:
         terraform_version: ${{ matrix.terraform }}
         terraform_wrapper: false

.goreleaser.yaml

@@ -25,7 +25,6 @@ builds:
 archives:
   - format: zip
     name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
-    rlcp: true
     files:
       - README.md
 checksum:
@@ -53,7 +52,7 @@ release:
   # If you want to manually examine the release before its live, uncomment this line:
   # draft: true
 snapshot:
-  name_template: "{{ .Tag }}-next"
+  name_template: "v{{ .Tag }}-next"
 changelog:
   skip: true
 gomod:
@@ -81,7 +80,7 @@ gomod:
 announce:
   teams:
     enabled: false
-    title_template: 'Terraform Provider csd {{ .Tag }} was just released!'
-    message_template: 'Awesome terraform provider {{.Tag}} is out!'
+    title_template: 'Terraform Provider csd v{{ .Tag }} was just released!'
+    message_template: 'Awesome terraform provider v{{.Tag}} is out!'
     color: '#2D313E'
     #icon_url: 'https://csd.aws.idealo.cloud/avatar.png'

README.md

@@ -4,44 +4,8 @@
 
 The Common Short Domain product gives you cool short domains (AWS Hosted Zones) in your AWS account so you can manage them yourself, without the hassle of a third party.
 
-Currently, we support the following domains where you can get subdomains:
-
-- `idealo.tools`: internal idealo tooling for everyone
-- `idealo.com`: idealo components mostly for b2b
-- `idealo.de`: idealo components mostly for b2c
-- `idealo.co.uk`: idealo components mostly for british b2c
-- `idealo.es`: idealo components mostly for spanish b2c
-- `idealo.fr`: idealo components mostly for french b2c
-- `idealo.it`: idealo components mostly for italian b2c
-- `idealo.nl`: idealo components mostly for dutch b2c
-- `idealo.pl`: idealo components mostly for polish b2c
-- `idealo.pt`: idealo components mostly for portuguese b2c
-
-More domains will follow in future updates. If you're missing one that you need, contact Team Transport.
-
 _Keep in mind that your FQDN shouldn't exceed 64 characters (including the final dot) to retrieve a TLS certificate._
 
-# ⚠️ Disclaimer
-
-> With great power comes great responsibility.
-
-Owning your own zone under an idealo.TLD comes with some responsibilities.
-
-## Cookies
-
-Customers log into idealo.de and other idealo TLDs with a cookie that is valid for that domain and its subdomains which includes your hosted zone. This could lead to some unwanted site effects you must be aware of. For example, if you create a CNAME pointing to an external FQDN, the cookie will be readable by that third party. So this external service provider could read that cookie and in the worst case impersonate our customer. From a security perspective, this might be unwanted behaviour. So if you point DNS records to third parties, take care that cookies are not forwarded to them. If you're unsure please contact us or the Security team to clarify how to deal with your specific scenario.
-
-As an example, let's say you serve the wishlist component from you AWS account. For that, you registered the subdomain wishlist.idealo.de with our CSD product. That means that we delegate the zone wishlist.idealo.de to your account. In your account, you then create DNS resource records pointing to the wishlist component, for example an ALB inside your account.
-Imagine you use a third party service like Salesforce that requires you to point DNS entries under your hosted zone to their service. For example, a CNAME salesforce.wishlist.idealo.de pointing to service.salesforce.com. This would mean that Salesforce is now able to read the customer's cookie and therefore is able to impersonate that customer. In that case, contact security to make sure that you comply with our security requirements.
-
-## Mail servers
-
-By controlling your own zone, you're also able to set records for your own mail servers. These mail servers would be able to send mails with a sender under subdomain for example wishlist.idealo.de. These mails should be well crafted and aligned with company standards from the design, legal and security departments.
-
-If you plan to set up email communication under your subdomain, you must talk to the mentioned departments first to make you follow the idealo guidelines.
-
-If you have any other questions about your hosted zone setup, feel free to reach out to Team Transport.
-
 # Installation
 
 ## Install from Terraform Registry
@@ -52,7 +16,7 @@ Online documentation can also be found [here](https://registry.terraform.io/prov
 
 ## Upgrade from v1.x to v2.x
 
-1. Comment all old "csd_zone" resources
+1. Comment all old `csd_zone` resources
 2. Run `terraform apply`, this will delete your old zone delegation
 3. Update provider version to `~>2.0`
 4. Uncomment and rename old `csd_zone` resources to `csd_zone_delegation`
@@ -122,18 +86,21 @@ module "terraform_execution_role" {
 
 ```terraform
 # Create a Route53 Hosted Zone.
+# sample-app is a placeholder for the subdomain for your application.
+# example.net is a placeholder for a domain which is supported in the CSD product.
 # The lifecycle option prevents Terraform from accidentally removing critical resources.
-resource "aws_route53_zone" "shopverwaltung" {
-  name = "shopverwaltung.idealo.tools"
+resource "aws_route53_zone" "sample-app" {
+  name = "sample-app.example.net"
   lifecycle {
     prevent_destroy = true
   }
 }
 
-# Create zone delegation in idealo.tools zone via CSD provider
-resource "csd_zone_delegation" "shopverwaltung" {
-  name         = aws_route53_zone.shopverwaltung.name
-  name_servers = aws_route53_zone.shopverwaltung.name_servers
+# Create zone delegation in example.net zone via CSD provider
+# example.net is a placeholder for a domain which is supported in the CSD product.
+resource "csd_zone_delegation" "sample-app" {
+  name         = aws_route53_zone.sample-app.name
+  name_servers = aws_route53_zone.sample-app.name_servers
 }
 ```
 
@@ -142,22 +109,22 @@ resource "csd_zone_delegation" "shopverwaltung" {
 ## Use case 2: Route traffic through Akamai
 
 ```terraform
-resource "csd_record" "wishlist_idealo_de_cname" {
-  name  = "wishlist.idealo.de"
-  type  = "cname"
-  value = "wishlist.edgekey.net"
+resource "csd_record" "sample-app_example_net_cname" {
+  name  = "sample-app.example.net"
+  rrtype  = "cname"
+  value = "sample-app.edgekey.net"
   ttl   = 3600
 }
 
-resource "csd_record" "_acme_challenge_wishlist_idealo_de_txt" {
-  name  = "_acme_challenge.wishlist.idealo.de"
-  type  = "txt"
+resource "csd_record" "_acme_challenge_sample-app_example_net_txt" {
+  name  = "_acme_challenge.sample-app.example.net"
+  rrtype  = "txt"
   value = "LeisahxaiQu8ayah2aiwe9Que5saiy4o"
   ttl   = 60
 }
 ```
 
-Follow the detailed documentation on how to setup the Akamai property [here](https://backstage.idealo.tools/catalog/default/component/CSD/docs/#use-case-forward-traffic-to-akamai). If you have any questions about the property, please ask the [SECURITY](https://teams.microsoft.com/l/channel/19%3a77eca9f9ee784e04988b4b8c29814e0b%40thread.tacv2/%25F0%259F%259B%25A1%25EF%25B8%258F%2520PT%2520Security?groupId=424df2ed-7bad-42b5-9c93-2a74f5acd0e1&tenantId=21956b19-fed2-44b7-90cf-b6d281c0a42a) team. They will gladly help you with that.
+Follow the detailed documentation on how to setup the Akamai property [here](https://backstage.idealo.tools/catalog/default/component/CSD/docs/#use-case-forward-traffic-to-akamai). If you have any security related questions about the property, please ask the [SECURITY](https://teams.microsoft.com/l/channel/19%3a77eca9f9ee784e04988b4b8c29814e0b%40thread.tacv2/%25F0%259F%259B%25A1%25EF%25B8%258F%2520PT%2520Security?groupId=424df2ed-7bad-42b5-9c93-2a74f5acd0e1&tenantId=21956b19-fed2-44b7-90cf-b6d281c0a42a) team. They will gladly help you with that. If you have questions regarding bot detection, the [User Insights](https://teams.microsoft.com/l/channel/19%3a4ae895491b724ee08b6cfd54d6ea1ca3%40thread.tacv2/User%2520Insights%2520-%2520General?groupId=424df2ed-7bad-42b5-9c93-2a74f5acd0e1&tenantId=21956b19-fed2-44b7-90cf-b6d281c0a42a) team might help too. For anything else you can ask the [Transport](https://teams.microsoft.com/l/channel/19%3a3038b820be2e4194905c35f5f98b8ceb%40thread.tacv2/%25E2%2598%2581%25EF%25B8%258F%2520PT%2520Web%2520Platform?groupId=424df2ed-7bad-42b5-9c93-2a74f5acd0e1&tenantId=21956b19-fed2-44b7-90cf-b6d281c0a42a) team.
 
 
 # FAQ
@@ -188,7 +155,7 @@ terraform {
 }
 ```
 
-Now follow the proper upgrade procedure described [here](#Upgrade from v1.x to v2.x).
+Now follow the proper upgrade procedure described [here](https://github.com/idealo/terraform-provider-csd/tree/main#upgrade-from-v1x-to-v2x).
 
 # Development
 

examples/data-sources/csd_zone/data-source.tf

@@ -1,3 +1,3 @@
 data "csd_zone_delegation" "my_zone_delegation" {
-  name = "myzone.idealo.tools"
+  name = "myzone.example.net"
 }

examples/main.tf

@@ -15,13 +15,13 @@ terraform {
 
 provider "aws" {
   region              = "eu-central-1"
-  allowed_account_ids = ["433744410943"]
+  allowed_account_ids = ["123456789012"]
 }
 
 provider "csd" {}
 
 resource "aws_route53_zone" "myzone" {
-  name = "myzone2.idealo.tools"
+  name = "myzone2.example.net"
 }
 
 resource "csd_zone_delegation" "myzone" {
@@ -38,19 +38,19 @@ resource "aws_route53_record" "myrecord" {
 }
 
 resource "csd_record" "myrecord" {
-  name   = "_acme-challenge.myrecord.myzone2.idealo.tools"
+  name   = "_acme-challenge.myrecord.myzone2.example.net"
   rrtype = "TXT"
   value  = "foobar"
 }
 
 resource "csd_record" "myrecord2" {
-  name   = "myrecord2.myzone2.idealo.tools"
+  name   = "myrecord2.myzone2.example.net"
   rrtype = "CNAME"
   value  = "foobar.edgekey.net."
 }
 
 #data "csd_record" "myrecord" {
-#  name = "myrecord.idealo.tools"
+#  name = "myrecord.example.net"
 #}
 
 #output "myrecord" {
@@ -64,7 +64,7 @@ resource "csd_record" "myrecord2" {
 #}
 
 #resource "aws_route53_zone" "my_zone" {
-#  name = "myzone.idealo.tools"
+#  name = "myzone.example.net"
 #}
 
 #resource "csd_zone_delegation" "my_zone_delegation" {
@@ -87,7 +87,7 @@ resource "csd_record" "myrecord2" {
 #}
 
 #data "csd_zone_delegation" "my_zone_delegation" {
-#  name = "myzone.idealo.tools"
+#  name = "myzone.example.net"
 #}
 
 #output "test_data_read_zone_delegation" {

examples/resources/csd_zone/import.sh

@@ -1 +1 @@
-terraform import csd_zone_delegation.example myzone.idealo.tools
+terraform import csd_zone_delegation.example myzone.example.net

examples/resources/csd_zone/resource.tf

@@ -1,5 +1,5 @@
 resource "aws_route53_zone" "my_zone" {
-  name = "myzone.idealo.tools"
+  name = "myzone.example.net"
 }
 
 resource "csd_zone_delegation" "my_zone_delegation" {

go.mod

@@ -1,50 +1,56 @@
 module github.com/idealo/terraform-provider-csd
 
-go 1.20
+go 1.22
+
+toolchain go1.22.5
 
 require (
-	github.com/aws/aws-sdk-go-v2 v1.24.1
-	github.com/aws/aws-sdk-go-v2/config v1.25.3
-	github.com/hashicorp/terraform-plugin-docs v0.16.0
+	github.com/aws/aws-sdk-go-v2 v1.30.3
+	github.com/aws/aws-sdk-go-v2/config v1.27.26
+	github.com/hashicorp/terraform-plugin-docs v0.19.3
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0
 )
 
 require (
+	github.com/BurntSushi/toml v1.2.1 // indirect
+	github.com/Kunde21/markdownfmt/v3 v3.1.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver/v3 v3.2.0 // indirect
 	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
 	github.com/ProtonMail/go-crypto v1.1.0-alpha.2 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.16.2 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.4 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.3 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.3 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.17.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.0 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.25.3 // indirect
-	github.com/aws/smithy-go v1.19.0 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.26 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
+	github.com/aws/smithy-go v1.20.3 // indirect
 	github.com/bgentry/speakeasy v0.1.0 // indirect
+	github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
-	github.com/fatih/color v1.16.0 // indirect
+	github.com/fatih/color v1.17.0 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
+	github.com/hashicorp/cli v1.1.6 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect
-	github.com/hashicorp/go-hclog v1.5.0 // indirect
+	github.com/hashicorp/go-hclog v1.6.3 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-plugin v1.6.0 // indirect
+	github.com/hashicorp/go-plugin v1.6.1 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
-	github.com/hashicorp/go-version v1.6.0 // indirect
-	github.com/hashicorp/hc-install v0.6.4 // indirect
-	github.com/hashicorp/hcl/v2 v2.20.1 // indirect
+	github.com/hashicorp/go-version v1.7.0 // indirect
+	github.com/hashicorp/hc-install v0.7.0 // indirect
+	github.com/hashicorp/hcl/v2 v2.21.0 // indirect
 	github.com/hashicorp/logutils v1.0.0 // indirect
 	github.com/hashicorp/terraform-exec v0.21.0 // indirect
 	github.com/hashicorp/terraform-json v0.22.1 // indirect
@@ -57,30 +63,35 @@ require (
 	github.com/imdario/mergo v0.3.15 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mitchellh/cli v1.1.5 // indirect
+	github.com/mattn/go-runewidth v0.0.9 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/oklog/run v1.1.0 // indirect
 	github.com/posener/complete v1.2.3 // indirect
-	github.com/russross/blackfriday v1.6.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	github.com/zclconf/go-cty v1.14.4 // indirect
-	golang.org/x/crypto v0.23.0 // indirect
+	github.com/yuin/goldmark v1.7.1 // indirect
+	github.com/yuin/goldmark-meta v1.1.0 // indirect
+	github.com/zclconf/go-cty v1.15.0 // indirect
+	go.abhg.dev/goldmark/frontmatter v0.2.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
 	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
-	golang.org/x/mod v0.16.0 // indirect
-	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sys v0.20.0 // indirect
-	golang.org/x/text v0.15.0 // indirect
-	golang.org/x/tools v0.13.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de // indirect
-	google.golang.org/grpc v1.63.2 // indirect
-	google.golang.org/protobuf v1.34.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240711142825-46eb208f015d // indirect
+	google.golang.org/grpc v1.65.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+	gopkg.in/yaml.v2 v2.3.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )