feat: Release v4.0.0 Provider Upgrade to OneAPI (#383)

* feat: Release v4.0.0 OneAPI Upgrade

Author: willguibr

.github/workflows/zia-test.yml

@@ -18,219 +18,15 @@ on:
   workflow_dispatch:
 
 jobs:
-  # zia-zsbeta-tests:
-  #   environment: ZIA_ZSBETA
-  #   runs-on: ubuntu-latest
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       goVersion: ["1.21"]
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
 
-  #     - name: Setup Go
-  #       uses: actions/setup-go@v5
-  #       with:
-  #         go-version: ${{ matrix.goVersion }}
-
-  #     - name: Set Go env
-  #       run: |
-  #         echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV
-  #         echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Download Go Dependencies
-  #       run: |
-  #         go mod tidy && go mod vendor
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Check Formatting
-  #       run: make fmtcheck
-
-  #     # - name: Vet Code
-  #     #   run: make vet
-
-  #     - name: Lint Code
-  #       run: make lint
-
-  #     - name: Check Build
-  #       run: make build
-
-  #     - name: Run tests with retry
-  #       uses: nick-fields/retry@v3
-  #       with:
-  #         max_attempts: 3
-  #         timeout_minutes: 120
-  #         command: |
-  #           make sweep
-  #           make test:integration:zia
-  #           make sweep
-
-  #       env:
-  #         ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
-  #         ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
-  #         ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
-  #         ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
-  #         ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
-  #         ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
-  #         ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
-  #         ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
-  #         ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
-  #         TF_ACC: ${{ secrets.TF_ACC }}
-  #         ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-
-  # zia-test-tenants:
-  #   needs: [zia-zsbeta-tests]
-  #   runs-on: ubuntu-latest
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       goVersion: ["1.21"]
-  #       environment:
-  #         # - ZIA_ZSCLOUD
-  #         - ZIA_ZS0
-  #         # - ZIA_ZS1
-  #         # - ZIA_ZS2
-  #         # - ZIA_ZS3
-  #   environment: ${{ matrix.environment }}
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
-
-  #     - name: Setup Go
-  #       uses: actions/setup-go@v5
-  #       with:
-  #         go-version: ${{ matrix.goVersion }}
-
-  #     - name: Set Go env
-  #       run: |
-  #         echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV
-  #         echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Download Go Dependencies
-  #       run: |
-  #         go mod tidy && go mod vendor
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Check Formatting
-  #       run: make fmtcheck
-
-  #     # - name: Vet Code
-  #     #   run: make vet
-
-  #     - name: Lint Code
-  #       run: make lint
-
-  #     - name: Check Build
-  #       run: make build
-
-  #     - name: Run tests with retry on Ubuntu
-  #       uses: nick-fields/retry@v3
-  #       with:
-  #         max_attempts: 3
-  #         timeout_minutes: 120
-  #         command: |
-  #           make sweep
-  #           make test:integration:zscalerone
-  #           make sweep
-  #       env:
-  #         ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
-  #         ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
-  #         ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
-  #         ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
-  #         ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
-  #         ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
-  #         ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
-  #         ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
-  #         ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
-  #         TF_ACC: ${{ secrets.TF_ACC }}
-  #         ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-
-  # zia-zscalerone-test:
-  #   runs-on: ubuntu-latest
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       goVersion: ["1.21"]
-  #       environment:
-  #         - ZIA_ZS1
-  #   environment: ${{ matrix.environment }}
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
-
-  #     - name: Setup Go
-  #       uses: actions/setup-go@v5
-  #       with:
-  #         go-version: ${{ matrix.goVersion }}
-
-  #     - name: Set Go env
-  #       run: |
-  #         echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV
-  #         echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Download Go Dependencies
-  #       run: |
-  #         go mod tidy && go mod vendor
-
-  #     - name: Setup Go Tools
-  #       run: make tools
-
-  #     - name: Check Formatting
-  #       run: make fmtcheck
-
-  #     # - name: Vet Code
-  #     #   run: make vet
-
-  #     - name: Lint Code
-  #       run: make lint
-
-  #     - name: Check Build
-  #       run: make build
-
-  #     - name: Run tests with retry on Ubuntu
-  #       uses: nick-fields/retry@v3
-  #       with:
-  #         max_attempts: 3
-  #         timeout_minutes: 45 # Adjust as needed
-  #         command: |
-  #           make sweep
-  #           make test:integration:zscalerone
-  #           make sweep
-  #       env:
-  #         ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
-  #         ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
-  #         ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
-  #         ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
-  #         ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
-  #         ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
-  #         ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
-  #         ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
-  #         ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
-  #         TF_ACC: ${{ secrets.TF_ACC }}
-  #         ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
-
-  zia-zscalertwo-test:
+  zia-zsbeta-tests:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         goVersion: ["1.21"]
         environment:
-          - ZIA_ZS2
+          - ZIA_ZSBETA
     environment: ${{ matrix.environment }}
     steps:
       - name: Checkout code
@@ -278,15 +74,15 @@ jobs:
             make test:integration:zia
             make sweep
         env:
-          ZIA_USERNAME: ${{ secrets.ZIA_USERNAME }}
-          ZIA_PASSWORD: ${{ secrets.ZIA_PASSWORD }}
-          ZIA_API_KEY: ${{ secrets.ZIA_API_KEY }}
-          ZIA_CLOUD: ${{ secrets.ZIA_CLOUD }}
-          ZIA_SANDBOX_TOKEN: ${{ secrets.ZIA_SANDBOX_TOKEN }}
-          ZPA_CLIENT_ID: ${{ secrets.ZPA_CLIENT_ID }}
-          ZPA_CLIENT_SECRET: ${{ secrets.ZPA_CLIENT_SECRET }}
-          ZPA_CUSTOMER_ID: ${{ secrets.ZPA_CUSTOMER_ID }}
-          ZPA_CLOUD: ${{ secrets.ZPA_CLOUD }}
+          ZSCALER_CLIENT_ID: ${{ secrets.ZSCALER_CLIENT_ID }}
+          ZSCALER_CLIENT_SECRET: ${{ secrets.ZSCALER_CLIENT_SECRET }}
+          ZSCALER_VANITY_DOMAIN: ${{ secrets.ZSCALER_VANITY_DOMAIN }}
+          ZSCALER_CLOUD: ${{ secrets.ZSCALER_CLOUD }}
+          # ZSCALER_SDK_LOG: ${{ secrets.ZSCALER_SDK_LOG }}
+          # ZSCALER_SDK_VERBOSE: ${{ secrets.ZSCALER_SDK_VERBOSE }}
+          ZIA_SDK_TEST_SWEEP: ${{ secrets.ZIA_SDK_TEST_SWEEP }}
+          ZSCALER_SANDBOX_TOKEN: ${{ secrets.ZSCALER_SANDBOX_TOKEN }}
+          ZSCALER_SANDBOX_CLOUD: ${{ secrets.ZSCALER_SANDBOX_CLOUD }}
           TF_ACC: ${{ secrets.TF_ACC }}
           ZIA_ACC_TEST_FORCE_SWEEPERS: ${{ secrets.ZIA_ACC_TEST_FORCE_SWEEPERS }}
 

CHANGELOG.md

@@ -1,5 +1,60 @@
 # Changelog
 
+## 4.0.0 (January, 21 2025) - BREAKING CHANGES
+
+### Notes
+
+- Release date: **(January, 21 2025)**
+- Supported Terraform version: **v1.x**
+
+#### Enhancements - Zscaler OneAPI Support
+
+[PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383): The ZIA Terraform Provider now offers support for [OneAPI](https://help.zscaler.com/oneapi/understanding-oneapi) Oauth2 authentication through [Zidentity](https://help.zscaler.com/zidentity/what-zidentity).
+
+**NOTE** As of version v4.0.0, this Terraform provider offers backwards compatibility to the Zscaler legacy API framework. This is the recommended authentication method for organizations whose tenants are still not migrated to [Zidentity](https://help.zscaler.com/zidentity/what-zidentity).
+
+⚠️ **WARNING**: Please refer to the [Index Page](https://github.com/zscaler/terraform-provider-zia/blob/master/docs/index.md) page for details on authentication requirements prior to upgrading your provider configuration.
+
+⚠️ **WARNING**: Attention Government customers. OneAPI and Zidentity is not currently supported for the following clouds: `zscalergov` and `zscalerten`. Refer to the [Legacy API Framework](https://github.com/zscaler/terraform-provider-zpa/blob/master/docs/index) section for more information on how authenticate to these environments using the legacy method.
+
+### NEW - RESOURCES, DATA SOURCES, PROPERTIES, ATTRIBUTES, ENV VARS
+
+#### ENV VARS: ZIA Sandbox Submission - BREAKING CHANGES
+
+[PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383): Authentication to Zscaler Sandbox service now use the following attributes.
+
+- `sandboxToken` - Can also be sourced from the `ZSCALER_SANDBOX_TOKEN` environment variable.
+- `sandboxCloud` - Can also be sourced from the `ZSCALER_SANDBOX_CLOUD` environment variable.
+
+The use of the previous envioronment variables combination `ZIA_SANDBOX_TOKEN` and `ZIA_CLOUD` is now deprecated.
+
+### NEW - RESOURCES, DATA SOURCES
+
+[PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383): The following new resources and data sources have been introduced:
+
+- Added the datasource and resource ``zia_sandbox_rules`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manage Sandbox Rules
+- Added the datasource and resource ``zia_firewall_dns_rule``[PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manage Cloud Firewall DNS Rules
+- Added the datasource and resource ``zia_firewall_ips_rule`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manage Cloud Firewall IPS Rules
+- Added the datasource and resource ``zia_file_type_control_rules`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manage File Type Control Rules
+- Added the datasource and resource ``zia_advanced_threat_settings`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages advanced threat configuration settings
+- Added the datasource and resource ``zia_atp_malicious_urls`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages malicious URLs added to the denylist in ATP policy
+- Added the datasource and resource ``zia_atp_security_exceptions`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Security Exceptions (URL Bypass List) for the ATP policy
+- Added the datasource and resource ``zia_advanced_settings`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Advanced Settings configuration. [Configuring Advanced Settings](https://help.zscaler.com/zia/configuring-advanced-settings)
+- Added the datasource and resource ``zia_atp_malware_inspection`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Advanced Threat Protection Malware Inspection configuration. [Malware Protection](https://help.zscaler.com/zia/policies/malware-protection)
+- Added the datasource and resource ``zia_atp_malware_protocols`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Advanced Threat Protection Malware Protocols configuration. [Malware Protection](https://help.zscaler.com/zia/policies/malware-protection)
+- Added the datasource and resource ``zia_atp_malware_settings`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Advanced Threat Protection Malware Settings. [Malware Protection](https://help.zscaler.com/zia/policies/malware-protection)
+- Added the datasource and resource ``zia_atp_malware_policy`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages Advanced Threat Protection Malware Policy. [Malware Protection](https://help.zscaler.com/zia/policies/malware-protection)
+- Added the datasource and resource ``zia_end_user_notification`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Retrieves information of browser-based end user notification (EUN) configuration details.[Understanding Browser-Based End User Notifications](https://help.zscaler.com/zia/understanding-browser-based-end-user-notifications)
+- Added the datasource and resource ``zia_url_filtering_and_cloud_app_settings`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages the URL and Cloud App Control advanced policy settings.[Configuring Advanced Policy Settings](https://help.zscaler.com/zia/configuring-advanced-policy-settings)
+- Added the datasource ``zia_cloud_applications`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Retrieves Predefined and User Defined Cloud Applications associated with the DLP rules, Cloud App Control rules, Advanced Settings, Bandwidth Classes, File Type Control rules, and SSL Inspection rules.
+- Added the datasource ``zia_forwarding_control_proxy_gateway`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Retrieves information of existing Proxy Gateway configuration.
+- Added the datasource and resource ``zia_ssl_inspection_rules`` [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) :rocket: - Manages SSL Inspection Rules.
+
+#### NEW ATTRIBUTES
+
+- [PR #383](https://github.com/zscaler/terraform-provider-zia/pull/383) - Added new `actions` values to resource `zia_cloud_app_control_rule`.
+Please refer to the [Cloud Application Control - Rule Types vs Actions Matrix](https://github.com/zscaler/terraform-provider-zia/blob/master/docs/resources/zia_cloud_app_control_rule.md#cloud-application-control---rule-types-vs-actions-matrix) page for details each action per `rule_type`
+
 ## 3.0.7 (November, 17 2024)
 
 ### Notes

GNUmakefile

@@ -196,14 +196,14 @@ test\:integration\:zscalertwo:
 build13: GOOS=$(shell go env GOOS)
 build13: GOARCH=$(shell go env GOARCH)
 ifeq ($(OS),Windows_NT)  # is Windows_NT on XP, 2000, 7, Vista, 10...
-build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/3.0.7/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/4.0.0/$(GOOS)_$(GOARCH)
 else
-build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/3.0.7/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/4.0.0/$(GOOS)_$(GOARCH)
 endif
 build13: fmtcheck
 	@echo "==> Installing plugin to $(DESTINATION)"
 	@mkdir -p $(DESTINATION)
-	go build -o $(DESTINATION)/terraform-provider-zia_v3.0.7
+	go build -o $(DESTINATION)/terraform-provider-zia_v4.0.0
 
 coverage: test
 	@echo "✓ Opening coverage for unit tests ..."