Feat: Newly Improved Zscaler-Terraformer v1.3.0 (#213)

* fix: Refactored code structure for improved resource management
* fix: Removed test data
* fix: Cleanup github actions
* fix: Fixed attribute exclusion
* fix: Auto injected ZSCALER_SDK_CACHE_DISABLED variable during runtime
* fix: Fixed main.go and Execute command
* feat: Added support to ZPA CBI Isolation External Profile
* fix: Fixed help cli commands
* feat: Added new suuported-resources command flag
* fix: Fixed Linter comments to helpers
* fix: Fixed zpa_service_edge_group resource
* fix: Fixed lint training and leading newline

.github/workflows/lint.yaml → .github/workflows/lint.yml

@@ -20,7 +20,7 @@ jobs:
       - uses: actions/cache@v4
         with:
           path: ~/go/pkg/mod
-          key: go1.21-${{ hashFiles('**/go.sum') }}
+          key: go1.22-${{ hashFiles('**/go.sum') }}
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v6
         with:

.goreleaser.yml

@@ -1,4 +1,3 @@
-
 # Visit https://goreleaser.com for documentation on how to customize this
 # behavior.
 version: 2
@@ -10,9 +9,9 @@ before:
     # this is just an example and not a requirement for provider building/publishing
     - go mod tidy && go mod vendor
 builds:
-  - main: ./cmd/zscaler-terraformer/main.go
+  - main: ./main.go
     ldflags:
-      - -s -w -X "github.com/zscaler/zscaler-terraformer/internal/app/zscaler-terraformer/cmd.versionString={{.Env.VERSION}}"
+      - -s -w -X "github.com/zscaler/zscaler-terraformer/cmd.versionString={{.Env.VERSION}}"
     goos:
       - windows
       - linux
@@ -27,8 +26,8 @@ builds:
         goarch: '386'
     binary: 'zscaler-terraformer'
 archives:
-- format: zip
-  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+  - format: zip
+    name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
 checksum:
   name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
   algorithm: sha256
@@ -61,4 +60,4 @@ release:
     owner: Zscaler
     name: zscaler-terraformer
   draft: true
-  name_template: '{{.Tag}}'
+  name_template: '{{.Tag}}'

CHANGELOG.md

@@ -1,18 +1,54 @@
 # Changelog
 
-## 1.2.2 (June, 20 2024)
+## 1.3.0 (July, 10 2024)
 
 ### Notes
 
-- Release date: **(June, 20 2024)**
+- Release date: **(July, 10 2024)**
 - Supported Terraform version: **v1.x.x**
 
-### Deprecations
-- [PR #206](https://github.com/zscaler/zscaler-terraformer/pull/206) Deprecated the following ZPA resource:
+### Enhancements
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). The tool now creates a ``outputs.tf`` file containg the `id` export of each invidual exported resource.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). The tool now displays a message when the resource import is successful.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). The following new flag has been introduced `--supported-resources=`. When using the following syntax: `zscaler-terraformer --supported-resources="zpa"` or `zscaler-terraformer --supported-resources="zia"` a list of all current supported resources is displayed in table format.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). The tool now displays a warning message when the imported resource contain attributes that may carry sensitive values i.e `passwords`. Notice that the value is not included in the HCL code for security reasons.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Re-introduced support for the import of the following resources:
     - `zpa_application_segment_browser_access`
     - `zpa_application_segment_inspection`
     - `zpa_application_segment_pra`
 
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Introduced support for the import of the following ZPA Privileged Remote Access resources:
+    - `zpa_pra_approval_controller`
+    - `zpa_pra_console_controller`
+    - `zpa_pra_credential_controller`
+    - `zpa_pra_portal_controller`
+
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Introduced support for the import of the following Cloud Browser Isolation resources:
+    - `zpa_cloud_browser_isolation_banner`
+    - `zpa_cloud_browser_isolation_certificate`
+    - `zpa_cloud_browser_isolation_external_profile`
+
+### Bug Fixes
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Fixed issues with credential with inline credential authentication.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Fixed importing of ZIA resource ``zia_dlp_web_rules`` attribute blocks:
+    - `icap_server`
+    - `notification_templates`
+    - `auditor`
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Fixed importing of ZPA resource ``zpa_inspection_custom_controls`` `rules` block.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Fixed authentication methods to support both environment variables and inline credentials.
+
+### Deprecations
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213) Deprecated the following ZIA resources:
+    - `zia_user_management`
+    - `zia_admin_users`
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213) Temporary deprecation of the resources: `zpa_inspection_profile`
+
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213) Deprecated support to authentication via ``credentials.json`` file. The Tool now supports environment variables and inline based credentials. See [README](https://github.com/zscaler/zscaler-terraformer?tab=readme-ov-file#authentication) for further details.
+
+### Internal Changes
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). The tool introduced two new internal environment variables for development purposes: ``ZPA_PROVIDER_NAMESPACE`` and ``ZIA_PROVIDER_NAMESPACE``. By setting these enviornment variables it allows a developer to leverage a local Terraform Provider installation for testing purposes. i.e ``export ZPA_PROVIDER_NAMESPACE=zscaler.com/zpa/zpa``. This will force the tool to use a local provider binary installation. If not set, then the tool will download the latest version of the provider from the Terraform registry.
+- [PR #213](https://github.com/zscaler/zscaler-terraformer/pull/213). Implemented new code structure for better code management.
+
 ## 1.2.1 (June, 13 2024)
 
 ### Notes

Makefile

@@ -47,8 +47,8 @@ build:
 	@go build \
 		-gcflags=all=-trimpath=$(GOPATH) \
 		-asmflags=all=-trimpath=$(GOPATH) \
-		-ldflags="-X github.com/zscaler/zscaler-terraformer/internal/app/zscaler-terraformer/cmd.versionString=$(VERSION)" \
-		-o $(BINARY_NAME) cmd/zscaler-terraformer/main.go
+		-ldflags="-X main.versionString=$(VERSION)" \
+		-o $(BINARY_NAME) main.go
 
 install: GOOS=$(shell go env GOOS)
 install: GOARCH=$(shell go env GOARCH)
@@ -64,16 +64,16 @@ install:
 	@go build \
 		-gcflags=all=-trimpath=$(GOPATH) \
 		-asmflags=all=-trimpath=$(GOPATH) \
-		-ldflags="-X github.com/zscaler/zscaler-terraformer/internal/app/zscaler-terraformer/cmd.versionString=$(VERSION)" \
-		-o $(DESTINATION)/$(BINARY_NAME) ./cmd/zscaler-terraformer/main.go
+		-ldflags="-X main.versionString=$(VERSION)" \
+		-o $(DESTINATION)/$(BINARY_NAME) main.go
 
 build_all:
 	@echo "==> Building $(BINARY_NAME) for Windows, macOS, and Linux..."
-	GOOS=windows GOARCH=amd64 go build -o build/$(BINARY_NAME).exe cmd/zscaler-terraformer/main.go
-	GOOS=darwin GOARCH=amd64 go build -o build/$(BINARY_NAME)_darwin_amd64 cmd/zscaler-terraformer/main.go
-	GOOS=darwin GOARCH=arm64 go build -o build/$(BINARY_NAME)_darwin_arm64 cmd/zscaler-terraformer/main.go
-	GOOS=linux GOARCH=amd64 go build -o build/$(BINARY_NAME)_linux_amd64 cmd/zscaler-terraformer/main.go
-	GOOS=linux GOARCH=arm64 go build -o build/$(BINARY_NAME)_linux_arm64 cmd/zscaler-terraformer/main.go
+	GOOS=windows GOARCH=amd64 go build -o build/$(BINARY_NAME).exe main.go
+	GOOS=darwin GOARCH=amd64 go build -o build/$(BINARY_NAME)_darwin_amd64 main.go
+	GOOS=darwin GOARCH=arm64 go build -o build/$(BINARY_NAME)_darwin_arm64 main.go
+	GOOS=linux GOARCH=amd64 go build -o build/$(BINARY_NAME)_linux_amd64 main.go
+	GOOS=linux GOARCH=arm64 go build -o build/$(BINARY_NAME)_linux_arm64 main.go
 
 test_zpa:
 	@CI=true \

README.md

@@ -44,24 +44,23 @@ Available Commands:
   version     Print the version number of zscaler-terraformer
 
 Flags:
-  -c, --config string                       Path to config file (default "/Users/username/.zscaler-terraformer.yaml")
       --exclude string                      Which resources you wish to exclude
   -h, --help                                help for zscaler-terraformer
       --resource-type string                Which resource you wish to generate
       --resources string                    Which resources you wish to import
       --terraform-install-path string       Path to the default Terraform installation (default ".")
   -v, --verbose                             Specify verbose output (same as setting log level to debug)
-      --version                             Display the release version
-      --zia-terraform-install-path string   Path to the ZIA Terraform installation (default ".")
-      --ziaApiKey string                    ZIA API Key
-      --ziaCloud string                     ZIA Cloud (i.e zscalerthree)
-      --ziaPassword string                  ZIA password
-      --ziaUsername string                  ZIA username
-      --zpa-terraform-install-path string   Path to the ZPA Terraform installation (default ".")
-      --zpaClientID string                  ZPA client ID
-      --zpaClientSecret string              ZPA client secret
-      --zpaCloud string                     ZPA Cloud (BETA or PRODUCTION)
-      --zpaCustomerID string                ZPA Customer ID
+      --version                              Display the release version
+      --zia-terraform-install-path string    Path to the ZIA Terraform installation (default ".")
+      --zia_api_key string                   ZIA API Key
+      --zia_cloud string                     ZIA Cloud (i.e zscalerthree)
+      --zia_password string                  ZIA password
+      --zia_username string                  ZIA username
+      --zpa-terraform-install-path string    Path to the ZPA Terraform installation (default ".")
+      --zpa_client_id string                 ZPA client ID
+      --zpa_client_secret string             ZPA client secret
+      --zpa_customer_id string               ZPA Customer ID
+      --zpa_cloud string                     ZPA Cloud (``BETA``, ``GOV``, ``GOVUS``, ``PRODUCTION``, ``ZPATWO``)
 
 Use "zscaler-terraformer [command] --help" for more information about a command.
 
@@ -91,7 +90,17 @@ demonstrated below.
 export ZPA_CLIENT_ID      = "xxxxxxxxxxxxxxxx"
 export ZPA_CLIENT_SECRET  = "xxxxxxxxxxxxxxxx"
 export ZPA_CUSTOMER_ID    = "xxxxxxxxxxxxxxxx"
-export ZPA_CLOUD          = "BETA" // Use "GOV" for ZPA Gov Cloud
+export ZPA_CLOUD          = "BETA", "GOV", "GOVUS", "PRODUCTION" or "ZPATWO"
+```
+
+### ZPA Inline Authentication
+
+```bash
+zscaler-terraformer import --resources="zpa" \
+--zpa_client_id="xxxxxxxxxxxxxxxx" \
+--zpa_client_secret="xxxxxxxxxxxxxxxx" \
+--zpa_customer_id="xxxxxxxxxxxxxxxx" \
+--zpa_cloud="BETA", "GOV", "GOVUS", "PRODUCTION" or "ZPATWO"
 ```
 
 ### ZIA Environment Variables
@@ -106,14 +115,14 @@ export ZIA_CLOUD    = "xxxxxxxxxxxxxxxx" (i.e zscalerthree)
 
 ```
 
-Alternatively, if using a config file, then specify the inputs using the following `flag` names. Example:
+### ZIA Inline Authentication
 
 ```bash
-$ cat ~/.zscaler-terraformer.yaml
-zpaClientID: "Mrwefhoijhviihew"
-zpaClientSecret: "{HBRjowhdowqj"
-zpaCustomerID: "123456789"
-zpaCloud: "BETA"
+zscaler-terraformer import --resources="zia" \
+--zia_username="xxxxxxxxxxxxxxxx" \
+--zia_password="xxxxxxxxxxxxxxxx" \
+--zia_api_key="xxxxxxxxxxxxxxxx" \
+--zia_cloud=(i.e zscalerthree)
 ```
 
 ## ZPA Example usage
@@ -139,7 +148,7 @@ zscaler-terraformer import --resources="zpa_application_segment"
 ### Exclude specific ZPA resources from Importing
 
 ```bash
-zscaler-terraformer import --resources="zpa" --exclude='zpa_segment_group,zpa_server_group'
+zscaler-terraformer import --resources="zpa" --exclude='zpa_segment_group, zpa_server_group'
 ```
 
 By default, ``zscaler-terraformer`` will create a local configuration directory where it is being executed. You can also indicate the path where the imported configuration should be stored by using the folowing environment variable ``ZSCALER_ZPA_TERRAFORM_INSTALL_PATH``.
@@ -240,22 +249,35 @@ $ zscaler-terraformer import \
 
 Any resources not listed are currently not supported.
 
-Last updated February 29, 2024
+Last updated July 11, 2024
+
+Use the following command once the tool is installed to visualize the table of supported ZPA resources:
+```shell
+zscaler-terraformer --supported-resources="zpa"
+```
 
 | Resource | Resource Scope | Generate Supported | Import Supported |
 |----------|-----------|----------|----------|
 | [zpa_app_connector_group](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_app_connector_group) | group | ✅ | ✅ |
 | [zpa_service_edge_group](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_service_edge_group) | group | ✅ | ✅ |
 | [zpa_application_server](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_server) | application | ✅ | ✅ |
-| [zpa_application_segment](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment) | app segment | ✅ | ✅ |
+| [zpa_application_segment](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment) | application segment | ✅ | ✅ |
+| [zpa_application_segment_browser_access](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment_browser_access) | application segment | ✅ | ✅ |
+| [zpa_application_segment_inspection](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment_inspection) | application segment | ✅ | ✅ |
+| [zpa_application_segment_pra](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment_pra) | application segment | ✅ | ✅ |
+| [zpa_cloud_browser_isolation_banner](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_cloud_browser_isolation_banner) | isolation | ✅ | ✅ |
+| [zpa_cloud_browser_isolation_certificate](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_cloud_browser_isolation_certificate) | isolation | ✅ | ✅ |
 | [zpa_cloud_browser_isolation_external_profile](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_cloud_browser_isolation_external_profile) | isolation | ✅ | ✅ |
 | [zpa_segment_group](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_segment_group) | group | ✅ | ✅ |
 | [zpa_server_group](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_server_group) | group | ✅ | ✅ |
 | [zpa_lss_config_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_lss_config_controller) | lss | ✅ | ✅ |
 | [zpa_microtenant_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_microtenant_controller) | microtenant | ✅ | ✅ |
 | [zpa_provisioning_key](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_provisioning_key) | key | ✅ | ✅ |
 | [zpa_inspection_custom_controls](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_inspection_custom_control) | Inspection | ✅ | ✅ |
-| [zpa_inspection_profile](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_inspection_profile) | Inspection | ✅ | ✅ |
+| [zpa_pra_approval_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_pra_approval_controller) | PRA | ✅ | ✅ |
+| [zpa_pra_console_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_pra_console_controller) | PRA | ✅ | ✅ |
+| [zpa_pra_credential_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_pra_credential_controller) | PRA | ✅ | ✅ |
+| [zpa_pra_portal_controller](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_pra_portal_controller) | PRA | ✅ | ✅ |
 | [zpa_policy_access_rule](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_policy_access_rule) | Policy | ✅ | ✅ |
 | [zpa_policy_timeout_rule](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_policy_access_timeout_rule) | Policy | ✅ | ✅ |
 | [zpa_policy_forwarding_rule](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_policy_access_forwarding_rule) | Policy | ✅ | ✅ |
@@ -266,7 +288,13 @@ Last updated February 29, 2024
 
 Any resources not listed are currently not supported.
 
-Last updated March 7, 2024
+Last updated July 11, 2024
+
+Use the following command once the tool is installed to visualize the table of supported ZIA resources:
+
+```shell
+zscaler-terraformer --supported-resources="zia"
+```
 
 | Resource | Resource Scope | Generate Supported | Import Supported |
 |----------|-----------|----------|----------|
@@ -290,7 +318,6 @@ Last updated March 7, 2024
 | [zia_auth_settings_urls](https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_auth_settings_urls) | URL | ✅ | ✅ |
 | [zia_security_policy_settings](https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_security_policy_settings) | URL | ✅ | ✅ |
 | [zia_sandbox_behavioral_analysis](https://https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_sandbox_behavioral_analysis) | URL | ✅ | ✅ |
-| [zia_user_management](https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_user_management) | User | ✅ | ✅ |
 | [zia_forwarding_control_rule](https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_forwarding_control_rule) | Forward | ✅ | ✅ |
 | [zia_forwarding_control_zpa_gateway](https://registry.terraform.io/providers/zscaler/zia/latest/docs/resources/zia_forwarding_control_zpa_gateway) | Forward | ✅ | ✅ |