CLOUDFLAREAPI: CF_REDIRECT/CF_TEMP_REDIRECT should dtrt using Single Redirects (#3002)

Co-authored-by: Josh Zhang <jzhang1@stackoverflow.com>

.gitattributes

@@ -29,3 +29,5 @@ go.sum text eol=lf
 *.jpg binary
 *.png
 *.svg
+
+pkg/cloudflare-go/.changelog text eol=crlf

documentation/provider/cloudflareapi.md

@@ -63,6 +63,8 @@ DNSControl requires the token to have the following permissions:
 * Add: Enable SSL controls (`Zone → SSL and Certificates → Edit`)
 * Editing Page Rules?
   * Add: Edit Page Rules (`Zone → Page Rules → Edit`)
+* Creating Redirects?
+  * Add: Edit Dynamic Redirect (`Zone → Dynamic Redirect → Edit`)
 * Managing Cloudflare Workers? (if `manage_workers`: set to `true` or `CF_WORKER_ROUTE()` is in use.)
   * Add: Edit Worker Scripts (`Account → Workers Scripts → Edit`)
   * Add: Edit Worker Scripts (`Zone → Workers Routes → Edit`)
@@ -200,6 +202,84 @@ If a domain does not exist in your Cloudflare account, DNSControl
 will automatically add it when `dnscontrol push` is executed.
 
 
+## Old-style vs new-style redirects
+
+Old-style redirects uses the [Page Rules][https://developers.cloudflare.com/rules/page-rules/] product feature, which is [going away](https://developers.cloudflare.com/rules/reference/page-rules-migration/).  In this mode,
+`CF_REDIRECT` and `CF_TEMP_REDIRECT` functions generate Page Rules.
+
+Enable it using:
+
+```javascript
+var DSP_CLOUDFLARE = NewDnsProvider("cloudflare", {
+    "manage_redirects": true
+});
+```
+
+New redirects uses the [Single Redirects][https://developers.cloudflare.com/rules/url-forwarding/] product feature.  In this mode, 
+`CF_REDIRECT` and `CF_TEMP_REDIRECT` functions generates Single Redirects.
+
+Enable it using:
+
+```javascript
+var DSP_CLOUDFLARE = NewDnsProvider("cloudflare", {
+    "manage_single_redirects": true
+});
+```
+
+{% hint style="warning" %}
+New-style redirects ("Single Redirect Rules") are a new feature of DNSControl
+as of v4.12.0 and may have bugs.  Please test carefully.
+{% endhint %}
+
+
+Conversion mode:
+
+DNSControl can convert from old-style redirects (Page Rules) to new-style
+redirect (Single Redirects). To enable this mode, set both `manage_redirects`
+and `manage_single_redirects` to true.
+
+{% hint style="warning" %}
+The conversion process only handles a few, very simple, patterns.
+See `providers/cloudflare/singleredirect_test.go` for a list of patterns
+supported.  Please file bugs if you find problems. PRs welcome!
+{% endhint %}
+
+In conversion mode, DNSControl takes `CF_REDIRECT`/`CF_TEMP_REDIRECT`
+statements and turns each of them into two records: a Page Rules and an
+equivalent Single Redirects rule.
+
+Cloudflare processes Single Redirects before Page Rules, thus it is safe to
+have both at the same time, and provides an easy way to test the new-style
+rules.  If they do not work properly, use the Cloudflare web-based control
+panel to manually delete the new-style rule to expose the old-style rule. (and
+report the bug to DNSControl!)
+
+You'll find the new-style rule in the Cloudflare control panel.  It will have
+a very long name that includes the `CF_REDIRECT`/`CF_TEMP_REDIRECT` operands
+plus matcher and replacement expressions.
+
+There is no mechanism to easily delete the old-style rules.  Either delete them
+manually using the Cloudflare control panel or wait for Cloudflare to remove
+the old-style Page Rule feature.
+
+Once the conversion is complete, change
+`manage_redirects` to `false` then either delete the old redirects
+via the CloudFlare control panel or wait for Cloudflare to remove support for the old-style feature.
+
+{% hint style="warning" %}
+Cloudflare's announcement says that they will convert old-style redirects (Page Rules) to new-style
+redirect (Single Redirects) but they do not give a date for when this will happen.  DNSControl
+will probably see these new redirects as foreign and delete them.
+
+Therefore it is probably safer to do the conversion ahead of them.
+
+On the other hand, if you let them do the conversion, their conversion may be more correct
+than DNSControl's.  However there's no way for DNSControl to manage them since the automatically-generated name will be different.
+
+If you have suggestions on how to handle this better please file a bug.
+{% endhint %}
+
+
 ## Redirects
 The Cloudflare provider can manage "Forwarding URL" Page Rules (redirects) for your domains. Simply use the `CF_REDIRECT` and `CF_TEMP_REDIRECT` functions to make redirects:
 

go.mod

@@ -4,6 +4,8 @@ go 1.22.1
 
 retract v4.8.0
 
+replace github.com/cloudflare/cloudflare-go => ./pkg/cloudflare-go
+
 require google.golang.org/protobuf v1.34.1 // indirect
 
 require (
@@ -24,7 +26,7 @@ require (
 	github.com/babolivier/go-doh-client v0.0.0-20201028162107-a76cff4cb8b6
 	github.com/billputer/go-namecheap v0.0.0-20210108011502-994a912fb7f9
 	github.com/centralnicgroup-opensource/rtldev-middleware-go-sdk/v4 v4.0.3
-	github.com/cloudflare/cloudflare-go v0.96.0
+	github.com/cloudflare/cloudflare-go v0.97.0
 	github.com/digitalocean/godo v1.116.0
 	github.com/ditashi/jsbeautifier-go v0.0.0-20141206144643-2520a8026a9c
 	github.com/dnsimple/dnsimple-go v1.5.1
@@ -105,7 +107,7 @@ require (
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-test/deep v1.0.3 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
 	github.com/gofrs/uuid v4.0.0+incompatible // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
@@ -119,7 +121,7 @@ require (
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.6 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
 	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect
 	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect

go.sum

@@ -89,8 +89,6 @@ github.com/centralnicgroup-opensource/rtldev-middleware-go-sdk/v4 v4.0.3/go.mod
 github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ=
 github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cloudflare/cloudflare-go v0.96.0 h1:wd+qrnyw+C2eXUUujE6BzFEOREkEfoCvogpO5h33FxI=
-github.com/cloudflare/cloudflare-go v0.96.0/go.mod h1:gLP9fJT8ROgRCjHNKxISNNKeU1JEg2yT5uPEEI8x9Ec=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
 github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -154,8 +152,8 @@ github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3a
 github.com/gobwas/glob v0.2.4-0.20181002190808-e7a84e9525fe h1:zn8tqiUbec4wR94o7Qj3LZCAT6uGobhEgnDRg6isG5U=
 github.com/gobwas/glob v0.2.4-0.20181002190808-e7a84e9525fe/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
 github.com/goccy/go-json v0.7.8/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
-github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
-github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
+github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
@@ -227,8 +225,8 @@ github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVH
 github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
 github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
 github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
-github.com/hashicorp/go-retryablehttp v0.7.6 h1:TwRYfx2z2C4cLbXmT8I5PgP/xmuqASDyiVuGYfs9GZM=
-github.com/hashicorp/go-retryablehttp v0.7.6/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
+github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
+github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
 github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
 github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
 github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ=

integrationTest/integration_test.go

@@ -25,6 +25,7 @@ var endIdx = flag.Int("end", -1, "Test index to stop after")
 var verbose = flag.Bool("verbose", false, "Print corrections as you run them")
 var printElapsed = flag.Bool("elapsed", false, "Print elapsed time for each testgroup")
 var enableCFWorkers = flag.Bool("cfworkers", true, "Set false to disable CF worker tests")
+var enableCFRedirectMode = flag.String("cfredirect", "", "cloudflare pagerule tests: default=page_rules, c=convert old to enw, n=new-style, o=none")
 
 func init() {
 	testing.Init()
@@ -65,11 +66,21 @@ func getProvider(t *testing.T) (providers.DNSServiceProvider, string, map[string
 		// use this feature. Maybe because we didn't have the capabilities
 		// feature at the time?
 		if name == "CLOUDFLAREAPI" {
+			items := []string{}
 			if *enableCFWorkers {
-				metadata = []byte(`{ "manage_redirects": true, "manage_workers": true }`)
-			} else {
-				metadata = []byte(`{ "manage_redirects": true }`)
+				items = append(items, `"manage_workers": true`)
 			}
+			switch *enableCFRedirectMode {
+			case "":
+				items = append(items, `"manage_redirects": true`)
+			case "c":
+				items = append(items, `"manage_redirects": true`)
+				items = append(items, `"manage_single_redirects": true`)
+			case "n":
+				items = append(items, `"manage_single_redirects": true`)
+			case "o":
+			}
+			metadata = []byte(`{ ` + strings.Join(items, `, `) + ` }`)
 		}
 
 		provider, err := providers.CreateDNSProvider(name, cfg, metadata)
@@ -1830,6 +1841,14 @@ func makeTests() []*TestGroup {
 
 		// CLOUDFLAREAPI features
 
+		// CLOUDFLAREAPI: Redirects:
+
+		// go test -v -verbose -provider CLOUDFLAREAPI                // PAGE_RULEs
+		// go test -v -verbose -provider CLOUDFLAREAPI -cfredirect=c  // Convert: Convert page rules to Single Redirect
+		// go test -v -verbose -provider CLOUDFLAREAPI -cfredirect=n  // New: Convert old to new Single Redirect
+		// ProTip: Add this to just run this test:
+		//  -start 59 -end 60
+
 		testgroup("CF_REDIRECT",
 			only("CLOUDFLAREAPI"),
 			tc("redir", cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1")),
@@ -1838,32 +1857,32 @@ func makeTests() []*TestGroup {
 
 			// Removed these for speed.  They tested if order matters,
 			// which it doesn't seem to.  Re-add if needed.
-			//clear(),
-			//tc("multipleA",
-			//	cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
-			//	cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//),
-			//clear(),
-			//tc("multipleB",
-			//	cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//	cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
-			//),
-			//tc("change1",
-			//	cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//	cfRedir("cnn.**current-domain-no-trailing**/*", "https://change.cnn.com/$1"),
-			//),
-			//tc("change1",
-			//	cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//	cfRedir("cablenews.**current-domain-no-trailing**/*", "https://change.cnn.com/$1"),
-			//),
+			clear(),
+			tc("multipleA",
+				cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
+				cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+			),
+			clear(),
+			tc("multipleB",
+				cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+				cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
+			),
+			tc("change1",
+				cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+				cfRedir("cnn.**current-domain-no-trailing**/*", "https://change.cnn.com/$1"),
+			),
+			tc("change1",
+				cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+				cfRedir("cablenews.**current-domain-no-trailing**/*", "https://change.cnn.com/$1"),
+			),
 
-			// TODO(tlim): Fix this test case. It is currently failing.
-			//clear(),
-			//tc("multiple3",
-			//	cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//	cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
-			//	cfRedir("nytimes.**current-domain-no-trailing**/*", "https://www.nytimes.com/$1"),
-			//),
+			// NB(tlim): This test case used to fail but mysteriously started working.
+			clear(),
+			tc("multiple3",
+				cfRedir("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+				cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
+				cfRedir("nytimes.**current-domain-no-trailing**/*", "https://www.nytimes.com/$1"),
+			),
 
 			// Repeat the above tests using CF_TEMP_REDIR instead
 			clear(),
@@ -1888,14 +1907,23 @@ func makeTests() []*TestGroup {
 				cfRedirTemp("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
 				cfRedirTemp("cablenews.**current-domain-no-trailing**/*", "https://change.cnn.com/$1"),
 			),
-			// TODO(tlim): Fix this test case:
-			//tc("tempmultiple3",
-			//	cfRedirTemp("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
-			//	cfRedirTemp("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
-			//	cfRedirTemp("nytimes.**current-domain-no-trailing**/*", "https://www.nytimes.com/$1"),
-			//),
+			// NB(tlim): This test case used to fail but mysteriously started working.
+			tc("tempmultiple3",
+				cfRedirTemp("msnbc.**current-domain-no-trailing**/*", "https://msnbc.cnn.com/$1"),
+				cfRedirTemp("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1"),
+				cfRedirTemp("nytimes.**current-domain-no-trailing**/*", "https://www.nytimes.com/$1"),
+			),
 		),
 
+		testgroup("CF_REDIRECT_CONVERT",
+			only("CLOUDFLAREAPI"),
+			tc("start301", cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1")),
+			tc("convert302", cfRedirTemp("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1")),
+			tc("convert301", cfRedir("cnn.**current-domain-no-trailing**/*", "https://www.cnn.com/$1")),
+		),
+
+		// CLOUDFLAREAPI: PROXY
+
 		testgroup("CF_PROXY A create",
 			only("CLOUDFLAREAPI"),
 			CfProxyOff(), clear(),

models/record.go

@@ -39,6 +39,7 @@ import (
 //	  CF_REDIRECT
 //	  CF_TEMP_REDIRECT
 //	  CF_WORKER_ROUTE
+//	  CLOUDFLAREAPI_SINGLE_REDIRECT
 //	  CLOUDNS_WR
 //	  FRAME
 //	  IMPORT_TRANSFORM
@@ -51,6 +52,8 @@ import (
 //	  URL301
 //	  WORKER_ROUTE
 //
+// NOTE: All NEW record types should be prefixed with the provider name (Correct: CLOUDFLAREAPI_SINGLE_REDIRECT. Wrong: CF_REDIRECT)
+//
 // Notes about the fields:
 //
 // Name:
@@ -138,6 +141,30 @@ type RecordConfig struct {
 	R53Alias         map[string]string `json:"r53_alias,omitempty"`
 	AzureAlias       map[string]string `json:"azure_alias,omitempty"`
 	UnknownTypeName  string            `json:"unknown_type_name,omitempty"`
+
+	// Cloudflare-specific fields:
+	// When these are used, .target is set to a human-readable version (only to be used for display purposes).
+	CloudflareRedirect *CloudflareSingleRedirectConfig `json:"cloudflareapi_redirect,omitempty"`
+}
+
+// CloudflareSingleRedirectConfig contains info about a Cloudflare Single Redirect.
+//
+//	When these are used, .target is set to a human-readable version (only to be used for display purposes).
+type CloudflareSingleRedirectConfig struct {
+	//
+	Code int `json:"code,omitempty"` // 301 or 302
+	// PR == PageRule
+	PRDisplay     string `json:"pr_display,omitempty"` // How is this displayed to the user
+	PRMatcher     string `json:"pr_matcher,omitempty"`
+	PRReplacement string `json:"pr_replacement,omitempty"`
+	PRPriority    int    `json:"pr_priority,omitempty"` // Really an identifier for the rule.
+	//
+	// SR == SingleRedirect
+	SRDisplay        string `json:"sr_display,omitempty"` // How is this displayed to the user
+	SRMatcher        string `json:"sr_matcher,omitempty"`
+	SRReplacement    string `json:"sr_replacement,omitempty"`
+	SRRRulesetID     string `json:"sr_rulesetid,omitempty"`
+	SRRRulesetRuleID string `json:"sr_rulesetruleid,omitempty"`
 }
 
 // MarshalJSON marshals RecordConfig.

pkg/cloudflare-go/.changelog/1001.txt

@@ -0,0 +1,3 @@
+```release-note:note
+docs: add release notes
+```

pkg/cloudflare-go/.changelog/1002.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+rulesets: fix sni action parameter
+```

pkg/cloudflare-go/.changelog/1003.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps github.com/urfave/cli/v2 from 2.11.0 to 2.11.1
+```

pkg/cloudflare-go/.changelog/1004.txt

@@ -0,0 +1,7 @@
+```release-note:enhancement
+firewall_rule: automatically paginate `List` results unless `Page` and `PerPage` are provided
+```
+
+```release-note:enhancement
+filter: automatically paginate `List` results unless `Page` and `PerPage` are provided
+```

pkg/cloudflare-go/.changelog/1005.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps github.com/golangci/golangci-lint from 1.47.1 to 1.47.2
+```

pkg/cloudflare-go/.changelog/1006.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+access_application: fix inability to set bool values to false
+```

pkg/cloudflare-go/.changelog/1008.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps github.com/golangci/golangci-lint from 1.47.2 to 1.47.3
+```

pkg/cloudflare-go/.changelog/1010.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers: Add support to upload module workers
+```

pkg/cloudflare-go/.changelog/1014.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers: Add support for attaching a worker to a domain
+```

pkg/cloudflare-go/.changelog/1016.txt

@@ -0,0 +1,7 @@
+```release-note:enhancement
+firewall_rule: fix double endpoint calls & moving towards common method signature
+```
+
+```release-note:enhancement
+filter: fix double endpoint calls & moving towards common method signature
+```

pkg/cloudflare-go/.changelog/1017.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+lockdown: automatically paginate `List` results unless `Page` and `PerPage` are provided
+```

pkg/cloudflare-go/.changelog/1020.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps github.com/golangci/golangci-lint from 1.47.3 to 1.48.0
+```

pkg/cloudflare-go/.changelog/1026.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers-tail: Add in support for Workers tail API
+```

pkg/cloudflare-go/.changelog/1027.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers-account-settings: Add in support for Workers account settings API
+```

pkg/cloudflare-go/.changelog/1028.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+r2: Add in support for creating and deleting R2 buckets
+```

pkg/cloudflare-go/.changelog/1030.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+tunnel_routes: Fix not removing route when it contains virtual network
+```

pkg/cloudflare-go/.changelog/1031.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers-subdomain: Add in support Workers Subdomain API
+```

pkg/cloudflare-go/.changelog/1032.txt

@@ -0,0 +1,3 @@
+```release-note:breaking-change
+certificate_packs: deprecate "custom" configuration for ACM everywhere
+```

pkg/cloudflare-go/.changelog/1034.txt

@@ -0,0 +1,9 @@
+```release-note:enhancement
+email_routing_destination: Adds support for the email routing destination API
+```
+```release-note:enhancement
+email_routing_rules: Adds support for the email routing rules API
+```
+```release-note:enhancement
+email_routing_settings: Adds support for the email routing settings API
+```

pkg/cloudflare-go/.changelog/1035.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+r2: fix create bucket endpoint
+```

pkg/cloudflare-go/.changelog/1036.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+rulesets: add support for `http_config_settings` phase and supporting actions
+```

pkg/cloudflare-go/.changelog/1037.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps golang.org/x/tools/gopls from 0.9.1 to 0.9.2
+```

pkg/cloudflare-go/.changelog/1038.txt

@@ -0,0 +1,9 @@
+```release-note:bug
+email_routing_destination: Update API reference URLs
+```
+```release-note:bug
+email_routing_rules: Update API reference URLs
+```
+```release-note:bug
+email_routing_settings: Update API reference URLs
+```

pkg/cloudflare-go/.changelog/1039.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps golang.org/x/tools/gopls from 0.9.2 to 0.9.3
+```

pkg/cloudflare-go/.changelog/1040.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers: Support for multipart encoding for DownloadWorker on a module-format Worker script
+```

pkg/cloudflare-go/.changelog/1042.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+provider: bumps github.com/urfave/cli/v2 from 2.11.1 to 2.11.2
+```

pkg/cloudflare-go/.changelog/1043.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+cloudflare: make it clear when the rate limit retries have been exhausted
+```

pkg/cloudflare-go/.changelog/1044.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps golang.org/x/tools/gopls from 0.9.3 to 0.9.4
+```

pkg/cloudflare-go/.changelog/1046.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+tunnel_configuration: Remove unnecessary double-unmarshalling due to changes in the API
+```

pkg/cloudflare-go/.changelog/1047.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+errors: add some error type convenience functions for mocking and inspection
+```

pkg/cloudflare-go/.changelog/1048.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+workers_test: Fix incorrect test from PR #1014
+```

pkg/cloudflare-go/.changelog/1049.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+workers_test: Use application/json mime-type in headers
+```

pkg/cloudflare-go/.changelog/1051.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+pages_project: Add compatibility date and compatibility_flags to pages deployment configs
+```

pkg/cloudflare-go/.changelog/1052.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+zonelockdown: add `Priority` to `ZoneLockdownCreateParams` and `ZoneLockdownUpdateParams`
+```

pkg/cloudflare-go/.changelog/1053.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+teams_account: add support for `suppress_footer`
+```

pkg/cloudflare-go/.changelog/1059.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+api_shield: add GET/PUT for API Shield Configuration
+```

pkg/cloudflare-go/.changelog/1060.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+email_routing_settings: change enable endpoint from `enabled` to `enable`
+```

pkg/cloudflare-go/.changelog/1063.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+r2: Add support for listing R2 buckets
+```

pkg/cloudflare-go/.changelog/1065.txt

@@ -0,0 +1,9 @@
+```release-note:enhancement
+pages_project: Add `production_branch` field
+```
+```release-note:enhancement
+pages_project: Add `kv_namespaces`, `durable_object_namespaces`, `r2_buckets`, and `d1_databases` bindings to deployment config
+```
+```release-note:enhancement
+pages_project: Add `preview_deployment_setting`, `preview_branch_includes`, and `preview_branch_excludes` to source config
+```

pkg/cloudflare-go/.changelog/1066.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+stream: Update pctComplete to string from int
+```

pkg/cloudflare-go/.changelog/1067.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps goreleaser/goreleaser-action from 3.0.0 to 3.1.0
+```

pkg/cloudflare-go/.changelog/1068.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+api: addded context and headers to Raw method
+```

pkg/cloudflare-go/.changelog/1070.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+email_routing_rules: Fix response for email routing catch all rule.
+```

pkg/cloudflare-go/.changelog/1071.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+url_normalization_settings: Add APIs to get and update URL normalization settings
+```

pkg/cloudflare-go/.changelog/1072.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+cloudflare: fix nil dereference error in makeRequestWithAuthTypeAndHeaders
+```

pkg/cloudflare-go/.changelog/1073.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+teams_account: add support for `os_distro_name` and `os_distro_revision`
+```

pkg/cloudflare-go/.changelog/1074.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+access_service_token: add support for refreshing an existing token in place
+```

pkg/cloudflare-go/.changelog/1075.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+auditlogs: add support for hide_user_logs filter parameter
+```

pkg/cloudflare-go/.changelog/1077.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.11.2 to 2.14.0
+```

pkg/cloudflare-go/.changelog/1080.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+cloudflare: exiting closer to the source on context timeouts to improve error messaging and better defend from potential edge cases
+```

pkg/cloudflare-go/.changelog/1081.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.14.0 to 2.14.1
+```

pkg/cloudflare-go/.changelog/1082.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+origin certificate: Fix API auth type used
+```

pkg/cloudflare-go/.changelog/1084.txt

@@ -0,0 +1,3 @@
+```release-note:breaking-change
+load_balancing: update method signatures to match experimental conventions
+```

pkg/cloudflare-go/.changelog/1085.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.14.1 to 2.15.0
+```

pkg/cloudflare-go/.changelog/1086.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.15.0 to 2.16.3
+```

pkg/cloudflare-go/.changelog/1087.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+device_posture_rule: add input fields for linux OS
+```

pkg/cloudflare-go/.changelog/1088.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+stream: added metadata support
+```

pkg/cloudflare-go/.changelog/1089.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+user-agent-blocking-rules: add missing managed_challenge validation and removed the deprecated whitelist one
+```

pkg/cloudflare-go/.changelog/1090.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+devices_policy: Add support for additional device settings policies
+```

pkg/cloudflare-go/.changelog/1091.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+load_balancing: support adaptive_routing and location_strategy
+```

pkg/cloudflare-go/.changelog/1093.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+rulesets: add support for `sensitivity_level` to override all rule sensitivity
+```

pkg/cloudflare-go/.changelog/1094.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.16.3 to 2.17.1
+```

pkg/cloudflare-go/.changelog/1095.txt

@@ -0,0 +1,7 @@
+```release-note:enhancement
+account_member: add support for domain scoped roles
+```
+
+```release-note:breaking-change
+account_member: `CreateAccountMember` has been updated to accept a `CreateAccountMemberParams` struct instead of multiple parameters
+```

pkg/cloudflare-go/.changelog/1097.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps dependabot/fetch-metadata from 1.3.3 to 1.3.4
+```

pkg/cloudflare-go/.changelog/1102.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+waiting_room: add support for waiting room rules
+```

pkg/cloudflare-go/.changelog/1103.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.17.1 to 2.19.2
+```

pkg/cloudflare-go/.changelog/1104.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+access: add UI read-only field to organizations
+```

pkg/cloudflare-go/.changelog/1105.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+total_tls: adds support for TotalTLS
+```

pkg/cloudflare-go/.changelog/1106.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+cloudflare: expose `Messages` from the `Response` object
+```

pkg/cloudflare-go/.changelog/1108.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.19.2 to 2.20.2
+```

pkg/cloudflare-go/.changelog/1111.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+dlp: Adds support for DLP resources
+```

pkg/cloudflare-go/.changelog/1112.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps goreleaser/goreleaser-action from 3.1.0 to 3.2.0
+```

pkg/cloudflare-go/.changelog/1114.txt

@@ -0,0 +1,7 @@
+```release-note:breaking-change
+teams_list: updated methods to match the experimental client format
+```
+
+```release-note:enhancement
+teams_list: `List` operations now automatically paginate
+```

pkg/cloudflare-go/.changelog/1115.txt

@@ -0,0 +1,47 @@
+```release-note:breaking-change
+workers_kv: `CreateWorkersKVNamespace` has been updated to match the experimental client method signatures (https://github.com/cloudflare/cloudflare-go/blob/master/docs/experimental.md).
+```
+
+```release-note:breaking-change
+workers_kv: `ListWorkersKVNamespaces` has been updated to match the experimental client method signatures (https://github.com/cloudflare/cloudflare-go/blob/master/docs/experimental.md).
+```
+
+```release-note:enhancement
+workers_kv: `ListWorkersKVNamespaces` automatically paginates all results unless `PerPage` is defined.
+```
+
+```release-note:breaking-change
+workers_kv: `DeleteWorkersKVNamespace` has been updated to match the experimental client method signatures (https://github.com/cloudflare/cloudflare-go/blob/master/docs/experimental.md).
+```
+
+```release-note:breaking-change
+workers_kv: `UpdateWorkersKVNamespace` has been updated to match the experimental client method signatures (https://github.com/cloudflare/cloudflare-go/blob/master/docs/experimental.md).
+```
+
+```release-note:breaking-change
+workers_kv: `WriteWorkersKV` has been renamed to `WriteWorkersKVEntry`.
+```
+
+```release-note:breaking-change
+workers_kv: `WriteWorkersKVBulk` has been renamed to `WriteWorkersKVEntries`.
+```
+
+```release-note:breaking-change
+workers_kv: `ReadWorkersKV` has been renamed to `GetWorkersKV`.
+```
+
+```release-note:breaking-change
+workers_kv: `DeleteWorkersKV` has been renamed to `DeleteWorkersKVEntry`.
+```
+
+```release-note:breaking-change
+workers_kv: `DeleteWorkersKVBulk` has been renamed to `DeleteWorkersKVEntries`.
+```
+
+```release-note:breaking-change
+workers_kv: `ListWorkersKVs` has been renamed to `ListWorkersKVKeys`.
+```
+
+```release-note:breaking-change
+workers_kv: `ListWorkersKVsWithOptions` has been removed. Use `ListWorkersKVKeys` instead and pass in the options.
+```

pkg/cloudflare-go/.changelog/1116.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: `ioutil` package is being deprecated in favor of `io`
+```

pkg/cloudflare-go/.changelog/1117.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: remove `github.com/pkg/errors` in favor of `errors`
+```

pkg/cloudflare-go/.changelog/1118.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.20.2 to 2.20.3
+```

pkg/cloudflare-go/.changelog/1119.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/stretchr/testify from 1.8.0 to 1.8.1
+```

pkg/cloudflare-go/.changelog/1120.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+access: add support for service token rotation
+```

pkg/cloudflare-go/.changelog/1121.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+deps: fix import grouping, code formatting and enable goimports linter
+```

pkg/cloudflare-go/.changelog/1122.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.20.3 to 2.23.0
+```

pkg/cloudflare-go/.changelog/1123.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps dependabot/fetch-metadata from 1.3.4 to 1.3.5
+```

pkg/cloudflare-go/.changelog/1124.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.23.0 to 2.23.2
+```

pkg/cloudflare-go/.changelog/1125.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.23.2 to 2.23.4
+```

pkg/cloudflare-go/.changelog/1126.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+device_posture_rule: add input fields crowdstrike
+```

pkg/cloudflare-go/.changelog/1127.txt

@@ -0,0 +1,3 @@
+```release-note:dependency
+deps: bumps github.com/urfave/cli/v2 from 2.23.4 to 2.23.5
+```

pkg/cloudflare-go/.changelog/1130.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers_domain: add support for workers domain API
+```

pkg/cloudflare-go/.changelog/1131.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+queue: add support queue API
+```

pkg/cloudflare-go/.changelog/1133.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+workers: Support for Workers Analytics Engine bindings
+```

pkg/cloudflare-go/.changelog/1135.txt

@@ -0,0 +1,3 @@
+```release-note:note
+pages: removed the v1 logs endpoint for Pages deployments. Please switch to v2: https://developers.cloudflare.com/api/operations/pages-deployment-get-deployment-logs
+```

pkg/cloudflare-go/.changelog/1136.txt

@@ -0,0 +1,7 @@
+```release-note:enhancement
+pages: Updates bindings and other Functions related propreties. Service bindings, secrets, fail open/close and usage model are all now supported.
+```
+
+```release-note:breaking-change
+pages: Changed the type of EnvVars in PagesProjectDeploymentConfigEnvironment & PagesProjectDeployment in order to properly support secrets.
+```

pkg/cloudflare-go/.changelog/1137.txt

@@ -0,0 +1,39 @@
+```release-note:note
+workers: all worker methods have been split into product ownership(-ish) files
+```
+
+```release-note:note
+workers: all worker methods now require an explicit `ResourceContainer` for endpoints instead of relying on the globally defined `api.AccountID`
+```
+
+```release-note:breaking-change
+workers: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers: API operations now target account level resources instead of older zone level resources (these are a 1:1 now)
+```
+
+```release-note:breaking-change
+workers_bindings: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers_kv: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers_tails: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers_secrets: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers_routes: method signatures have been updated to align with the upcoming client conventions
+```
+
+```release-note:breaking-change
+workers_cron_triggers: method signatures have been updated to align with the upcoming client conventions
+```

pkg/cloudflare-go/.changelog/1138.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+adds OriginRequest field to UnvalidatedIngressRule struct.
+```