feat(api): OpenAPI spec update via Stainless API (#980)

cloudflare · Jun 18, 2024 · f60c725 · f60c725
1 parent d52fc46
commit f60c725
Show file tree

Hide file tree

Showing 7 changed files with 103 additions and 21 deletions.
diff --git a/.stats.yml b/.stats.yml
@@ -1,2 +1,2 @@
 configured_endpoints: 1348
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-4dcc737ab91fdd1e0edc18214494d806b12d41df4d4641e26e718c8b9dced1dc.yml
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-36a9d717773ebb507fd0744af578aa64b697030857c602c77458156a911fcab9.yml
diff --git a/src/resources/zero-trust/gateway/configurations.ts b/src/resources/zero-trust/gateway/configurations.ts
@@ -25,8 +25,8 @@ export class Configurations extends APIResource {
    * Patches the current Zero Trust account configuration. This endpoint can update a
    * single subcollection of settings such as `antivirus`, `tls_decrypt`,
    * `activity_log`, `block_page`, `browser_isolation`, `fips`, `body_scanning`, or
-   * `custom_certificate`, without updating the entire configuration object. Returns
-   * an error if any collection of settings is not properly configured.
+   * `certificate`, without updating the entire configuration object. Returns an
+   * error if any collection of settings is not properly configured.
    */
   edit(
     params: ConfigurationEditParams,
@@ -280,7 +280,8 @@ export interface BrowserIsolationSettingsParam {
 }
 
 /**
- * Custom certificate settings for BYO-PKI.
+ * @deprecated: Custom certificate settings for BYO-PKI. (deprecated and replaced
+ * by `certificate`)
  */
 export interface CustomCertificateSettings {
   /**
@@ -302,7 +303,8 @@ export interface CustomCertificateSettings {
 }
 
 /**
- * Custom certificate settings for BYO-PKI.
+ * @deprecated: Custom certificate settings for BYO-PKI. (deprecated and replaced
+ * by `certificate`)
  */
 export interface CustomCertificateSettingsParam {
   /**
@@ -388,7 +390,14 @@ export interface GatewayConfigurationSettings {
   browser_isolation?: BrowserIsolationSettings;
 
   /**
-   * Custom certificate settings for BYO-PKI.
+   * Certificate settings for Gateway TLS interception. If not specified, the
+   * Cloudflare Root CA will be used.
+   */
+  certificate?: GatewayConfigurationSettings.Certificate;
+
+  /**
+   * @deprecated: Custom certificate settings for BYO-PKI. (deprecated and replaced
+   * by `certificate`)
    */
   custom_certificate?: CustomCertificateSettings;
 
@@ -413,6 +422,19 @@ export interface GatewayConfigurationSettings {
   tls_decrypt?: TLSSettings;
 }
 
+export namespace GatewayConfigurationSettings {
+  /**
+   * Certificate settings for Gateway TLS interception. If not specified, the
+   * Cloudflare Root CA will be used.
+   */
+  export interface Certificate {
+    /**
+     * UUID of certificate to be used for interception.
+     */
+    id: string;
+  }
+}
+
 /**
  * account settings.
  */
@@ -443,7 +465,14 @@ export interface GatewayConfigurationSettingsParam {
   browser_isolation?: BrowserIsolationSettingsParam;
 
   /**
-   * Custom certificate settings for BYO-PKI.
+   * Certificate settings for Gateway TLS interception. If not specified, the
+   * Cloudflare Root CA will be used.
+   */
+  certificate?: GatewayConfigurationSettingsParam.Certificate;
+
+  /**
+   * @deprecated: Custom certificate settings for BYO-PKI. (deprecated and replaced
+   * by `certificate`)
    */
   custom_certificate?: CustomCertificateSettingsParam;
 
@@ -468,6 +497,19 @@ export interface GatewayConfigurationSettingsParam {
   tls_decrypt?: TLSSettingsParam;
 }
 
+export namespace GatewayConfigurationSettingsParam {
+  /**
+   * Certificate settings for Gateway TLS interception. If not specified, the
+   * Cloudflare Root CA will be used.
+   */
+  export interface Certificate {
+    /**
+     * UUID of certificate to be used for interception.
+     */
+    id: string;
+  }
+}
+
 /**
  * Configure a message to display on the user's device when an antivirus search is
  * performed.

diff --git a/src/resources/zero-trust/gateway/lists/lists.ts b/src/resources/zero-trust/gateway/lists/lists.ts
@@ -45,8 +45,11 @@ export class Lists extends APIResource {
     params: ListListParams,
     options?: Core.RequestOptions,
   ): Core.PagePromise<GatewayListsSinglePage, GatewayList> {
-    const { account_id } = params;
-    return this._client.getAPIList(`/accounts/${account_id}/gateway/lists`, GatewayListsSinglePage, options);
+    const { account_id, ...query } = params;
+    return this._client.getAPIList(`/accounts/${account_id}/gateway/lists`, GatewayListsSinglePage, {
+      query,
+      ...options,
+    });
   }
 
   /**
@@ -103,6 +106,8 @@ export interface GatewayItem {
 }
 
 export interface GatewayItemParam {
+  created_at?: string;
+
   /**
    * The value of the item in a list.
    */
@@ -218,7 +223,15 @@ export interface ListUpdateParams {
 }
 
 export interface ListListParams {
+  /**
+   * Path param:
+   */
   account_id: string;
+
+  /**
+   * Query param: The type of list.
+   */
+  type?: 'SERIAL' | 'URL' | 'DOMAIN' | 'EMAIL' | 'IP';
 }
 
 export interface ListDeleteParams {

diff --git a/src/resources/zero-trust/gateway/rules.ts b/src/resources/zero-trust/gateway/rules.ts
@@ -335,6 +335,13 @@ export interface RuleSetting {
    */
   egress?: RuleSetting.Egress;
 
+  /**
+   * Set to true, to ignore the category matches at CNAME domains in a response. If
+   * unchecked, the categories in this rule will be checked against all the CNAME
+   * domain categories in a response.
+   */
+  ignore_cname_category_matches?: boolean;
+
   /**
    * INSECURE - disable DNSSEC validation (for Allow actions).
    */
@@ -407,27 +414,27 @@ export namespace RuleSetting {
    */
   export interface BisoAdminControls {
     /**
-     * Set to true to enable copy-pasting.
+     * Set to false to enable copy-pasting.
      */
     dcp?: boolean;
 
     /**
-     * Set to true to enable downloading.
+     * Set to false to enable downloading.
      */
     dd?: boolean;
 
     /**
-     * Set to true to enable keyboard usage.
+     * Set to false to enable keyboard usage.
      */
     dk?: boolean;
 
     /**
-     * Set to true to enable printing.
+     * Set to false to enable printing.
      */
     dp?: boolean;
 
     /**
-     * Set to true to enable uploading.
+     * Set to false to enable uploading.
      */
     du?: boolean;
   }
@@ -603,6 +610,13 @@ export interface RuleSettingParam {
    */
   egress?: RuleSettingParam.Egress;
 
+  /**
+   * Set to true, to ignore the category matches at CNAME domains in a response. If
+   * unchecked, the categories in this rule will be checked against all the CNAME
+   * domain categories in a response.
+   */
+  ignore_cname_category_matches?: boolean;
+
   /**
    * INSECURE - disable DNSSEC validation (for Allow actions).
    */
@@ -675,27 +689,27 @@ export namespace RuleSettingParam {
    */
   export interface BisoAdminControls {
     /**
-     * Set to true to enable copy-pasting.
+     * Set to false to enable copy-pasting.
      */
     dcp?: boolean;
 
     /**
-     * Set to true to enable downloading.
+     * Set to false to enable downloading.
      */
     dd?: boolean;
 
     /**
-     * Set to true to enable keyboard usage.
+     * Set to false to enable keyboard usage.
      */
     dk?: boolean;
 
     /**
-     * Set to true to enable printing.
+     * Set to false to enable printing.
      */
     dp?: boolean;
 
     /**
-     * Set to true to enable uploading.
+     * Set to false to enable uploading.
      */
     du?: boolean;
   }

diff --git a/tests/api-resources/zero-trust/gateway/configurations.test.ts b/tests/api-resources/zero-trust/gateway/configurations.test.ts
@@ -47,6 +47,7 @@ describe('resource configurations', () => {
         },
         body_scanning: { inspection_mode: 'deep' },
         browser_isolation: { non_identity_enabled: true, url_browser_isolation_enabled: true },
+        certificate: { id: 'd1b364c5-1311-466e-a194-f0e943e0799f' },
         custom_certificate: { enabled: true, id: 'd1b364c5-1311-466e-a194-f0e943e0799f' },
         extended_email_matching: { enabled: true },
         fips: { tls: true },
@@ -93,6 +94,7 @@ describe('resource configurations', () => {
         },
         body_scanning: { inspection_mode: 'deep' },
         browser_isolation: { non_identity_enabled: true, url_browser_isolation_enabled: true },
+        certificate: { id: 'd1b364c5-1311-466e-a194-f0e943e0799f' },
         custom_certificate: { enabled: true, id: 'd1b364c5-1311-466e-a194-f0e943e0799f' },
         extended_email_matching: { enabled: true },
         fips: { tls: true },

diff --git a/tests/api-resources/zero-trust/gateway/lists/lists.test.ts b/tests/api-resources/zero-trust/gateway/lists/lists.test.ts
@@ -31,7 +31,11 @@ describe('resource lists', () => {
       name: 'Admin Serial Numbers',
       type: 'SERIAL',
       description: 'The serial numbers for administrators',
-      items: [{ value: '8GE8721REF' }, { value: '8GE8721REF' }, { value: '8GE8721REF' }],
+      items: [
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+      ],
     });
   });
 
@@ -73,6 +77,7 @@ describe('resource lists', () => {
   test('list: required and optional params', async () => {
     const response = await cloudflare.zeroTrust.gateway.lists.list({
       account_id: '699d98642c564d2e855e9661899b7252',
+      type: 'SERIAL',
     });
   });
 
@@ -112,7 +117,11 @@ describe('resource lists', () => {
   test('edit: required and optional params', async () => {
     const response = await cloudflare.zeroTrust.gateway.lists.edit('f174e90a-fafe-4643-bbbc-4a0ed4fc8415', {
       account_id: '699d98642c564d2e855e9661899b7252',
-      append: [{ value: '8GE8721REF' }, { value: '8GE8721REF' }, { value: '8GE8721REF' }],
+      append: [
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+        { created_at: '2014-01-01T05:20:00.12345Z', value: '8GE8721REF' },
+      ],
       remove: ['8GE8721REF', '8GE8721REF', '8GE8721REF'],
     });
   });

diff --git a/tests/api-resources/zero-trust/gateway/rules.test.ts b/tests/api-resources/zero-trust/gateway/rules.test.ts
@@ -88,6 +88,7 @@ describe('resource rules', () => {
           ],
         },
         egress: { ipv4: '192.0.2.2', ipv4_fallback: '192.0.2.3', ipv6: '2001:DB8::/64' },
+        ignore_cname_category_matches: true,
         insecure_disable_dnssec_validation: false,
         ip_categories: true,
         ip_indicator_feeds: true,
@@ -191,6 +192,7 @@ describe('resource rules', () => {
           ],
         },
         egress: { ipv4: '192.0.2.2', ipv4_fallback: '192.0.2.3', ipv6: '2001:DB8::/64' },
+        ignore_cname_category_matches: true,
         insecure_disable_dnssec_validation: false,
         ip_categories: true,
         ip_indicator_feeds: true,