From 67687d3f439ca4e9261b1774a8258ea28fae43b0 Mon Sep 17 00:00:00 2001
From: Chris Buckley <chris@cmbuckley.co.uk>
Date: Wed, 29 Jan 2025 20:38:54 +0000
Subject: [PATCH 1/4] Cloudflare provider update to 5.0.0

Version 5.0.0 is a major rewrite of the provider. Migration guide here:
https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/guides/version-5-upgrade
---
 modules/cloudflare/dns/dns.tf      | 24 +++++++++++++-----------
 modules/cloudflare/dns/locals.tf   |  2 +-
 modules/cloudflare/dns/versions.tf |  2 +-
 3 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/modules/cloudflare/dns/dns.tf b/modules/cloudflare/dns/dns.tf
index 3ed4d6a..f0b75b0 100644
--- a/modules/cloudflare/dns/dns.tf
+++ b/modules/cloudflare/dns/dns.tf
@@ -1,19 +1,20 @@
 data "cloudflare_zones" "lookup" {
   for_each = toset(var.create_zone ? [] : [var.domain])
-
-  filter {
-    name       = each.value
-    account_id = var.account_id
+  name     = each.value
+  account = {
+    id = var.account_id
   }
 }
 
 resource "cloudflare_zone" "dns" {
-  for_each   = toset(var.create_zone ? [var.domain] : [])
-  zone       = each.value
-  account_id = var.account_id
+  for_each = toset(var.create_zone ? [var.domain] : [])
+  name     = each.value
+  account = {
+    id = var.account_id
+  }
 }
 
-resource "cloudflare_record" "dns" {
+resource "cloudflare_dns_record" "dns" {
   for_each = var.records
 
   zone_id  = local.zone_id
@@ -25,7 +26,7 @@ resource "cloudflare_record" "dns" {
   proxied  = each.value.proxied
 }
 
-resource "cloudflare_record" "apex_txt" {
+resource "cloudflare_dns_record" "apex_txt" {
   for_each = toset(concat(var.apex_txt, [
     format("security_contact=mailto:%s", local.security_contact),
     replace("v=spf1 ${join(" ", var.spf)} -all", "  ", " ")
@@ -39,13 +40,14 @@ resource "cloudflare_record" "apex_txt" {
   proxied = false
 }
 
-resource "cloudflare_record" "caa" {
+resource "cloudflare_dns_record" "caa" {
   for_each = toset(var.caa_issuers)
   zone_id  = local.zone_id
   name     = "@"
+  ttl      = var.default_ttl
   type     = "CAA"
 
-  data {
+  data = {
     flags = "0"
     tag   = "issue"
     value = each.value
diff --git a/modules/cloudflare/dns/locals.tf b/modules/cloudflare/dns/locals.tf
index 26b6569..689141e 100644
--- a/modules/cloudflare/dns/locals.tf
+++ b/modules/cloudflare/dns/locals.tf
@@ -1,5 +1,5 @@
 locals {
-  zone_id = var.create_zone ? cloudflare_zone.dns[var.domain].id : data.cloudflare_zones.lookup[var.domain].zones[0].id
+  zone_id = var.create_zone ? cloudflare_zone.dns[var.domain].id : data.cloudflare_zones.lookup[var.domain].result[0].id
 
   security_contact = var.security_contact != null ? var.security_contact : format("security@%s", var.domain)
 }
diff --git a/modules/cloudflare/dns/versions.tf b/modules/cloudflare/dns/versions.tf
index 72af8bc..ba966e0 100644
--- a/modules/cloudflare/dns/versions.tf
+++ b/modules/cloudflare/dns/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     cloudflare = {
       source  = "cloudflare/cloudflare"
-      version = ">= 4.39.0, < 5.0.0"
+      version = ">= 5.0.0"
     }
   }
 }

From 1d78e569dee3f1ec11f3ca41e9e16f98230a502c Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Wed, 12 Feb 2025 23:53:26 +0000
Subject: [PATCH 2/4] Update documentation & dependabot entries

---
 modules/cloudflare/dns/README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/cloudflare/dns/README.md b/modules/cloudflare/dns/README.md
index ec2f1d5..69e8b27 100644
--- a/modules/cloudflare/dns/README.md
+++ b/modules/cloudflare/dns/README.md
@@ -9,21 +9,21 @@ The module also simplifies a few boilerplate records at the apex for security pu
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.3 |
-| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | >= 4.39.0, < 5.0.0 |
+| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | >= 5.0.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | >= 4.39.0, < 5.0.0 |
+| <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | >= 5.0.0 |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [cloudflare_record.apex_txt](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |
-| [cloudflare_record.caa](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |
-| [cloudflare_record.dns](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |
+| [cloudflare_dns_record.apex_txt](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/dns_record) | resource |
+| [cloudflare_dns_record.caa](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/dns_record) | resource |
+| [cloudflare_dns_record.dns](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/dns_record) | resource |
 | [cloudflare_zone.dns](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zone) | resource |
 | [cloudflare_zones.lookup](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/data-sources/zones) | data source |
 

From 2756b1983190200798b890ddf8b56af6e45e685e Mon Sep 17 00:00:00 2001
From: Chris Buckley <chris@cmbuckley.co.uk>
Date: Thu, 13 Feb 2025 09:05:44 +0000
Subject: [PATCH 3/4] CAA flags now uses a number as of v5.1.0 - see
 cloudflare/terraform-provider-cloudflare#5116

---
 modules/cloudflare/dns/dns.tf      | 2 +-
 modules/cloudflare/dns/versions.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/cloudflare/dns/dns.tf b/modules/cloudflare/dns/dns.tf
index f0b75b0..efad576 100644
--- a/modules/cloudflare/dns/dns.tf
+++ b/modules/cloudflare/dns/dns.tf
@@ -48,7 +48,7 @@ resource "cloudflare_dns_record" "caa" {
   type     = "CAA"
 
   data = {
-    flags = "0"
+    flags = 0
     tag   = "issue"
     value = each.value
   }
diff --git a/modules/cloudflare/dns/versions.tf b/modules/cloudflare/dns/versions.tf
index ba966e0..664681b 100644
--- a/modules/cloudflare/dns/versions.tf
+++ b/modules/cloudflare/dns/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     cloudflare = {
       source  = "cloudflare/cloudflare"
-      version = ">= 5.0.0"
+      version = ">= 5.1.0"
     }
   }
 }

From 5bcf045b4466d323af35cdc112d89e55b7b92f73 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Thu, 13 Feb 2025 09:08:02 +0000
Subject: [PATCH 4/4] Update documentation & dependabot entries

---
 modules/cloudflare/dns/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/cloudflare/dns/README.md b/modules/cloudflare/dns/README.md
index 69e8b27..e06f27e 100644
--- a/modules/cloudflare/dns/README.md
+++ b/modules/cloudflare/dns/README.md
@@ -9,13 +9,13 @@ The module also simplifies a few boilerplate records at the apex for security pu
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.3 |
-| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | >= 5.0.0 |
+| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | >= 5.1.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | >= 5.0.0 |
+| <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | >= 5.1.0 |
 
 ## Resources