Planning: Cloudflare Module Next Iteration

Problem Statement

Defining Cloudflare configuration can be very difficult. We do this one way for GitLab.com in config-mgmt, another way in Dedicated, and another in Cloud Connector. As we move to a more mature GitLab platform in which we standardize all the GitLab offerings, we should move the way we manage Cloudflare to one standard.

Proposal

See #26430 (closed)

After seeking feedback from teams across Infrastructure Platforms, there is an appetite for a shared module (or set of modules) to manage Cloudflare configuration, including

DNS records creation
Zone creation (in the same or separate module), and management
A WAF with basic rules for services
Logging

We should create a plan for how we are going to implement this centralised management of Cloudflare configuration, and make it available for teams to consume. This could start with a Design Doc to define this future, and what the first steps are.

Goals

🥝 Create a Design Doc for the next iteration of our shared Cloudflare configuration module(s)

Edited Jun 18, 2025 by Jack Stephenson