[Phase 2] Include Auth Login blocks in multiplexed Provider configuration #2097
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vinay-gopalan
changed the base branch from
main
to
VAULT-21288/auth-login-fwprovider
vinay-gopalan
commented
Nov 22, 2023
| defaultValue := os.Getenv(f.envVar) | ||
| if defaultValue == "" { | ||
| defaultValue = f.defaultVal | ||
| for _, envVar := range f.envVars { |
There was a problem hiding this comment.
This allows us to pass multiple options for the default environment variable and take the first value we find. Similar to what MultiEnvDefaultFunc is achieving here
vinay-gopalan
commented
Nov 22, 2023
| for _, vf := range validators { | ||
| if err := vf(d); err != nil { | ||
| if err := vf(d, params); err != nil { |
There was a problem hiding this comment.
Updating the signature for validateFunc and passing in the params here allows us to maintain existing behavior for l.params=nil returned when validation fails. This way we don't have to update any existing tests, since we only update l.params once all validators have passed
vinay-gopalan
commented
Nov 22, 2023
vinay-gopalan
commented
Nov 22, 2023
| // Resource: UpdateSchemaResource(passwordPolicyResource()), | ||
| // PathInventory: []string{"/sys/policy/password/{name}"}, | ||
| // }, | ||
| "vault_password_policy": { |
There was a problem hiding this comment.
Uncommented for now to let CI be green 🟢 . This may be removed from the SDKv2 provider once we add tests for the new framework password policy resource and confirm it works as expected
vinay-gopalan
commented
Nov 22, 2023
| @@ -21,7 +23,7 @@ type PasswordPolicyResource struct { | |||
| } | |||
|
|
|||
| func (r *PasswordPolicyResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { | |||
| resp.TypeName = req.ProviderTypeName + "_password_policy" | |||
| resp.TypeName = req.ProviderTypeName + "_password_policy_fw" | |||
There was a problem hiding this comment.
Temporarily names suffixed with _fw to avoid duplicate resource names and have green CI 🟢 This can be renamed to simply vault_password_policy once we add the TF Framework tests / are ready to deprecate the SDKv2 resource with the same name
vinay-gopalan
commented
Nov 22, 2023
vinay-gopalan
commented
Nov 22, 2023
vinay-gopalan
commented
Nov 22, 2023
| Description: "The identity's client ID.", | ||
| Validators: []validator.String{ | ||
| stringvalidator.ConflictsWith( | ||
| path.MatchRelative().AtName(consts.FieldJWT), |
There was a problem hiding this comment.
Need to ensure this works the same as it does for SDKv2 equivalents here
fairclothjm
force-pushed
the
VAULT-21288/all-auth-logins
branch
from
676ef32 to
859a6d5
Compare
|
Thanks @vinay-gopalan ! I addressed the todos that you noted, squashed all the commits in this PR, force pushed and will merge to the base branch |
run go mod tidy register all auth logins to test build add all auth login blocks and match schema implementations set default for azure scope address todos - remove commented code; neither are read from env vars - add validators
fairclothjm
force-pushed
the
VAULT-21288/all-auth-logins
branch
from
859a6d5 to
8a99eda
Compare
fairclothjm
approved these changes
Nov 29, 2023
fairclothjm
merged commit 289a101
into
VAULT-21288/auth-login-fwprovider
10 checks passed
fairclothjm
added a commit
that referenced
this pull request
Dec 12, 2023
* setup framework provider schema * handle defaults in configure * WIP: handle auth login methods * [Phase 2] Include Auth Login blocks in multiplexed Provider configuration (#2097) make updates to all auth logins and fix build run go mod tidy register all auth logins to test build add all auth login blocks and match schema implementations set default for azure scope address todos - remove commented code; neither are read from env vars - add validators * remove set_namespace_from_token field * add custom path validator * configure namespace for vault client * review comments * add muxed provider acc tests * use consts, set required fields and update tests * add tests for multi envs and fix bug * fix bug with overriding config val * add custom URI validator for OIDC auth * fix a few default mount types * add comments and migration state example acc test * remove dupe default entries; add validators * remove client_auth docs * add kerbos token and file path validators * don't use double pointer and remove redundant return --------- Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
fairclothjm
added a commit
that referenced
this pull request
Dec 12, 2023
…mplementation (#2067) * implement the framework provider * setup provider server factory * setup framework provider schema * handle defaults in configure * [Phase 2] Complete the provider configuration setup (#2090) * setup framework provider schema * handle defaults in configure * WIP: handle auth login methods * [Phase 2] Include Auth Login blocks in multiplexed Provider configuration (#2097) make updates to all auth logins and fix build run go mod tidy register all auth logins to test build add all auth login blocks and match schema implementations set default for azure scope address todos - remove commented code; neither are read from env vars - add validators * remove set_namespace_from_token field * add custom path validator * configure namespace for vault client * review comments * add muxed provider acc tests * use consts, set required fields and update tests * add tests for multi envs and fix bug * fix bug with overriding config val * add custom URI validator for OIDC auth * fix a few default mount types * add comments and migration state example acc test * remove dupe default entries; add validators * remove client_auth docs * add kerbos token and file path validators * don't use double pointer and remove redundant return --------- Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com> --------- Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Branches off of #2090 to complete updates to all auth login blocks so that they:
Required(validation is handled internally)Ensures that the build is stable and the provider configurations match up
Completes the PoC for a TF Framework resource with
vault_password_policy/vault_password_policy_fw