Fix removal of policies, member_group_ids, and member_entity_ids from the vault_identity_group resource. #766

austingebauer · 2020-05-20T16:50:26Z

Community Note

Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #620

This PR fixes removal of policies from the vault_identity_group resource as described in #620. The same problem existed for both member_group_ids and member_entity_ids, so I fixed that in this PR as well.

Additionally, I noticed that member_group_ids can't be set for external groups (see vault/identity_store_groups.go#L250), so this PR now treats them similarly to member_entity_ids for external groups.

Release note for CHANGELOG:

BUG FIXES:
* Fix removal of `policies`, `member_group_ids`, and `member_entity_ids` from the `vault_identity_group` resource.

Output from acceptance testing:

$ TESTARGS="--run IdentityGroup" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test $(go list ./... |grep -v 'vendor') -v --run IdentityGroup -timeout 120m
?       github.com/terraform-providers/terraform-provider-vault [no test files]
?       github.com/terraform-providers/terraform-provider-vault/cmd/coverage    [no test files]
testing: warning: no tests to run
PASS
ok      github.com/terraform-providers/terraform-provider-vault/util    0.580s [no tests to run]
=== RUN   TestDataSourceIdentityGroupName
--- PASS: TestDataSourceIdentityGroupName (0.14s)
=== RUN   TestDataSourceIdentityGroupAlias
--- PASS: TestDataSourceIdentityGroupAlias (0.14s)
=== RUN   TestAccIdentityGroupAlias
--- PASS: TestAccIdentityGroupAlias (0.11s)
=== RUN   TestAccIdentityGroupAliasUpdate
--- PASS: TestAccIdentityGroupAliasUpdate (0.19s)
=== RUN   TestAccIdentityGroupPoliciesExclusive
--- PASS: TestAccIdentityGroupPoliciesExclusive (0.17s)
=== RUN   TestAccIdentityGroupPoliciesNonExclusive
--- PASS: TestAccIdentityGroupPoliciesNonExclusive (0.18s)
=== RUN   TestAccIdentityGroup
--- PASS: TestAccIdentityGroup (0.09s)
=== RUN   TestAccIdentityGroupUpdate
--- PASS: TestAccIdentityGroupUpdate (0.37s)
=== RUN   TestAccIdentityGroupExternal
--- PASS: TestAccIdentityGroupExternal (0.09s)
PASS
ok      github.com/terraform-providers/terraform-provider-vault/vault   1.891s

tyrannosaurus-becks

Looks great! Thanks Austin!

… the vault_identity_group resource. (hashicorp#766) * fix: identity group policies can be deleted * test: adds identity group test coverage * docs: updates comment

austingebauer added 3 commits May 19, 2020 17:25

fix: identity group policies can be deleted

8d21a65

test: adds identity group test coverage

daa72a5

docs: updates comment

889ba28

austingebauer requested a review from tyrannosaurus-becks May 20, 2020 16:50

ghost added size/M documentation labels May 20, 2020

tyrannosaurus-becks self-assigned this May 21, 2020

tyrannosaurus-becks approved these changes May 21, 2020

View reviewed changes

tyrannosaurus-becks merged commit 122c88b into master May 21, 2020

tyrannosaurus-becks deleted the fix-identity-group-lists branch May 21, 2020 18:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix removal of policies, member_group_ids, and member_entity_ids from the vault_identity_group resource. #766

Fix removal of policies, member_group_ids, and member_entity_ids from the vault_identity_group resource. #766

austingebauer commented May 20, 2020

tyrannosaurus-becks left a comment

Fix removal of policies, member_group_ids, and member_entity_ids from the vault_identity_group resource. #766

Fix removal of policies, member_group_ids, and member_entity_ids from the vault_identity_group resource. #766

Conversation

austingebauer commented May 20, 2020

Community Note

tyrannosaurus-becks left a comment

Choose a reason for hiding this comment