-
Notifications
You must be signed in to change notification settings - Fork 535
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[GH-93] Add kubernetetes_auth_backend_* resources #94
[GH-93] Add kubernetetes_auth_backend_* resources #94
Conversation
712d195
to
ff26ced
Compare
// NOTE: Since reading the auth/<backend>/config does | ||
// not return the `token_reviewer_jwt`, | ||
// set it from data after successfully storing it in Vault. | ||
d.Set("token_reviewer_jwt", data["token_reviewer_jwt"]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note to reviewers that this is probably dangerous.
It seems like the only way to get the token_reviewer_jwt
in the terraform state is to set it after successfully writing the data to Vault.
72a47b1
to
88e7389
Compare
Ready for review. |
88e7389
to
3214a28
Compare
c576f48
to
2fa86b9
Compare
2fa86b9
to
907ec90
Compare
Could this be merged ASAP? Would be really could to have it in. |
4a3f77c
to
fc19cb1
Compare
I'm rebasing latest upstream master. Noticing that tests fail now after https://github.com/terraform-providers/terraform-provider-vault/pull/110/files was merged. Good thing is I caught one broken link to the However after the website tests pass I get this:
Investigating... |
I have no idea why the test suite fails. Was fine before https://github.com/terraform-providers/terraform-provider-vault/pull/110/files . Could you help out, @radeksimko ? |
@syndbg thank you for contributing this code! Apologies for the long lag on the review, this repo was in transition from the Terraform team to the Vault team. I'm eager to get going on this PR. I'm curious about the test failure. Would you be willing to merge in master and push it, so we can get a fresher test and take a look? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I pulled the branch and all the tests you wrote are passing and look great. I bet when you merge in master and push again, everything will pass. This code is fantastic! Thank you for contributing it. Just a couple minor things and I'm happy to approve and merge it.
|
||
_, err := client.Logical().Write(path, data) | ||
|
||
d.SetId(path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it be possible to move this up above the Write
line so it's not between the err creation and the error check?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good note. Actually it's a mistake on my end.
It must be after the Write
. Reasoning behind this is to make sure that SetId
is called only after the value has been successfully written in Vault.
|
||
_, err := client.Logical().Write(path, data) | ||
|
||
d.SetId(path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could this be moved up too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto as #94 (comment)
@tyrannosaurus-becks No problem. I'll get this going in the next few days so that we can finally merge it in master so that everybody can use it. |
fc19cb1
to
fa9fbac
Compare
Signed-off-by: Anton Antonov <anton.synd.antonov@gmail.com>
fa9fbac
to
2575ef2
Compare
@tyrannosaurus-becks Updated and ready for review. We have a single thing to clear: whether From my understanding of terraform and other providers it's supposed to be set only after a resource is successfully created in terms of For data sources same applies except that if it's not readable from the remote API/service/anything, Let me know if I'm right or wrong about this. Don't hesitate :P |
@syndbg ah! Yes, that is correct. My main concern was not doing it between receiving a possible error and checking it. I see that you moved it to after the err is checked, and that is perfect. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks fantastic! Thank you!
@tyrannosaurus-becks @syndbg |
[hashicorpGH-93] Add kubernetetes_auth_backend_* resources
Work on #93.
Resources identified and implemented:
Data sources identified and implemented:
Also included cherry-picked commits from #95 and #103 .