diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 1c7b330e..5d1b6c4f 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -1,11 +1,11 @@ package main import ( - "fmt" + "context" "github.com/Cox-Automotive/alks-go" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" "log" "strings" "time" @@ -13,18 +13,13 @@ import ( func resourceAlksIamRole() *schema.Resource { return &schema.Resource{ - Create: resourceAlksIamRoleCreate, - Read: resourceAlksIamRoleRead, - Update: resourceAlksIamRoleUpdate, - Exists: resourceAlksIamRoleExists, - Delete: resourceAlksIamRoleDelete, + CreateContext: resourceAlksIamRoleCreate, + ReadContext: resourceAlksIamRoleRead, + UpdateContext: resourceAlksIamRoleUpdate, + DeleteContext: resourceAlksIamRoleDelete, Importer: &schema.ResourceImporter{ StateContext: schema.ImportStatePassthroughContext, }, - - SchemaVersion: 1, - MigrateState: migrateState, - Schema: map[string]*schema.Schema{ "name": { Type: schema.TypeString, @@ -70,18 +65,13 @@ func resourceAlksIamRole() *schema.Resource { func resourceAlksIamTrustRole() *schema.Resource { return &schema.Resource{ - Create: resourceAlksIamTrustRoleCreate, - Read: resourceAlksIamRoleRead, - Update: resourceAlksIamRoleUpdate, - Exists: resourceAlksIamRoleExists, - Delete: resourceAlksIamRoleDelete, + CreateContext: resourceAlksIamTrustRoleCreate, + ReadContext: resourceAlksIamRoleRead, + UpdateContext: resourceAlksIamRoleUpdate, + DeleteContext: resourceAlksIamRoleDelete, Importer: &schema.ResourceImporter{ - State: schema.ImportStatePassthrough, + StateContext: schema.ImportStatePassthroughContext, }, - - SchemaVersion: 1, - MigrateState: migrateState, - Schema: map[string]*schema.Schema{ "name": { Type: schema.TypeString, @@ -119,7 +109,7 @@ func resourceAlksIamTrustRole() *schema.Resource { } } -func resourceAlksIamRoleCreate(d *schema.ResourceData, meta interface{}) error { +func resourceAlksIamRoleCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS IAM Role Create") var roleName = d.Get("name").(string) @@ -135,12 +125,12 @@ func resourceAlksIamRoleCreate(d *schema.ResourceData, meta interface{}) error { client := meta.(*alks.Client) if err := validateIAMEnabled(client); err != nil { - return err + return diag.FromErr(err) } resp, err := client.CreateIamRole(roleName, roleType, templateFields, incDefPol, enableAlksAccess) if err != nil { - return err + return diag.FromErr(err) } d.SetId(resp.RoleName) @@ -148,10 +138,10 @@ func resourceAlksIamRoleCreate(d *schema.ResourceData, meta interface{}) error { log.Printf("[INFO] alks_iamrole.id: %v", d.Id()) - return resourceAlksIamRoleRead(d, meta) + return resourceAlksIamRoleRead(ctx, d, meta) } -func resourceAlksIamTrustRoleCreate(d *schema.ResourceData, meta interface{}) error { +func resourceAlksIamTrustRoleCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS IAM Trust Role Create") var roleName = d.Get("name").(string) @@ -161,7 +151,7 @@ func resourceAlksIamTrustRoleCreate(d *schema.ResourceData, meta interface{}) er client := meta.(*alks.Client) if err := validateIAMEnabled(client); err != nil { - return err + return diag.FromErr(err) } var resp *alks.IamRoleResponse @@ -182,7 +172,7 @@ func resourceAlksIamTrustRoleCreate(d *schema.ResourceData, meta interface{}) er }) if err != nil { - return err + return diag.FromErr(err) } response := *resp @@ -192,56 +182,39 @@ func resourceAlksIamTrustRoleCreate(d *schema.ResourceData, meta interface{}) er log.Printf("[INFO] alks_iamtrustrole.id: %v", d.Id()) - return resourceAlksIamRoleRead(d, meta) + return resourceAlksIamRoleRead(ctx, d, meta) } -func resourceAlksIamRoleDelete(d *schema.ResourceData, meta interface{}) error { +func resourceAlksIamRoleDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS IAM Role Delete") client := meta.(*alks.Client) if err := validateIAMEnabled(client); err != nil { - return err + return diag.FromErr(err) } if err := client.DeleteIamRole(d.Id()); err != nil { - return err + return diag.FromErr(err) } return nil } -func resourceAlksIamRoleExists(d *schema.ResourceData, meta interface{}) (b bool, e error) { - log.Printf("[INFO] ALKS IAM Role Exists") +func resourceAlksIamRoleRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + log.Printf("[INFO] ALKS IAM Role Read") client := meta.(*alks.Client) - foundRole, err := client.GetIamRole(d.Id()) - - if err != nil { - // TODO: Clean-up this logic, likely by improving the error responses from `alks-go` - if strings.Contains(err.Error(), "Role not found") { - return false, nil - } - - return false, err - } - - if foundRole == nil { - return false, nil + // Check if role exists. + if d.Id() == "" || d.Id() == "none" { + return nil } - return true, nil -} - -func resourceAlksIamRoleRead(d *schema.ResourceData, meta interface{}) error { - log.Printf("[INFO] ALKS IAM Role Read") - - client := meta.(*alks.Client) foundRole, err := client.GetIamRole(d.Id()) if err != nil { d.SetId("") - return err + return nil } log.Printf("[INFO] alks_iamrole.id %v", d.Id()) @@ -259,7 +232,7 @@ func resourceAlksIamRoleRead(d *schema.ResourceData, meta interface{}) error { return nil } -func resourceAlksIamRoleUpdate(d *schema.ResourceData, meta interface{}) error { +func resourceAlksIamRoleUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS IAM Role Update") // enable partial state mode @@ -268,13 +241,13 @@ func resourceAlksIamRoleUpdate(d *schema.ResourceData, meta interface{}) error { if d.HasChange("enable_alks_access") { // try updating enable_alks_access if err := updateAlksAccess(d, meta); err != nil { - return err + return diag.FromErr(err) } } d.Partial(false) - return nil + return resourceAlksIamRoleRead(ctx, d, meta) } func updateAlksAccess(d *schema.ResourceData, meta interface{}) error { @@ -298,29 +271,4 @@ func updateAlksAccess(d *schema.ResourceData, meta interface{}) error { } } return nil -} - -func migrateState(version int, state *terraform.InstanceState, meta interface{}) (*terraform.InstanceState, error) { - switch version { - case 0: - log.Println("[INFO] Found Instance State v0, migrating to v1") - return migrateV0toV1(state) - default: - return state, fmt.Errorf("Unrecognized version '%d' in schema for instance of ALKS IAM role '%s'", version, state.Attributes["name"]) - } -} - -func migrateV0toV1(state *terraform.InstanceState) (*terraform.InstanceState, error) { - if state.Empty() { - log.Println("[DEBUG] Empty InstanceState, nothing to migrate") - return state, nil - } - - if _, ok := state.Attributes["enable_alks_access"]; !ok { - log.Printf("[DEBUG] Attributes before migration: %#v", state.Attributes) - state.Attributes["enable_alks_access"] = "false" - log.Printf("[DEBUG] Attributes after migration: %#v", state.Attributes) - } - - return state, nil -} +} \ No newline at end of file diff --git a/resource_alks_iamrole_test.go b/resource_alks_iamrole_test.go index e4661cb3..59f74048 100644 --- a/resource_alks_iamrole_test.go +++ b/resource_alks_iamrole_test.go @@ -2,12 +2,11 @@ package main import ( "fmt" - "log" - "testing" - "github.com/Cox-Automotive/alks-go" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" + "log" + "testing" ) func TestAccAlksIamRole_Basic(t *testing.T) { @@ -21,8 +20,6 @@ func TestAccAlksIamRole_Basic(t *testing.T) { { Config: testAccCheckAlksIamRoleConfigBasic, Check: resource.ComposeTestCheckFunc( - // testAccCheckAlksIamRoleExists("bar420", &resp), - // testAccCheckAlksIamRoleAttributes(&resp), resource.TestCheckResourceAttr( "alks_iamrole.foo", "name", "bar420"), resource.TestCheckResourceAttr( @@ -101,34 +98,6 @@ func testAccCheckAlksIamRoleDestroy(role *alks.IamRoleResponse) resource.TestChe } } -func testAccCheckAlksIamRoleExists(n string, role *alks.IamRoleResponse) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - - if !ok { - return fmt.Errorf("Not found: %s", n) - } - - if rs.Primary.ID == "" { - return fmt.Errorf("No role ID is set") - } - - client := testAccProvider.Meta().(*alks.Client) - - foundRole, err := client.GetIamRole(rs.Primary.ID) - - if err != nil { - return err - } - - if foundRole.RoleArn != rs.Primary.ID { - return fmt.Errorf("Role not found") - } - - return nil - } -} - func testAccCheckAlksIamRoleAttributes(role *alks.IamRoleResponse) resource.TestCheckFunc { return func(s *terraform.State) error { log.Printf("[INFO] its this %v", role) diff --git a/resource_alks_ltk.go b/resource_alks_ltk.go index 43c7dd13..4ecf053e 100644 --- a/resource_alks_ltk.go +++ b/resource_alks_ltk.go @@ -1,6 +1,8 @@ package main import ( + "context" + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "log" "github.com/Cox-Automotive/alks-go" @@ -9,16 +11,13 @@ import ( func resourceAlksLtk() *schema.Resource { return &schema.Resource{ - Create: resourceAlksLtkCreate, - Read: resourceAlksLtkRead, - Delete: resourceAlksLtkDelete, - Exists: resourceAlksLtkExists, + CreateContext: resourceAlksLtkCreate, + ReadContext: resourceAlksLtkRead, + DeleteContext: resourceAlksLtkDelete, Importer: &schema.ResourceImporter{ StateContext: schema.ImportStatePassthroughContext, }, - SchemaVersion: 1, - Schema: map[string]*schema.Schema{ "iam_username": { Type: schema.TypeString, @@ -43,19 +42,19 @@ func resourceAlksLtk() *schema.Resource { } } -func resourceAlksLtkCreate(d *schema.ResourceData, meta interface{}) error { +func resourceAlksLtkCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS LTK User Create") var iamUsername = d.Get("iam_username").(string) client := meta.(*alks.Client) if err := validateIAMEnabled(client); err != nil { - return err + return diag.FromErr(err) } resp, err := client.CreateLongTermKey(iamUsername) if err != nil { - return err + return diag.FromErr(err) } d.SetId(iamUsername) @@ -65,13 +64,19 @@ func resourceAlksLtkCreate(d *schema.ResourceData, meta interface{}) error { log.Printf("[INFO] alks_ltk.id: %v", d.Id()) - return resourceAlksLtkRead(d, meta) + return resourceAlksLtkRead(ctx, d, meta) } -func resourceAlksLtkRead(d *schema.ResourceData, meta interface{}) error { +func resourceAlksLtkRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS LTK User Read") client := meta.(*alks.Client) + + // Check if role exists. + if d.Id() == "" || d.Id() == "none" { + return nil + } + resp, err := client.GetLongTermKey(d.Id()) if err != nil { @@ -87,35 +92,17 @@ func resourceAlksLtkRead(d *schema.ResourceData, meta interface{}) error { return nil } -func resourceAlksLtkDelete(d *schema.ResourceData, meta interface{}) error { +func resourceAlksLtkDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { log.Printf("[INFO] ALKS LTK User Delete") client := meta.(*alks.Client) if err := validateIAMEnabled(client); err != nil { - return err + return diag.FromErr(err) } if _, err := client.DeleteLongTermKey(d.Id()); err != nil { - return err + return diag.FromErr(err) } return nil } - -func resourceAlksLtkExists(d *schema.ResourceData, meta interface{}) (bool, error) { - log.Printf("[INFO] ALKS LTK User Exists") - - client := meta.(*alks.Client) - resp, err := client.GetLongTermKey(d.Id()) - - if err != nil { - return false, err - } - - // We can get a 200, but an empty string so this is the condition to check for. - if len(resp.LongTermKey.UserName) == 0 { - return false, nil - } - - return true, nil -}