Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Relaxed validation for identifier_uri attribute in azuread_application_identifier_uri resource #1351

Merged
merged 2 commits into from
May 8, 2024

Conversation

kenchan0130
Copy link
Contributor

Fix #1342
Related #951

I have tried to call API using various patterns.

Test case IsAppUri() Actual API Trail
(empty string) Invalid Invalid trail
www.example.com?query=param Invalid Invalid trail
this is invalid a url for app with patch! Invalid Invalid trail
arn:aws:iam::123456789012:user/johndoe Invalid Valid trail
valid-url_with-patch Invalid Valid trail
this is valid a url for app with patch Invalid Valid trail
www.example.com Invalid Valid trail

Based on these results, I found it difficult to define custom validation rules.
Ultimately, since errors will occur in the API, I concluded that rigorous validation should be abandoned.

Therefore, I made changes to simplify the validation.

Copy link
Contributor

@manicminer manicminer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @kenchan0130 for looking at this. I agree with your conclusion that it's not practical for us to maintain extended validation rules here in a way that works for all users in all configurations. I've pushed a second commit to also relax the identifier_uris validation on the azuread_application resource.

@manicminer manicminer merged commit 456bc3b into hashicorp:main May 8, 2024
25 checks passed
@github-actions github-actions bot added this to the v2.49.0 milestone May 8, 2024
manicminer added a commit that referenced this pull request May 8, 2024
dduportal pushed a commit to jenkins-infra/azure that referenced this pull request May 10, 2024
<Actions>
<action
id="6d17e7acdb2f3311576150379e22805f2f9b4aa72ff00ec136aceee45cae4b98">
        <h3>Bump Terraform `azuread` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
            <summary>Update Terraform lock file</summary>
<p>changes detected:&#xA;&#x9;&#34;hashicorp/azuread&#34; updated from
&#34;2.48.0&#34; to &#34;2.49.0&#34; in file
&#34;.terraform.lock.hcl&#34;</p>
            <details>
                <summary>2.49.0</summary>
<pre>Changelog retrieved
from:&#xA;&#x9;https://github.com/hashicorp/terraform-provider-azuread/releases/tag/v2.49.0&#xA;FEATURES:&#xA;&#xA;*
**New Data Source:** `azuread_group_role_management_policy`
([#1327](hashicorp/terraform-provider-azuread#1327
**New Resource:** `azuread_group_role_management_policy`
([#1327](hashicorp/terraform-provider-azuread#1327
**New Resource:** `azuread_privileged_access_group_assignment_schedule`
([#1327](hashicorp/terraform-provider-azuread#1327
**New Resource:** `azuread_privileged_access_group_eligibility_schedule`
([#1327](hashicorp/terraform-provider-azuread#1327
**New Resource:** `azuread_synchronization_job_provision_on_demand`
([#1032](https://github.com/hashicorp/terraform-provider-azuread/issues/1032))&#xA;&#xA;ENHANCEMENTS:&#xA;&#xA;*
`data.azuread_group` - support for the `include_transitive_members`
property
([#1300](hashicorp/terraform-provider-azuread#1300
`azuread_application` - relax validation for the `identifier_uris`
property to allow more values
([#1351](hashicorp/terraform-provider-azuread#1351
`azuread_application_identifier_uri` - relax validation for the
`identifier_uri` property to allow more values
([#1351](hashicorp/terraform-provider-azuread#1351
`azuread_group` - support the `SkipExchangeInstantOn` value for the
`behaviors` property
([#1370](hashicorp/terraform-provider-azuread#1370
`azuread_user` - relax validation for the `employee_type` property to
allow more values
([#1328](https://github.com/hashicorp/terraform-provider-azuread/issues/1328))&#xA;&#xA;BUG
FIXES:&#xA;&#xA;* `azuread_application_pre_authorized` - fix a
destroy-time bug that could prevent deletion of the resource
([#1299](https://github.com/hashicorp/terraform-provider-azuread/issues/1299))&#xA;&#xA;&#xA;</pre>
            </details>
        </details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/158/">Jenkins
pipeline link</a>
    </action>
</Actions>

---

<table>
  <tr>
    <td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
    </td>
    <td>
      <p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
      </p>
      <details><summary>Options:</summary>
        <br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
        <ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
        </ul>
        <p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
        </p>
      </details>
    </td>
  </tr>
</table>

Co-authored-by: Jenkins Infra Bot (updatecli) <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Error when setting identifier_uri for azuread_application or azuread_application_identifier_uri
2 participants