-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[1/2] DXCDT-426: Add new auth0_connection_clients
resource
#568
Conversation
With this resource, you can manage enabled clients on a connection. | ||
With this resource, you can enable a single client on a connection. | ||
|
||
!> To prevent issues, avoid using this resource together with the `auth0_connection_clients` resource. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
## Example Usage | ||
|
||
```terraform | ||
resource "auth0_connection" "my_conn" { | ||
name = "My-Auth0-Connection" | ||
strategy = "auth0" | ||
# Avoid using the enabled_clients = [...], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is from the time we allowed managin the enabled_clients on the connection resource. Should not be here any more.
}, | ||
"name": { | ||
Type: schema.TypeString, | ||
Computed: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name and strategy are readonly.
func readConnectionClients(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics { | ||
api := meta.(*management.Management) | ||
|
||
connection, err := api.Connection.Read( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We only need to lock the mutex if we're operating changes.
|
||
{{ .Description | trimspace }} | ||
|
||
!> To prevent issues, avoid using this resource together with the `auth0_connection_clients` resource. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We're overriding the default template for a resource so we can add the red warning for these resources.
6cd4510
to
4ecc7d4
Compare
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #568 +/- ##
==========================================
- Coverage 87.52% 87.41% -0.11%
==========================================
Files 64 65 +1
Lines 9909 10039 +130
==========================================
+ Hits 8673 8776 +103
- Misses 936 958 +22
- Partials 300 305 +5
☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall solid and sensible contribution. A few ideas but I consider them non-blocking and could be implemented later.
|
||
data.SetId(connection.GetID()) | ||
|
||
if len(connection.GetEnabledClients()) != 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Optimization idea: Perhaps check the existing clients against the proposed clients. NBD if not implemented though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, I'll improve the logic for this check in a follow up PR and I'll post the link here, so we can review before merging this one too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Followed up in #570.
diag.Diagnostic{ | ||
Severity: diag.Error, | ||
Summary: "Connection with non empty enabled clients", | ||
Detail: "The connection already has enabled clients attached to it. " + |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Considering we have the connection ID at this point, can we pre-populate the import command the user would need to execute?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was trying to do that, but I couldn't find any way to get the name of the resource.
Given this resource
resource auth0_connection_clients some_custom_name {
...
}
The import command would be: terraform import auth0_connection_clients.some_custom_name <conn_id>
.
We could just print it anyway like that tho terraform import auth0_connection_clients.<your-resources-name> conn_123123
wdyt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Followed up in #570.
connection_id = auth0_connection.my_conn.id | ||
enabled_clients = [] | ||
} | ||
` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Idea: test the deletion of this resource by using a connection data source to check how many enabled clients there are.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Followed up in #570.
|
||
return diag.Diagnostics{ | ||
diag.Diagnostic{ | ||
Severity: diag.Error, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Non-blocking idea: perhaps this could be a warning? While it's safe to be an error, it does strike me as being a bit heavy-handed. Not a big deal either way though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we improve the check above we could only throw the error when there's a risk of wiping out untracked client IDs on the enabled clients property of the connection.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Followed up in #570.
auth0_connection_clients
resourceauth0_connection_clients
resource
🔧 Changes
In this PR we are adding a brand new
auth0_connection_clients
resource that managed the relationship between one connection and its respective enabled clients.📚 References
🔬 Testing
📝 Checklist