Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[1/2] DXCDT-426: Add new auth0_connection_clients resource #568

Merged
merged 1 commit into from
May 9, 2023

Conversation

sergiught
Copy link
Contributor

🔧 Changes

In this PR we are adding a brand new auth0_connection_clients resource that managed the relationship between one connection and its respective enabled clients.

Warning
This new resource should not be used together with the auth0_connection_client resource, as they both operate on the same property of the connection, but one does so in bulk and the other is append only.

Note
In this PR we are not adding the logic to detect if both the 1:1 and 1:many resources for the connection are used within the same config. That will be a separate follow up through DXCDT-446. However that will only raise issues within the same config. It's still advised to not use both resources to manage the enabled clients of the same connection even if they are in separate terraform configurations.

📚 References

🔬 Testing

📝 Checklist

  • All new/changed/fixed functionality is covered by tests (or N/A)
  • I have added documentation for all new/changed functionality (or N/A)

With this resource, you can manage enabled clients on a connection.
With this resource, you can enable a single client on a connection.

!> To prevent issues, avoid using this resource together with the `auth0_connection_clients` resource.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


## Example Usage

```terraform
resource "auth0_connection" "my_conn" {
name = "My-Auth0-Connection"
strategy = "auth0"
# Avoid using the enabled_clients = [...],
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is from the time we allowed managin the enabled_clients on the connection resource. Should not be here any more.

},
"name": {
Type: schema.TypeString,
Computed: true,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The name and strategy are readonly.

func readConnectionClients(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*management.Management)

connection, err := api.Connection.Read(
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We only need to lock the mutex if we're operating changes.


{{ .Description | trimspace }}

!> To prevent issues, avoid using this resource together with the `auth0_connection_clients` resource.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're overriding the default template for a resource so we can add the red warning for these resources.

@sergiught sergiught marked this pull request as ready for review May 8, 2023 14:12
@sergiught sergiught requested a review from a team as a code owner May 8, 2023 14:12
@sergiught sergiught force-pushed the feature/DXCDT-426-connection-clients branch from 6cd4510 to 4ecc7d4 Compare May 8, 2023 14:19
@codecov-commenter
Copy link

Codecov Report

Patch coverage: 79.38% and project coverage change: -0.11 ⚠️

Comparison is base (c0e6308) 87.52% compared to head (4ecc7d4) 87.41%.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #568      +/-   ##
==========================================
- Coverage   87.52%   87.41%   -0.11%     
==========================================
  Files          64       65       +1     
  Lines        9909    10039     +130     
==========================================
+ Hits         8673     8776     +103     
- Misses        936      958      +22     
- Partials      300      305       +5     
Impacted Files Coverage Δ
internal/provider/provider.go 59.00% <ø> (ø)
internal/auth0/connection/resource_clients.go 79.23% <79.23%> (ø)
internal/auth0/connection/resource_client.go 76.27% <100.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

Copy link
Contributor

@willvedd willvedd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall solid and sensible contribution. A few ideas but I consider them non-blocking and could be implemented later.


data.SetId(connection.GetID())

if len(connection.GetEnabledClients()) != 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optimization idea: Perhaps check the existing clients against the proposed clients. NBD if not implemented though.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea, I'll improve the logic for this check in a follow up PR and I'll post the link here, so we can review before merging this one too.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Followed up in #570.

diag.Diagnostic{
Severity: diag.Error,
Summary: "Connection with non empty enabled clients",
Detail: "The connection already has enabled clients attached to it. " +
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Considering we have the connection ID at this point, can we pre-populate the import command the user would need to execute?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to do that, but I couldn't find any way to get the name of the resource.

Given this resource

resource auth0_connection_clients some_custom_name {
...
}

The import command would be: terraform import auth0_connection_clients.some_custom_name <conn_id>.

We could just print it anyway like that tho terraform import auth0_connection_clients.<your-resources-name> conn_123123 wdyt?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Followed up in #570.

connection_id = auth0_connection.my_conn.id
enabled_clients = []
}
`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Idea: test the deletion of this resource by using a connection data source to check how many enabled clients there are.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Followed up in #570.


return diag.Diagnostics{
diag.Diagnostic{
Severity: diag.Error,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Non-blocking idea: perhaps this could be a warning? While it's safe to be an error, it does strike me as being a bit heavy-handed. Not a big deal either way though.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we improve the check above we could only throw the error when there's a risk of wiping out untracked client IDs on the enabled clients property of the connection.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Followed up in #570.

@sergiught sergiught changed the title DXCDT-426: Add new auth0_connection_clients resource [1/2] DXCDT-426: Add new auth0_connection_clients resource May 9, 2023
@sergiught sergiught requested a review from willvedd May 9, 2023 10:15
@sergiught sergiught merged commit 7fc819b into main May 9, 2023
@sergiught sergiught deleted the feature/DXCDT-426-connection-clients branch May 9, 2023 11:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants