Remove deleted resources and datasources from Terraform state on Read (all remaining services) (#346)
* Remove deleted resources and datasources from state on Read * Simplify code * Fix function description Co-authored-by: Diogo Ferrão <diogo.ferrao@freiheit.com> * Fix function description Co-authored-by: Diogo Ferrão <diogo.ferrao@freiheit.com> * Fix whitespace --------- Co-authored-by: Diogo Ferrão <diogo.ferrao@freiheit.com>
This commit is contained in:
João Palet
GitHub
parent
464884cabe
commit
66d6ec2bd0
33 changed files with 262 additions and 40 deletions
|
|
@ -3,6 +3,7 @@ package objectstorage
|
|||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/hashicorp/terraform-plugin-framework/datasource"
|
||||
"github.com/hashicorp/terraform-plugin-framework/schema/validator"
|
||||
|
|
@ -12,6 +13,7 @@ import (
|
|||
|
||||
"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/config"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
|
||||
"github.com/stackitcloud/stackit-sdk-go/services/objectstorage"
|
||||
)
|
||||
|
||||
|
|
@ -129,6 +131,10 @@ func (r *bucketDataSource) Read(ctx context.Context, req datasource.ReadRequest,
|
|||
|
||||
bucketResp, err := r.client.GetBucket(ctx, projectId, bucketName).Execute()
|
||||
if err != nil {
|
||||
oapiErr, ok := err.(*oapierror.GenericOpenAPIError) //nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
|
||||
if ok && oapiErr.StatusCode == http.StatusNotFound {
|
||||
resp.State.RemoveResource(ctx)
|
||||
}
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading bucket", fmt.Sprintf("Calling API: %v", err))
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package objectstorage
|
|||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/hashicorp/terraform-plugin-framework/schema/validator"
|
||||
|
|
@ -17,6 +18,7 @@ import (
|
|||
"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
|
||||
"github.com/hashicorp/terraform-plugin-framework/types"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/config"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
|
||||
"github.com/stackitcloud/stackit-sdk-go/services/objectstorage"
|
||||
"github.com/stackitcloud/stackit-sdk-go/services/objectstorage/wait"
|
||||
)
|
||||
|
|
@ -203,6 +205,11 @@ func (r *bucketResource) Read(ctx context.Context, req resource.ReadRequest, res
|
|||
|
||||
bucketResp, err := r.client.GetBucket(ctx, projectId, bucketName).Execute()
|
||||
if err != nil {
|
||||
oapiErr, ok := err.(*oapierror.GenericOpenAPIError) //nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
|
||||
if ok && oapiErr.StatusCode == http.StatusNotFound {
|
||||
resp.State.RemoveResource(ctx)
|
||||
return
|
||||
}
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading bucket", fmt.Sprintf("Calling API: %v", err))
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -131,11 +131,16 @@ func (r *credentialDataSource) Read(ctx context.Context, req datasource.ReadRequ
|
|||
ctx = tflog.SetField(ctx, "credentials_group_id", credentialsGroupId)
|
||||
ctx = tflog.SetField(ctx, "credential_id", credentialId)
|
||||
|
||||
err := readCredentials(ctx, &model, r.client)
|
||||
found, err := readCredentials(ctx, &model, r.client)
|
||||
if err != nil {
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credential", fmt.Sprintf("Finding credential: %v", err))
|
||||
return
|
||||
}
|
||||
if !found {
|
||||
resp.State.RemoveResource(ctx)
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credential", "Credential not found")
|
||||
return
|
||||
}
|
||||
|
||||
// Set refreshed state
|
||||
diags = resp.State.Set(ctx, model)
|
||||
|
|
|
|||
|
|
@ -240,11 +240,15 @@ func (r *credentialResource) Read(ctx context.Context, req resource.ReadRequest,
|
|||
ctx = tflog.SetField(ctx, "credentials_group_id", credentialsGroupId)
|
||||
ctx = tflog.SetField(ctx, "credential_id", credentialId)
|
||||
|
||||
err := readCredentials(ctx, &model, r.client)
|
||||
found, err := readCredentials(ctx, &model, r.client)
|
||||
if err != nil {
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credential", fmt.Sprintf("Finding credential: %v", err))
|
||||
return
|
||||
}
|
||||
if !found {
|
||||
resp.State.RemoveResource(ctx)
|
||||
return
|
||||
}
|
||||
|
||||
// Set refreshed state
|
||||
diags = resp.State.Set(ctx, model)
|
||||
|
|
@ -388,18 +392,18 @@ func mapFields(credentialResp *objectstorage.CreateAccessKeyResponse, model *Mod
|
|||
|
||||
// readCredentials gets all the existing credentials for the specified credentials group,
|
||||
// finds the credential that is being read and updates the state.
|
||||
// If the credential cannot be found, it throws an error
|
||||
func readCredentials(ctx context.Context, model *Model, client *objectstorage.APIClient) error {
|
||||
// Returns True if the credential was found, False otherwise.
|
||||
func readCredentials(ctx context.Context, model *Model, client *objectstorage.APIClient) (bool, error) {
|
||||
projectId := model.ProjectId.ValueString()
|
||||
credentialsGroupId := model.CredentialsGroupId.ValueString()
|
||||
credentialId := model.CredentialId.ValueString()
|
||||
|
||||
credentialsGroupResp, err := client.ListAccessKeys(ctx, projectId).CredentialsGroup(credentialsGroupId).Execute()
|
||||
if err != nil {
|
||||
return fmt.Errorf("getting credentials groups: %w", err)
|
||||
return false, fmt.Errorf("getting credentials groups: %w", err)
|
||||
}
|
||||
if credentialsGroupResp == nil {
|
||||
return fmt.Errorf("getting credentials groups: nil response")
|
||||
return false, fmt.Errorf("getting credentials groups: nil response")
|
||||
}
|
||||
|
||||
foundCredential := false
|
||||
|
|
@ -427,15 +431,12 @@ func readCredentials(ctx context.Context, model *Model, client *objectstorage.AP
|
|||
// Eg. "2027-01-02T03:04:05.000Z" = "2027-01-02T03:04:05Z"
|
||||
expirationTimestamp, err := time.Parse(time.RFC3339, *credential.Expires)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to parse payload expiration timestamp '%v': %w", *credential.Expires, err)
|
||||
return foundCredential, fmt.Errorf("unable to parse payload expiration timestamp '%v': %w", *credential.Expires, err)
|
||||
}
|
||||
model.ExpirationTimestamp = types.StringValue(expirationTimestamp.Format(time.RFC3339))
|
||||
}
|
||||
break
|
||||
}
|
||||
if !foundCredential {
|
||||
return fmt.Errorf("credential could not be found")
|
||||
}
|
||||
|
||||
return nil
|
||||
return foundCredential, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -213,7 +213,8 @@ func TestReadCredentials(t *testing.T) {
|
|||
tests := []struct {
|
||||
description string
|
||||
mockedResp *objectstorage.ListAccessKeysResponse
|
||||
expected Model
|
||||
expectedModel Model
|
||||
expectedFound bool
|
||||
getCredentialsFails bool
|
||||
isValid bool
|
||||
}{
|
||||
|
|
@ -242,6 +243,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
SecretAccessKey: types.StringNull(),
|
||||
ExpirationTimestamp: types.StringNull(),
|
||||
},
|
||||
true,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
|
|
@ -276,6 +278,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
SecretAccessKey: types.StringNull(),
|
||||
ExpirationTimestamp: types.StringValue(now.Format(time.RFC3339)),
|
||||
},
|
||||
true,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
|
|
@ -310,6 +313,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
SecretAccessKey: types.StringNull(),
|
||||
ExpirationTimestamp: types.StringValue(now.Format(time.RFC3339)),
|
||||
},
|
||||
true,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
|
|
@ -321,6 +325,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"nil_response",
|
||||
|
|
@ -328,6 +333,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
},
|
||||
{
|
||||
"non_matching_credential",
|
||||
|
|
@ -348,6 +354,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
{
|
||||
"error_response",
|
||||
|
|
@ -361,6 +368,7 @@ func TestReadCredentials(t *testing.T) {
|
|||
},
|
||||
},
|
||||
Model{},
|
||||
false,
|
||||
true,
|
||||
false,
|
||||
},
|
||||
|
|
@ -401,11 +409,11 @@ func TestReadCredentials(t *testing.T) {
|
|||
}
|
||||
|
||||
model := &Model{
|
||||
ProjectId: tt.expected.ProjectId,
|
||||
CredentialsGroupId: tt.expected.CredentialsGroupId,
|
||||
CredentialId: tt.expected.CredentialId,
|
||||
ProjectId: tt.expectedModel.ProjectId,
|
||||
CredentialsGroupId: tt.expectedModel.CredentialsGroupId,
|
||||
CredentialId: tt.expectedModel.CredentialId,
|
||||
}
|
||||
err = readCredentials(context.Background(), model, client)
|
||||
found, err := readCredentials(context.Background(), model, client)
|
||||
if !tt.isValid && err == nil {
|
||||
t.Fatalf("Should have failed")
|
||||
}
|
||||
|
|
@ -413,10 +421,14 @@ func TestReadCredentials(t *testing.T) {
|
|||
t.Fatalf("Should not have failed: %v", err)
|
||||
}
|
||||
if tt.isValid {
|
||||
diff := cmp.Diff(model, &tt.expected)
|
||||
diff := cmp.Diff(model, &tt.expectedModel)
|
||||
if diff != "" {
|
||||
t.Fatalf("Data does not match: %s", diff)
|
||||
}
|
||||
|
||||
if found != tt.expectedFound {
|
||||
t.Fatalf("Found does not match: %v", found)
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -128,9 +128,14 @@ func (r *credentialsGroupDataSource) Read(ctx context.Context, req datasource.Re
|
|||
ctx = tflog.SetField(ctx, "project_id", projectId)
|
||||
ctx = tflog.SetField(ctx, "credentials_group_id", credentialsGroupId)
|
||||
|
||||
err := readCredentialsGroups(ctx, &model, r.client)
|
||||
found, err := readCredentialsGroups(ctx, &model, r.client)
|
||||
if err != nil {
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credentialsGroup", fmt.Sprintf("getting credential group from list of credentials groups: %v", err))
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credentials group", fmt.Sprintf("getting credential group from list of credentials groups: %v", err))
|
||||
return
|
||||
}
|
||||
if !found {
|
||||
resp.State.RemoveResource(ctx)
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credentials group", "Credentials group not found")
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -198,11 +198,15 @@ func (r *credentialsGroupResource) Read(ctx context.Context, req resource.ReadRe
|
|||
ctx = tflog.SetField(ctx, "project_id", projectId)
|
||||
ctx = tflog.SetField(ctx, "credentials_group_id", credentialsGroupId)
|
||||
|
||||
err := readCredentialsGroups(ctx, &model, r.client)
|
||||
found, err := readCredentialsGroups(ctx, &model, r.client)
|
||||
if err != nil {
|
||||
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading credentialsGroup", fmt.Sprintf("getting credential group from list of credentials groups: %v", err))
|
||||
return
|
||||
}
|
||||
if !found {
|
||||
resp.State.RemoveResource(ctx)
|
||||
return
|
||||
}
|
||||
|
||||
// Set refreshed state
|
||||
diags = resp.State.Set(ctx, model)
|
||||
|
|
@ -318,21 +322,22 @@ func enableProject(ctx context.Context, model *Model, client objectStorageClient
|
|||
}
|
||||
|
||||
// readCredentialsGroups gets all the existing credentials groups for the specified project,
|
||||
// finds the credentials group that is being read and updates the state. If the credentials group cannot be found, it throws an error
|
||||
func readCredentialsGroups(ctx context.Context, model *Model, client objectStorageClient) error {
|
||||
// finds the credentials group that is being read and updates the state.
|
||||
// Returns True if the credential was found, False otherwise.
|
||||
func readCredentialsGroups(ctx context.Context, model *Model, client objectStorageClient) (bool, error) {
|
||||
found := false
|
||||
|
||||
if model.CredentialsGroupId.ValueString() == "" && model.Name.ValueString() == "" {
|
||||
return fmt.Errorf("missing configuration: either name or credentials group id must be provided")
|
||||
return found, fmt.Errorf("missing configuration: either name or credentials group id must be provided")
|
||||
}
|
||||
|
||||
credentialsGroupsResp, err := client.ListCredentialsGroupsExecute(ctx, model.ProjectId.ValueString())
|
||||
if err != nil {
|
||||
return fmt.Errorf("getting credentials groups: %w", err)
|
||||
return found, fmt.Errorf("getting credentials groups: %w", err)
|
||||
}
|
||||
|
||||
if credentialsGroupsResp == nil {
|
||||
return fmt.Errorf("nil response from GET credentials groups")
|
||||
return found, fmt.Errorf("nil response from GET credentials groups")
|
||||
}
|
||||
|
||||
for _, credentialsGroup := range *credentialsGroupsResp.CredentialsGroups {
|
||||
|
|
@ -342,14 +347,10 @@ func readCredentialsGroups(ctx context.Context, model *Model, client objectStora
|
|||
found = true
|
||||
err = mapCredentialsGroup(credentialsGroup, model)
|
||||
if err != nil {
|
||||
return err
|
||||
return found, err
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
if !found {
|
||||
return fmt.Errorf("credentials group could not be found")
|
||||
}
|
||||
|
||||
return nil
|
||||
return found, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -162,7 +162,8 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
tests := []struct {
|
||||
description string
|
||||
mockedResp *objectstorage.ListCredentialsGroupsResponse
|
||||
expected Model
|
||||
expectedModel Model
|
||||
expectedFound bool
|
||||
getCredentialsGroupsFails bool
|
||||
isValid bool
|
||||
}{
|
||||
|
|
@ -185,6 +186,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
CredentialsGroupId: types.StringValue("cid"),
|
||||
URN: types.StringNull(),
|
||||
},
|
||||
true,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
|
|
@ -211,6 +213,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
CredentialsGroupId: types.StringValue("cid"),
|
||||
URN: types.StringValue("urn"),
|
||||
},
|
||||
true,
|
||||
false,
|
||||
true,
|
||||
},
|
||||
|
|
@ -222,6 +225,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
},
|
||||
{
|
||||
"nil_credentials_groups",
|
||||
|
|
@ -231,6 +235,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
},
|
||||
{
|
||||
"nil_response",
|
||||
|
|
@ -238,6 +243,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
},
|
||||
{
|
||||
"non_matching_credentials_group",
|
||||
|
|
@ -253,6 +259,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
Model{},
|
||||
false,
|
||||
false,
|
||||
false,
|
||||
},
|
||||
{
|
||||
"error_response",
|
||||
|
|
@ -266,6 +273,7 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
},
|
||||
},
|
||||
Model{},
|
||||
false,
|
||||
true,
|
||||
false,
|
||||
},
|
||||
|
|
@ -277,10 +285,10 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
listCredentialsGroupsResp: tt.mockedResp,
|
||||
}
|
||||
model := &Model{
|
||||
ProjectId: tt.expected.ProjectId,
|
||||
CredentialsGroupId: tt.expected.CredentialsGroupId,
|
||||
ProjectId: tt.expectedModel.ProjectId,
|
||||
CredentialsGroupId: tt.expectedModel.CredentialsGroupId,
|
||||
}
|
||||
err := readCredentialsGroups(context.Background(), model, client)
|
||||
found, err := readCredentialsGroups(context.Background(), model, client)
|
||||
if !tt.isValid && err == nil {
|
||||
t.Fatalf("Should have failed")
|
||||
}
|
||||
|
|
@ -288,10 +296,14 @@ func TestReadCredentialsGroups(t *testing.T) {
|
|||
t.Fatalf("Should not have failed: %v", err)
|
||||
}
|
||||
if tt.isValid {
|
||||
diff := cmp.Diff(model, &tt.expected)
|
||||
diff := cmp.Diff(model, &tt.expectedModel)
|
||||
if diff != "" {
|
||||
t.Fatalf("Data does not match: %s", diff)
|
||||
}
|
||||
|
||||
if found != tt.expectedFound {
|
||||
t.Fatalf("Found does not match")
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue