Implement Secrets Manager User, change ACL to Set (#94)

* Implement secrets manager user * Add user tests * Add secrets manager user * Fix typo * Change ACL to set * Fix field name * Change ACLs to set * Fix typo * Fix formatting * Fix update not using existing password * Add repeating ACLs to test case * Fix signature * Add user checks * Reorder list --------- Co-authored-by: Henrique Santos <henrique.santos@freiheit.com>
2023-10-19 13:56:24 +01:00 · 2023-10-19 13:56:24 +01:00 · 7a7f28a306
commit 7a7f28a306
parent e1265578ce
9 changed files with 1159 additions and 45 deletions
--- a/stackit/internal/services/secretsmanager/instance/datasource.go
+++ b/stackit/internal/services/secretsmanager/instance/datasource.go
@ -110,7 +110,7 @@ func (r *instanceDataSource) Schema(_ context.Context, _ datasource.SchemaReques
 				Description: descriptions["name"],
 				Computed:    true,
 			},
-			"acls": schema.ListAttribute{
+			"acls": schema.SetAttribute{
 				Description: descriptions["acls"],
 				ElementType: types.StringType,
 				Computed:    true,
--- a/stackit/internal/services/secretsmanager/instance/resource.go
+++ b/stackit/internal/services/secretsmanager/instance/resource.go
@ -5,7 +5,7 @@ import (
 	"fmt"
 	"strings"

-	"github.com/hashicorp/terraform-plugin-framework-validators/listvalidator"
+	"github.com/hashicorp/terraform-plugin-framework-validators/setvalidator"
 	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
 	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
@ -36,7 +36,7 @@ type Model struct {
 	InstanceId types.String `tfsdk:"instance_id"`
 	ProjectId  types.String `tfsdk:"project_id"`
 	Name       types.String `tfsdk:"name"`
-	ACLs       types.List   `tfsdk:"acls"`
+	ACLs       types.Set    `tfsdk:"acls"`
 }

 // NewInstanceResource is a helper function to simplify the provider implementation.
@ -143,13 +143,12 @@ func (r *instanceResource) Schema(_ context.Context, _ resource.SchemaRequest, r
 					stringvalidator.LengthAtLeast(1),
 				},
 			},
-			"acls": schema.ListAttribute{
+			"acls": schema.SetAttribute{
 				Description: descriptions["acls"],
 				ElementType: types.StringType,
 				Optional:    true,
-				Validators: []validator.List{
-					listvalidator.UniqueValues(),
-					listvalidator.ValueStringsAre(
+				Validators: []validator.Set{
+					setvalidator.ValueStringsAre(
 						validate.CIDR(),
 					),
 				},
@ -397,7 +396,7 @@ func mapACLs(aclList *secretsmanager.AclList, model *Model) error {
 		return fmt.Errorf("nil ACL list")
 	}
 	if aclList.Acls == nil || len(*aclList.Acls) == 0 {
-		model.ACLs = types.ListNull(types.StringType)
+		model.ACLs = types.SetNull(types.StringType)
 		return nil
 	}

@ -405,7 +404,7 @@ func mapACLs(aclList *secretsmanager.AclList, model *Model) error {
 	for _, acl := range *aclList.Acls {
 		acls = append(acls, types.StringValue(*acl.Cidr))
 	}
-	aclsList, diags := types.ListValue(types.StringType, acls)
+	aclsList, diags := types.SetValue(types.StringType, acls)
 	if diags.HasError() {
 		return fmt.Errorf("mapping ACLs: %w", core.DiagsToError(diags))
 	}
--- a/stackit/internal/services/secretsmanager/instance/resource_test.go
+++ b/stackit/internal/services/secretsmanager/instance/resource_test.go
@ -36,7 +36,7 @@ func TestMapFields(t *testing.T) {
 				InstanceId: types.StringValue("iid"),
 				ProjectId:  types.StringValue("pid"),
 				Name:       types.StringNull(),
-				ACLs:       types.ListNull(types.StringType),
+				ACLs:       types.SetNull(types.StringType),
 			},
 			true,
 		},
@ -66,7 +66,7 @@ func TestMapFields(t *testing.T) {
 				InstanceId: types.StringValue("iid"),
 				ProjectId:  types.StringValue("pid"),
 				Name:       types.StringValue("name"),
-				ACLs: types.ListValueMust(types.StringType, []attr.Value{
+				ACLs: types.SetValueMust(types.StringType, []attr.Value{
 					types.StringValue("cidr-1"),
 					types.StringValue("cidr-2"),
 					types.StringValue("cidr-3"),