fix: remove identity from postgres-flex

[skip ci]
2026-03-16 15:45:53 +01:00 · 2026-03-16 15:45:53 +01:00 · ba579760d5
commit ba579760d5
parent c1f463935b
20 changed files with 570 additions and 581 deletions
--- a/stackit/internal/services/postgresflexalpha/user/datasources_gen/user_data_source_gen.go
+++ b/stackit/internal/services/postgresflexalpha/user/datasources_gen/user_data_source_gen.go
@ -35,7 +35,7 @@ func UserDataSourceSchema(ctx context.Context) schema.Schema {
 				MarkdownDescription: "The STACKIT project ID.",
 			},
 			"region": schema.StringAttribute{
-				Required:            true,
+				Optional:            true,
 				Description:         "The region which should be addressed",
 				MarkdownDescription: "The region which should be addressed",
 				Validators: []validator.String{
--- a/stackit/internal/services/postgresflexalpha/user/mapper.go
+++ b/stackit/internal/services/postgresflexalpha/user/mapper.go
@ -116,7 +116,12 @@ func mapResourceFields(userResp *v3alpha1api.GetUserResponse, model *resourceMod
 		return fmt.Errorf("user id not present")
 	}

-	model.Id = types.Int64Value(userID)
+	model.Id = utils.BuildInternalTerraformId(
+		model.ProjectId.ValueString(),
+		model.Region.ValueString(),
+		model.InstanceId.ValueString(),
+		strconv.FormatInt(userID, 10),
+	)
 	model.UserId = types.Int64Value(userID)
 	model.Name = types.StringValue(user.Name)

--- a/stackit/internal/services/postgresflexalpha/user/resource.go
+++ b/stackit/internal/services/postgresflexalpha/user/resource.go
@ -11,7 +11,7 @@ import (
 	"time"

 	"github.com/hashicorp/terraform-plugin-framework/diag"
-	"github.com/hashicorp/terraform-plugin-framework/resource/identityschema"
+	"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
 	"github.com/stackitcloud/stackit-sdk-go/services/postgresflex/v3alpha1api"

 	postgresflexalpha "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/postgresflexalpha/user/resources_gen"
@ -34,7 +34,6 @@ var (
 	_ resource.ResourceWithConfigure      = &userResource{}
 	_ resource.ResourceWithImportState    = &userResource{}
 	_ resource.ResourceWithModifyPlan     = &userResource{}
-	_ resource.ResourceWithIdentity       = &userResource{}
 	_ resource.ResourceWithValidateConfig = &userResource{}

 	// Error message constants
@ -50,14 +49,6 @@ func NewUserResource() resource.Resource {
 // resourceModel represents the Terraform resource state for a PostgreSQL Flex user.
 type resourceModel = postgresflexalpha.UserModel

-// UserResourceIdentityModel describes the resource's identity attributes.
-type UserResourceIdentityModel struct {
-	ProjectID  types.String `tfsdk:"project_id"`
-	Region     types.String `tfsdk:"region"`
-	InstanceID types.String `tfsdk:"instance_id"`
-	UserID     types.Int64  `tfsdk:"user_id"`
-}
-
 // userResource implements the resource handling for a PostgreSQL Flex user.
 type userResource struct {
 	client       *v3alpha1api.APIClient
@ -232,23 +223,14 @@ func (r *userResource) Create(
 	}
 	arg.userID = int64(*id)

+	model.Id = utils.BuildInternalTerraformId(arg.projectID, arg.region, arg.instanceID, strconv.FormatInt(arg.userID, 10))
+
+	ctx = tflog.SetField(ctx, "id", model.Id.ValueString())
 	ctx = tflog.SetField(ctx, "user_id", id)

 	ctx = core.LogResponse(ctx)

-	// Set data returned by API in identity
-	identity := UserResourceIdentityModel{
-		ProjectID:  types.StringValue(arg.projectID),
-		Region:     types.StringValue(arg.region),
-		InstanceID: types.StringValue(arg.instanceID),
-		UserID:     types.Int64Value(int64(*id)),
-	}
-	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
-	if resp.Diagnostics.HasError() {
-		return
-	}
-
-	model.Id = types.Int64Value(int64(*id))
+	model.Id = utils.BuildInternalTerraformId(arg.projectID, arg.region, arg.instanceID, strconv.FormatInt(arg.userID, 10))
 	model.UserId = types.Int64Value(int64(*id))
 	model.Password = types.StringValue(userResp.GetPassword())
 	model.Status = types.StringValue(userResp.GetStatus())
@ -370,15 +352,14 @@ func (r *userResource) Read(

 	ctx = core.LogResponse(ctx)

-	// Set data returned by API in identity
-	identity := UserResourceIdentityModel{
-		ProjectID:  types.StringValue(arg.projectID),
-		Region:     types.StringValue(arg.region),
-		InstanceID: types.StringValue(arg.instanceID),
-		UserID:     types.Int64Value(arg.userID),
-	}
-	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
-	if resp.Diagnostics.HasError() {
+	err = mapResourceFields(waitResp, &model, model.Region.ValueString())
+	if err != nil {
+		core.LogAndAddError(
+			ctx,
+			&resp.Diagnostics,
+			"read user",
+			fmt.Sprintf("Wait response mapping: %v", err),
+		)
 		return
 	}

@ -457,18 +438,6 @@ func (r *userResource) Update(

 	ctx = core.LogResponse(ctx)

-	// Set data returned by API in identity
-	identity := UserResourceIdentityModel{
-		ProjectID:  types.StringValue(arg.projectID),
-		Region:     types.StringValue(arg.region),
-		InstanceID: types.StringValue(arg.instanceID),
-		UserID:     types.Int64Value(userID64),
-	}
-	resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
-	if resp.Diagnostics.HasError() {
-		return
-	}
-
 	// Verify update
 	waitResp, err := postgresflexalphaWait.GetUserByIdWaitHandler(
 		ctx,
@ -525,26 +494,17 @@ func (r *userResource) Delete(
 	if resp.Diagnostics.HasError() {
 		return
 	}
-	// Read identity data
-	var identityData UserResourceIdentityModel
-	resp.Diagnostics.Append(req.Identity.Get(ctx, &identityData)...)
-	if resp.Diagnostics.HasError() {
-		return
-	}

 	ctx = core.InitProviderContext(ctx)

-	arg, errExt := r.extractIdentityData(model, identityData)
-	if errExt != nil {
-		core.LogAndAddError(
-			ctx,
-			&resp.Diagnostics,
-			extractErrorSummary,
-			fmt.Sprintf(extractErrorMessage, errExt),
-		)
+	arg := clientArg{
+		projectID:  model.ProjectId.ValueString(),
+		instanceID: model.InstanceId.ValueString(),
+		region:     model.Region.ValueString(),
+		userID:     model.UserId.ValueInt64(),
 	}

-	ctx = r.setTFLogFields(ctx, arg)
+	ctx = r.setTFLogFields(ctx, &arg)
 	ctx = core.InitProviderContext(ctx)

 	userID64 := arg.userID
@ -557,7 +517,14 @@ func (r *userResource) Delete(
 	// Delete existing record set
 	err := r.client.DefaultAPI.DeleteUserRequest(ctx, arg.projectID, arg.region, arg.instanceID, userID).Execute()
 	if err != nil {
-		core.LogAndAddError(ctx, &resp.Diagnostics, "Error deleting user", fmt.Sprintf("Calling API: %v", err))
+		oapiErr, ok := err.(*oapierror.GenericOpenAPIError) // nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
+		if ok {
+			if oapiErr.StatusCode == 404 {
+				resp.State.RemoveResource(ctx)
+				return
+			}
+		}
+		core.LogAndAddError(ctx, &resp.Diagnostics, "Error deleting user", fmt.Sprintf("error from API: %v", err))
 	}

 	ctx = core.LogResponse(ctx)
@ -581,30 +548,6 @@ func (r *userResource) Delete(
 	tflog.Info(ctx, "Postgres Flex user deleted")
 }

-// IdentitySchema defines the fields that are required to uniquely identify a resource.
-func (r *userResource) IdentitySchema(
-	_ context.Context,
-	_ resource.IdentitySchemaRequest,
-	response *resource.IdentitySchemaResponse,
-) {
-	response.IdentitySchema = identityschema.Schema{
-		Attributes: map[string]identityschema.Attribute{
-			"project_id": identityschema.StringAttribute{
-				RequiredForImport: true,
-			},
-			"region": identityschema.StringAttribute{
-				RequiredForImport: true,
-			},
-			"instance_id": identityschema.StringAttribute{
-				RequiredForImport: true,
-			},
-			"user_id": identityschema.Int64Attribute{
-				RequiredForImport: true,
-			},
-		},
-	}
-}
-
 // clientArg holds the arguments for API calls.
 type clientArg struct {
 	projectID  string
@ -622,112 +565,41 @@ func (r *userResource) ImportState(
 ) {
 	ctx = core.InitProviderContext(ctx)

-	if req.ID != "" {
-		idParts := strings.Split(req.ID, core.Separator)
-
-		if len(idParts) != 4 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" || idParts[3] == "" {
-			core.LogAndAddError(
-				ctx, &resp.Diagnostics,
-				"Error importing user",
-				fmt.Sprintf(
-					"Expected import identifier with format [project_id],[region],[instance_id],[user_id], got %q",
-					req.ID,
-				),
-			)
-			return
-		}
-
-		userID, err := strconv.ParseInt(idParts[3], 10, 64)
-		if err != nil {
-			core.LogAndAddError(
-				ctx,
-				&resp.Diagnostics,
-				"Error importing user",
-				fmt.Sprintf("Invalid user_id format: %q. It must be a valid integer.", idParts[3]),
-			)
-			return
-		}
-
-		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
-		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), idParts[1])...)
-		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), idParts[2])...)
-		resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), userID)...)
-
-		tflog.Info(ctx, "Postgres Flex user state imported")
+	idParts := strings.Split(req.ID, core.Separator)

+	if len(idParts) != 4 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" || idParts[3] == "" {
+		core.LogAndAddError(
+			ctx, &resp.Diagnostics,
+			"Error importing user",
+			fmt.Sprintf(
+				"Expected import identifier with format [project_id],[region],[instance_id],[user_id], got %q",
+				req.ID,
+			),
+		)
 		return
 	}

-	// If no ID is provided, attempt to read identity attributes from the import configuration
-	var identityData UserResourceIdentityModel
-	resp.Diagnostics.Append(req.Identity.Get(ctx, &identityData)...)
-	if resp.Diagnostics.HasError() {
+	userID, err := strconv.ParseInt(idParts[3], 10, 64)
+	if err != nil {
+		core.LogAndAddError(
+			ctx,
+			&resp.Diagnostics,
+			"Error importing user",
+			fmt.Sprintf("Invalid user_id format: %q. It must be a valid integer.", idParts[3]),
+		)
 		return
 	}

-	projectID := identityData.ProjectID.ValueString()
-	region := identityData.Region.ValueString()
-	instanceID := identityData.InstanceID.ValueString()
-	userID := identityData.UserID.ValueInt64()
-
-	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), projectID)...)
-	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), region)...)
-	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), instanceID)...)
+	idString := utils.BuildInternalTerraformId(idParts...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("id"), idString)...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), idParts[1])...)
+	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), idParts[2])...)
 	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), userID)...)

 	tflog.Info(ctx, "Postgres Flex user state imported")
 }

-// extractIdentityData extracts essential identifiers from the resource model, falling back to the identity model.
-func (r *userResource) extractIdentityData(
-	model resourceModel,
-	identity UserResourceIdentityModel,
-) (*clientArg, error) {
-	var projectID, region, instanceID string
-	var userID int64
-	if !model.UserId.IsNull() && !model.UserId.IsUnknown() {
-		userID = model.UserId.ValueInt64()
-	} else {
-		if identity.UserID.IsNull() || identity.UserID.IsUnknown() {
-			return nil, fmt.Errorf("user_id not found in config")
-		}
-		userID = identity.UserID.ValueInt64()
-	}
-
-	if !model.ProjectId.IsNull() && !model.ProjectId.IsUnknown() {
-		projectID = model.ProjectId.ValueString()
-	} else {
-		if identity.ProjectID.IsNull() || identity.ProjectID.IsUnknown() {
-			return nil, fmt.Errorf("project_id not found in config")
-		}
-		projectID = identity.ProjectID.ValueString()
-	}
-
-	if !model.Region.IsNull() && !model.Region.IsUnknown() {
-		region = r.providerData.GetRegionWithOverride(model.Region)
-	} else {
-		if identity.Region.IsNull() || identity.Region.IsUnknown() {
-			return nil, fmt.Errorf("region not found in config")
-		}
-		region = r.providerData.GetRegionWithOverride(identity.Region)
-	}
-
-	if !model.InstanceId.IsNull() && !model.InstanceId.IsUnknown() {
-		instanceID = model.InstanceId.ValueString()
-	} else {
-		if identity.InstanceID.IsNull() || identity.InstanceID.IsUnknown() {
-			return nil, fmt.Errorf("instance_id not found in config")
-		}
-		instanceID = identity.InstanceID.ValueString()
-	}
-	return &clientArg{
-		projectID:  projectID,
-		instanceID: instanceID,
-		region:     region,
-		userID:     userID,
-	}, nil
-}
-
 // setTFLogFields adds relevant fields to the context for terraform logging purposes.
 func (r *userResource) setTFLogFields(ctx context.Context, arg *clientArg) context.Context {
 	ctx = tflog.SetField(ctx, "project_id", arg.projectID)
--- a/stackit/internal/services/postgresflexalpha/user/resources_gen/user_resource_gen.go
+++ b/stackit/internal/services/postgresflexalpha/user/resources_gen/user_resource_gen.go
@ -14,7 +14,7 @@ import (
 func UserResourceSchema(ctx context.Context) schema.Schema {
 	return schema.Schema{
 		Attributes: map[string]schema.Attribute{
-			"id": schema.Int64Attribute{
+			"id": schema.StringAttribute{
 				Computed:            true,
 				Description:         "The ID of the user.",
 				MarkdownDescription: "The ID of the user.",
@ -75,7 +75,7 @@ func UserResourceSchema(ctx context.Context) schema.Schema {
 }

 type UserModel struct {
-	Id         types.Int64  `tfsdk:"id"`
+	Id         types.String `tfsdk:"id"`
 	InstanceId types.String `tfsdk:"instance_id"`
 	Name       types.String `tfsdk:"name"`
 	Password   types.String `tfsdk:"password"`