Argus/Postgresflex Credentials import documentation and fix (#22)

* Add documentation * Remove password from datasource * Fix bug§ * add warning * Create logAndWarning function
2023-09-25 10:47:28 +01:00 · 2023-09-25 10:47:28 +01:00 · d3cdbf0e2a
commit d3cdbf0e2a
parent 9b5ca058ef
4 changed files with 87 additions and 8 deletions
--- a/stackit/core/core.go
+++ b/stackit/core/core.go
@ -54,3 +54,9 @@ func LogAndAddError(ctx context.Context, diags *diag.Diagnostics, summary, detai
 	tflog.Error(ctx, summary)
 	diags.AddError(summary, detail)
 }
+
+// LogAndAddWarning Logs the warning and adds it to the diags
+func LogAndAddWarning(ctx context.Context, diags *diag.Diagnostics, summary, detail string) {
+	tflog.Warn(ctx, summary)
+	diags.AddWarning(summary, detail)
+}
--- a/stackit/services/postgresflex/user/datasource.go
+++ b/stackit/services/postgresflex/user/datasource.go
@ -3,10 +3,13 @@ package postgresflex
 import (
 	"context"
 	"fmt"
+	"strings"

+	"github.com/hashicorp/terraform-plugin-framework/attr"
 	"github.com/hashicorp/terraform-plugin-framework/datasource"
 	"github.com/hashicorp/terraform-plugin-framework/schema/validator"
 	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/stackitcloud/terraform-provider-stackit/stackit/conversion"
 	"github.com/stackitcloud/terraform-provider-stackit/stackit/core"
 	"github.com/stackitcloud/terraform-provider-stackit/stackit/validate"

@ -21,6 +24,17 @@ var (
 	_ datasource.DataSource = &userDataSource{}
 )

+type DataSourceModel struct {
+	Id         types.String `tfsdk:"id"` // needed by TF
+	UserId     types.String `tfsdk:"user_id"`
+	InstanceId types.String `tfsdk:"instance_id"`
+	ProjectId  types.String `tfsdk:"project_id"`
+	Username   types.String `tfsdk:"username"`
+	Roles      types.Set    `tfsdk:"roles"`
+	Host       types.String `tfsdk:"host"`
+	Port       types.Int64  `tfsdk:"port"`
+}
+
 // NewUserDataSource is a helper function to simplify the provider implementation.
 func NewUserDataSource() datasource.DataSource {
 	return &userDataSource{}
@ -119,10 +133,6 @@ func (r *userDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, r
 				ElementType: types.StringType,
 				Computed:    true,
 			},
-			"password": schema.StringAttribute{
-				Computed:  true,
-				Sensitive: true,
-			},
 			"host": schema.StringAttribute{
 				Computed: true,
 			},
@ -135,7 +145,7 @@ func (r *userDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, r

 // Read refreshes the Terraform state with the latest data.
 func (r *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { // nolint:gocritic // function signature required by Terraform
-	var model Model
+	var model DataSourceModel
 	diags := req.Config.Get(ctx, &model)
 	resp.Diagnostics.Append(diags...)
 	if resp.Diagnostics.HasError() {
@ -154,8 +164,8 @@ func (r *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, r
 		return
 	}

-	// Map response body to schema
-	err = mapFields(recordSetResp, &model)
+	// Map response body to schema and populate Computed attribute values
+	err = mapDataSourceFields(recordSetResp, &model)
 	if err != nil {
 		core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading user", fmt.Sprintf("Processing API payload: %v", err))
 		return
@ -169,3 +179,49 @@ func (r *userDataSource) Read(ctx context.Context, req datasource.ReadRequest, r
 	}
 	tflog.Info(ctx, "PostgresFlex user read")
 }
+
+func mapDataSourceFields(userResp *postgresflex.UserResponse, model *DataSourceModel) error {
+	if userResp == nil || userResp.Item == nil {
+		return fmt.Errorf("response is nil")
+	}
+	if model == nil {
+		return fmt.Errorf("model input is nil")
+	}
+	user := userResp.Item
+
+	var userId string
+	if model.UserId.ValueString() != "" {
+		userId = model.UserId.ValueString()
+	} else if user.Id != nil {
+		userId = *user.Id
+	} else {
+		return fmt.Errorf("user id not present")
+	}
+	idParts := []string{
+		model.ProjectId.ValueString(),
+		model.InstanceId.ValueString(),
+		userId,
+	}
+	model.Id = types.StringValue(
+		strings.Join(idParts, core.Separator),
+	)
+	model.UserId = types.StringValue(userId)
+	model.Username = types.StringPointerValue(user.Username)
+
+	if user.Roles == nil {
+		model.Roles = types.SetNull(types.StringType)
+	} else {
+		roles := []attr.Value{}
+		for _, role := range *user.Roles {
+			roles = append(roles, types.StringValue(role))
+		}
+		rolesSet, diags := types.SetValue(types.StringType, roles)
+		if diags.HasError() {
+			return fmt.Errorf("failed to map roles: %w", core.DiagsToError(diags))
+		}
+		model.Roles = rolesSet
+	}
+	model.Host = types.StringPointerValue(user.Host)
+	model.Port = conversion.ToTypeInt64(user.Port)
+	return nil
+}
--- a/stackit/services/postgresflex/user/resource.go
+++ b/stackit/services/postgresflex/user/resource.go
@ -326,6 +326,10 @@ func (r *userResource) ImportState(ctx context.Context, req resource.ImportState
 	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
 	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), idParts[1])...)
 	resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), idParts[2])...)
+	core.LogAndAddWarning(ctx, &resp.Diagnostics,
+		"Postgresflex user imported with empty password",
+		"The user password is not imported as it is only available upon creation of a new user. The password field will be empty.",
+	)
 	tflog.Info(ctx, "Postgresflex user state imported")
 }