diff --git a/docs/index.md b/docs/index.md index 46b23106..2efe297b 100644 --- a/docs/index.md +++ b/docs/index.md @@ -174,7 +174,7 @@ Note: AWS specific checks must be skipped as they do not work on STACKIT. For de - `secretsmanager_custom_endpoint` (String) Custom endpoint for the Secrets Manager service - `server_backup_custom_endpoint` (String) Custom endpoint for the Server Backup service - `server_update_custom_endpoint` (String) Custom endpoint for the Server Update service -- `service_account_email` (String) Service account email. It can also be set using the environment variable STACKIT_SERVICE_ACCOUNT_EMAIL. It is required if you want to use the resource manager project resource. +- `service_account_email` (String, Deprecated) Service account email. It can also be set using the environment variable STACKIT_SERVICE_ACCOUNT_EMAIL. It is required if you want to use the resource manager project resource. - `service_account_key` (String) Service account key used for authentication. If set, the key flow will be used to authenticate all operations. - `service_account_key_path` (String) Path for the service account key used for authentication. If set, the key flow will be used to authenticate all operations. - `service_account_token` (String) Token used for authentication. If set, the token flow will be used to authenticate all operations. diff --git a/stackit/internal/core/core.go b/stackit/internal/core/core.go index b0e9ec2a..e589f5fc 100644 --- a/stackit/internal/core/core.go +++ b/stackit/internal/core/core.go @@ -15,7 +15,7 @@ const Separator = "," type ProviderData struct { RoundTripper http.RoundTripper - ServiceAccountEmail string + ServiceAccountEmail string // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025. Region string ArgusCustomEndpoint string AuthorizationCustomEndpoint string diff --git a/stackit/internal/services/resourcemanager/project/datasource.go b/stackit/internal/services/resourcemanager/project/datasource.go index f6439ab3..8a1bd0a5 100644 --- a/stackit/internal/services/resourcemanager/project/datasource.go +++ b/stackit/internal/services/resourcemanager/project/datasource.go @@ -62,13 +62,11 @@ func (d *projectDataSource) Configure(ctx context.Context, req datasource.Config if providerData.ResourceManagerCustomEndpoint != "" { rmClient, err = resourcemanager.NewAPIClient( config.WithCustomAuth(providerData.RoundTripper), - config.WithServiceAccountEmail(providerData.ServiceAccountEmail), config.WithEndpoint(providerData.ResourceManagerCustomEndpoint), ) } else { rmClient, err = resourcemanager.NewAPIClient( config.WithCustomAuth(providerData.RoundTripper), - config.WithServiceAccountEmail(providerData.ServiceAccountEmail), ) } if err != nil { diff --git a/stackit/internal/services/resourcemanager/project/resource.go b/stackit/internal/services/resourcemanager/project/resource.go index 49912161..b3a81f48 100644 --- a/stackit/internal/services/resourcemanager/project/resource.go +++ b/stackit/internal/services/resourcemanager/project/resource.go @@ -107,13 +107,11 @@ func (r *projectResource) Configure(ctx context.Context, req resource.ConfigureR ctx = tflog.SetField(ctx, "resourcemanager_custom_endpoint", providerData.ResourceManagerCustomEndpoint) rmClient, err = resourcemanager.NewAPIClient( config.WithCustomAuth(providerData.RoundTripper), - config.WithServiceAccountEmail(providerData.ServiceAccountEmail), config.WithEndpoint(providerData.ResourceManagerCustomEndpoint), ) } else { rmClient, err = resourcemanager.NewAPIClient( config.WithCustomAuth(providerData.RoundTripper), - config.WithServiceAccountEmail(providerData.ServiceAccountEmail), ) } @@ -278,12 +276,6 @@ func (r *projectResource) Create(ctx context.Context, req resource.CreateRequest containerId := model.ContainerId.ValueString() ctx = tflog.SetField(ctx, "project_container_id", containerId) - serviceAccountEmail := r.resourceManagerClient.GetConfig().ServiceAccountEmail - if serviceAccountEmail == "" { - core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating project", "The service account e-mail cannot be empty: set it in the provider configuration or through the STACKIT_SERVICE_ACCOUNT_EMAIL or in your credentials file (default filepath is ~/.stackit/credentials.json)") - return - } - // Generate API request body from model payload, err := toCreatePayload(ctx, &model) if err != nil { diff --git a/stackit/provider.go b/stackit/provider.go index 914080c1..4b26cf31 100644 --- a/stackit/provider.go +++ b/stackit/provider.go @@ -95,7 +95,7 @@ func (p *Provider) Metadata(_ context.Context, _ provider.MetadataRequest, resp type providerModel struct { CredentialsFilePath types.String `tfsdk:"credentials_path"` - ServiceAccountEmail types.String `tfsdk:"service_account_email"` + ServiceAccountEmail types.String `tfsdk:"service_account_email"` // Deprecated: ServiceAccountEmail is not required and will be removed after 12th June 2025 ServiceAccountKey types.String `tfsdk:"service_account_key"` ServiceAccountKeyPath types.String `tfsdk:"service_account_key_path"` PrivateKey types.String `tfsdk:"private_key"` @@ -170,8 +170,9 @@ func (p *Provider) Schema(_ context.Context, _ provider.SchemaRequest, resp *pro Description: descriptions["credentials_path"], }, "service_account_email": schema.StringAttribute{ - Optional: true, - Description: descriptions["service_account_email"], + Optional: true, + Description: descriptions["service_account_email"], + DeprecationMessage: "The `service_account_email` field has been deprecated because it is not required. Will be removed after June 12th 2025.", }, "service_account_token": schema.StringAttribute{ Optional: true, @@ -310,10 +311,6 @@ func (p *Provider) Configure(ctx context.Context, req provider.ConfigureRequest, if !(providerConfig.CredentialsFilePath.IsUnknown() || providerConfig.CredentialsFilePath.IsNull()) { sdkConfig.CredentialsFilePath = providerConfig.CredentialsFilePath.ValueString() } - if !(providerConfig.ServiceAccountEmail.IsUnknown() || providerConfig.ServiceAccountEmail.IsNull()) { - providerData.ServiceAccountEmail = providerConfig.ServiceAccountEmail.ValueString() - sdkConfig.ServiceAccountEmail = providerConfig.ServiceAccountEmail.ValueString() - } if !(providerConfig.ServiceAccountKey.IsUnknown() || providerConfig.ServiceAccountKey.IsNull()) { sdkConfig.ServiceAccountKey = providerConfig.ServiceAccountKey.ValueString() }