Marcel S. Henselin
43223f5d1f
fix: include recent api changes Reviewed-on: #65 Co-authored-by: Marcel S. Henselin <marcel.henselin@stackit.cloud> Co-committed-by: Marcel S. Henselin <marcel.henselin@stackit.cloud>
554 lines
17 KiB
Go
554 lines
17 KiB
Go
package sqlserverflexbeta
|
|
|
|
import (
|
|
"context"
|
|
_ "embed"
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"slices"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/hashicorp/terraform-plugin-framework/path"
|
|
"github.com/hashicorp/terraform-plugin-framework/resource"
|
|
"github.com/hashicorp/terraform-plugin-framework/resource/identityschema"
|
|
"github.com/hashicorp/terraform-plugin-framework/types"
|
|
"github.com/hashicorp/terraform-plugin-log/tflog"
|
|
"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
|
|
|
|
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/pkg_gen/sqlserverflexbeta"
|
|
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/conversion"
|
|
sqlserverflexbetagen "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/sqlserverflexbeta/user/resources_gen"
|
|
sqlserverflexbetaUtils "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/sqlserverflexbeta/utils"
|
|
sqlserverflexbetaWait "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/wait/sqlserverflexbeta"
|
|
|
|
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
|
|
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/utils"
|
|
|
|
sqlserverflexbetaResGen "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/sqlserverflexbeta/user/resources_gen"
|
|
)
|
|
|
|
var (
|
|
_ resource.Resource = &userResource{}
|
|
_ resource.ResourceWithConfigure = &userResource{}
|
|
_ resource.ResourceWithImportState = &userResource{}
|
|
_ resource.ResourceWithModifyPlan = &userResource{}
|
|
_ resource.ResourceWithIdentity = &userResource{}
|
|
_ resource.ResourceWithValidateConfig = &userResource{}
|
|
)
|
|
|
|
func NewUserResource() resource.Resource {
|
|
return &userResource{}
|
|
}
|
|
|
|
// resourceModel describes the resource data model.
|
|
type resourceModel = sqlserverflexbetaResGen.UserModel
|
|
|
|
// UserResourceIdentityModel describes the resource's identity attributes.
|
|
type UserResourceIdentityModel struct {
|
|
ProjectID types.String `tfsdk:"project_id"`
|
|
Region types.String `tfsdk:"region"`
|
|
InstanceID types.String `tfsdk:"instance_id"`
|
|
UserID types.Int64 `tfsdk:"user_id"`
|
|
}
|
|
|
|
type userResource struct {
|
|
client *sqlserverflexbeta.APIClient
|
|
providerData core.ProviderData
|
|
}
|
|
|
|
func (r *userResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
|
|
resp.TypeName = req.ProviderTypeName + "_sqlserverflexbeta_user"
|
|
}
|
|
|
|
// Configure adds the provider configured client to the resource.
|
|
func (r *userResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) {
|
|
var ok bool
|
|
r.providerData, ok = conversion.ParseProviderData(ctx, req.ProviderData, &resp.Diagnostics)
|
|
if !ok {
|
|
return
|
|
}
|
|
|
|
apiClient := sqlserverflexbetaUtils.ConfigureClient(ctx, &r.providerData, &resp.Diagnostics)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
r.client = apiClient
|
|
tflog.Info(ctx, "SQLServer Beta Flex user client configured")
|
|
}
|
|
|
|
// ModifyPlan implements resource.ResourceWithModifyPlan.
|
|
// Use the modifier to set the effective region in the current plan.
|
|
func (r *userResource) ModifyPlan(
|
|
ctx context.Context,
|
|
req resource.ModifyPlanRequest,
|
|
resp *resource.ModifyPlanResponse,
|
|
) { // nolint:gocritic // function signature required by Terraform
|
|
var configModel resourceModel
|
|
// skip initial empty configuration to avoid follow-up errors
|
|
if req.Config.Raw.IsNull() {
|
|
return
|
|
}
|
|
resp.Diagnostics.Append(req.Config.Get(ctx, &configModel)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
var planModel resourceModel
|
|
resp.Diagnostics.Append(req.Plan.Get(ctx, &planModel)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
utils.AdaptRegion(ctx, configModel.Region, &planModel.Region, r.providerData.GetRegion(), resp)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
resp.Diagnostics.Append(resp.Plan.Set(ctx, planModel)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
}
|
|
|
|
//go:embed planModifiers.yaml
|
|
var modifiersFileByte []byte
|
|
|
|
// Schema defines the schema for the resource.
|
|
func (r *userResource) Schema(ctx context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) {
|
|
s := sqlserverflexbetagen.UserResourceSchema(ctx)
|
|
|
|
fields, err := utils.ReadModifiersConfig(modifiersFileByte)
|
|
if err != nil {
|
|
resp.Diagnostics.AddError("error during read modifiers config file", err.Error())
|
|
return
|
|
}
|
|
|
|
err = utils.AddPlanModifiersToResourceSchema(fields, &s)
|
|
if err != nil {
|
|
resp.Diagnostics.AddError("error adding plan modifiers", err.Error())
|
|
return
|
|
}
|
|
resp.Schema = s
|
|
}
|
|
|
|
// IdentitySchema defines the schema for the resource's identity attributes.
|
|
func (r *userResource) IdentitySchema(
|
|
_ context.Context,
|
|
_ resource.IdentitySchemaRequest,
|
|
response *resource.IdentitySchemaResponse,
|
|
) {
|
|
response.IdentitySchema = identityschema.Schema{
|
|
Attributes: map[string]identityschema.Attribute{
|
|
"project_id": identityschema.StringAttribute{
|
|
RequiredForImport: true, // must be set during import by the practitioner
|
|
},
|
|
"region": identityschema.StringAttribute{
|
|
RequiredForImport: true, // can be defaulted by the provider configuration
|
|
},
|
|
"instance_id": identityschema.StringAttribute{
|
|
RequiredForImport: true, // can be defaulted by the provider configuration
|
|
},
|
|
"user_id": identityschema.Int64Attribute{
|
|
RequiredForImport: true, // can be defaulted by the provider configuration
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func (r *userResource) ValidateConfig(
|
|
ctx context.Context,
|
|
req resource.ValidateConfigRequest,
|
|
resp *resource.ValidateConfigResponse,
|
|
) {
|
|
var data resourceModel
|
|
|
|
resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
var roles []string
|
|
diags := data.Roles.ElementsAs(ctx, &roles, false)
|
|
resp.Diagnostics.Append(diags...)
|
|
if diags.HasError() {
|
|
return
|
|
}
|
|
|
|
var resRoles []string
|
|
for _, role := range roles {
|
|
if slices.Contains(resRoles, role) {
|
|
resp.Diagnostics.AddAttributeError(
|
|
path.Root("roles"),
|
|
"Attribute Configuration Error",
|
|
"defined roles MUST NOT contain duplicates",
|
|
)
|
|
return
|
|
}
|
|
resRoles = append(resRoles, role)
|
|
}
|
|
}
|
|
|
|
// Create creates the resource and sets the initial Terraform state.
|
|
func (r *userResource) Create(
|
|
ctx context.Context,
|
|
req resource.CreateRequest,
|
|
resp *resource.CreateResponse,
|
|
) { // nolint:gocritic // function signature required by Terraform
|
|
var model resourceModel
|
|
diags := req.Plan.Get(ctx, &model)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
ctx = core.InitProviderContext(ctx)
|
|
|
|
projectId := model.ProjectId.ValueString()
|
|
instanceId := model.InstanceId.ValueString()
|
|
region := model.Region.ValueString()
|
|
|
|
ctx = tflog.SetField(ctx, "project_id", projectId)
|
|
ctx = tflog.SetField(ctx, "instance_id", instanceId)
|
|
ctx = tflog.SetField(ctx, "region", region)
|
|
|
|
var roles []string
|
|
if !model.Roles.IsNull() && !model.Roles.IsUnknown() {
|
|
diags = model.Roles.ElementsAs(ctx, &roles, false)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
slices.Sort(roles)
|
|
}
|
|
|
|
// Generate API request body from model
|
|
payload, err := toCreatePayload(&model, roles)
|
|
if err != nil {
|
|
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", fmt.Sprintf("Creating API payload: %v", err))
|
|
return
|
|
}
|
|
// Create new user
|
|
userResp, err := r.client.CreateUserRequest(
|
|
ctx,
|
|
projectId,
|
|
region,
|
|
instanceId,
|
|
).CreateUserRequestPayload(*payload).Execute()
|
|
if err != nil {
|
|
core.LogAndAddError(ctx, &resp.Diagnostics, "Error creating user", fmt.Sprintf("Calling API: %v", err))
|
|
return
|
|
}
|
|
|
|
ctx = core.LogResponse(ctx)
|
|
|
|
if userResp == nil || userResp.Id == nil || *userResp.Id == 0 {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"Error creating user",
|
|
"API didn't return user Id. A user might have been created",
|
|
)
|
|
return
|
|
}
|
|
|
|
userId := *userResp.Id
|
|
ctx = tflog.SetField(ctx, "user_id", userId)
|
|
|
|
// Set data returned by API in identity
|
|
identity := UserResourceIdentityModel{
|
|
ProjectID: types.StringValue(projectId),
|
|
Region: types.StringValue(region),
|
|
InstanceID: types.StringValue(instanceId),
|
|
UserID: types.Int64Value(userId),
|
|
}
|
|
resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
err = mapFieldsCreate(userResp, &model, region)
|
|
if err != nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"Error creating user",
|
|
fmt.Sprintf("Processing API payload: %v", err),
|
|
)
|
|
return
|
|
}
|
|
|
|
waitResp, err := sqlserverflexbetaWait.CreateUserWaitHandler(
|
|
ctx,
|
|
r.client,
|
|
projectId,
|
|
instanceId,
|
|
region,
|
|
userId,
|
|
).SetSleepBeforeWait(
|
|
90 * time.Second,
|
|
).SetTimeout(
|
|
90 * time.Minute,
|
|
).WaitWithContext(ctx)
|
|
|
|
if err != nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"create user",
|
|
fmt.Sprintf("Instance creation waiting: %v", err),
|
|
)
|
|
return
|
|
}
|
|
|
|
if waitResp.Id == nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"create user",
|
|
"Instance creation waiting: returned id is nil",
|
|
)
|
|
return
|
|
}
|
|
|
|
// Map response body to schema
|
|
err = mapFields(waitResp, &model, region)
|
|
if err != nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"Error creating user",
|
|
fmt.Sprintf("Processing API payload: %v", err),
|
|
)
|
|
return
|
|
}
|
|
// Set state to fully populated data
|
|
diags = resp.State.Set(ctx, model)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
tflog.Info(ctx, "SQLServer Flex user created")
|
|
}
|
|
|
|
// Read refreshes the Terraform state with the latest data.
|
|
func (r *userResource) Read(
|
|
ctx context.Context,
|
|
req resource.ReadRequest,
|
|
resp *resource.ReadResponse,
|
|
) { // nolint:gocritic // function signature required by Terraform
|
|
var model resourceModel
|
|
diags := req.State.Get(ctx, &model)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
ctx = core.InitProviderContext(ctx)
|
|
|
|
projectId := model.ProjectId.ValueString()
|
|
instanceId := model.InstanceId.ValueString()
|
|
userId := model.UserId.ValueInt64()
|
|
region := r.providerData.GetRegionWithOverride(model.Region)
|
|
ctx = tflog.SetField(ctx, "project_id", projectId)
|
|
ctx = tflog.SetField(ctx, "instance_id", instanceId)
|
|
ctx = tflog.SetField(ctx, "user_id", userId)
|
|
ctx = tflog.SetField(ctx, "region", region)
|
|
|
|
recordSetResp, err := r.client.GetUserRequest(ctx, projectId, region, instanceId, userId).Execute()
|
|
if err != nil {
|
|
var oapiErr *oapierror.GenericOpenAPIError
|
|
ok := errors.As(
|
|
err,
|
|
&oapiErr,
|
|
)
|
|
//nolint:errorlint //complaining that error.As should be used to catch wrapped errors, but this error should not be wrapped
|
|
if ok && oapiErr.StatusCode == http.StatusNotFound {
|
|
resp.State.RemoveResource(ctx)
|
|
return
|
|
}
|
|
core.LogAndAddError(ctx, &resp.Diagnostics, "Error reading user", fmt.Sprintf("Calling API: %v", err))
|
|
return
|
|
}
|
|
|
|
ctx = core.LogResponse(ctx)
|
|
|
|
// Map response body to schema
|
|
err = mapFields(recordSetResp, &model, region)
|
|
if err != nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"Error reading user",
|
|
fmt.Sprintf("Processing API payload: %v", err),
|
|
)
|
|
return
|
|
}
|
|
|
|
// Set data returned by API in identity
|
|
identity := UserResourceIdentityModel{
|
|
ProjectID: types.StringValue(projectId),
|
|
Region: types.StringValue(region),
|
|
InstanceID: types.StringValue(instanceId),
|
|
UserID: types.Int64Value(userId),
|
|
}
|
|
resp.Diagnostics.Append(resp.Identity.Set(ctx, identity)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
// Set refreshed state
|
|
diags = resp.State.Set(ctx, model)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
tflog.Info(ctx, "SQLServer Flex user read")
|
|
}
|
|
|
|
// Update updates the resource and sets the updated Terraform state on success.
|
|
func (r *userResource) Update(
|
|
ctx context.Context,
|
|
_ resource.UpdateRequest,
|
|
resp *resource.UpdateResponse,
|
|
) { // nolint:gocritic // function signature required by Terraform
|
|
// Update shouldn't be called
|
|
core.LogAndAddError(ctx, &resp.Diagnostics, "Error updating user", "an SQL server user can not be updated, only created")
|
|
}
|
|
|
|
// Delete deletes the resource and removes the Terraform state on success.
|
|
func (r *userResource) Delete(
|
|
ctx context.Context,
|
|
req resource.DeleteRequest,
|
|
resp *resource.DeleteResponse,
|
|
) { // nolint:gocritic // function signature required by Terraform
|
|
// Retrieve values from plan
|
|
var model resourceModel
|
|
diags := req.State.Get(ctx, &model)
|
|
resp.Diagnostics.Append(diags...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
ctx = core.InitProviderContext(ctx)
|
|
|
|
projectId := model.ProjectId.ValueString()
|
|
instanceId := model.InstanceId.ValueString()
|
|
userId := model.UserId.ValueInt64()
|
|
region := model.Region.ValueString()
|
|
ctx = tflog.SetField(ctx, "project_id", projectId)
|
|
ctx = tflog.SetField(ctx, "instance_id", instanceId)
|
|
ctx = tflog.SetField(ctx, "user_id", userId)
|
|
ctx = tflog.SetField(ctx, "region", region)
|
|
|
|
// Delete existing record set
|
|
// err := r.client.DeleteUserRequest(ctx, projectId, region, instanceId, userId).Execute()
|
|
err := r.client.DeleteUserRequestExecute(ctx, projectId, region, instanceId, userId)
|
|
if err != nil {
|
|
var oapiErr *oapierror.GenericOpenAPIError
|
|
ok := errors.As(err, &oapiErr)
|
|
if !ok {
|
|
// TODO err handling
|
|
return
|
|
}
|
|
|
|
switch oapiErr.StatusCode {
|
|
case http.StatusNotFound:
|
|
resp.State.RemoveResource(ctx)
|
|
return
|
|
// case http.StatusInternalServerError:
|
|
// tflog.Warn(ctx, "[delete user] Wait handler got error 500")
|
|
// return false, nil, nil
|
|
default:
|
|
// TODO err handling
|
|
return
|
|
}
|
|
}
|
|
// Delete existing record set
|
|
_, err = sqlserverflexbetaWait.DeleteUserWaitHandler(ctx, r.client, projectId, region, instanceId, userId).
|
|
WaitWithContext(ctx)
|
|
// err := r.client.DeleteUserRequest(ctx, arg.projectId, arg.region, arg.instanceId, userId).Execute()
|
|
if err != nil {
|
|
core.LogAndAddError(ctx, &resp.Diagnostics, "User Delete Error", fmt.Sprintf("Calling API: %v", err))
|
|
return
|
|
}
|
|
|
|
ctx = core.LogResponse(ctx)
|
|
|
|
resp.State.RemoveResource(ctx)
|
|
|
|
tflog.Info(ctx, "SQLServer Flex user deleted")
|
|
}
|
|
|
|
// ImportState imports a resource into the Terraform state on success.
|
|
// The expected format of the resource import identifier is: project_id,zone_id,record_set_id
|
|
func (r *userResource) ImportState(
|
|
ctx context.Context,
|
|
req resource.ImportStateRequest,
|
|
resp *resource.ImportStateResponse,
|
|
) {
|
|
ctx = core.InitProviderContext(ctx)
|
|
|
|
if req.ID != "" {
|
|
idParts := strings.Split(req.ID, core.Separator)
|
|
|
|
if len(idParts) != 4 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" || idParts[3] == "" {
|
|
core.LogAndAddError(
|
|
ctx, &resp.Diagnostics,
|
|
"Error importing user",
|
|
fmt.Sprintf(
|
|
"Expected import identifier with format [project_id],[region],[instance_id],[user_id], got %q",
|
|
req.ID,
|
|
),
|
|
)
|
|
return
|
|
}
|
|
|
|
userId, err := strconv.ParseInt(idParts[3], 10, 64)
|
|
if err != nil {
|
|
core.LogAndAddError(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"Error importing user",
|
|
fmt.Sprintf("Invalid user_id format: %q. It must be a valid integer.", idParts[3]),
|
|
)
|
|
return
|
|
}
|
|
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), idParts[0])...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), idParts[1])...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), idParts[2])...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), userId)...)
|
|
|
|
tflog.Info(ctx, "SQLServer Flex user state imported")
|
|
|
|
return
|
|
}
|
|
|
|
// If no ID is provided, attempt to read identity attributes from the import configuration
|
|
var identityData UserResourceIdentityModel
|
|
resp.Diagnostics.Append(req.Identity.Get(ctx, &identityData)...)
|
|
if resp.Diagnostics.HasError() {
|
|
return
|
|
}
|
|
|
|
projectId := identityData.ProjectID.ValueString()
|
|
region := identityData.Region.ValueString()
|
|
instanceId := identityData.InstanceID.ValueString()
|
|
userId := identityData.UserID.ValueInt64()
|
|
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("project_id"), projectId)...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("region"), region)...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("instance_id"), instanceId)...)
|
|
resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root("user_id"), userId)...)
|
|
|
|
core.LogAndAddWarning(
|
|
ctx,
|
|
&resp.Diagnostics,
|
|
"SQLServer Flex user imported with empty password",
|
|
"The user password is not imported as it is only available upon creation of a new user. The password field will be empty.",
|
|
)
|
|
tflog.Info(ctx, "SQLServer Flex user state imported")
|
|
}
|