-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
r/aws_iam_user_login_profile - Make the PGP key in optional #12384
Conversation
Acceptance tests: $ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSUserLoginProfile_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAWSUserLoginProfile_ -timeout 120m
=== RUN TestAccAWSUserLoginProfile_basic
=== PAUSE TestAccAWSUserLoginProfile_basic
=== RUN TestAccAWSUserLoginProfile_no_pgp
=== PAUSE TestAccAWSUserLoginProfile_no_pgp
=== RUN TestAccAWSUserLoginProfile_keybase
=== PAUSE TestAccAWSUserLoginProfile_keybase
=== RUN TestAccAWSUserLoginProfile_keybaseDoesntExist
=== PAUSE TestAccAWSUserLoginProfile_keybaseDoesntExist
=== RUN TestAccAWSUserLoginProfile_notAKey
=== PAUSE TestAccAWSUserLoginProfile_notAKey
=== RUN TestAccAWSUserLoginProfile_PasswordLength
=== PAUSE TestAccAWSUserLoginProfile_PasswordLength
=== CONT TestAccAWSUserLoginProfile_basic
=== CONT TestAccAWSUserLoginProfile_notAKey
=== CONT TestAccAWSUserLoginProfile_keybaseDoesntExist
=== CONT TestAccAWSUserLoginProfile_keybase
=== CONT TestAccAWSUserLoginProfile_no_pgp
=== CONT TestAccAWSUserLoginProfile_PasswordLength
--- FAIL: TestAccAWSUserLoginProfile_basic (16.23s)
testing.go:654: Step 0 error: Check failed: Check 2/7 error: No password in state
--- FAIL: TestAccAWSUserLoginProfile_keybase (16.40s)
testing.go:654: Step 0 error: errors during apply:
Error: Error retrieving Public Key for keybase:terraformacctest
: parse https://keybase.io/_/api/1.0/user/lookup.json?usernames=terraformacctest
&fields=public_keys: net/url: invalid control character in URL
on /tmp/tf-test249940899/main.tf line 36:
(source code not available)
--- PASS: TestAccAWSUserLoginProfile_keybaseDoesntExist (18.28s)
--- PASS: TestAccAWSUserLoginProfile_notAKey (18.57s)
--- FAIL: TestAccAWSUserLoginProfile_no_pgp (27.20s)
testing.go:654: Step 1 error: ImportStateVerify attributes not equivalent. Difference is shown below. Top is actual, bottom is expected.
(map[string]string) (len=2) {
(string) (len=18) "encrypted_password": (string) "",
(string) (len=15) "key_fingerprint": (string) ""
}
(map[string]string) {
}
--- PASS: TestAccAWSUserLoginProfile_PasswordLength (27.41s)
FAIL
FAIL github.com/terraform-providers/terraform-provider-aws/aws 27.455s
FAIL
GNUmakefile:26: recipe for target 'testacc' failed
make: *** [testacc] Error 1 Not sure why I think it's due to an extra |
@DrFaust92 I appreciate this is still at a draft stage but it looks like it needs a bit more work to actually implement it usefully (eg still return an unencrypted password when Are you still interested in finishing this off? I'd be tempted to do the small amount of work on top of yours to get this over the line if you're unable to commit anything more towards it as it might be useful for us. |
@tomelliff thanks for bringing this up, ill give it a go again (at least ill rebase and push). if i don't get this in the next few days feel free to take over |
Fixed all test issues:
|
|
||
if v, ok := d.GetOk("pgp_key"); ok { | ||
pgpKey := v.(string) | ||
pgpKey = strings.TrimSuffix(pgpKey, "\n") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe not the best way to handle this and a dedicated test config would be better
This seems to have stalled. According to https://www.terraform.io/docs/extend/best-practices/sensitive-state.html#don-39-t-encrypt-state it is necessary to deprecate PGP encrypted state. Can we keep this moving? |
Pull request #21306 has significantly refactored the AWS Provider codebase. As a result, most PRs opened prior to the refactor now have merge conflicts that must be resolved before proceeding. Specifically, PR #21306 relocated the code for all AWS resources and data sources from a single We recognize that many pull requests have been open for some time without yet being addressed by our maintainers. Therefore, we want to make it clear that resolving these conflicts in no way affects the prioritization of a particular pull request. Once a pull request has been prioritized for review, the necessary changes will be made by a maintainer -- either directly or in collaboration with the pull request author. For a more complete description of this refactor, including examples of how old filepaths and function names correspond to their new counterparts: please refer to issue #20000. For a quick guide on how to amend your pull request to resolve the merge conflicts resulting from this refactor and bring it in line with our new code patterns: please refer to our Service Package Refactor Pull Request Guide. |
Rebased
keybase test fails and im unsure how to tackle it
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTS=TestAccIAMUserLoginProfile_ PKG=iam
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/iam/... -v -count 1 -parallel 20 -run='TestAccIAMUserLoginProfile_' -timeout 180m
=== RUN TestAccIAMUserLoginProfile_basic
=== PAUSE TestAccIAMUserLoginProfile_basic
=== RUN TestAccIAMUserLoginProfile_keybase
=== PAUSE TestAccIAMUserLoginProfile_keybase
=== RUN TestAccIAMUserLoginProfile_keybaseDoesntExist
=== PAUSE TestAccIAMUserLoginProfile_keybaseDoesntExist
=== RUN TestAccIAMUserLoginProfile_notAKey
=== PAUSE TestAccIAMUserLoginProfile_notAKey
=== RUN TestAccIAMUserLoginProfile_passwordLength
=== PAUSE TestAccIAMUserLoginProfile_passwordLength
=== RUN TestAccIAMUserLoginProfile_nogpg
=== PAUSE TestAccIAMUserLoginProfile_nogpg
=== RUN TestAccIAMUserLoginProfile_disappears
=== PAUSE TestAccIAMUserLoginProfile_disappears
=== CONT TestAccIAMUserLoginProfile_basic
=== CONT TestAccIAMUserLoginProfile_passwordLength
=== CONT TestAccIAMUserLoginProfile_notAKey
=== CONT TestAccIAMUserLoginProfile_keybaseDoesntExist
=== CONT TestAccIAMUserLoginProfile_nogpg
=== CONT TestAccIAMUserLoginProfile_disappears
=== CONT TestAccIAMUserLoginProfile_keybase
user_login_profile_test.go:110: Step 1/2 error: Error running apply: exit status 1
Error: error retrieving GPG Key during IAM User Login Profile (tf-acc-test-1042917404291852556) creation: Error retrieving Public Key for keybase:terraformacctest
: parse "https://keybase.io/_/api/1.0/user/lookup.json?usernames=terraformacctest\n&fields=public_keys": net/url: invalid control character in URL
with aws_iam_user_login_profile.test,
on terraform_plugin_test.tf line 35, in resource "aws_iam_user_login_profile" "test":
35: resource "aws_iam_user_login_profile" "test" {
--- PASS: TestAccIAMUserLoginProfile_nogpg (26.92s)
--- PASS: TestAccIAMUserLoginProfile_passwordLength (28.38s)
--- PASS: TestAccIAMUserLoginProfile_notAKey (33.37s)
--- PASS: TestAccIAMUserLoginProfile_keybaseDoesntExist (33.42s)
--- FAIL: TestAccIAMUserLoginProfile_keybase (33.58s)
--- PASS: TestAccIAMUserLoginProfile_disappears (39.09s)
--- PASS: TestAccIAMUserLoginProfile_basic (41.84s)
FAIL
FAIL github.com/hashicorp/terraform-provider-aws/internal/service/iam 45.927s
FAIL
make: *** [testacc] Error 1
Failure is unrelated to this change.
@DrFaust92 Thanks for the contribution 🎉 👏. |
This functionality has been released in v4.1.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Closes #4564
Release note for CHANGELOG:
Output from acceptance testing:
Cant test this unfortunately as i don't have delete user permissions in my account :(