Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_container_registry_token_password - Handle gone container registry token and mark this password as gone #27232

Merged
merged 7 commits into from
Nov 15, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

"github.com/Azure/go-autorest/autorest/date"
"github.com/hashicorp/go-azure-helpers/lang/pointer"
"github.com/hashicorp/go-azure-helpers/lang/response"
containterregistry_v2021_08_01_preview "github.com/hashicorp/go-azure-sdk/resource-manager/containerregistry/2023-06-01-preview"
"github.com/hashicorp/go-azure-sdk/resource-manager/containerregistry/2023-06-01-preview/registries"
"github.com/hashicorp/go-azure-sdk/resource-manager/containerregistry/2023-06-01-preview/tokens"
Expand Down Expand Up @@ -132,7 +133,7 @@ func (r ContainerRegistryTokenPasswordResource) Create() sdk.ResourceFunc {

id := parse.NewContainerRegistryTokenPasswordID(tokenId.SubscriptionId, tokenId.ResourceGroupName, tokenId.RegistryName, tokenId.TokenName, "password")

pwds, err := r.readPassword(ctx, client, *tokenId)
pwds, _, err := r.readPassword(ctx, client, *tokenId)
if err != nil {
return err
}
Expand Down Expand Up @@ -181,7 +182,10 @@ func (r ContainerRegistryTokenPasswordResource) Read() sdk.ResourceFunc {

tokenId := tokens.NewTokenID(id.SubscriptionId, id.ResourceGroup, id.RegistryName, id.TokenName)

pwds, err := r.readPassword(ctx, client, tokenId)
pwds, notFound, err := r.readPassword(ctx, client, tokenId)
if notFound || (pwds != nil && len(pwds) == 0) {
return metadata.MarkAsGone(id)
}
if err != nil {
return err
}
Expand Down Expand Up @@ -369,35 +373,35 @@ func (r ContainerRegistryTokenPasswordResource) flattenContainerRegistryTokenPas
return
}

func (r ContainerRegistryTokenPasswordResource) readPassword(ctx context.Context, client *containterregistry_v2021_08_01_preview.Client, id tokens.TokenId) ([]tokens.TokenPassword, error) {
func (r ContainerRegistryTokenPasswordResource) readPassword(ctx context.Context, client *containterregistry_v2021_08_01_preview.Client, id tokens.TokenId) ([]tokens.TokenPassword, bool, error) {
existing, err := client.Tokens.Get(ctx, id)
if err != nil {
return nil, fmt.Errorf("retrieving %s: %+v", id, err)
return nil, response.WasNotFound(existing.HttpResponse), fmt.Errorf("retrieving %s: %+v", id, err)
}
if existing.Model == nil {
return nil, fmt.Errorf("checking for presence of existing %s: model is nil", id)
return nil, false, fmt.Errorf("checking for presence of existing %s: model is nil", id)
}

if existing.Model.Properties == nil {
return nil, fmt.Errorf("checking for presence of existing %s: properties is nil", id)
return nil, false, fmt.Errorf("checking for presence of existing %s: properties is nil", id)
}

if existing.Model.Properties.Credentials == nil {
return nil, fmt.Errorf("checking for presence of existing %s: credentials is nil", id)
return nil, false, fmt.Errorf("checking for presence of existing %s: credentials is nil", id)
}

passwords := existing.Model.Properties.Credentials.Passwords
if passwords == nil {
return nil, fmt.Errorf("checking for presence of existing %s: passwords is nil", id)
return nil, false, fmt.Errorf("checking for presence of existing %s: passwords is nil", id)
}

return *passwords, nil
return *passwords, false, nil
}

func (r ContainerRegistryTokenPasswordResource) generatePassword(ctx context.Context, clients client.Client, id tokens.TokenId, passwords []tokens.TokenPassword) ([]tokens.TokenPassword, error) {
var genPasswords []tokens.TokenPassword

existingPasswords, err := r.readPassword(ctx, clients.ContainerRegistryClient_v2023_06_01_preview, id)
existingPasswords, _, err := r.readPassword(ctx, clients.ContainerRegistryClient_v2023_06_01_preview, id)
if err != nil {
return nil, fmt.Errorf("reading existing passwords: %+v", err)
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,28 @@ func TestAccContainerRegistryTokenPassword_updateExpiryReflectNewValue(t *testin
})
}

func TestAccContainerRegistryTokenPassword_replace(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_container_registry_token_password", "test")
r := ContainerRegistryTokenPasswordResource{Expiry: time.Now().Add(time.Hour)}

data.ResourceTest(t, r, []acceptance.TestStep{
{
Config: r.basicWithACRName("acctest1", data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep("password1.0.value"),
{
Config: r.basicWithACRName("acctest2", data),
Check: acceptance.ComposeTestCheckFunc(
check.That(data.ResourceName).ExistsInAzure(r),
),
},
data.ImportStep("password1.0.value"),
})
}

func TestAccContainerRegistryTokenPassword_requiresImport(t *testing.T) {
data := acceptance.BuildTestData(t, "azurerm_container_registry_token_password", "test")
r := ContainerRegistryTokenPasswordResource{Expiry: time.Now().Add(time.Hour)}
Expand Down Expand Up @@ -249,3 +271,50 @@ resource "azurerm_container_registry_token" "test" {
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger)
}

func (r ContainerRegistryTokenPasswordResource) basicWithACRName(name string, data acceptance.TestData) string {
template := r.templateWithACRName(name, data)
return fmt.Sprintf(`
%s
resource "azurerm_container_registry_token_password" "test" {
container_registry_token_id = azurerm_container_registry_token.test.id
password1 {}
}
`, template)
}

func (r ContainerRegistryTokenPasswordResource) templateWithACRName(name string, data acceptance.TestData) string {
return fmt.Sprintf(`
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "test" {
name = "acctestRG-acr-%d"
location = "%s"
}
resource "azurerm_container_registry" "test" {
name = "%s%d"
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
sku = "Premium"
admin_enabled = true
}
# use system wide scope map for tests
data "azurerm_container_registry_scope_map" "pull_repos" {
name = "_repositories_pull"
container_registry_name = azurerm_container_registry.test.name
resource_group_name = azurerm_container_registry.test.resource_group_name
}
resource "azurerm_container_registry_token" "test" {
name = "testtoken-%d"
resource_group_name = azurerm_resource_group.test.name
container_registry_name = azurerm_container_registry.test.name
scope_map_id = data.azurerm_container_registry_scope_map.pull_repos.id
}
`, data.RandomInteger, data.Locations.Primary, name, data.RandomInteger, data.RandomInteger)
}
Loading