From 459ccf9ea352193bf33716de6d97995001b9a1cb Mon Sep 17 00:00:00 2001 From: Jaired Jawed Date: Tue, 7 Nov 2023 11:51:24 -0800 Subject: [PATCH] Revert "Add support for http observability on vault_cluster resource (#660)" This reverts commit 713bf2324b5ed8d61dc68a260f3b285ac3330d40. --- .changelog/660.txt | 3 - docs/data-sources/vault_cluster.md | 20 -- docs/resources/vault_cluster.md | 20 -- .../data_source_vault_cluster.go | 100 -------- .../providersdkv2/resource_vault_cluster.go | 231 +----------------- .../resource_vault_cluster_config_test.go | 45 ---- 6 files changed, 9 insertions(+), 410 deletions(-) delete mode 100644 .changelog/660.txt diff --git a/.changelog/660.txt b/.changelog/660.txt deleted file mode 100644 index 47b946f9a..000000000 --- a/.changelog/660.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -Add custom http endpoints as an observability provider for streaming audit logs and metrics from HCP Vault clusters. -``` diff --git a/docs/data-sources/vault_cluster.md b/docs/data-sources/vault_cluster.md index b7703dfec..2c9385ba2 100644 --- a/docs/data-sources/vault_cluster.md +++ b/docs/data-sources/vault_cluster.md @@ -81,16 +81,6 @@ Read-Only: - `elasticsearch_user` (String) ElasticSearch user for streaming audit logs - `grafana_endpoint` (String) Grafana endpoint for streaming audit logs - `grafana_user` (String) Grafana user for streaming audit logs -- `http_basic_password` (String) HTTP basic authentication password for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user is also provided -- `http_basic_user` (String) HTTP basic authentication username for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_password is also provided -- `http_bearer_token` (String) HTTP bearer authentication token for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided -- `http_codec` (String) HTTP codec for streaming audit logs, allowed values are JSON and NDJSON -- `http_compression` (Boolean) HTTP compression flag for streaming audit logs -- `http_headers` (Map of String) HTTP headers for streaming audit logs -- `http_method` (String) HTTP payload method for streaming audit logs, allowed values are PATCH, POST, or PUT -- `http_payload_prefix` (String) HTTP payload prefix for streaming audit logs -- `http_payload_suffix` (String) HTTP payload suffix for streaming audit logs -- `http_uri` (String) HTTP URI for streaming audit logs - `newrelic_account_id` (String) NewRelic Account ID for streaming audit logs - `newrelic_license_key` (String) NewRelic license key for streaming audit logs - `newrelic_region` (String) NewRelic region for streaming audit logs, allowed values are "US" and "EU" @@ -123,16 +113,6 @@ Read-Only: - `elasticsearch_user` (String) ElasticSearch user for streaming metrics - `grafana_endpoint` (String) Grafana endpoint for streaming metrics - `grafana_user` (String) Grafana user for streaming metrics -- `http_basic_password` (String) HTTP basic authentication password for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user is also provided -- `http_basic_user` (String) HTTP basic authentication username for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_password is also provided -- `http_bearer_token` (String) HTTP bearer authentication token for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided -- `http_codec` (String) HTTP codec for streaming metrics, allowed values are JSON and NDJSON -- `http_compression` (Boolean) HTTP compression flag for streaming metrics -- `http_headers` (Map of String) HTTP headers for streaming metrics -- `http_method` (String) HTTP payload method for streaming metrics, allowed values are PATCH, POST, or PUT -- `http_payload_prefix` (String) HTTP payload prefix for streaming metrics -- `http_payload_suffix` (String) HTTP payload suffix for streaming metrics -- `http_uri` (String) HTTP URI for streaming metrics - `newrelic_account_id` (String) NewRelic Account ID for streaming metrics - `newrelic_license_key` (String) NewRelic license key for streaming metrics - `newrelic_region` (String) NewRelic region for streaming metrics, allowed values are "US" and "EU" diff --git a/docs/resources/vault_cluster.md b/docs/resources/vault_cluster.md index cbb8e1e7f..d4c73cbf8 100644 --- a/docs/resources/vault_cluster.md +++ b/docs/resources/vault_cluster.md @@ -94,16 +94,6 @@ Optional: - `grafana_endpoint` (String) Grafana endpoint for streaming audit logs - `grafana_password` (String, Sensitive) Grafana password for streaming audit logs - `grafana_user` (String) Grafana user for streaming audit logs -- `http_basic_password` (String, Sensitive) HTTP basic authentication password for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user is also provided -- `http_basic_user` (String) HTTP basic authentication username for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_password is also provided -- `http_bearer_token` (String, Sensitive) HTTP bearer authentication token for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided -- `http_codec` (String) HTTP codec for streaming audit logs, allowed values are JSON and NDJSON -- `http_compression` (Boolean) HTTP compression flag for streaming audit logs -- `http_headers` (Map of String) HTTP headers for streaming audit logs -- `http_method` (String) HTTP payload method for streaming audit logs, , allowed values are PATCH, POST, or PUT -- `http_payload_prefix` (String) HTTP payload prefix for streaming audit logs -- `http_payload_suffix` (String) HTTP payload suffix for streaming audit logs -- `http_uri` (String) HTTP URI for streaming audit logs - `newrelic_account_id` (String) NewRelic Account ID for streaming audit logs - `newrelic_license_key` (String, Sensitive) NewRelic license key for streaming audit logs - `newrelic_region` (String) NewRelic region for streaming audit logs, allowed values are "US" and "EU" @@ -146,16 +136,6 @@ Optional: - `grafana_endpoint` (String) Grafana endpoint for streaming metrics - `grafana_password` (String, Sensitive) Grafana password for streaming metrics - `grafana_user` (String) Grafana user for streaming metrics -- `http_basic_password` (String) HTTP basic authentication password for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user is also specified -- `http_basic_user` (String) HTTP basic authentication username for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_password is also specified -- `http_bearer_token` (String, Sensitive) HTTP bearer authentication token for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided -- `http_codec` (String) HTTP codec for streaming metrics, allowed values are JSON and NDJSON -- `http_compression` (Boolean) HTTP compression flag for streaming metrics -- `http_headers` (Map of String) HTTP headers for streaming metrics -- `http_method` (String) HTTP payload method for streaming metrics, allowed values are PATCH, POST, or PUT -- `http_payload_prefix` (String) HTTP payload prefix for streaming metrics -- `http_payload_suffix` (String) HTTP payload suffix for streaming metrics -- `http_uri` (String) HTTP URI for streaming metrics - `newrelic_account_id` (String) NewRelic Account ID for streaming metrics - `newrelic_license_key` (String, Sensitive) NewRelic license key for streaming metrics - `newrelic_region` (String) NewRelic region for streaming metrics, allowed values are "US" and "EU" diff --git a/internal/providersdkv2/data_source_vault_cluster.go b/internal/providersdkv2/data_source_vault_cluster.go index 4a6ca33b1..b2ca658ae 100644 --- a/internal/providersdkv2/data_source_vault_cluster.go +++ b/internal/providersdkv2/data_source_vault_cluster.go @@ -216,56 +216,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Type: schema.TypeString, Computed: true, }, - "http_basic_user": { - Description: "HTTP basic authentication username for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_password is also provided", - Type: schema.TypeString, - Computed: true, - }, - "http_basic_password": { - Description: "HTTP basic authentication password for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user is also provided", - Type: schema.TypeString, - Computed: true, - }, - "http_bearer_token": { - Description: "HTTP bearer authentication token for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided", - Type: schema.TypeString, - Computed: true, - }, - "http_headers": { - Description: "HTTP headers for streaming metrics", - Type: schema.TypeMap, - Computed: true, - }, - "http_codec": { - Description: "HTTP codec for streaming metrics, allowed values are JSON and NDJSON", - Type: schema.TypeString, - Computed: true, - }, - "http_compression": { - Description: "HTTP compression flag for streaming metrics", - Type: schema.TypeBool, - Computed: true, - }, - "http_method": { - Description: "HTTP payload method for streaming metrics, allowed values are PATCH, POST, or PUT", - Type: schema.TypeString, - Computed: true, - }, - "http_payload_prefix": { - Description: "HTTP payload prefix for streaming metrics", - Type: schema.TypeString, - Computed: true, - }, - "http_payload_suffix": { - Description: "HTTP payload suffix for streaming metrics", - Type: schema.TypeString, - Computed: true, - }, - "http_uri": { - Description: "HTTP URI for streaming metrics", - Type: schema.TypeString, - Computed: true, - }, }, }, }, @@ -356,56 +306,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Type: schema.TypeString, Computed: true, }, - "http_basic_user": { - Description: "HTTP basic authentication username for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_password is also provided", - Type: schema.TypeString, - Computed: true, - }, - "http_basic_password": { - Description: "HTTP basic authentication password for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user is also provided", - Type: schema.TypeString, - Computed: true, - }, - "http_bearer_token": { - Description: "HTTP bearer authentication token for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided", - Type: schema.TypeString, - Computed: true, - }, - "http_headers": { - Description: "HTTP headers for streaming audit logs", - Type: schema.TypeMap, - Computed: true, - }, - "http_codec": { - Description: "HTTP codec for streaming audit logs, allowed values are JSON and NDJSON", - Type: schema.TypeString, - Computed: true, - }, - "http_compression": { - Description: "HTTP compression flag for streaming audit logs", - Type: schema.TypeBool, - Computed: true, - }, - "http_method": { - Description: "HTTP payload method for streaming audit logs, allowed values are PATCH, POST, or PUT", - Type: schema.TypeString, - Computed: true, - }, - "http_payload_prefix": { - Description: "HTTP payload prefix for streaming audit logs", - Type: schema.TypeString, - Computed: true, - }, - "http_payload_suffix": { - Description: "HTTP payload suffix for streaming audit logs", - Type: schema.TypeString, - Computed: true, - }, - "http_uri": { - Description: "HTTP URI for streaming audit logs", - Type: schema.TypeString, - Computed: true, - }, }, }, }, diff --git a/internal/providersdkv2/resource_vault_cluster.go b/internal/providersdkv2/resource_vault_cluster.go index 2152a30f7..8d93df1b4 100644 --- a/internal/providersdkv2/resource_vault_cluster.go +++ b/internal/providersdkv2/resource_vault_cluster.go @@ -232,16 +232,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Optional: true, Sensitive: true, }, - "http_basic_user": { - Description: "HTTP basic authentication username for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_password is also specified", - Type: schema.TypeString, - Optional: true, - }, - "http_basic_password": { - Description: "HTTP basic authentication password for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user is also specified", - Type: schema.TypeString, - Optional: true, - }, "newrelic_account_id": { Description: "NewRelic Account ID for streaming metrics", Type: schema.TypeString, @@ -253,47 +243,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Optional: true, Sensitive: true, }, - "http_bearer_token": { - Description: "HTTP bearer authentication token for streaming metrics, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - }, - "http_headers": { - Description: "HTTP headers for streaming metrics", - Type: schema.TypeMap, - Optional: true, - }, - "http_codec": { - Description: "HTTP codec for streaming metrics, allowed values are JSON and NDJSON", - Type: schema.TypeString, - Optional: true, - }, - "http_compression": { - Description: "HTTP compression flag for streaming metrics", - Type: schema.TypeBool, - Optional: true, - }, - "http_method": { - Description: "HTTP payload method for streaming metrics, allowed values are PATCH, POST, or PUT", - Type: schema.TypeString, - Optional: true, - }, - "http_payload_prefix": { - Description: "HTTP payload prefix for streaming metrics", - Type: schema.TypeString, - Optional: true, - }, - "http_payload_suffix": { - Description: "HTTP payload suffix for streaming metrics", - Type: schema.TypeString, - Optional: true, - }, - "http_uri": { - Description: "HTTP URI for streaming metrics", - Type: schema.TypeString, - Optional: true, - }, "newrelic_region": { Description: "NewRelic region for streaming metrics, allowed values are \"US\" and \"EU\"", Type: schema.TypeString, @@ -394,17 +343,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Optional: true, Sensitive: true, }, - "http_basic_user": { - Description: "HTTP basic authentication username for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_password is also provided", - Type: schema.TypeString, - Optional: true, - }, - "http_basic_password": { - Description: "HTTP basic authentication password for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user is also provided", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - }, "newrelic_account_id": { Description: "NewRelic Account ID for streaming audit logs", Type: schema.TypeString, @@ -416,47 +354,6 @@ If a project is not configured in the HCP Provider config block, the oldest proj Optional: true, Sensitive: true, }, - "http_bearer_token": { - Description: "HTTP bearer authentication token for streaming audit logs, one of the two available authentication methods, can be specified only if http_basic_user and http_basic_password are not provided", - Type: schema.TypeString, - Optional: true, - Sensitive: true, - }, - "http_headers": { - Description: "HTTP headers for streaming audit logs", - Type: schema.TypeMap, - Optional: true, - }, - "http_codec": { - Description: "HTTP codec for streaming audit logs, allowed values are JSON and NDJSON", - Type: schema.TypeString, - Optional: true, - }, - "http_compression": { - Description: "HTTP compression flag for streaming audit logs", - Type: schema.TypeBool, - Optional: true, - }, - "http_method": { - Description: "HTTP payload method for streaming audit logs, , allowed values are PATCH, POST, or PUT", - Type: schema.TypeString, - Optional: true, - }, - "http_payload_prefix": { - Description: "HTTP payload prefix for streaming audit logs", - Type: schema.TypeString, - Optional: true, - }, - "http_payload_suffix": { - Description: "HTTP payload suffix for streaming audit logs", - Type: schema.TypeString, - Optional: true, - }, - "http_uri": { - Description: "HTTP URI for streaming audit logs", - Type: schema.TypeString, - Optional: true, - }, "newrelic_region": { Description: "NewRelic region for streaming audit logs, allowed values are \"US\" and \"EU\"", Type: schema.TypeString, @@ -1292,42 +1189,6 @@ func flattenObservabilityConfig(config *vaultmodels.HashicorpCloudVault20201125O } } - if http := config.HTTP; http != nil { - configMap["http_headers"] = http.Headers - configMap["http_codec"] = http.Codec - configMap["http_compression"] = http.Compression - configMap["http_method"] = http.Method - configMap["http_payload_prefix"] = http.PayloadPrefix - configMap["http_payload_suffix"] = http.PayloadSuffix - configMap["http_uri"] = http.URI - - if http.Basic != nil { - configMap["http_basic_user"] = http.Basic.User - - // Since the API return this sensitive fields as redacted, we don't update it on the config in this situations - if http.Basic.Password != "redacted" { - configMap["http_basic_password"] = http.Basic.Password - } else { - if configParam, ok := d.GetOk(propertyName); ok && len(configParam.([]interface{})) > 0 { - config := configParam.([]interface{})[0].(map[string]interface{}) - configMap["http_basic_password"] = config["http_basic_password"].(string) - } - } - } - - if http.Bearer != nil { - // Since the API return this sensitive fields as redacted, we don't update it on the config in this situations - if http.Bearer.Token != "redacted" { - configMap["http_bearer_token"] = http.Bearer.Token - } else { - if configParam, ok := d.GetOk(propertyName); ok && len(configParam.([]interface{})) > 0 { - config := configParam.([]interface{})[0].(map[string]interface{}) - configMap["http_bearer_token"] = config["http_bearer_token"].(string) - } - } - } - } - if newrelic := config.Newrelic; newrelic != nil { configMap["newrelic_account_id"] = newrelic.AccountID configMap["newrelic_region"] = newrelic.Region @@ -1358,7 +1219,6 @@ func getObservabilityConfig(propertyName string, d *schema.ResourceData) (*vault Datadog: &vaultmodels.HashicorpCloudVault20201125Datadog{}, Cloudwatch: &vaultmodels.HashicorpCloudVault20201125CloudWatch{}, Elasticsearch: &vaultmodels.HashicorpCloudVault20201125Elasticsearch{}, - HTTP: &vaultmodels.HashicorpCloudVault20201125HTTP{}, Newrelic: &vaultmodels.HashicorpCloudVault20201125NewRelic{}, } @@ -1379,35 +1239,6 @@ func getObservabilityConfig(propertyName string, d *schema.ResourceData) (*vault return getValidObservabilityConfig(config) } -// if http observability information is provided, this function ensures that authentication fields are valid and returns the authentication method used -func validateHTTPAuth(httpBasicUser, httpBasicPassword, httpBearerToken string) (*vaultmodels.HashicorpCloudVault20201125HTTPBearerAuth, *vaultmodels.HashicorpCloudVault20201125HTTPBasicAuth, diag.Diagnostics) { - // only one of basic or bearer authentication should be submitted - if httpBearerToken != "" && (httpBasicUser != "" || httpBasicPassword != "") { - return nil, nil, diag.Errorf("http configuration is invalid: either the basic or bearer authentication method can be submitted, but not both") - } else if httpBasicUser != "" && httpBasicPassword == "" || httpBasicUser == "" && httpBasicPassword != "" { - // http basic requires both the username and password to be filled - return nil, nil, diag.Errorf("http configuration is invalid: basic authentication requires username and password") - } - - if httpBearerToken != "" { - httpBearerAuth := &vaultmodels.HashicorpCloudVault20201125HTTPBearerAuth{ - Token: httpBearerToken, - } - return httpBearerAuth, nil, nil - } - - if httpBasicUser != "" && httpBasicPassword != "" { - httpBasicAuth := &vaultmodels.HashicorpCloudVault20201125HTTPBasicAuth{ - User: httpBasicUser, - Password: httpBasicPassword, - } - - return nil, httpBasicAuth, nil - } - - return nil, nil, nil -} - func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.HashicorpCloudVault20201125ObservabilityConfig, diag.Diagnostics) { grafanaEndpoint, _ := config["grafana_endpoint"].(string) grafanaUser, _ := config["grafana_user"].(string) @@ -1422,28 +1253,18 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha elasticsearchEndpoint, _ := config["elasticsearch_endpoint"].(string) elasticsearchUser, _ := config["elasticsearch_user"].(string) elasticsearchPassword, _ := config["elasticsearch_password"].(string) - httpBasicUser, _ := config["http_basic_user"].(string) - httpBasicPassword, _ := config["http_basic_password"].(string) - httpBearerToken, _ := config["http_bearer_token"].(string) - httpHeaders, _ := config["http_headers"].(map[string]interface{}) - httpCodec, _ := config["http_codec"].(string) - httpCompression, _ := config["http_compression"].(bool) - httpMethod, _ := config["http_method"].(string) - httpPayloadPrefix, _ := config["http_payload_prefix"].(string) - httpPayloadSuffix, _ := config["http_payload_suffix"].(string) - httpURI, _ := config["http_uri"].(string) newrelicAccountID, _ := config["newrelic_account_id"].(string) newrelicLicenseKey, _ := config["newrelic_license_key"].(string) newrelicRegion, _ := config["newrelic_region"].(string) var observabilityConfig *vaultmodels.HashicorpCloudVault20201125ObservabilityConfig // only return an error about a missing field for a specific provider after ensuring there's a single provider - var invalidProviderConfigError diag.Diagnostics + var missingParamErr diag.Diagnostics tooManyProvidersErr := diag.Errorf("multiple configurations found: must contain configuration for only one provider") if grafanaEndpoint != "" || grafanaUser != "" || grafanaPassword != "" { if grafanaEndpoint == "" || grafanaUser == "" || grafanaPassword == "" { - invalidProviderConfigError = diag.Errorf("grafana configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("grafana configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ @@ -1460,7 +1281,7 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha return nil, tooManyProvidersErr } if splunkEndpoint == "" || splunkToken == "" { - invalidProviderConfigError = diag.Errorf("splunk configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("splunk configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ Splunk: &vaultmodels.HashicorpCloudVault20201125Splunk{ @@ -1475,7 +1296,7 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha return nil, tooManyProvidersErr } if datadogAPIKey == "" || datadogRegion == "" { - invalidProviderConfigError = diag.Errorf("datadog configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("datadog configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ Datadog: &vaultmodels.HashicorpCloudVault20201125Datadog{ @@ -1490,7 +1311,7 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha return nil, tooManyProvidersErr } if cloudwatchAccessKeyID == "" || cloudwatchAccessKeySecret == "" || cloudwatchRegion == "" { - invalidProviderConfigError = diag.Errorf("cloudwatch configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("cloudwatch configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ Cloudwatch: &vaultmodels.HashicorpCloudVault20201125CloudWatch{ @@ -1508,7 +1329,7 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha } if elasticsearchEndpoint == "" || elasticsearchUser == "" || elasticsearchPassword == "" { - invalidProviderConfigError = diag.Errorf("elasticsearch configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("elasticsearch configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ @@ -1520,47 +1341,13 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha } } - if httpURI != "" || httpMethod != "" || httpCodec != "" { - if strings.ToUpper(httpMethod) != "POST" && strings.ToUpper(httpMethod) != "PUT" && strings.ToUpper(httpMethod) != "PATCH" { - invalidProviderConfigError = diag.Errorf("http configuration is invalud: allowed values for http_method are only \"POST\", \"PUT\", or \"PATCH\"") - } - - if strings.ToUpper(httpMethod) != "JSON" && strings.ToUpper(httpMethod) != "NDJSON" { - invalidProviderConfigError = diag.Errorf("http configuration is invalud: allowed values for http_codec are only \"JSON\" or \"NDJSON\"") - } - - if httpURI == "" || httpMethod == "" || httpCodec == "" { - invalidProviderConfigError = diag.Errorf("http configuration is invalid: configuration information missing") - } - - httpBearerAuth, httpBasicAuth, httpConfigError := validateHTTPAuth(httpBasicUser, httpBasicPassword, httpBearerToken) - - if httpConfigError != nil { - invalidProviderConfigError = httpConfigError - } - - observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ - HTTP: &vaultmodels.HashicorpCloudVault20201125HTTP{ - Headers: httpHeaders, - Bearer: httpBearerAuth, - Basic: httpBasicAuth, - Codec: (*vaultmodels.HashicorpCloudVault20201125HTTPEncodingCodec)(&httpCodec), - Compression: httpCompression, - PayloadPrefix: httpPayloadPrefix, - PayloadSuffix: httpPayloadSuffix, - Method: httpMethod, - URI: httpURI, - }, - } - } - if newrelicAccountID != "" || newrelicLicenseKey != "" || newrelicRegion != "" { if observabilityConfig != nil { return nil, tooManyProvidersErr } if newrelicAccountID == "" || newrelicLicenseKey == "" || newrelicRegion == "" { - invalidProviderConfigError = diag.Errorf("newrelic configuration is invalid: configuration information missing") + missingParamErr = diag.Errorf("newrelic configuration is invalid: configuration information missing") } observabilityConfig = &vaultmodels.HashicorpCloudVault20201125ObservabilityConfig{ @@ -1572,8 +1359,8 @@ func getValidObservabilityConfig(config map[string]interface{}) (*vaultmodels.Ha } } - if invalidProviderConfigError != nil { - return nil, invalidProviderConfigError + if missingParamErr != nil { + return nil, missingParamErr } return observabilityConfig, nil diff --git a/internal/providersdkv2/resource_vault_cluster_config_test.go b/internal/providersdkv2/resource_vault_cluster_config_test.go index b056e7fa8..0126e57e9 100644 --- a/internal/providersdkv2/resource_vault_cluster_config_test.go +++ b/internal/providersdkv2/resource_vault_cluster_config_test.go @@ -69,51 +69,6 @@ func TestGetValidObservabilityConfig(t *testing.T) { }, expectedError: "newrelic configuration is invalid: configuration information missing", }, - "http missing params": { - config: map[string]interface{}{ - "http_uri": "https://localhost:3000", - "http_basic_user": "user", - "http_basic_password": "pass", - }, - expectedError: "http configuration is invalid: configuration information missing", - }, - "http invalid codec": { - config: map[string]interface{}{ - "http_uri": "https://localhost:3000", - "http_method": "POST", - "http_codec": "SOME_VALUE", - }, - expectedError: "http configuration is invalud: allowed values for http_codec are only \"JSON\" or \"NDJSON\"", - }, - "http provide bearer and basic auth": { - config: map[string]interface{}{ - "http_uri": "https://localhost:3000", - "http_method": "POST", - "http_codec": "JSON", - "http_basic_user": "test", - "http_basic_password": "pass", - "http_bearer_token": "111111111", - }, - expectedError: "http configuration is invalid: either the basic or bearer authentication method can be submitted, but not both", - }, - "http basic auth without username": { - config: map[string]interface{}{ - "http_uri": "https://localhost:3000", - "http_method": "POST", - "http_codec": "JSON", - "http_basic_password": "pass", - }, - expectedError: "http configuration is invalid: basic authentication requires username and password", - }, - "http basic auth without password": { - config: map[string]interface{}{ - "http_uri": "https://localhost:3000", - "http_method": "POST", - "http_codec": "JSON", - "http_basic_user": "test", - }, - expectedError: "http configuration is invalid: basic authentication requires username and password", - }, "too many providers takes precedence over missing params": { config: map[string]interface{}{ "datadog_region": "us1",