-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement connection and subscription resources for jira and slack. #1116
Conversation
internal/provider/vaultradar/resource_radar_integration_slack_connection.go
Outdated
Show resolved
Hide resolved
examples/resources/hcp_vault_radar_integration_jira_subscription/resource.tf
Outdated
Show resolved
Hide resolved
internal/provider/vaultradar/resource_radar_integration_jira_connection.go
Outdated
Show resolved
Hide resolved
resource "hcp_vault_radar_integration_jira_connection" "jira_connection" { | ||
name = "example connection to jira" | ||
email = "[email protected]" | ||
token = var.jira_token | ||
base_url = "https://example.atlassian.net" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this resource supposed to only work for Jira server as well? For Jira server, the users need to create a personal access token and email is not required
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure what you mean by jira server, and I went by what was required in the integration jira connection in the UI and the python schema.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Jira server is the self-hosted variant of Atlassian Jira. I am not sure we currently support Jira server but going by the integration type (jira
), I thought we want to use the same terraform resource for both Jira Cloud and Server. If not, the resource name should contain jira_cloud
right
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think Jira Server also supports Basic Auth, we may have never made the update to support personal access tokens?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
K, going to leave it as like this then.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Basic auth is not a preferred way to make requests to the Jira server API. Same story for Confluence server onboarding, we only support personal access token not basic auth
However, as basic authentication repeatedly sends the username and password on each request, which could be cached in the web browser, it is not the most secure method of authentication we support.
We recommend you use OAuth over basic authentication for most cases. OAuth requires more work to implement, but it uses a token-based workflow that is much more secure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think Jira Server also supports Basic Auth, we may have never made the update to support personal access tokens?
I think the APIs that we use validate the assignee field on the subscription only work for Jira Cloud. We probably have to make some changes before Jira server integration is fully supported
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Warning
Dependent on #1113 being merged first which upgrade the dependency of hcp-sdk-go to v0.116.0 and fixes a resource related to that change.
🛠️ Description
Preview of Manage a Vault Radar Connections and Subscription via the HCP Terraform Provider.
This add two resources that are tightly related to each other. Integration connections and integration subscriptions.
This introduces two types of connections and subscriptions with plans for more to come later.
The resources introduced in this PR are:
Note
My apologies in advance for making a PR that introduces more than one resource, but connection and subscriptions don't make sense on their own, and the difference between jira and slack is rather small and I wanted to prove out a way implement these two types with a common implementation.
Note
This is a preview, and my intent is for this resource not to show up in the in the online documentations.
Therefore, I did not set the subcategory in the markup.
New Resource Checklist
go fmt
.Schema
CRUD Operations
Documentation
🏗️ Acceptance tests
Note
These acceptance tests works, but requires external environments not avail to CI/CD.
These tests are being skipped because of pre-existing conditions that would be require for the test to succeed.
Note
I've created a ticket to note how we can address this in the future.
https://hashicorp.atlassian.net/browse/VAULT-31051
Output from acceptance testing:
make testacc TESTARGS='-run=TestRadarIntegrationJiraConnection' ... === RUN TestRadarIntegrationJiraConnection --- PASS: TestRadarIntegrationJiraConnection (14.06s) ...
make testacc TESTARGS='-run=TestRadarIntegrationJiraSubscription' === RUN TestRadarIntegrationJiraSubscription --- PASS: TestRadarIntegrationJiraSubscription (8.03s) ...
make testacc TESTARGS='-run=TestRadarIntegrationSlackConnection' === RUN TestRadarIntegrationSlackConnection --- PASS: TestRadarIntegrationSlackConnection (5.93s) ...
make testacc TESTARGS='-run=TestRadarIntegrationSlackSubscription' === RUN TestRadarIntegrationSlackSubscription --- PASS: TestRadarIntegrationSlackSubscription (7.73s) ...