-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Rotating Secrets Changes #1143
Conversation
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
@@ -82,6 +94,7 @@ resource "hcp_vault_secrets_rotating_secret" "example_confluent" { | |||
### Optional | |||
|
|||
- `aws_access_keys` (Attributes) AWS configuration to manage the access key rotation for the given IAM user. Required if `secret_provider` is `aws`. (see [below for nested schema](#nestedatt--aws_access_keys)) | |||
- `azure_application_password_params` (Attributes) Azure configuration to manage the application password rotation for the given application. Required if `secret_provider` is `confluent`. (see [below for nested schema](#nestedatt--azure_application_password_params)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- `azure_application_password_params` (Attributes) Azure configuration to manage the application password rotation for the given application. Required if `secret_provider` is `confluent`. (see [below for nested schema](#nestedatt--azure_application_password_params)) | |
- `azure_application_password` (Attributes) Azure configuration to manage the application password rotation for the given application. Required if `secret_provider` is `azure`. (see [below for nested schema](#nestedatt--azure_application_password_params)) |
The param suffix feels redundant and the other credential types did not add it. There is a Confluent copy-paste leftover.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whoops I think this is the generated code. Nvm the suggestion but the comment are relevant to the resource schema.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for noticing this. Updated.
examples/resources/hcp_vault_secrets_integration_azure/import.sh
Outdated
Show resolved
Hide resolved
@@ -206,6 +213,29 @@ func (r *resourceVaultSecretsRotatingSecret) Schema(_ context.Context, _ resourc | |||
exactlyOneRotatingSecretTypeFieldsValidator, | |||
}, | |||
}, | |||
"azure_application_password_params": schema.SingleNestedAttribute{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd remove the params suffix to align with the other credential types
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed. Changed it.
internal/provider/vaultsecrets/resource_vault_secrets_rotating_secret.go
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, couple of nits or copy-paste leftovers but the bulk of it looks solid.
…_secret.go Co-authored-by: Max Coulombe <[email protected]>
|
||
### Required | ||
|
||
- `capabilities` (Set of String) Capabilities enabled for the integration. See the Vault Secrets documentation for the list of supported capabilities per provider. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as dicussed in a preivous PR, i didnt foudn this documentaiton
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you think linking users to our docs' landing page would be helpful?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I could do that, the docs page doesn't directly talk about the capabilities option though. Another approach would be to list the options [ 'sync', 'rotation', 'dynamic']
in the same string. I am fine with adding either of these.
Note: This is a generated file, hence making this change will affect all the integration doc files where capabilities is listed.
page_title: "hcp_vault_secrets_integration_azure Resource - terraform-provider-hcp" | ||
subcategory: "" | ||
description: |- | ||
The Vault Secrets Azure integration resource manages an Azure integration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This feel incomplete.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similar to the above comment, this is a standard message across integrations.
|
||
# hcp_vault_secrets_integration_azure (Resource) | ||
|
||
The Vault Secrets Azure integration resource manages an Azure integration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This feel incomplete.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above.
🛠️ Description
Added hcp_vault_secrets_integration_azureresource and modified hcp_vault_secrets_rotating_secret to support Azure Application Password.
🏗️ Acceptance tests
Output from acceptance testing:
$ make testacc TESTARGS='-run=TestAccXXX' ...