Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vault 32530 add external id to aws auth backend sts role #2370

Merged

Conversation

helenfufu
Copy link
Contributor

@helenfufu helenfufu commented Nov 20, 2024

Description

This PR updates the vault_aws_auth_backend_sts_role resource to support the external_id field on Vault versions >= 1.17.

Relates hashicorp/vault#26628.

Checklist

  • Added CHANGELOG entry (only for user-facing changes)
  • Acceptance tests were run against all supported Vault Versions

Output from acceptance testing:

On a Vault version < 1.17 (1.16.12)
$ TESTARGS="--run TestAccAWSAuthBackendSTSRole" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestAccAWSAuthBackendSTSRole -timeout 30m ./... -v
?   	github.com/hashicorp/terraform-provider-vault	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/coverage	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/generate	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/helper	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/consts	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/codegen	0.323s [no tests to run]
?   	github.com/hashicorp/terraform-provider-vault/internal/identity/group	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/identity/mfa	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/pki	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/sync	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/schema	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/internal/identity/entity	0.491s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/internal/provider	0.815s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/testutil	1.027s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/util	1.463s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/util/mountutil	1.126s [no tests to run]
=== RUN   TestAccAWSAuthBackendSTSRole_withExternalID
    resource_aws_auth_backend_sts_role_test.go:32: Vault server version "1.16.12+ent"
    resource_aws_auth_backend_sts_role_test.go:32: Vault version < "1.17.0"
--- SKIP: TestAccAWSAuthBackendSTSRole_withExternalID (0.00s)
=== RUN   TestAccAWSAuthBackendSTSRole_basic
--- PASS: TestAccAWSAuthBackendSTSRole_basic (2.81s)
PASS
ok  	github.com/hashicorp/terraform-provider-vault/vault	4.010s
On a Vault version >= 1.17 (1.17.8)
$ TESTARGS="--run TestAccAWSAuthBackendSTSRole" make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestAccAWSAuthBackendSTSRole -timeout 30m ./... -v
?   	github.com/hashicorp/terraform-provider-vault	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/coverage	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/cmd/generate	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/helper	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/consts	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/identity/group	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/identity/mfa	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/pki	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/internal/sync	[no test files]
?   	github.com/hashicorp/terraform-provider-vault/schema	[no test files]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/codegen	0.313s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/internal/identity/entity	0.584s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/internal/provider	0.956s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/testutil	0.861s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/util	1.043s [no tests to run]
testing: warning: no tests to run
PASS
ok  	github.com/hashicorp/terraform-provider-vault/util/mountutil	1.230s [no tests to run]
=== RUN   TestAccAWSAuthBackendSTSRole_withExternalID
    resource_aws_auth_backend_sts_role_test.go:32: Vault server version "1.17.8+ent"
--- PASS: TestAccAWSAuthBackendSTSRole_withExternalID (2.84s)
=== RUN   TestAccAWSAuthBackendSTSRole_basic
--- PASS: TestAccAWSAuthBackendSTSRole_basic (2.45s)
PASS
ok  	github.com/hashicorp/terraform-provider-vault/vault	6.183s

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

@helenfufu helenfufu force-pushed the vault-32530-add-external-id-to-aws-auth-backend-sts-role branch from f39c39c to 96c64f5 Compare November 20, 2024 20:22
@helenfufu helenfufu marked this pull request as ready for review November 21, 2024 20:21
@helenfufu helenfufu requested a review from a team as a code owner November 21, 2024 20:21
vinay-gopalan
vinay-gopalan previously approved these changes Nov 22, 2024
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, LGTM! Had 1 comment around noting the version requirement in the docs, but should be good to merge in otherwise. Thanks for working on this!

vault/resource_aws_auth_backend_sts_role.go Outdated Show resolved Hide resolved
website/docs/r/aws_auth_backend_sts_role.html.md Outdated Show resolved Hide resolved
@helenfufu helenfufu merged commit 0cbe249 into main Nov 22, 2024
11 checks passed
@helenfufu helenfufu deleted the vault-32530-add-external-id-to-aws-auth-backend-sts-role branch November 22, 2024 22:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants