chore: Upgrades ldap_configuration and ldap_verify resources to a…

…uto-generated SDK (#1971)

* rename in resources

* refactor in tests

* run skipped tests

* checkExists only with resourceName param

* refactor ldap verify tests

* mig tests

* new SDK in tests

* ds, read, import and delete

* no delete in ldap verify

* create & update

* enable skipped tests

.github/workflows/acceptance-tests-runner.yml

@@ -109,7 +109,9 @@ on:
         required: true
       mongodb_atlas_ldap_port:
         required: true
-
+      mongodb_atlas_ldap_ca_certificate:
+        required: true
+
 env:
   TF_ACC: 1
   TF_LOG: ${{ vars.LOG_LEVEL }}
@@ -653,6 +655,7 @@ jobs:
           MONGODB_ATLAS_LDAP_USERNAME: ${{ secrets.mongodb_atlas_ldap_username }}
           MONGODB_ATLAS_LDAP_PASSWORD: ${{ secrets.mongodb_atlas_ldap_password }}
           MONGODB_ATLAS_LDAP_PORT: ${{ secrets.mongodb_atlas_ldap_port }}
+          MONGODB_ATLAS_LDAP_CA_CERTIFICATE: ${{ secrets.mongodb_atlas_ldap_ca_certificate }}
           TEST_REGEX: "^TestAccLDAP"
         run: make testacc
   encryption:

.github/workflows/acceptance-tests.yml

@@ -55,6 +55,7 @@ jobs:
       mongodb_atlas_ldap_username: ${{ secrets.MONGODB_ATLAS_LDAP_USERNAME }}
       mongodb_atlas_ldap_password: ${{ secrets.MONGODB_ATLAS_LDAP_PASSWORD }}
       mongodb_atlas_ldap_port: ${{ secrets.MONGODB_ATLAS_LDAP_PORT }}
+      mongodb_atlas_ldap_ca_certificate: ${{ secrets.MONGODB_ATLAS_LDAP_CA_CERTIFICATE }}
     with:
       terraform_version: ${{ inputs.terraform_version || vars.TF_VERSION_LATEST }}
       ref: ${{ inputs.ref }}

.github/workflows/migration-tests.yml

@@ -68,6 +68,7 @@ jobs:
       data_lake: ${{ steps.filter.outputs.data_lake == 'true' || env.mustTrigger == 'true' }}
       cluster_outage_simulation: ${{ steps.filter.outputs.cluster_outage_simulation == 'true' || env.mustTrigger == 'true' }}
       cluster: ${{ steps.filter.outputs.cluster == 'true' || env.mustTrigger == 'true' }}
+      ldap: ${{ steps.filter.outputs.ldap == 'true' || env.mustTrigger == 'true' }}
     steps:
     - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
     - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a
@@ -139,6 +140,9 @@ jobs:
           cluster:
             - 'internal/service/cluster/*.go'
             - 'internal/service/globalclusterconfig/*.go'
+          ldap:
+            - 'internal/service/ldapconfiguration/*.go'
+            - 'internal/service/ldapverify/*.go'
   
   project: 
     needs: [ change-detection, get-provider-version ]
@@ -516,4 +520,32 @@ jobs:
           MONGODB_ATLAS_LAST_VERSION: ${{ needs.get-provider-version.outputs.provider_version }}
           TEST_REGEX: "^TestAccMigrationClusterRS"
         run: make testacc
-
+  ldap:
+    needs: [ change-detection, get-provider-version ]
+    if: ${{ needs.change-detection.outputs.ldap == 'true' || inputs.test_group == 'ldap' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+      - name: Set up Go
+        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
+        with:
+          go-version-file: 'go.mod'
+      - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36
+        with:
+          terraform_version: ${{ env.terraform_version }}
+          terraform_wrapper: false    
+      - name: Migration Tests
+        env:
+          MONGODB_ATLAS_PUBLIC_KEY: ${{ secrets.MONGODB_ATLAS_PUBLIC_KEY_CLOUD_DEV }}
+          MONGODB_ATLAS_PRIVATE_KEY: ${{ secrets.MONGODB_ATLAS_PRIVATE_KEY_CLOUD_DEV }}
+          MONGODB_ATLAS_ORG_ID: ${{ vars.MONGODB_ATLAS_ORG_ID_CLOUD_DEV }}
+          MONGODB_ATLAS_BASE_URL: ${{ vars.MONGODB_ATLAS_BASE_URL }}
+          MONGODB_ATLAS_LDAP_HOSTNAME: ${{ secrets.MONGODB_ATLAS_LDAP_HOSTNAME }}
+          MONGODB_ATLAS_LDAP_USERNAME: ${{ secrets.MONGODB_ATLAS_LDAP_USERNAME }}
+          MONGODB_ATLAS_LDAP_PASSWORD: ${{ secrets.MONGODB_ATLAS_LDAP_PASSWORD }}
+          MONGODB_ATLAS_LDAP_CA_CERTIFICATE: ${{ secrets.MONGODB_ATLAS_LDAP_CA_CERTIFICATE }}
+          MONGODB_ATLAS_LDAP_PORT: ${{ secrets.MONGODB_ATLAS_LDAP_PORT }}
+          MONGODB_ATLAS_LAST_VERSION: ${{ needs.get-provider-version.outputs.provider_version }}
+          TEST_REGEX: "^TestAccMigrationLDAP"
+        run: make testacc

internal/service/ldapconfiguration/data_source_ldap_configuration.go

@@ -11,7 +11,7 @@ import (
 
 func DataSource() *schema.Resource {
 	return &schema.Resource{
-		ReadContext: dataSourceMongoDBAtlasLDAPConfigurationRead,
+		ReadContext: dataSourceRead,
 		Schema: map[string]*schema.Schema{
 			"project_id": {
 				Type:     schema.TypeString,
@@ -73,41 +73,41 @@ func DataSource() *schema.Resource {
 	}
 }
 
-func dataSourceMongoDBAtlasLDAPConfigurationRead(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
-	conn := meta.(*config.MongoDBClient).Atlas
+func dataSourceRead(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics {
+	connV2 := meta.(*config.MongoDBClient).AtlasV2
 	projectID := d.Get("project_id").(string)
 
-	ldap, _, err := conn.LDAPConfigurations.Get(ctx, projectID)
+	resp, _, err := connV2.LDAPConfigurationApi.GetLDAPConfiguration(ctx, projectID).Execute()
 	if err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationRead, projectID, err))
+		return diag.FromErr(fmt.Errorf(errorRead, projectID, err))
 	}
 
-	if err = d.Set("authentication_enabled", ldap.LDAP.AuthenticationEnabled); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "authentication_enabled", d.Id(), err))
+	if err = d.Set("authentication_enabled", resp.Ldap.GetAuthenticationEnabled()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "authentication_enabled", d.Id(), err))
 	}
-	if err = d.Set("authorization_enabled", ldap.LDAP.AuthorizationEnabled); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "authorization_enabled", d.Id(), err))
+	if err = d.Set("authorization_enabled", resp.Ldap.GetAuthorizationEnabled()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "authorization_enabled", d.Id(), err))
 	}
-	if err = d.Set("hostname", ldap.LDAP.Hostname); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "hostname", d.Id(), err))
+	if err = d.Set("hostname", resp.Ldap.GetHostname()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "hostname", d.Id(), err))
 	}
-	if err = d.Set("port", ldap.LDAP.Port); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "port", d.Id(), err))
+	if err = d.Set("port", resp.Ldap.GetPort()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "port", d.Id(), err))
 	}
-	if err = d.Set("bind_username", ldap.LDAP.BindUsername); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "bind_username", d.Id(), err))
+	if err = d.Set("bind_username", resp.Ldap.GetBindUsername()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "bind_username", d.Id(), err))
 	}
-	if err = d.Set("bind_password", ldap.LDAP.BindPassword); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "bind_password", d.Id(), err))
+	if err = d.Set("bind_password", resp.Ldap.GetBindPassword()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "bind_password", d.Id(), err))
 	}
-	if err = d.Set("ca_certificate", ldap.LDAP.CaCertificate); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "ca_certificate", d.Id(), err))
+	if err = d.Set("ca_certificate", resp.Ldap.GetCaCertificate()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "ca_certificate", d.Id(), err))
 	}
-	if err = d.Set("authz_query_template", ldap.LDAP.AuthzQueryTemplate); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "authz_query_template", d.Id(), err))
+	if err = d.Set("authz_query_template", resp.Ldap.GetAuthzQueryTemplate()); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "authz_query_template", d.Id(), err))
 	}
-	if err = d.Set("user_to_dn_mapping", flattenDNMapping(ldap.LDAP.UserToDNMapping)); err != nil {
-		return diag.FromErr(fmt.Errorf(errorLDAPConfigurationSetting, "user_to_dn_mapping", d.Id(), err))
+	if err = d.Set("user_to_dn_mapping", flattenDNMapping(resp.Ldap.GetUserToDNMapping())); err != nil {
+		return diag.FromErr(fmt.Errorf(errorSettings, "user_to_dn_mapping", d.Id(), err))
 	}
 
 	d.SetId(projectID)

internal/service/ldapconfiguration/data_source_ldap_configuration_test.go

@@ -1,68 +1,42 @@
 package ldapconfiguration_test
 
 import (
-	"fmt"
 	"os"
+	"strconv"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
 	"github.com/mongodb/terraform-provider-mongodbatlas/internal/testutil/acc"
 	"github.com/spf13/cast"
-	matlas "go.mongodb.org/atlas/mongodbatlas"
 )
 
 func TestAccLDAPConfigurationDS_basic(t *testing.T) {
 	var (
-		ldapConfiguration matlas.LDAPConfiguration
-		resourceName      = "mongodbatlas_ldap_configuration.test"
-		orgID             = os.Getenv("MONGODB_ATLAS_ORG_ID")
-		hostname          = os.Getenv("MONGODB_ATLAS_LDAP_HOSTNAME")
-		username          = os.Getenv("MONGODB_ATLAS_LDAP_USERNAME")
-		password          = os.Getenv("MONGODB_ATLAS_LDAP_PASSWORD")
-		port              = os.Getenv("MONGODB_ATLAS_LDAP_PORT")
-		authEnabled       = true
-		projectName       = acc.RandomProjectName()
+		dataSourceName = "data.mongodbatlas_ldap_configuration.test"
+		orgID          = os.Getenv("MONGODB_ATLAS_ORG_ID")
+		hostname       = os.Getenv("MONGODB_ATLAS_LDAP_HOSTNAME")
+		username       = os.Getenv("MONGODB_ATLAS_LDAP_USERNAME")
+		password       = os.Getenv("MONGODB_ATLAS_LDAP_PASSWORD")
+		port           = os.Getenv("MONGODB_ATLAS_LDAP_PORT")
+		authEnabled    = true
+		projectName    = acc.RandomProjectName()
 	)
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:                 func() { acc.PreCheckLDAP(t) },
 		ProtoV6ProviderFactories: acc.TestAccProviderV6Factories,
-		CheckDestroy:             acc.CheckDestroyLDAPConfiguration,
+		CheckDestroy:             checkDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccMongoDBAtlasDataSourceLDAPConfigurationConfig(projectName, orgID, hostname, username, password, authEnabled, cast.ToInt(port)),
+				Config: configBasic(projectName, orgID, hostname, username, password, authEnabled, cast.ToInt(port)),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckMongoDBAtlasLDAPConfigurationExists(resourceName, &ldapConfiguration),
-
-					resource.TestCheckResourceAttrSet(resourceName, "project_id"),
-					resource.TestCheckResourceAttrSet(resourceName, "hostname"),
-					resource.TestCheckResourceAttrSet(resourceName, "bind_username"),
-					resource.TestCheckResourceAttrSet(resourceName, "authentication_enabled"),
-					resource.TestCheckResourceAttrSet(resourceName, "port"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "project_id"),
+					resource.TestCheckResourceAttr(dataSourceName, "hostname", hostname),
+					resource.TestCheckResourceAttr(dataSourceName, "bind_username", username),
+					resource.TestCheckResourceAttr(dataSourceName, "authentication_enabled", strconv.FormatBool(authEnabled)),
+					resource.TestCheckResourceAttr(dataSourceName, "port", port),
 				),
 			},
 		},
 	})
 }
-
-func testAccMongoDBAtlasDataSourceLDAPConfigurationConfig(projectName, orgID, hostname, username, password string, authEnabled bool, port int) string {
-	return fmt.Sprintf(`
-		resource "mongodbatlas_project" "test" {
-			name   = "%[1]s"
-			org_id = "%[2]s"
-		}
-
-		resource "mongodbatlas_ldap_configuration" "test" {
-			project_id                  =  mongodbatlas_project.test.id
-			authentication_enabled      =  %[6]t
-			hostname 					= "%[3]s"
-			port                        =  %[7]d
-			bind_username               = "%[4]s"
-			bind_password               = "%[5]s"
-		}
-		
-		data "mongodbatlas_ldap_configuration" "test" {
-			project_id = mongodbatlas_ldap_configuration.test.id
-		}
-`, projectName, orgID, hostname, username, password, authEnabled, port)
-}