Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix GCP auth backend role #411

Merged
merged 2 commits into from
Jun 12, 2019
Merged

Fix GCP auth backend role #411

merged 2 commits into from
Jun 12, 2019

Conversation

hmakkapati
Copy link
Contributor

Add project_id and bound_projects back to request payload when creating/updating
a GCP auth backend role
Possible fix for #394

@ghost ghost added the size/XS label May 10, 2019
@hmakkapati
Copy link
Contributor Author

This is broken since 1.6.0.

@lawliet89
Copy link
Contributor

Sorry, it's my bad. I left out these two fields when working on #308

@tyrannosaurus-becks tyrannosaurus-becks self-assigned this Jun 3, 2019
@tyrannosaurus-becks
Copy link
Contributor

No worries, @lawliet89 , every contribution is appreciated and it's good to be adding things.

@hmakkapati , thanks for working on this! It looks like the tests need to be updated too.

=== RUN   TestGCPAuthBackendRole_basic
--- FAIL: TestGCPAuthBackendRole_basic (0.05s)
    testing.go:538: Step 0 error: After applying this step, the plan was not empty:
        
        DIFF:
        
        DESTROY/CREATE: vault_gcp_auth_backend_role.test
          add_group_aliases:                "true" => "true"
          allow_gce_inference:              "" => "<computed>"
          backend:                          "tf-test-gcp-backend-8166411937004365186" => "tf-test-gcp-backend-8166411937004365186"
          bound_instance_groups.#:          "0" => "<computed>"
          bound_labels.#:                   "0" => "<computed>"
          bound_projects.#:                 "1" => "0" (forces new resource)
          bound_projects.715502587:         "tf-test-gcp-project-id-8791571047752862743" => "" (forces new resource)
          bound_regions.#:                  "0" => "<computed>"
          bound_service_accounts.#:         "1" => "1"
          bound_service_accounts.886117652: "tf-test-gcp-service-account-7012167133520457873" => "tf-test-gcp-service-account-7012167133520457873"
          bound_zones.#:                    "0" => "<computed>"
          max_jwt_exp:                      "900" => "<computed>"
          max_ttl:                          "600" => "600"
          period:                           "" => "<computed>"
          policies.#:                       "2" => "2"
          policies.505685419:               "policy_a" => "policy_a"
          policies.889812584:               "policy_b" => "policy_b"
          project_id:                       "tf-test-gcp-project-id-8791571047752862743" => "tf-test-gcp-project-id-8791571047752862743"
          role:                             "tf-test-gcp-role-5638689810075639594" => "tf-test-gcp-role-5638689810075639594"
          ttl:                              "300" => "300"
          type:                             "iam" => "iam"
        
        STATE:
        
        vault_auth_backend.gcp:
          ID = tf-test-gcp-backend-8166411937004365186
          provider = provider.vault
          accessor = auth_gcp_cd0df939
          default_lease_ttl_seconds = 0
          description = 
          listing_visibility = 
          local = false
          max_lease_ttl_seconds = 0
          path = tf-test-gcp-backend-8166411937004365186/
          type = gcp
        vault_gcp_auth_backend_role.test:
          ID = auth/tf-test-gcp-backend-8166411937004365186/role/tf-test-gcp-role-5638689810075639594
          provider = provider.vault
          add_group_aliases = true
          backend = tf-test-gcp-backend-8166411937004365186
          bound_instance_groups.# = 0
          bound_labels.# = 0
          bound_projects.# = 1
          bound_projects.715502587 = tf-test-gcp-project-id-8791571047752862743
          bound_regions.# = 0
          bound_service_accounts.# = 1
          bound_service_accounts.886117652 = tf-test-gcp-service-account-7012167133520457873
          bound_zones.# = 0
          max_jwt_exp = 900
          max_ttl = 600
          policies.# = 2
          policies.505685419 = policy_a
          policies.889812584 = policy_b
          project_id = tf-test-gcp-project-id-8791571047752862743
          role = tf-test-gcp-role-5638689810075639594
          ttl = 300
          type = iam
        
          Dependencies:
            vault_auth_backend.gcp
=== RUN   TestGCPAuthBackendRole_gce
--- FAIL: TestGCPAuthBackendRole_gce (0.04s)
    testing.go:538: Step 0 error: After applying this step, the plan was not empty:
        
        DIFF:
        
        DESTROY/CREATE: vault_gcp_auth_backend_role.test
          add_group_aliases:         "false" => "<computed>"
          allow_gce_inference:       "" => "<computed>"
          backend:                   "tf-test-gcp-backend-8536485550161856318" => "tf-test-gcp-backend-8536485550161856318"
          bound_instance_groups.#:   "0" => "<computed>"
          bound_labels.#:            "1" => "1"
          bound_labels.804021650:    "foo" => "foo"
          bound_projects.#:          "1" => "0" (forces new resource)
          bound_projects.3075261536: "tf-test-gcp-project-id-848302565949975870" => "" (forces new resource)
          bound_regions.#:           "1" => "1"
          bound_regions.2346426370:  "eu-west2" => "eu-west2"
          bound_service_accounts.#:  "0" => "<computed>"
          bound_zones.#:             "1" => "1"
          bound_zones.2567508304:    "europe-west2-c" => "europe-west2-c"
          max_jwt_exp:               "" => "<computed>"
          max_ttl:                   "600" => "600"
          period:                    "" => "<computed>"
          policies.#:                "2" => "2"
          policies.505685419:        "policy_a" => "policy_a"
          policies.889812584:        "policy_b" => "policy_b"
          project_id:                "tf-test-gcp-project-id-848302565949975870" => "tf-test-gcp-project-id-848302565949975870"
          role:                      "tf-test-gcp-role-3718369862104071996" => "tf-test-gcp-role-3718369862104071996"
          ttl:                       "300" => "300"
          type:                      "gce" => "gce"
        
        STATE:
        
        vault_auth_backend.gcp:
          ID = tf-test-gcp-backend-8536485550161856318
          provider = provider.vault
          accessor = auth_gcp_0855d267
          default_lease_ttl_seconds = 0
          description = 
          listing_visibility = 
          local = false
          max_lease_ttl_seconds = 0
          path = tf-test-gcp-backend-8536485550161856318/
          type = gcp
        vault_gcp_auth_backend_role.test:
          ID = auth/tf-test-gcp-backend-8536485550161856318/role/tf-test-gcp-role-3718369862104071996
          provider = provider.vault
          add_group_aliases = false
          backend = tf-test-gcp-backend-8536485550161856318
          bound_instance_groups.# = 0
          bound_labels.# = 1
          bound_labels.804021650 = foo
          bound_projects.# = 1
          bound_projects.3075261536 = tf-test-gcp-project-id-848302565949975870
          bound_regions.# = 1
          bound_regions.2346426370 = eu-west2
          bound_service_accounts.# = 0
          bound_zones.# = 1
          bound_zones.2567508304 = europe-west2-c
          max_ttl = 600
          policies.# = 2
          policies.505685419 = policy_a
          policies.889812584 = policy_b
          project_id = tf-test-gcp-project-id-848302565949975870
          role = tf-test-gcp-role-3718369862104071996
          ttl = 300
          type = gce
        
          Dependencies:
            vault_auth_backend.gcp
FAIL

Process finished with exit code 1

@tyrannosaurus-becks
Copy link
Contributor

I just added code to master that will automate running this test whenever you push up a new commit. If you pull master, merge it, and push it up, you'll be able to see the test failure in CircleCI. Might make development a little easier.

@hmakkapati
Fix GCP auth backend role
6bdcd74 
Add `project_id` and `bound_projects` back to request payload when creating/updating
a GCP auth backend role
Possible fix for hashicorp#394
@hmakkapati
Copy link
Contributor Author

@tyrannosaurus-becks Thanks for taking a look! Pushed another commit to fix tests. Could you give it another look?

tyrannosaurus-becks
tyrannosaurus-becks approved these changes Jun 12, 2019
View reviewed changes
Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hmakkapati fantastic! Thank you!

@tyrannosaurus-becks tyrannosaurus-becks merged commit 271ee83 into hashicorp:master Jun 12, 2019
dandandy pushed a commit to dandandy/terraform-provider-vault that referenced this pull request Jun 17, 2021
@tyrannosaurus-becks
Merge pull request hashicorp#411 from hmakkapati/fix-gcp-auth-backend…
c08b3e6 
…-role

Fix GCP auth backend role
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tyrannosaurus-becks tyrannosaurus-becks tyrannosaurus-becks approved these changes

Assignees

@tyrannosaurus-becks tyrannosaurus-becks

Labels
size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hmakkapati @lawliet89 @tyrannosaurus-becks