-
Notifications
You must be signed in to change notification settings - Fork 386
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into mb-fix-gs
- Loading branch information
Showing
57 changed files
with
987 additions
and
268 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package aws | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
|
||
"github.com/databrickslabs/terraform-provider-databricks/common" | ||
"github.com/databrickslabs/terraform-provider-databricks/scim" | ||
|
||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
) | ||
|
||
// ResourceServicePrincipalRole binds service principal and instance profile | ||
func ResourceServicePrincipalRole() *schema.Resource { | ||
r := common.NewPairID("service_principal_id", "role").BindResource(common.BindResource{ | ||
CreateContext: func(ctx context.Context, servicePrincipalID, role string, c *common.DatabricksClient) error { | ||
return scim.NewServicePrincipalsAPI(ctx, c).Patch(servicePrincipalID, scim.PatchRequest("add", "roles", role)) | ||
}, | ||
ReadContext: func(ctx context.Context, servicePrincipalID, roleARN string, c *common.DatabricksClient) error { | ||
servicePrincipal, err := scim.NewServicePrincipalsAPI(ctx, c).Read(servicePrincipalID) | ||
hasRole := scim.ComplexValues(servicePrincipal.Roles).HasValue(roleARN) | ||
if err == nil && !hasRole { | ||
return common.NotFound("Service Principal has no role") | ||
} | ||
return err | ||
}, | ||
DeleteContext: func(ctx context.Context, servicePrincipalID, roleARN string, c *common.DatabricksClient) error { | ||
return scim.NewServicePrincipalsAPI(ctx, c).Patch(servicePrincipalID, scim.PatchRequest( | ||
"remove", fmt.Sprintf(`roles[value eq "%s"]`, roleARN), "")) | ||
}, | ||
}) | ||
return r | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
package aws | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/databrickslabs/terraform-provider-databricks/common" | ||
|
||
"github.com/databrickslabs/terraform-provider-databricks/scim" | ||
|
||
"github.com/databrickslabs/terraform-provider-databricks/qa" | ||
) | ||
|
||
func TestResourceServicePrincipalRoleCreate(t *testing.T) { | ||
qa.ResourceFixture{ | ||
Fixtures: []qa.HTTPFixture{ | ||
{ | ||
Method: "PATCH", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
ExpectedRequest: scim.PatchRequest( | ||
"add", | ||
"roles", | ||
"arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile"), | ||
Response: scim.User{ | ||
ID: "abc", | ||
}, | ||
}, | ||
{ | ||
Method: "GET", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
Response: scim.User{ | ||
Schemas: []scim.URN{scim.ServicePrincipalSchema}, | ||
DisplayName: "ABC SP", | ||
Roles: []scim.ComplexValue{ | ||
{ | ||
Value: "arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}, | ||
}, | ||
ID: "abc", | ||
}, | ||
}, | ||
}, | ||
Resource: ResourceServicePrincipalRole(), | ||
State: map[string]interface{}{ | ||
"service_principal_id": "abc", | ||
"role": "arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}, | ||
Create: true, | ||
}.ApplyAndExpectData(t, map[string]interface{}{"id": "abc|arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile"}) | ||
} | ||
|
||
func TestResourceServicePrincipalRoleCreate_Error(t *testing.T) { | ||
qa.ResourceFixture{ | ||
Fixtures: []qa.HTTPFixture{ | ||
{ | ||
Method: "PATCH", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
Response: common.APIErrorBody{ | ||
ErrorCode: "INVALID_REQUEST", | ||
Message: "Internal error happened", | ||
}, | ||
Status: 400, | ||
}, | ||
}, | ||
Resource: ResourceServicePrincipalRole(), | ||
State: map[string]interface{}{ | ||
"service_principal_id": "abc", | ||
"role": "arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}, | ||
Create: true, | ||
}.ExpectError(t, "Internal error happened") | ||
} | ||
|
||
func TestResourceServicePrincipalRoleRead(t *testing.T) { | ||
qa.ResourceFixture{ | ||
Fixtures: []qa.HTTPFixture{ | ||
{ | ||
Method: "GET", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
Response: scim.User{ | ||
Schemas: []scim.URN{scim.ServicePrincipalSchema}, | ||
DisplayName: "ABC SP", | ||
Roles: []scim.ComplexValue{ | ||
{ | ||
Value: "arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}, | ||
}, | ||
ID: "abc", | ||
}, | ||
}, | ||
}, | ||
Resource: ResourceServicePrincipalRole(), | ||
Read: true, | ||
ID: "abc|arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}.ApplyAndExpectData(t, map[string]interface{}{"id": "abc|arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile"}) | ||
} | ||
|
||
func TestResourceServicePrincipalRoleRead_NoRole(t *testing.T) { | ||
qa.ResourceFixture{ | ||
Fixtures: []qa.HTTPFixture{ | ||
{ | ||
Method: "GET", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
Response: scim.User{ | ||
Schemas: []scim.URN{scim.ServicePrincipalSchema}, | ||
DisplayName: "ABC SP", | ||
ID: "abc", | ||
}, | ||
}, | ||
}, | ||
Resource: ResourceServicePrincipalRole(), | ||
Read: true, | ||
Removed: true, | ||
ID: "abc|arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}.ApplyNoError(t) | ||
} | ||
|
||
func TestResourceServicePrincipalRoleRead_NotFound(t *testing.T) { | ||
qa.ResourceFixture{ | ||
Fixtures: []qa.HTTPFixture{ | ||
{ | ||
Method: "GET", | ||
Resource: "/api/2.0/preview/scim/v2/ServicePrincipals/abc", | ||
Response: common.APIErrorBody{ | ||
ErrorCode: "NOT_FOUND", | ||
Message: "Item not found", | ||
}, | ||
Status: 404, | ||
}, | ||
}, | ||
Resource: ResourceServicePrincipalRole(), | ||
Read: true, | ||
Removed: true, | ||
ID: "abc|arn:aws:iam::999999999999:instance-profile/my-fake-instance-profile", | ||
}.ApplyNoError(t) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
package internal | ||
package commands | ||
|
||
import ( | ||
"testing" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.