Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement: azurerm_key_vault: Add support for soft delete, purge protection, and purge on destroy #5344

Merged
merged 40 commits into from
Feb 21, 2020
Merged

Enhancement: azurerm_key_vault: Add support for soft delete, purge protection, and purge on destroy #5344

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
39fb80f
Key Vault: support for soft delete
WodansSon Jan 8, 2020
beafb4c
fix lint errors
WodansSon Jan 8, 2020
70a6a18
Update website/docs/r/key_vault.html.markdown
WodansSon Jan 23, 2020
22701db
Update website/docs/r/key_vault.html.markdown
WodansSon Jan 23, 2020
50563f8
Update azurerm/internal/services/keyvault/resource_arm_key_vault.go
WodansSon Jan 23, 2020
872984b
Merge branch 'master' of https://github.com/terraform-providers/terra…
WodansSon Jan 23, 2020
68f55a9
WIP Get value from provider
WodansSon Feb 1, 2020
e424d9a
Merge branch 'master' of https://github.com/terraform-providers/terra…
WodansSon Feb 3, 2020
924c38a
Done except for purge on destroy
WodansSon Feb 4, 2020
0f89dbd
Working soft delete and purge
WodansSon Feb 6, 2020
023aa56
Complete
WodansSon Feb 7, 2020
7b9909c
updated or to and
WodansSon Feb 7, 2020
96a36df
Fix features test cases
WodansSon Feb 7, 2020
3912093
Removed sku support from datasource
WodansSon Feb 7, 2020
b02dd08
Add code to skip purge if not soft deleted
WodansSon Feb 7, 2020
d1dc823
Merge branch 'e_keyvault_puge_softdelete' of https://github.com/terra…
WodansSon Feb 7, 2020
96f858a
Remove depricated sku from tests
WodansSon Feb 8, 2020
b8c1418
Fix basic test
WodansSon Feb 8, 2020
abd8429
Fix test case lint issue
WodansSon Feb 8, 2020
38848cf
Merge branch 'master' into e_keyvault_puge_softdelete
WodansSon Feb 12, 2020
f00d8f4
Merge branch 'master' into e_keyvault_puge_softdelete
WodansSon Feb 18, 2020
7f48f3a
Update test cases
WodansSon Feb 18, 2020
94dfc85
Fix test case
WodansSon Feb 19, 2020
0cd0b77
Merge branch 'master' of https://github.com/terraform-providers/terra…
WodansSon Feb 19, 2020
6c5e904
validate: removing the bool validators
tombuildsstuff Feb 20, 2020
76babfa
(d|r)/key_vault: moving the name validation into that package
tombuildsstuff Feb 20, 2020
d38b743
r/key_vault: moving the migration code closer to the package
tombuildsstuff Feb 20, 2020
586901d
r/key_vault: handling conditionally updating the key vault resource
tombuildsstuff Feb 20, 2020
872de6b
r/key_vault: updating the docs
tombuildsstuff Feb 20, 2020
d2cd248
minor: committing some lingering test files
tombuildsstuff Feb 20, 2020
31f5a73
Start adding purge on destroy back in
WodansSon Feb 20, 2020
6a7b3e5
Added Purge on Destroy back in
WodansSon Feb 21, 2020
a349df8
r/key_vault: fixing up the tests
tombuildsstuff Feb 21, 2020
300e2c2
Merge branch 'e_keyvault_puge_softdelete' of github.com:terraform-pro…
tombuildsstuff Feb 21, 2020
3a222df
r/key_vault: outputting a warning rather than an error during the delete
tombuildsstuff Feb 21, 2020
e85e4d1
r/key_vault: updating the docs
tombuildsstuff Feb 21, 2020
5cc9062
r/key_vault: removing a superflurious if statement
tombuildsstuff Feb 21, 2020
dc7b871
r/keyvault: removing dead code
tombuildsstuff Feb 21, 2020
415d4fd
r/keyvault: fixing the soft delete disabled test
tombuildsstuff Feb 21, 2020
7bf15ef
linting
tombuildsstuff Feb 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions azurerm/internal/features/user_flags.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package features
type UserFeatures struct {
VirtualMachine VirtualMachineFeatures
VirtualMachineScaleSet VirtualMachineScaleSetFeatures
KeyVault KeyVaultFeatures
}

type VirtualMachineFeatures struct {
Expand All @@ -12,3 +13,8 @@ type VirtualMachineFeatures struct {
type VirtualMachineScaleSetFeatures struct {
RollInstancesWhenRequired bool
}

type KeyVaultFeatures struct {
PurgeSoftDeleteOnDestroy bool
RecoverSoftDeletedKeyVaults bool
}
38 changes: 38 additions & 0 deletions azurerm/internal/provider/features.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ import (
)

func schemaFeatures() *schema.Schema {
// NOTE: if there's only one nested field these want to be Required (since there's no point
// specifying the block otherwise) - however for 2+ they should be optional
features := map[string]*schema.Schema{
"virtual_machine": {
Type: schema.TypeList,
Expand Down Expand Up @@ -36,6 +38,25 @@ func schemaFeatures() *schema.Schema {
},
},
},

"key_vault": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"recover_soft_deleted_key_vaults": {
Type: schema.TypeBool,
Optional: true,
},

"purge_soft_delete_on_destroy": {
Type: schema.TypeBool,
Optional: true,
},
},
},
},
}

runningAcceptanceTests := os.Getenv("TF_ACC") != ""
Expand Down Expand Up @@ -70,6 +91,10 @@ func expandFeatures(input []interface{}) features.UserFeatures {
VirtualMachineScaleSet: features.VirtualMachineScaleSetFeatures{
RollInstancesWhenRequired: true,
},
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: true,
RecoverSoftDeletedKeyVaults: true,
},
}

if len(input) == 0 || input[0] == nil {
Expand All @@ -78,6 +103,19 @@ func expandFeatures(input []interface{}) features.UserFeatures {

val := input[0].(map[string]interface{})

if raw, ok := val["key_vault"]; ok {
items := raw.([]interface{})
if len(items) > 0 {
keyVaultRaw := items[0].(map[string]interface{})
if v, ok := keyVaultRaw["purge_soft_delete_on_destroy"]; ok {
features.KeyVault.PurgeSoftDeleteOnDestroy = v.(bool)
}
if v, ok := keyVaultRaw["recover_soft_deleted_key_vaults"]; ok {
features.KeyVault.RecoverSoftDeletedKeyVaults = v.(bool)
}
}
}

if raw, ok := val["virtual_machine"]; ok {
items := raw.([]interface{})
if len(items) > 0 {
Expand Down
121 changes: 120 additions & 1 deletion azurerm/internal/provider/features_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ func TestExpandFeatures(t *testing.T) {
Name: "Empty Block",
Input: []interface{}{},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: true,
RecoverSoftDeletedKeyVaults: true,
},
VirtualMachine: features.VirtualMachineFeatures{
DeleteOSDiskOnDeletion: true,
},
Expand All @@ -27,7 +31,7 @@ func TestExpandFeatures(t *testing.T) {
},
},
{
Name: "Complete",
Name: "Complete Enabled",
Input: []interface{}{
map[string]interface{}{
"virtual_machine": []interface{}{
Expand All @@ -40,9 +44,19 @@ func TestExpandFeatures(t *testing.T) {
"roll_instances_when_required": true,
},
},
"key_vault": []interface{}{
map[string]interface{}{
"purge_soft_delete_on_destroy": true,
"recover_soft_deleted_key_vaults": true,
},
},
},
},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: true,
RecoverSoftDeletedKeyVaults: true,
},
VirtualMachine: features.VirtualMachineFeatures{
DeleteOSDiskOnDeletion: true,
},
Expand All @@ -51,6 +65,41 @@ func TestExpandFeatures(t *testing.T) {
},
},
},
{
Name: "Complete Disabled",
Input: []interface{}{
map[string]interface{}{
"virtual_machine": []interface{}{
map[string]interface{}{
"delete_os_disk_on_deletion": false,
},
},
"virtual_machine_scale_set": []interface{}{
map[string]interface{}{
"roll_instances_when_required": false,
},
},
"key_vault": []interface{}{
map[string]interface{}{
"purge_soft_delete_on_destroy": false,
"recover_soft_deleted_key_vaults": false,
},
},
},
},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: false,
RecoverSoftDeletedKeyVaults: false,
},
VirtualMachine: features.VirtualMachineFeatures{
DeleteOSDiskOnDeletion: false,
},
VirtualMachineScaleSet: features.VirtualMachineScaleSetFeatures{
RollInstancesWhenRequired: false,
},
},
},
}

for _, testCase := range testData {
Expand All @@ -62,6 +111,76 @@ func TestExpandFeatures(t *testing.T) {
}
}

func TestExpandFeaturesKeyVault(t *testing.T) {
testData := []struct {
Name string
Input []interface{}
EnvVars map[string]interface{}
Expected features.UserFeatures
}{
{
Name: "Empty Block",
Input: []interface{}{
map[string]interface{}{
"key_vault": []interface{}{},
},
},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: true,
RecoverSoftDeletedKeyVaults: true,
},
},
},
{
Name: "Purge Soft Delete On Destroy and Recover Soft Deleted Key Vaults Enabled",
Input: []interface{}{
map[string]interface{}{
"key_vault": []interface{}{
map[string]interface{}{
"purge_soft_delete_on_destroy": true,
"recover_soft_deleted_key_vaults": true,
},
},
},
},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: true,
RecoverSoftDeletedKeyVaults: true,
},
},
},
{
Name: "Purge Soft Delete On Destroy and Recover Soft Deleted Key Vaults Disabled",
Input: []interface{}{
map[string]interface{}{
"key_vault": []interface{}{
map[string]interface{}{
"purge_soft_delete_on_destroy": false,
"recover_soft_deleted_key_vaults": false,
},
},
},
},
Expected: features.UserFeatures{
KeyVault: features.KeyVaultFeatures{
PurgeSoftDeleteOnDestroy: false,
RecoverSoftDeletedKeyVaults: false,
},
},
},
}

for _, testCase := range testData {
t.Logf("[DEBUG] Test Case: %q", testCase.Name)
result := expandFeatures(testCase.Input)
if !reflect.DeepEqual(result.KeyVault, testCase.Expected.KeyVault) {
t.Fatalf("Expected %+v but got %+v", result.KeyVault, testCase.Expected.KeyVault)
}
}
}

func TestExpandFeaturesVirtualMachine(t *testing.T) {
testData := []struct {
Name string
Expand Down
15 changes: 14 additions & 1 deletion azurerm/internal/services/keyvault/data_source_key_vault.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/set"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/keyvault/validate"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tags"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
Expand All @@ -26,7 +27,7 @@ func dataSourceArmKeyVault() *schema.Resource {
"name": {
Type: schema.TypeString,
Required: true,
ValidateFunc: ValidateKeyVaultName,
ValidateFunc: validate.KeyVaultName,
},

"resource_group_name": azure.SchemaResourceGroupNameForDataSource(),
Expand Down Expand Up @@ -141,6 +142,16 @@ func dataSourceArmKeyVault() *schema.Resource {
},
},

"purge_protection_enabled": {
Type: schema.TypeBool,
Computed: true,
},

"soft_delete_enabled": {
Type: schema.TypeBool,
Computed: true,
},

"tags": tags.SchemaDataSource(),
},
}
Expand Down Expand Up @@ -175,6 +186,8 @@ func dataSourceArmKeyVaultRead(d *schema.ResourceData, meta interface{}) error {
d.Set("enabled_for_deployment", props.EnabledForDeployment)
d.Set("enabled_for_disk_encryption", props.EnabledForDiskEncryption)
d.Set("enabled_for_template_deployment", props.EnabledForTemplateDeployment)
d.Set("soft_delete_enabled", props.EnableSoftDelete)
d.Set("purge_protection_enabled", props.EnablePurgeProtection)
d.Set("vault_uri", props.VaultURI)

if sku := props.Sku; sku != nil {
Expand Down
Loading