Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: fix for secret_id of the juju_secret_resource #650

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions .github/workflows/test_integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,10 @@ jobs:
action-operator:
- { lxd-channel: "5.21/stable", cloud: "lxd", cloud-channel: "5.21", juju: "2.9" }
- { lxd-channel: "5.21/stable", cloud: "lxd", cloud-channel: "5.21", juju: "3" }
- { lxd-channel: "latest/stable", cloud: "lxd", cloud-channel: "latest", juju: "3" }
- { lxd-channel: "5.21/stable", cloud: "microk8s", cloud-channel: "1.28-strict", juju: "3.1" }
- { lxd-channel: "5.21/stable", cloud: "microk8s", cloud-channel: "1.28-strict", juju: "3" }
- { lxd-channel: "latest/stable", cloud: "microk8s", cloud-channel: "1.32-strict", juju: "3" }
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
Expand Down Expand Up @@ -103,7 +105,7 @@ jobs:
TF_ACC: "1"
TEST_CLOUD: ${{ matrix.action-operator.cloud }}
run: go test -parallel 1 -timeout 60m -v -cover ./internal/provider/
timeout-minutes: 40
timeout-minutes: 60

# Run acceptance tests in a matrix with Terraform CLI versions
add-machine-test:
Expand Down Expand Up @@ -189,5 +191,5 @@ jobs:

echo "Running the test"
cd ./internal/provider/
go test ./... -timeout 30m -v -test.run TestAcc_ResourceMachine_AddMachine
timeout-minutes: 40
go test ./... -timeout 60m -v -test.run TestAcc_ResourceMachine_AddMachine
timeout-minutes: 60
19 changes: 13 additions & 6 deletions .github/workflows/test_integration_jaas.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
test:
name: Integration-JAAS
needs: build
runs-on: ubuntu-latest
runs-on: [self-hosted, jammy, x64]
strategy:
fail-fast: false
timeout-minutes: 60
Expand All @@ -55,6 +55,10 @@ jobs:
with:
terraform_version: "1.9.*"
terraform_wrapper: false
- name: Install docker compose plugin
run: |
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove -y $pkg; done
sudo snap install docker --channel latest/stable
# Starting JAAS will start the JIMM controller and dependencies and create a Juju controller on LXD and connect it to JIMM.
- name: Setup JAAS
uses: canonical/jimm/.github/actions/test-server@v3
Expand All @@ -68,11 +72,13 @@ jobs:
sudo snap install microk8s --channel=1.28-strict/stable
sudo usermod -a -G snap_microk8s $USER
sudo chown -R $USER ~/.kube
sudo microk8s.enable dns storage
sudo microk8s.enable dns local-storage
sudo microk8s.enable dns
sudo microk8s.enable storage
sudo microk8s.enable hostpath-storage
sudo -g snap_microk8s -E microk8s status --wait-ready --timeout=600
sudo microk8s.config view | tee /home/$USER/microk8s-config.yaml
echo "MICROK8S_CONFIG<<EOF" >> $GITHUB_ENV
sudo microk8s.config view >> $GITHUB_ENV
echo "$(cat /home/${USER}/microk8s-config.yaml)" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- name: Create additional networks when testing with LXD
run: |
Expand All @@ -97,5 +103,6 @@ jobs:
- env:
TF_ACC: "1"
TEST_CLOUD: "lxd"
run: go test -parallel 10 -timeout 40m -v -cover ./internal/provider/
timeout-minutes: 40
run: go test -parallel 1 -timeout 60m -v -cover ./internal/provider/
timeout-minutes: 60

2 changes: 1 addition & 1 deletion docs/resources/access_secret.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ A resource that represents a Juju secret access.

- `applications` (List of String) The list of applications to which the secret is granted.
- `model` (String) The model in which the secret belongs.
- `secret_id` (String) The ID of the secret. E.g. coj8mulh8b41e8nv6p90
- `secret_id` (String) The ID of the secret. E.g. secret:coj8mulh8b41e8nv6p90

### Read-Only

Expand Down
4 changes: 2 additions & 2 deletions docs/resources/kubernetes_cloud.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ resource "juju_model" "my-model" {
### Optional

- `kubernetes_config` (String, Sensitive) The kubernetes config file path for the cloud. Cloud credentials will be added to the Juju controller for you.
- `parent_cloud_name` (String) The parent cloud name in case adding k8s cluster from existed cloud. Changing this value will cause the cloud to be destroyed and recreated by terraform.
- `parent_cloud_region` (String) The parent cloud region name in case adding k8s cluster from existed cloud. Changing this value will cause the cloud to be destroyed and recreated by terraform.
- `parent_cloud_name` (String) The parent cloud name, for adding a k8s cluster from an existing cloud. Changing this value will cause the cloud to be destroyed and recreated by terraform. *Note* that this value must be set when running against a JAAS controller.
- `parent_cloud_region` (String) The parent cloud region name, for adding a k8s cluster from an existing cloud. Changing this value will cause the cloud to be destroyed and recreated by terraform. *Note* that this value must be set when running against a JAAS controller.

### Read-Only

Expand Down
2 changes: 1 addition & 1 deletion docs/resources/secret.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ resource "juju_application" "my-application" {
### Read-Only

- `id` (String) The ID of the secret. Used for terraform import.
- `secret_id` (String) The ID of the secret. E.g. coj8mulh8b41e8nv6p90
- `secret_id` (String) The ID of the secret. E.g. secret:coj8mulh8b41e8nv6p90

## Import

Expand Down
36 changes: 18 additions & 18 deletions internal/juju/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,26 +50,26 @@ type CreateSecretInput struct {
}

type CreateSecretOutput struct {
SecretId string
SecretURI string
}

type ReadSecretInput struct {
SecretId string
SecretURI string
ModelName string
Name *string
Revision *int
}

type ReadSecretOutput struct {
SecretId string
SecretURI string
Name string
Value map[string]string
Applications []string
Info string
}

type UpdateSecretInput struct {
SecretId string
SecretURI string
ModelName string
Name *string
Value *map[string]string
Expand All @@ -78,12 +78,12 @@ type UpdateSecretInput struct {
}

type DeleteSecretInput struct {
SecretId string
SecretURI string
ModelName string
}

type GrantRevokeAccessSecretInput struct {
SecretId string
SecretURI string
ModelName string
Applications []string
}
Expand Down Expand Up @@ -126,16 +126,16 @@ func (c *secretsClient) CreateSecret(input *CreateSecretInput) (CreateSecretOutp
encodedValue[k] = base64.StdEncoding.EncodeToString([]byte(v))
}

secretId, err := secretAPIClient.CreateSecret(input.Name, input.Info, encodedValue)
secretURIString, err := secretAPIClient.CreateSecret(input.Name, input.Info, encodedValue)
if err != nil {
return CreateSecretOutput{}, typedError(err)
}
secretURI, err := coresecrets.ParseURI(secretId)
secretURI, err := coresecrets.ParseURI(secretURIString)
if err != nil {
return CreateSecretOutput{}, typedError(err)
}
return CreateSecretOutput{
SecretId: secretURI.ID,
SecretURI: secretURI.String(),
}, nil
}

Expand All @@ -150,8 +150,8 @@ func (c *secretsClient) ReadSecret(input *ReadSecretInput) (ReadSecretOutput, er
secretAPIClient := c.getSecretAPIClient(conn)

var secretURI *coresecrets.URI
if input.SecretId != "" {
secretURI, err = coresecrets.ParseURI(input.SecretId)
if input.SecretURI != "" {
secretURI, err = coresecrets.ParseURI(input.SecretURI)
if err != nil {
return ReadSecretOutput{}, err
}
Expand All @@ -169,7 +169,7 @@ func (c *secretsClient) ReadSecret(input *ReadSecretInput) (ReadSecretOutput, er
return ReadSecretOutput{}, typedError(err)
}
if len(results) < 1 {
return ReadSecretOutput{}, &secretNotFoundError{secretId: input.SecretId}
return ReadSecretOutput{}, &secretNotFoundError{secretId: input.SecretURI}
}
if results[0].Error != "" {
return ReadSecretOutput{}, errors.New(results[0].Error)
Expand All @@ -185,7 +185,7 @@ func (c *secretsClient) ReadSecret(input *ReadSecretInput) (ReadSecretOutput, er
applications := getApplicationsFromAccessInfo(results[0].Access)

return ReadSecretOutput{
SecretId: results[0].Metadata.URI.ID,
SecretURI: results[0].Metadata.URI.String(),
Name: results[0].Metadata.Label,
Value: decodedValue,
Applications: applications,
Expand All @@ -204,7 +204,7 @@ func (c *secretsClient) UpdateSecret(input *UpdateSecretInput) error {
secretAPIClient := c.getSecretAPIClient(conn)

// Specify by ID or Name
if input.SecretId == "" && input.Name == nil {
if input.SecretURI == "" && input.Name == nil {
return errors.New("must specify either secret ID or name")
}

Expand All @@ -228,9 +228,9 @@ func (c *secretsClient) UpdateSecret(input *UpdateSecretInput) error {
value = map[string]string{}
}

if input.SecretId != "" {
if input.SecretURI != "" {
// Specify by ID
secretURI, err := coresecrets.ParseURI(input.SecretId)
secretURI, err := coresecrets.ParseURI(input.SecretURI)
if err != nil {
return err
}
Expand Down Expand Up @@ -262,7 +262,7 @@ func (c *secretsClient) DeleteSecret(input *DeleteSecretInput) error {
}

secretAPIClient := c.getSecretAPIClient(conn)
secretURI, err := coresecrets.ParseURI(input.SecretId)
secretURI, err := coresecrets.ParseURI(input.SecretURI)
if err != nil {
return err
}
Expand All @@ -285,7 +285,7 @@ func (c *secretsClient) UpdateAccessSecret(input *GrantRevokeAccessSecretInput,

secretAPIClient := c.getSecretAPIClient(conn)

secretURI, err := coresecrets.ParseURI(input.SecretId)
secretURI, err := coresecrets.ParseURI(input.SecretURI)
if err != nil {
return err
}
Expand Down
20 changes: 10 additions & 10 deletions internal/juju/secrets_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ func (s *SecretSuite) TestCreateSecret() {
s.Require().NoError(err)

s.Assert().NotNil(output)
s.Assert().Equal(secretURI.ID, output.SecretId)
s.Assert().Equal(secretURI.String(), output.SecretURI)
}

func (s *SecretSuite) TestCreateSecretError() {
Expand Down Expand Up @@ -130,7 +130,7 @@ func (s *SecretSuite) TestReadSecret() {

client := s.getSecretsClient()
output, err := client.ReadSecret(&ReadSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
Name: &secretName,
Revision: &secretRevision,
Expand Down Expand Up @@ -162,7 +162,7 @@ func (s *SecretSuite) TestReadSecretError() {

client := s.getSecretsClient()
output, err := client.ReadSecret(&ReadSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
})
s.Require().Error(err)
Expand Down Expand Up @@ -192,7 +192,7 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() {

client := s.getSecretsClient()
err = client.UpdateSecret(&UpdateSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
Name: &newSecretName,
Value: &decodedValue,
Expand Down Expand Up @@ -221,7 +221,7 @@ func (s *SecretSuite) TestUpdateSecretWithRenaming() {

// read secret and check if value is updated
output, err := client.ReadSecret(&ReadSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
})
s.Require().NoError(err)
Expand Down Expand Up @@ -249,7 +249,7 @@ func (s *SecretSuite) TestUpdateSecret() {

client := s.getSecretsClient()
err = client.UpdateSecret(&UpdateSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
Value: &decodedValue,
AutoPrune: &autoPrune,
Expand Down Expand Up @@ -278,7 +278,7 @@ func (s *SecretSuite) TestUpdateSecret() {

// read secret and check if secret info is updated
output, err := client.ReadSecret(&ReadSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
})
s.Require().NoError(err)
Expand All @@ -299,7 +299,7 @@ func (s *SecretSuite) TestDeleteSecret() {

client := s.getSecretsClient()
err = client.DeleteSecret(&DeleteSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
})
s.Assert().NoError(err)
Expand All @@ -320,14 +320,14 @@ func (s *SecretSuite) TestUpdateAccessSecret() {

client := s.getSecretsClient()
err = client.UpdateAccessSecret(&GrantRevokeAccessSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
Applications: applications,
}, GrantAccess)
s.Require().NoError(err)

err = client.UpdateAccessSecret(&GrantRevokeAccessSecretInput{
SecretId: secretId,
SecretURI: secretId,
ModelName: *s.testModelName,
Applications: applications,
}, RevokeAccess)
Expand Down
4 changes: 2 additions & 2 deletions internal/provider/data_source_secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func (d *secretDataSource) Read(ctx context.Context, req datasource.ReadRequest,
if data.SecretId.ValueString() == "" {
readSecretInput.Name = data.Name.ValueStringPointer()
} else {
readSecretInput.SecretId = data.SecretId.ValueString()
readSecretInput.SecretURI = data.SecretId.ValueString()
}

readSecretOutput, err := d.client.Secrets.ReadSecret(&readSecretInput)
Expand All @@ -122,7 +122,7 @@ func (d *secretDataSource) Read(ctx context.Context, req datasource.ReadRequest,
}
d.trace(fmt.Sprintf("read secret data source %q", data.SecretId))

data.SecretId = types.StringValue(readSecretOutput.SecretId)
data.SecretId = types.StringValue(readSecretOutput.SecretURI)

// Save state into Terraform state
resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
Expand Down
Loading
Loading