Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add azurerm_key_vault_certificate_issuer #7074

Merged
merged 32 commits into from
Jul 8, 2020
Merged

Add azurerm_key_vault_certificate_issuer #7074

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
c4c9a99
Add azurerm_key_vault_certificate_issuer
sirlatrom May 25, 2020
7acb7bf
Make password Optional
sirlatrom May 26, 2020
a49b23b
Wait rather long on certificate issuance when not using self-signed c…
sirlatrom May 26, 2020
35c4d0c
Password is not read back, so exclude from data source
sirlatrom May 26, 2020
0f51b49
Add initial docs for azurerm_key_vault_certificate_issuer data source…
sirlatrom May 26, 2020
b696237
Add missing side navigation links
sirlatrom May 26, 2020
639eb75
terrafmt docs
sirlatrom May 26, 2020
8adcb28
Add basic acceptance test for azurerm_key_vault_certificate_issuer
sirlatrom May 29, 2020
cd47ece
Add timeouts and clean up a bit
sirlatrom May 29, 2020
faab659
Fix Sprintf args in test case
sirlatrom May 29, 2020
f720179
Remove unused test method
sirlatrom May 29, 2020
563ea4e
Mark account_id and org_id `Optional`
sirlatrom Jun 15, 2020
cf881cb
Document account_id and org_id as Optional
sirlatrom Jun 15, 2020
9037ed4
Fix bad merge of datasources list
sirlatrom Jun 17, 2020
f8bd62e
Apply suggestions from code review
sirlatrom Jun 23, 2020
940540a
Reword error messages
sirlatrom Jun 25, 2020
3861039
Nil checks
sirlatrom Jun 25, 2020
23f29f1
Use id from state except during create
sirlatrom Jun 25, 2020
9225b16
Expand AdministratorDetails
sirlatrom Jun 25, 2020
14a7d62
Remove unnecessary trailing newline
sirlatrom Jun 25, 2020
9b0b291
Add acceptance test for azurerm_key_vault_certificate_issuer data source
sirlatrom Jun 25, 2020
a3b5176
Apply suggestions from code review
sirlatrom Jun 30, 2020
440679d
Introduce type KeyVaultCertificateIssuerID and add more nil checks
sirlatrom Jun 30, 2020
b99ddd1
refactor and rework for missing validation in API
jackofallops Jul 6, 2020
9d8ec83
fixed disappears test
jackofallops Jul 6, 2020
a3b2ecd
flattenKeyVaultCertificateIssuerAdmins handles nil check
sirlatrom Jul 7, 2020
d59344d
Apply suggestions from code review
sirlatrom Jul 7, 2020
2511496
Also let flatten handle nil check in resource
sirlatrom Jul 7, 2020
dbd4871
Password will always be nil when read, so no use in setting it
sirlatrom Jul 7, 2020
6446928
Remove error return value from flattenKeyVaultCertificateIssuerAdmins
sirlatrom Jul 7, 2020
4304f64
Group OrganizationDetails data source Set()s
sirlatrom Jul 7, 2020
562917c
fix arg count in disappears test error message
jackofallops Jul 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions azurerm/helpers/azure/key_vault.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ func GetKeyVaultBaseUrlFromID(ctx context.Context, client *keyvault.VaultsClient
resp, err := client.Get(ctx, resourceGroup, vaultName)
if err != nil {
if utils.ResponseWasNotFound(resp.Response) {
return "", fmt.Errorf("Error unable to find KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
return "", fmt.Errorf("failed to find KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}
return "", fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
return "", fmt.Errorf("failed to make Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}

if resp.Properties == nil || resp.Properties.VaultURI == nil {
Expand All @@ -42,7 +42,7 @@ func GetKeyVaultBaseUrlFromID(ctx context.Context, client *keyvault.VaultsClient
func GetKeyVaultIDFromBaseUrl(ctx context.Context, client *keyvault.VaultsClient, keyVaultUrl string) (*string, error) {
list, err := client.ListComplete(ctx, utils.Int32(1000))
if err != nil {
return nil, fmt.Errorf("Error GetKeyVaultId unable to list Key Vaults %v", err)
return nil, fmt.Errorf("failed to list Key Vaults %v", err)
}

for list.NotDone() {
Expand All @@ -54,7 +54,7 @@ func GetKeyVaultIDFromBaseUrl(ctx context.Context, client *keyvault.VaultsClient

vid, err := ParseAzureResourceID(*v.ID)
if err != nil {
return nil, fmt.Errorf("Error parsing ID for Key Vault URI %q: %s", *v.ID, err)
return nil, fmt.Errorf("failed to parse ID for Key Vault URI %q: %s", *v.ID, err)
}
resourceGroup := vid.ResourceGroup
name := vid.Path["vaults"]
Expand All @@ -64,11 +64,11 @@ func GetKeyVaultIDFromBaseUrl(ctx context.Context, client *keyvault.VaultsClient
if err != nil {
if utils.ResponseWasNotFound(get.Response) {
if e := list.NextWithContext(ctx); e != nil {
return nil, fmt.Errorf("Error getting next vault on KeyVault url %q : %+v", keyVaultUrl, err)
return nil, fmt.Errorf("failed to get next vault on KeyVault url %q : %+v", keyVaultUrl, err)
}
continue
}
return nil, fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", name, resourceGroup, err)
return nil, fmt.Errorf("failed to make Read request on KeyVault %q (Resource Group %q): %+v", name, resourceGroup, err)
}

if get.ID == nil || get.Properties == nil || get.Properties.VaultURI == nil {
Expand All @@ -80,7 +80,7 @@ func GetKeyVaultIDFromBaseUrl(ctx context.Context, client *keyvault.VaultsClient
}

if e := list.NextWithContext(ctx); e != nil {
return nil, fmt.Errorf("Error getting next vault on KeyVault url %q : %+v", keyVaultUrl, err)
return nil, fmt.Errorf("failed to get next vault on KeyVault url %q : %+v", keyVaultUrl, err)
}
}

Expand Down Expand Up @@ -109,7 +109,7 @@ func KeyVaultExists(ctx context.Context, client *keyvault.VaultsClient, keyVault
if utils.ResponseWasNotFound(resp.Response) {
return false, nil
}
return false, fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
return false, fmt.Errorf("failed to make Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}

if resp.Properties == nil || resp.Properties.VaultURI == nil {
Expand Down
118 changes: 118 additions & 0 deletions azurerm/internal/services/keyvault/key_vault_certificate_issuer_data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
package keyvault

import (
"fmt"
"time"

"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/keyvault/validate"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
)

func dataSourceArmKeyVaultCertificateIssuer() *schema.Resource {
return &schema.Resource{
Read: dataSourceArmKeyVaultCertificateIssuerRead,

Timeouts: &schema.ResourceTimeout{
Read: schema.DefaultTimeout(5 * time.Minute),
},

Schema: map[string]*schema.Schema{
"key_vault_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: azure.ValidateResourceID,
},

"name": {
Type: schema.TypeString,
Required: true,
ValidateFunc: validate.KeyVaultCertificateIssuerName,
},

"provider_name": {
Type: schema.TypeString,
Computed: true,
},

"account_id": {
Type: schema.TypeString,
Computed: true,
},

"org_id": {
Type: schema.TypeString,
Computed: true,
},

"admin": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"email_address": {
Type: schema.TypeString,
Computed: true,
},
"first_name": {
Type: schema.TypeString,
Computed: true,
},
"last_name": {
Type: schema.TypeString,
Computed: true,
},
"phone": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
},
}
}

func dataSourceArmKeyVaultCertificateIssuerRead(d *schema.ResourceData, meta interface{}) error {
vaultClient := meta.(*clients.Client).KeyVault.VaultsClient
client := meta.(*clients.Client).KeyVault.ManagementClient
ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
defer cancel()

name := d.Get("name").(string)
keyVaultId := d.Get("key_vault_id").(string)

keyVaultBaseUri, err := azure.GetKeyVaultBaseUrlFromID(ctx, vaultClient, keyVaultId)
if err != nil {
return fmt.Errorf("failed to look up Certificate Issuer %q, vault id %q: %+v", name, keyVaultId, err)
}

resp, err := client.GetCertificateIssuer(ctx, keyVaultBaseUri, name)
if err != nil {
if utils.ResponseWasNotFound(resp.Response) {
return fmt.Errorf("KeyVault Certificate Issuer %q (KeyVault URI %q) does not exist", name, keyVaultBaseUri)
}
return fmt.Errorf("failed making Read request on Azure KeyVault Certificate Issuer %s: %+v", name, err)
}
if resp.ID == nil || *resp.ID == "" {
return fmt.Errorf("failure reading Key Vault Certificate Issuer ID for %q", name)
}
d.SetId(*resp.ID)

d.Set("provider_name", resp.Provider)
if resp.OrganizationDetails != nil {
if resp.OrganizationDetails.ID != nil {
d.Set("org_id", resp.OrganizationDetails.ID)
}
d.Set("admin", flattenKeyVaultCertificateIssuerAdmins(resp.OrganizationDetails.AdminDetails))
}
if resp.Credentials != nil && resp.Credentials.AccountID != nil {
d.Set("account_id", resp.Credentials.AccountID)
}

return nil
}
Loading