Fix service account key data source name #1932
Conversation
| @@ -50,7 +94,39 @@ resource "google_service_account_key" "acceptance" { | |||
| public_key_type = "TYPE_X509_PEM_FILE" | |||
| } | |||
|
|
|||
| data "google_service_account_key" "acceptance" { | |||
| name = "${google_service_account_key.acceptance.id}" | |||
There was a problem hiding this comment.
I really really want to get us away from the practice of relying on the way an id is shaped, since it limits our availability to change them in the future. I just filed #1927 yesterday about that, but in the meantime, is there something else that would work here?
| ) | ||
|
|
||
| func dataSourceGoogleServiceAccountKey() *schema.Resource { | ||
| return &schema.Resource{ | ||
| Read: dataSourceGoogleServiceAccountKeyRead, | ||
|
|
||
| Schema: map[string]*schema.Schema{ | ||
| "service_account_id": &schema.Schema{ | ||
| "name": { |
|
Reran tests: $ make testacc TEST=./google TESTARGS='--run="TestAccDatasourceGoogleServiceAccountKey"' |
| fullKeyName = keyFromSAId | ||
| } | ||
|
|
||
| if r.MatchString(fullKeyName) { |
There was a problem hiding this comment.
Oh, what about adding a ValidateFunc to "name" so these are caught plan-time? That would let us just return the name a bit early from this if it's set.
There was a problem hiding this comment.
I'm going add ValidateFunc to the schema but also leave this here since interpolated values don't trigger ValidateFunc.
| @@ -51,6 +95,38 @@ resource "google_service_account_key" "acceptance" { | |||
| } | |||
|
|
|||
| data "google_service_account_key" "acceptance" { | |||
| service_account_id = "${google_service_account_key.acceptance.id}" | |||
| name = "${google_service_account_key.acceptance.id}" | |||
There was a problem hiding this comment.
can you change to .name here too?
| output "mykey_public_key" { | ||
| value = "${data.google_service_account_key.mykey.public_key}" | ||
| data "google_service_account_key" "mykey" { | ||
| name = "${google_service_account_key.mykey.name}" |
There was a problem hiding this comment.
bleh this example is super contrived, although I don't think there are any other resources that output keys that you could input into the data source so I don't have any other ideas.
emilymye
force-pushed
the
fix_sa_key_data
branch
from
dcb2237 to
93290b3
Compare
| Optional: true, | ||
| ConflictsWith: []string{"name"}, | ||
| Deprecated: "Please use name to specify full service account key path projects/{project}/serviceAccounts/{serviceAccount}/keys/{keyId}", | ||
| ValidateFunc: validateRegexp(ServiceAccountKeyNameRegex), |
There was a problem hiding this comment.
This one probably shouldn't have the validate because if someone was (somehow) using it successfully before, now it'll start failing. I'm not sure whether this data source was really ever usable, but just in case.
| fullKeyName = keyFromSAId | ||
| } | ||
|
|
||
| log.Printf("[DEBUG] FULL KEY NAME: %q %q %q", fullKeyName, keyName, keyFromSAId) |
There was a problem hiding this comment.
this can probably go away :)
| return fullKeyName, nil | ||
| } | ||
|
|
||
| return "", fmt.Errorf("invalid key name %q does not match regexp %q", fullKeyName, ServiceAccountKeyNameRegex) |
There was a problem hiding this comment.
Also maybe add a note that we're doing apply-time validation here because validatefuncs won't get called at plan-time for interpolated values
|
$make testacc TEST=./google TESTARGS='--run="TestAccDatasourceGoogleServiceAccountKey_"' |
* fix service account key data source name * switch id to name * update docs * doc format * fixes for validation and tests * last fixes for service account key data source
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
ghost
locked and limited conversation to collaborators
Fixes #1909
$ make testacc TEST=./google TESTARGS='--run="TestAccDatasourceGoogleServiceAccountKey"'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./google -v --run="TestAccDatasourceGoogleServiceAccountKey" -timeout 120m
=== RUN TestAccDatasourceGoogleServiceAccountKey_basic
=== PAUSE TestAccDatasourceGoogleServiceAccountKey_basic
=== RUN TestAccDatasourceGoogleServiceAccountKey_errors
=== PAUSE TestAccDatasourceGoogleServiceAccountKey_errors
=== CONT TestAccDatasourceGoogleServiceAccountKey_basic
=== CONT TestAccDatasourceGoogleServiceAccountKey_errors
--- PASS: TestAccDatasourceGoogleServiceAccountKey_errors (14.38s)
--- PASS: TestAccDatasourceGoogleServiceAccountKey_basic (18.11s)
PASS
ok github.com/terraform-providers/terraform-provider-google/google 18.281s