Skip to content

Commit

Permalink
backend/azurerm: removing the arm_ prefix from keys
Browse files Browse the repository at this point in the history
  • Loading branch information
tombuildsstuff committed Nov 23, 2018
1 parent 9ada535 commit 52a7acc
Show file tree
Hide file tree
Showing 4 changed files with 130 additions and 59 deletions.
75 changes: 59 additions & 16 deletions backend/remote-state/azure/backend.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,28 +57,28 @@ func New() backend.Backend {
Description: "The resource group name.",
},

"arm_subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
},

"arm_client_id": {
"client_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Client ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""),
},

"arm_client_secret": {
"client_secret": {
Type: schema.TypeString,
Optional: true,
Description: "The Client Secret.",
DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""),
},

"arm_tenant_id": {
"subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
},

"tenant_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Tenant ID.",
Expand All @@ -99,7 +99,35 @@ func New() backend.Backend {
DefaultFunc: schema.EnvDefaultFunc("ARM_MSI_ENDPOINT", ""),
},

// TODO: rename these fields
// Deprecated field (in favour of the arm_less :drum: prefixes above)
"arm_client_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Client ID.",
Deprecated: "`arm_client_id` has been replaced by `client_id`",
},

"arm_client_secret": {
Type: schema.TypeString,
Optional: true,
Description: "The Client Secret.",
Deprecated: "`arm_client_secret` has been replaced by `client_secret`",
},

"arm_subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
Deprecated: "`arm_subscription_id` has been replaced by `subscription_id`",
},

"arm_tenant_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Tenant ID.",
Deprecated: "`arm_tenant_id` has been replaced by `tenant_id`",
},

// TODO: support for custom resource manager endpoints
},
}
Expand Down Expand Up @@ -142,21 +170,26 @@ func (b *Backend) configure(ctx context.Context) error {

// Grab the resource data
data := schema.FromContextBackendConfig(ctx)

b.containerName = data.Get("container_name").(string)
b.keyName = data.Get("key").(string)

// support for previously deprecated fields
clientId := valueFromDeprecatedField(data, "client_id", "arm_client_id")
clientSecret := valueFromDeprecatedField(data, "client_secret", "arm_client_secret")
subscriptionId := valueFromDeprecatedField(data, "subscription_id", "arm_subscription_id")
tenantId := valueFromDeprecatedField(data, "tenant_id", "arm_tenant_id")

config := BackendConfig{
AccessKey: data.Get("access_key").(string),
ClientID: data.Get("arm_client_id").(string),
ClientSecret: data.Get("arm_client_secret").(string),
ClientID: clientId,
ClientSecret: clientSecret,
Environment: data.Get("environment").(string),
MsiEndpoint: data.Get("msi_endpoint").(string),
ResourceGroupName: data.Get("resource_group_name").(string),
SasToken: data.Get("sas_token").(string),
StorageAccountName: data.Get("storage_account_name").(string),
SubscriptionID: data.Get("arm_subscription_id").(string),
TenantID: data.Get("arm_tenant_id").(string),
SubscriptionID: subscriptionId,
TenantID: tenantId,
UseMsi: data.Get("use_msi").(bool),
}

Expand All @@ -172,3 +205,13 @@ func (b *Backend) configure(ctx context.Context) error {
b.armClient = armClient
return nil
}

func valueFromDeprecatedField(d *schema.ResourceData, key, deprecatedFieldKey string) string {
v := d.Get(key).(string)

if v == "" {
v = d.Get(deprecatedFieldKey).(string)
}

return v
}
48 changes: 38 additions & 10 deletions backend/remote-state/azure/backend_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ func TestBackendManagedServiceIdentityBasic(t *testing.T) {
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"use_msi": true,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

Expand Down Expand Up @@ -129,6 +129,34 @@ func TestBackendServicePrincipalBasic(t *testing.T) {
t.Fatalf("Error creating Test Resources: %q", err)
}

b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

backend.TestBackendStates(t, b)
}

func TestBackendServicePrincipalDeprecatedFields(t *testing.T) {
testAccAzureBackend(t)
rs := acctest.RandString(4)
res := testResourceNames(rs, "testState")
armClient := buildTestClient(t, res)

ctx := context.TODO()
err := armClient.buildTestResources(ctx, &res)
defer armClient.destroyTestResources(ctx, res)
if err != nil {
t.Fatalf("Error creating Test Resources: %q", err)
}

b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
Expand Down Expand Up @@ -195,10 +223,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"access_key": res.storageAccountAccessKey,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

Expand All @@ -207,10 +235,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"access_key": res.storageAccountAccessKey,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

Expand Down
46 changes: 23 additions & 23 deletions backend/remote-state/azure/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,11 +62,11 @@ func TestRemoteClientManagedServiceIdentityBasic(t *testing.T) {
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"use_msi": true,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
"resource_group_name": res.resourceGroup,
"use_msi": true,
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

state, err := b.StateMgr(backend.DefaultStateName)
Expand Down Expand Up @@ -128,12 +128,12 @@ func TestRemoteClientServicePrincipalBasic(t *testing.T) {
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
"resource_group_name": res.resourceGroup,
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

state, err := b.StateMgr(backend.DefaultStateName)
Expand Down Expand Up @@ -203,24 +203,24 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) {
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
"resource_group_name": res.resourceGroup,
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{
"storage_account_name": res.storageAccountName,
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
"resource_group_name": res.resourceGroup,
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

s1, err := b1.StateMgr(backend.DefaultStateName)
Expand Down
20 changes: 10 additions & 10 deletions website/docs/backends/types/azurerm.html.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ terraform {
container_name = "tfstate"
key = "prod.terraform.tfstate"
use_msi = true
arm_subscription_id = "00000000-0000-0000-0000-000000000000"
arm_tenant_id = "00000000-0000-0000-0000-000000000000"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
Expand Down Expand Up @@ -101,8 +101,8 @@ data "terraform_remote_state" "foo" {
container_name = "terraform-state"
key = "prod.terraform.tfstate"
use_msi = true
arm_subscription_id = "00000000-0000-0000-0000-000000000000"
arm_tenant_id = "00000000-0000-0000-0000-000000000000"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
Expand Down Expand Up @@ -156,9 +156,9 @@ The following configuration options are supported:

When authenticating using the Managed Service Identity (MSI) - the following fields are also supported:

* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.

* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.
* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.

* `msi_endpoint` - (Optional) The path to a custom Managed Service Identity endpoint which is automatically determined if not specified. This can also be sourced from the `ARM_MSI_ENDPOINT` environment variable.

Expand All @@ -182,10 +182,10 @@ When authenticating using a Service Principal - the following fields are also su

* `resource_group_name` - (Required) The Name of the Resource Group in which the Storage Account exists.

* `arm_client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable.
* `client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable.

* `arm_client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable.
* `client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable.

* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.

* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.
* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.

0 comments on commit 52a7acc

Please sign in to comment.