From cbf5de626d5e9330f1d4d7c2d9eef9084a14888e Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Fri, 19 Nov 2021 22:45:29 +1100 Subject: [PATCH 01/15] Update terraform-plugin-docs to support Apple M1 --- go.mod | 8 ++++---- go.sum | 29 ++++++++--------------------- 2 files changed, 12 insertions(+), 25 deletions(-) diff --git a/go.mod b/go.mod index f97a3c1306..90d5ab6732 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/Pallinder/go-randomdata v1.2.0 github.com/chanzuckerberg/go-misc v0.0.0-20210907173712-618127c04a73 - github.com/hashicorp/terraform-plugin-docs v0.4.0 + github.com/hashicorp/terraform-plugin-docs v0.5.1 github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 github.com/jmoiron/sqlx v1.3.4 github.com/luna-duclos/instrumentedsql v1.1.3 @@ -65,8 +65,8 @@ require ( github.com/hashicorp/go-version v1.3.0 // indirect github.com/hashicorp/hcl/v2 v2.10.1 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-exec v0.14.0 // indirect - github.com/hashicorp/terraform-json v0.12.0 // indirect + github.com/hashicorp/terraform-exec v0.15.0 // indirect + github.com/hashicorp/terraform-json v0.13.0 // indirect github.com/hashicorp/terraform-plugin-go v0.4.0 // indirect github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect github.com/huandu/xstrings v1.3.2 // indirect @@ -92,7 +92,7 @@ require ( github.com/sirupsen/logrus v1.8.1 // indirect github.com/ulikunitz/xz v0.5.8 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect - github.com/zclconf/go-cty v1.9.1 // indirect + github.com/zclconf/go-cty v1.10.0 // indirect go.opencensus.io v0.22.4 // indirect golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect golang.org/x/mod v0.4.2 // indirect diff --git a/go.sum b/go.sum index 36289d0777..97bfcfb243 100644 --- a/go.sum +++ b/go.sum @@ -127,7 +127,6 @@ github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7l github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= -github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/andybalholm/crlf v0.0.0-20171020200849-670099aa064f/go.mod h1:k8feO4+kXDxro6ErPXBRTJ/ro2mf0SsFG8s7doP9kJE= @@ -347,13 +346,10 @@ github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2H github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-git-fixtures/v4 v4.0.1/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw= github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= -github.com/go-git/go-git/v5 v5.1.0/go.mod h1:ZKfuPUoY1ZqIG4QG9BDBh3G4gLM5zvPuSJAozQrZuyM= github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -562,7 +558,6 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= -github.com/hashicorp/go-getter v1.4.0/go.mod h1:7qxyCd8rBfcShwsvxgIguu4KbS3l8bUCwg2Umn7RjeY= github.com/hashicorp/go-getter v1.5.3 h1:NF5+zOlQegim+w/EUhSLh6QhXHmZMEeHLQzllkQ3ROU= github.com/hashicorp/go-getter v1.5.3/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= @@ -613,15 +608,15 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/hashicorp/terraform-exec v0.12.0/go.mod h1:SGhto91bVRlgXQWcJ5znSz+29UZIa8kpBbkGwQ+g9E8= -github.com/hashicorp/terraform-exec v0.14.0 h1:UQoUcxKTZZXhyyK68Cwn4mApT4mnFPmEXPiqaHL9r+w= github.com/hashicorp/terraform-exec v0.14.0/go.mod h1:qrAASDq28KZiMPDnQ02sFS9udcqEkRly002EA2izXTA= -github.com/hashicorp/terraform-json v0.8.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE= +github.com/hashicorp/terraform-exec v0.15.0 h1:cqjh4d8HYNQrDoEmlSGelHmg2DYDh5yayckvJ5bV18E= +github.com/hashicorp/terraform-exec v0.15.0/go.mod h1:H4IG8ZxanU+NW0ZpDRNsvh9f0ul7C0nHP+rUR/CHs7I= github.com/hashicorp/terraform-json v0.9.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE= -github.com/hashicorp/terraform-json v0.12.0 h1:8czPgEEWWPROStjkWPUnTQDXmpmZPlkQAwYYLETaTvw= github.com/hashicorp/terraform-json v0.12.0/go.mod h1:pmbq9o4EuL43db5+0ogX10Yofv1nozM+wskr/bGFJpI= -github.com/hashicorp/terraform-plugin-docs v0.4.0 h1:xJIXsMzBFwBvC1zcjoNz743GL2tNEfYFFU9+Hjp4Uek= -github.com/hashicorp/terraform-plugin-docs v0.4.0/go.mod h1:fKj/V3t45tiXpSlUms/0G4OrBayyWpbUJ4WtLjBkINU= +github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= +github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= +github.com/hashicorp/terraform-plugin-docs v0.5.1 h1:WwrUcamix9x0TqfTw/WGHMRqoTe1QPZKaeWJPuFb4lQ= +github.com/hashicorp/terraform-plugin-docs v0.5.1/go.mod h1:SQwEgy0/B0UPQ07rNEG1Wpt6E3jvRcCwkVHPNybGgc0= github.com/hashicorp/terraform-plugin-go v0.4.0 h1:LFbXNeLDo0J/wR0kUzSPq0RpdmFh2gNedzU0n/gzPAo= github.com/hashicorp/terraform-plugin-go v0.4.0/go.mod h1:7u/6nt6vaiwcWE2GuJKbJwNlDFnf5n95xKw4hqIVr58= github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 h1:GSumgrL6GGcRYU37YuF1CC59hRPR7Yzy6tpoFlo8wr4= @@ -640,7 +635,6 @@ github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -679,7 +673,6 @@ github.com/jarcoal/httpmock v1.0.4/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT github.com/jarcoal/httpmock v1.0.5/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= @@ -723,7 +716,6 @@ github.com/kataras/sitemap v0.0.5/go.mod h1:KY2eugMKiPwsJgx7+U103YZehfvNGOXURubc github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kelseyhightower/envconfig v1.3.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= @@ -786,7 +778,6 @@ github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVc github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.11 h1:nQ+aFkoE2TMGc0b68U2OKSexC+eq46+XwZzWXHRmPYs= github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= @@ -822,7 +813,6 @@ github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/le github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/cli v1.1.1/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/cli v1.1.2 h1:PvH+lL2B7IQ101xQL63Of8yFS2y+aDlsFcsqNc+u/Kw= github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= @@ -1020,7 +1010,6 @@ github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGr github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= @@ -1042,7 +1031,6 @@ github.com/vmihailenco/msgpack/v4 v4.3.11/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+ github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= -github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -1067,11 +1055,11 @@ github.com/zalando/go-keyring v0.1.0/go.mod h1:RaxNwUITJaHVdQ0VC7pELPZ3tOWn13nr0 github.com/zalando/go-keyring v0.1.1/go.mod h1:OIC+OZ28XbmwFxU/Rp9V7eKzZjamBJwRzC8UFJH9+L8= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.7.1/go.mod h1:VDR4+I79ubFBGm1uJac1226K5yANQFHeauxPBoP54+o= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.8.4/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= +github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= @@ -1253,7 +1241,6 @@ golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= From 843fb2ae790fd6ed17991f994e5e9acaa807daba Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Fri, 19 Nov 2021 22:46:47 +1100 Subject: [PATCH 02/15] Implement OAuth partner integrations --- docs/resources/oauth_integration.md | 54 ++++ .../snowflake_oauth_integration/import.sh | 1 + .../snowflake_oauth_integration/resource.tf | 8 + pkg/provider/provider.go | 1 + pkg/resources/oauth_integration.go | 287 ++++++++++++++++++ pkg/snowflake/oauth_integration.go | 39 +++ 6 files changed, 390 insertions(+) create mode 100644 docs/resources/oauth_integration.md create mode 100644 examples/resources/snowflake_oauth_integration/import.sh create mode 100644 examples/resources/snowflake_oauth_integration/resource.tf create mode 100644 pkg/resources/oauth_integration.go create mode 100644 pkg/snowflake/oauth_integration.go diff --git a/docs/resources/oauth_integration.md b/docs/resources/oauth_integration.md new file mode 100644 index 0000000000..e88e845cb5 --- /dev/null +++ b/docs/resources/oauth_integration.md @@ -0,0 +1,54 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "snowflake_oauth_integration Resource - terraform-provider-snowflake" +subcategory: "" +description: |- + +--- + +# snowflake_oauth_integration (Resource) + + + +## Example Usage + +```terraform +resource "snowflake_oauth_integration" "tableau_desktop" { + name = "TABLEAU_DESKTOP" + oauth_client = "TABLEAU_DESKTOP" + enabled = true + oauth_issue_refresh_tokens = true + oauth_refresh_token_validity = 3600 + blocked_roles_list = ["SYSADMIN"] +} +``` + + +## Schema + +### Required + +- **name** (String) Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. +- **oauth_client** (String) Specifies the OAuth client type. + +### Optional + +- **blocked_roles_list** (List of String) List of roles that a user cannot explicitly consent to using after authenticating. +- **comment** (String) Specifies a comment for the OAuth integration. +- **enabled** (Boolean) Specifies whether this OAuth integration is enabled or disabled. +- **id** (String) The ID of this resource. +- **oauth_issue_refresh_tokens** (Boolean) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. +- **oauth_refresh_token_validity** (Number) Specifies how long refresh tokens should be valid (in seconds). OAUTH_ISSUE_REFRESH_TOKENS must be set to TRUE. +- **oauth_use_secondary_roles** (String) + +### Read-Only + +- **created_on** (String) Date and time when the OAuth integration was created. + +## Import + +Import is supported using the following syntax: + +```shell +terraform import snowflake_oauth_integration.example name +``` diff --git a/examples/resources/snowflake_oauth_integration/import.sh b/examples/resources/snowflake_oauth_integration/import.sh new file mode 100644 index 0000000000..cbbb03d1ea --- /dev/null +++ b/examples/resources/snowflake_oauth_integration/import.sh @@ -0,0 +1 @@ +terraform import snowflake_oauth_integration.example name diff --git a/examples/resources/snowflake_oauth_integration/resource.tf b/examples/resources/snowflake_oauth_integration/resource.tf new file mode 100644 index 0000000000..d28900d9ce --- /dev/null +++ b/examples/resources/snowflake_oauth_integration/resource.tf @@ -0,0 +1,8 @@ +resource "snowflake_oauth_integration" "tableau_desktop" { + name = "TABLEAU_DESKTOP" + oauth_client = "TABLEAU_DESKTOP" + enabled = true + oauth_issue_refresh_tokens = true + oauth_refresh_token_validity = 3600 + blocked_roles_list = ["SYSADMIN"] +} diff --git a/pkg/provider/provider.go b/pkg/provider/provider.go index 95c589cd89..fd148bb14d 100644 --- a/pkg/provider/provider.go +++ b/pkg/provider/provider.go @@ -177,6 +177,7 @@ func getResources() map[string]*schema.Resource { "snowflake_materialized_view": resources.MaterializedView(), "snowflake_network_policy_attachment": resources.NetworkPolicyAttachment(), "snowflake_network_policy": resources.NetworkPolicy(), + "snowflake_oauth_integration": resources.OAuthIntegration(), "snowflake_pipe": resources.Pipe(), "snowflake_procedure": resources.Procedure(), "snowflake_resource_monitor": resources.ResourceMonitor(), diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go new file mode 100644 index 0000000000..4cbe8c0ee0 --- /dev/null +++ b/pkg/resources/oauth_integration.go @@ -0,0 +1,287 @@ +package resources + +import ( + "database/sql" + "fmt" + "log" + "strconv" + "strings" + + "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/snowflake" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/pkg/errors" +) + +var oauthIntegrationSchema = map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + Description: "Specifies the name of the OAuth integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account.", + }, + "oauth_client": { + Type: schema.TypeString, + Required: true, + Description: "Specifies the OAuth client type.", + ValidateFunc: validation.StringInSlice([]string{ + "TABLEAU_DESKTOP", "TABLEAU_SERVER", "LOOKER", + }, false), + }, + "oauth_issue_refresh_tokens": { + Type: schema.TypeBool, + Optional: true, + Description: "Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired.", + }, + "oauth_refresh_token_validity": { + Type: schema.TypeInt, + Optional: true, + Description: "Specifies how long refresh tokens should be valid (in seconds). OAUTH_ISSUE_REFRESH_TOKENS must be set to TRUE.", + }, + "oauth_use_secondary_roles": { + Type: schema.TypeString, + Optional: true, + Description: "", + }, + "blocked_roles_list": { + Type: schema.TypeList, + Optional: true, + Description: "List of roles that a user cannot explicitly consent to using after authenticating.", + }, + "comment": { + Type: schema.TypeString, + Optional: true, + Description: "Specifies a comment for the OAuth integration.", + }, + "enabled": { + Type: schema.TypeBool, + Optional: true, + Default: true, + Description: "Specifies whether this OAuth integration is enabled or disabled.", + }, + "created_on": { + Type: schema.TypeString, + Computed: true, + Description: "Date and time when the OAuth integration was created.", + }, +} + +// OAuthIntegration returns a pointer to the resource representing a network policy +func OAuthIntegration() *schema.Resource { + return &schema.Resource{ + Create: CreateOAuthIntegration, + Read: ReadOAuthIntegration, + Update: UpdateOAuthIntegration, + Delete: DeleteOAuthIntegration, + + Schema: oauthIntegrationSchema, + Importer: &schema.ResourceImporter{ + StateContext: schema.ImportStatePassthroughContext, + }, + } +} + +// CreateOAuthIntegration implements schema.CreateFunc +func CreateOAuthIntegration(d *schema.ResourceData, meta interface{}) error { + db := meta.(*sql.DB) + name := d.Get("name").(string) + + stmt := snowflake.OAuthIntegration(name).Create() + + // Set required fields + stmt.SetRaw(`TYPE=OAUTH`) + stmt.SetString(`OAUTH_CLIENT`, d.Get("oauth_client").(string)) + + // Set optional fields + if _, ok := d.GetOk("oauth_issue_refresh_tokens"); ok { + stmt.SetBool(`OAUTH_ISSUE_REFRESH_TOKENS`, d.Get("network_policy").(bool)) + } + if _, ok := d.GetOk("oauth_refresh_token_validity"); ok { + stmt.SetInt(`OAUTH_REFRESH_TOKEN_VALIDITY`, d.Get("oauth_refresh_token_validity").(int)) + } + if _, ok := d.GetOk("oauth_use_secondary_roles"); ok { + stmt.SetString(`OAUTH_USE_SECONDARY_ROLES`, d.Get("oauth_use_secondary_roles").(string)) + } + if _, ok := d.GetOk("blocked_roles_list"); ok { + stmt.SetStringList(`BLOCKED_ROLES_LIST`, expandStringList(d.Get("blocked_roles_list").([]interface{}))) + } + if _, ok := d.GetOk("enabled"); ok { + stmt.SetBool(`ENABLED`, d.Get("enabled").(bool)) + } + if _, ok := d.GetOk("comment"); ok { + stmt.SetString(`COMMENT`, d.Get("comment").(string)) + } + + err := snowflake.Exec(db, stmt.Statement()) + if err != nil { + return errors.Wrap(err, "error creating security integration") + } + + d.SetId(name) + + return ReadOAuthIntegration(d, meta) +} + +// ReadOAuthIntegration implements schema.ReadFunc +func ReadOAuthIntegration(d *schema.ResourceData, meta interface{}) error { + db := meta.(*sql.DB) + id := d.Id() + + stmt := snowflake.OAuthIntegration(id).Show() + row := snowflake.QueryRow(db, stmt) + + // Some properties can come from the SHOW INTEGRATION call + + s, err := snowflake.ScanOAuthIntegration(row) + if err != nil { + return errors.Wrap(err, "could not show security integration") + } + + // Note: category must be Security or something is broken + if c := s.Category.String; c != "SECURITY" { + return fmt.Errorf("expected %v to be an Security integration, got %v", id, c) + } + + if err := d.Set("oauth_client", strings.TrimPrefix(s.IntegrationType.String, "OAUTH - ")); err != nil { + return err + } + + if err := d.Set("name", s.Name.String); err != nil { + return err + } + + if err := d.Set("enabled", s.Enabled.Bool); err != nil { + return err + } + + if err := d.Set("comment", s.Comment.String); err != nil { + return err + } + + if err := d.Set("created_on", s.CreatedOn.String); err != nil { + return err + } + + // Some properties come from the DESCRIBE INTEGRATION call + // We need to grab them in a loop + var k, pType string + var v, unused interface{} + stmt = snowflake.OAuthIntegration(id).Describe() + rows, err := db.Query(stmt) + if err != nil { + return errors.Wrap(err, "could not describe security integration") + } + defer rows.Close() + for rows.Next() { + if err := rows.Scan(&k, &pType, &v, &unused); err != nil { + return errors.Wrap(err, "unable to parse security integration rows") + } + switch k { + case "ENABLED": + // We set this using the SHOW INTEGRATION call so let's ignore it here + case "COMMENT": + // We set this using the SHOW INTEGRATION call so let's ignore it here + case "OAUTH_ISSUE_REFRESH_TOKENS": + b, err := strconv.ParseBool(v.(string)) + if err != nil { + return errors.Wrap(err, "returned OAuth issue refresh tokens that is not boolean") + } + if err = d.Set("oauth_issue_refresh_tokens", b); err != nil { + return errors.Wrap(err, "unable to set OAuth issue refresh tokens for security integration") + } + case "OAUTH_REFRESH_TOKEN_VALIDITY": + i, err := strconv.Atoi(v.(string)) + if err != nil { + return errors.Wrap(err, "returned OAuth refresh token validity that is not integer") + } + if err = d.Set("oauth_refresh_token_validity", i); err != nil { + return errors.Wrap(err, "unable to set OAuth refresh token validity for security integration") + } + case "OAUTH_USE_SECONDARY_ROLES": + if err = d.Set("oauth_use_secondary_roles", v.(string)); err != nil { + return errors.Wrap(err, "unable to set OAuth use secondary roles for security integration") + } + case "BLOCKED_ROLES_LIST": + if err = d.Set("blocked_roles_list", strings.Split(v.(string), ",")); err != nil { + return errors.Wrap(err, "unable to set blocked roles list for security integration") + } + case "OAUTH_CLIENT_TYPE": + // Only used for custom OAuth clients (not supported yet) + case "OAUTH_ENFORCE_PKCE": + // Only used for custom OAuth clients (not supported yet) + case "OAUTH_AUTHORIZATION_ENDPOINT": + // Only used for custom OAuth clients (not supported yet) + case "OAUTH_TOKEN_ENDPOINT": + // Only used for custom OAuth clients (not supported yet) + case "OAUTH_ALLOWED_AUTHORIZATION_ENDPOINTS": + // Only used for custom OAuth clients (not supported yet) + case "OAUTH_ALLOWED_TOKEN_ENDPOINTS": + // Only used for custom OAuth clients (not supported yet) + case "PRE_AUTHORIZED_ROLES_LIST": + // Only used for custom OAuth clients (not supported yet) + + default: + log.Printf("[WARN] unexpected security integration property %v returned from Snowflake", k) + } + } + + return err +} + +// UpdateOAuthIntegration implements schema.UpdateFunc +func UpdateOAuthIntegration(d *schema.ResourceData, meta interface{}) error { + db := meta.(*sql.DB) + id := d.Id() + + stmt := snowflake.OAuthIntegration(id).Alter() + + var runSetStatement bool + + if d.HasChange("oauth_client") { + runSetStatement = true + stmt.SetString(`OAUTH_CLIENT`, d.Get("oauth_client").(string)) + } + + if d.HasChange("oauth_issue_refresh_tokens") { + runSetStatement = true + stmt.SetBool(`OAUTH_ISSUE_REFRESH_TOKENS`, d.Get("oauth_issue_refresh_tokens").(bool)) + } + + if d.HasChange("oauth_refresh_token_validity") { + runSetStatement = true + stmt.SetInt(`OAUTH_REFRESH_TOKEN_VALIDITY`, d.Get("oauth_refresh_token_validity").(int)) + } + + if d.HasChange("oauth_use_secondary_roles") { + runSetStatement = true + stmt.SetString(`OAUTH_USE_SECONDARY_ROLES`, d.Get("oauth_use_secondary_roles").(string)) + } + + if d.HasChange("blocked_roles_list") { + runSetStatement = true + stmt.SetStringList(`BLOCKED_ROLES_LIST`, expandStringList(d.Get("blocked_roles_list").([]interface{}))) + } + + if d.HasChange("enabled") { + runSetStatement = true + stmt.SetBool(`ENABLED`, d.Get("enabled").(bool)) + } + + if d.HasChange("comment") { + runSetStatement = true + stmt.SetString(`COMMENT`, d.Get("comment").(string)) + } + + if runSetStatement { + if err := snowflake.Exec(db, stmt.Statement()); err != nil { + return errors.Wrap(err, "error updating security integration") + } + } + + return ReadOAuthIntegration(d, meta) +} + +// DeleteOAuthIntegration implements schema.DeleteFunc +func DeleteOAuthIntegration(d *schema.ResourceData, meta interface{}) error { + return DeleteResource("", snowflake.OAuthIntegration)(d, meta) +} diff --git a/pkg/snowflake/oauth_integration.go b/pkg/snowflake/oauth_integration.go new file mode 100644 index 0000000000..d3e2323c45 --- /dev/null +++ b/pkg/snowflake/oauth_integration.go @@ -0,0 +1,39 @@ +package snowflake + +import ( + "database/sql" + + "github.com/jmoiron/sqlx" + "github.com/pkg/errors" +) + +// OAuthIntegration returns a pointer to a Builder that abstracts the DDL operations for an api integration. +// +// Supported DDL operations are: +// - CREATE SECURITY INTEGRATION +// - ALTER SECURITY INTEGRATION +// - DROP INTEGRATION +// - SHOW INTEGRATIONS +// - DESCRIBE INTEGRATION +// +// [Snowflake Reference](https://docs.snowflake.com/en/sql-reference/ddl-user-security.html#security-integrations) +func OAuthIntegration(name string) *Builder { + return &Builder{ + entityType: SecurityIntegrationType, + name: name, + } +} + +type oauthIntegration struct { + Name sql.NullString `db:"name"` + Category sql.NullString `db:"category"` + IntegrationType sql.NullString `db:"type"` + Enabled sql.NullBool `db:"enabled"` + Comment sql.NullString `db:"comment"` + CreatedOn sql.NullString `db:"created_on"` +} + +func ScanOAuthIntegration(row *sqlx.Row) (*oauthIntegration, error) { + r := &oauthIntegration{} + return r, errors.Wrap(row.StructScan(r), "error scanning struct") +} From 5b4cdd8980cb0c88bbad65fc5ca414f8b0ac99c8 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Fri, 19 Nov 2021 23:21:10 +1100 Subject: [PATCH 03/15] Unit and acceptance tests --- pkg/resources/helpers_test.go | 8 ++ .../oauth_integration_acceptance_test.go | 50 ++++++++++++ pkg/resources/oauth_integration_test.go | 79 +++++++++++++++++++ pkg/snowflake/oauth_integration_test.go | 29 +++++++ 4 files changed, 166 insertions(+) create mode 100644 pkg/resources/oauth_integration_acceptance_test.go create mode 100644 pkg/resources/oauth_integration_test.go create mode 100644 pkg/snowflake/oauth_integration_test.go diff --git a/pkg/resources/helpers_test.go b/pkg/resources/helpers_test.go index c07b317041..1e4b0d3d73 100644 --- a/pkg/resources/helpers_test.go +++ b/pkg/resources/helpers_test.go @@ -208,6 +208,14 @@ func scimIntegration(t *testing.T, id string, params map[string]interface{}) *sc return d } +func oauthIntegration(t *testing.T, id string, params map[string]interface{}) *schema.ResourceData { + r := require.New(t) + d := schema.TestResourceDataRaw(t, resources.OAuthIntegration().Schema, params) + r.NotNil(d) + d.SetId(id) + return d +} + func externalFunction(t *testing.T, id string, params map[string]interface{}) *schema.ResourceData { r := require.New(t) d := schema.TestResourceDataRaw(t, resources.ExternalFunction().Schema, params) diff --git a/pkg/resources/oauth_integration_acceptance_test.go b/pkg/resources/oauth_integration_acceptance_test.go new file mode 100644 index 0000000000..7be8d7993b --- /dev/null +++ b/pkg/resources/oauth_integration_acceptance_test.go @@ -0,0 +1,50 @@ +package resources_test + +import ( + "fmt" + "strings" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAcc_OAuthIntegration(t *testing.T) { + oauthIntName := strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha)) + integrationType := "TABLEAU_DESKTOP" + + resource.ParallelTest(t, resource.TestCase{ + Providers: providers(), + Steps: []resource.TestStep{ + { + Config: oauthIntegrationConfig(oauthIntName, integrationType), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "name", oauthIntName), + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "oauth_client", integrationType), + resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "oauth_issue_refresh_tokens"), + resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "oauth_refresh_token_validity"), + resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "blocked_roles_list"), + resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "created_on"), + ), + }, + { + ResourceName: "snowflake_oauth_integration.test", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func oauthIntegrationConfig(name string, integrationType string) string { + return fmt.Sprintf(` + resource "snowflake_oauth_integration" "test" { + name = "%s" + oauth_client = "%s" + enabled = true + oauth_issue_refresh_tokens = true + oauth_refresh_token_validity = 3600 + blocked_roles_list = ["SYSADMIN"] + } + `, name, integrationType) +} diff --git a/pkg/resources/oauth_integration_test.go b/pkg/resources/oauth_integration_test.go new file mode 100644 index 0000000000..7d96374aa1 --- /dev/null +++ b/pkg/resources/oauth_integration_test.go @@ -0,0 +1,79 @@ +package resources_test + +import ( + "database/sql" + "testing" + + sqlmock "github.com/DATA-DOG/go-sqlmock" + "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/provider" + "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/resources" + . "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/testhelpers" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/stretchr/testify/require" +) + +func TestOAuthIntegration(t *testing.T) { + r := require.New(t) + err := resources.OAuthIntegration().InternalValidate(provider.Provider().Schema, true) + r.NoError(err) +} + +func TestOAuthIntegrationCreate(t *testing.T) { + r := require.New(t) + + in := map[string]interface{}{ + "name": "test_oauth_integration", + "oauth_client": "TABLEAU_DESKTOP", + } + d := schema.TestResourceDataRaw(t, resources.OAuthIntegration().Schema, in) + r.NotNil(d) + + WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { + mock.ExpectExec( + `^CREATE SECURITY INTEGRATION "test_oauth_integration" TYPE=OAUTH OAUTH_CLIENT='CLIENT'$`, + ).WillReturnResult(sqlmock.NewResult(1, 1)) + expectReadOAuthIntegration(mock) + + err := resources.CreateOAuthIntegration(d, db) + r.NoError(err) + }) +} + +func TestOAuthIntegrationRead(t *testing.T) { + r := require.New(t) + + d := oauthIntegration(t, "test_oauth_integration", map[string]interface{}{"name": "test_oauth_integration"}) + + WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { + expectReadOAuthIntegration(mock) + + err := resources.ReadOAuthIntegration(d, db) + r.NoError(err) + }) +} + +func TestOAuthIntegrationDelete(t *testing.T) { + r := require.New(t) + + d := oauthIntegration(t, "drop_it", map[string]interface{}{"name": "drop_it"}) + + WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { + mock.ExpectExec(`DROP SECURITY INTEGRATION "drop_it"`).WillReturnResult(sqlmock.NewResult(1, 1)) + err := resources.DeleteOAuthIntegration(d, db) + r.NoError(err) + }) +} + +func expectReadOAuthIntegration(mock sqlmock.Sqlmock) { + showRows := sqlmock.NewRows([]string{ + "name", "type", "category", "created_on"}, + ).AddRow("test_oauth_integration", "OAUTH - TABLEAU_DESKTOP", "SECURITY", "now") + mock.ExpectQuery(`^SHOW SECURITY INTEGRATIONS LIKE 'test_oauth_integration'$`).WillReturnRows(showRows) + + descRows := sqlmock.NewRows([]string{ + "property", "property_type", "property_value", "property_default", + }).AddRow("OAUTH_REFRESH_TOKEN_VALIDITY", "Integer", 86400, nil). + AddRow("BLOCKED_ROLES_LIST", "String", "ACCOUNTADMIN,SECURITYADMIN", nil) + + mock.ExpectQuery(`DESCRIBE SECURITY INTEGRATION "test_oauth_integration"$`).WillReturnRows(descRows) +} diff --git a/pkg/snowflake/oauth_integration_test.go b/pkg/snowflake/oauth_integration_test.go new file mode 100644 index 0000000000..707fcd061c --- /dev/null +++ b/pkg/snowflake/oauth_integration_test.go @@ -0,0 +1,29 @@ +package snowflake_test + +import ( + "testing" + + "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/snowflake" + "github.com/stretchr/testify/require" +) + +func TestOAuthIntegration(t *testing.T) { + r := require.New(t) + builder := snowflake.OAuthIntegration("tableau_desktop") + r.NotNil(builder) + + q := builder.Show() + r.Equal("SHOW SECURITY INTEGRATIONS LIKE 'tableau_desktop'", q) + + q = builder.Describe() + r.Equal("DESCRIBE SECURITY INTEGRATION \"tableau_desktop\"", q) + + c := builder.Create() + c.SetRaw(`TYPE=oauth`) + c.SetString(`oauth_client`, "tableau_desktop") + q = c.Statement() + r.Equal(`CREATE SECURITY INTEGRATION "tableau_desktop" TYPE=oauth OAUTH_CLIENT='tableau_desktop'`, q) + + e := builder.Drop() + r.Equal(`DROP SECURITY INTEGRATION "tableau_desktop"`, e) +} From f6fe604bc55916fb2c3d823cec585b4f885394c9 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Fri, 19 Nov 2021 23:27:08 +1100 Subject: [PATCH 04/15] Add documentation on oauth_use_secondary_roles --- pkg/resources/oauth_integration.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index 4cbe8c0ee0..a2dceed625 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -41,7 +41,10 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ "oauth_use_secondary_roles": { Type: schema.TypeString, Optional: true, - Description: "", + Description: "Specifiesa whether default secondary roles set in the user properties are activated by default in the session being opened.", + ValidateFunc: validation.StringInSlice([]string{ + "IMPLICIT", "NONE", + }, false), }, "blocked_roles_list": { Type: schema.TypeList, From b10c1ab2cd6444c8e062eefb04e7a6dd2d145218 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Sat, 20 Nov 2021 00:23:25 +1100 Subject: [PATCH 05/15] Fix tests --- pkg/resources/oauth_integration.go | 15 +++------------ pkg/resources/oauth_integration_test.go | 8 ++++---- 2 files changed, 7 insertions(+), 16 deletions(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index a2dceed625..7c38967dcb 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -4,7 +4,6 @@ import ( "database/sql" "fmt" "log" - "strconv" "strings" "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/snowflake" @@ -48,6 +47,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ }, "blocked_roles_list": { Type: schema.TypeList, + Elem: &schema.Schema{Type: schema.TypeString}, Optional: true, Description: "List of roles that a user cannot explicitly consent to using after authenticating.", }, @@ -59,7 +59,6 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ "enabled": { Type: schema.TypeBool, Optional: true, - Default: true, Description: "Specifies whether this OAuth integration is enabled or disabled.", }, "created_on": { @@ -185,19 +184,11 @@ func ReadOAuthIntegration(d *schema.ResourceData, meta interface{}) error { case "COMMENT": // We set this using the SHOW INTEGRATION call so let's ignore it here case "OAUTH_ISSUE_REFRESH_TOKENS": - b, err := strconv.ParseBool(v.(string)) - if err != nil { - return errors.Wrap(err, "returned OAuth issue refresh tokens that is not boolean") - } - if err = d.Set("oauth_issue_refresh_tokens", b); err != nil { + if err = d.Set("oauth_issue_refresh_tokens", v.(bool)); err != nil { return errors.Wrap(err, "unable to set OAuth issue refresh tokens for security integration") } case "OAUTH_REFRESH_TOKEN_VALIDITY": - i, err := strconv.Atoi(v.(string)) - if err != nil { - return errors.Wrap(err, "returned OAuth refresh token validity that is not integer") - } - if err = d.Set("oauth_refresh_token_validity", i); err != nil { + if err = d.Set("oauth_refresh_token_validity", v.(int64)); err != nil { return errors.Wrap(err, "unable to set OAuth refresh token validity for security integration") } case "OAUTH_USE_SECONDARY_ROLES": diff --git a/pkg/resources/oauth_integration_test.go b/pkg/resources/oauth_integration_test.go index 7d96374aa1..531e546b73 100644 --- a/pkg/resources/oauth_integration_test.go +++ b/pkg/resources/oauth_integration_test.go @@ -30,7 +30,7 @@ func TestOAuthIntegrationCreate(t *testing.T) { WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { mock.ExpectExec( - `^CREATE SECURITY INTEGRATION "test_oauth_integration" TYPE=OAUTH OAUTH_CLIENT='CLIENT'$`, + `^CREATE SECURITY INTEGRATION "test_oauth_integration" TYPE=OAUTH OAUTH_CLIENT='TABLEAU_DESKTOP'$`, ).WillReturnResult(sqlmock.NewResult(1, 1)) expectReadOAuthIntegration(mock) @@ -66,14 +66,14 @@ func TestOAuthIntegrationDelete(t *testing.T) { func expectReadOAuthIntegration(mock sqlmock.Sqlmock) { showRows := sqlmock.NewRows([]string{ - "name", "type", "category", "created_on"}, - ).AddRow("test_oauth_integration", "OAUTH - TABLEAU_DESKTOP", "SECURITY", "now") + "name", "type", "category", "enabled", "comment", "created_on"}, + ).AddRow("test_oauth_integration", "OAUTH - TABLEAU_DESKTOP", "SECURITY", true, nil, "now") mock.ExpectQuery(`^SHOW SECURITY INTEGRATIONS LIKE 'test_oauth_integration'$`).WillReturnRows(showRows) descRows := sqlmock.NewRows([]string{ "property", "property_type", "property_value", "property_default", }).AddRow("OAUTH_REFRESH_TOKEN_VALIDITY", "Integer", 86400, nil). - AddRow("BLOCKED_ROLES_LIST", "String", "ACCOUNTADMIN,SECURITYADMIN", nil) + AddRow("BLOCKED_ROLES_LIST", "List", "ACCOUNTADMIN,SECURITYADMIN", nil) mock.ExpectQuery(`DESCRIBE SECURITY INTEGRATION "test_oauth_integration"$`).WillReturnRows(descRows) } From a9894bbcb6e0f3c3f7c4eee519295c035087bbca Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Sat, 20 Nov 2021 00:25:14 +1100 Subject: [PATCH 06/15] Undo go module changes --- go.mod | 8 ++++---- go.sum | 29 +++++++++++++++++++++-------- 2 files changed, 25 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 90d5ab6732..f97a3c1306 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/Pallinder/go-randomdata v1.2.0 github.com/chanzuckerberg/go-misc v0.0.0-20210907173712-618127c04a73 - github.com/hashicorp/terraform-plugin-docs v0.5.1 + github.com/hashicorp/terraform-plugin-docs v0.4.0 github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 github.com/jmoiron/sqlx v1.3.4 github.com/luna-duclos/instrumentedsql v1.1.3 @@ -65,8 +65,8 @@ require ( github.com/hashicorp/go-version v1.3.0 // indirect github.com/hashicorp/hcl/v2 v2.10.1 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-exec v0.15.0 // indirect - github.com/hashicorp/terraform-json v0.13.0 // indirect + github.com/hashicorp/terraform-exec v0.14.0 // indirect + github.com/hashicorp/terraform-json v0.12.0 // indirect github.com/hashicorp/terraform-plugin-go v0.4.0 // indirect github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect github.com/huandu/xstrings v1.3.2 // indirect @@ -92,7 +92,7 @@ require ( github.com/sirupsen/logrus v1.8.1 // indirect github.com/ulikunitz/xz v0.5.8 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect - github.com/zclconf/go-cty v1.10.0 // indirect + github.com/zclconf/go-cty v1.9.1 // indirect go.opencensus.io v0.22.4 // indirect golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect golang.org/x/mod v0.4.2 // indirect diff --git a/go.sum b/go.sum index 97bfcfb243..36289d0777 100644 --- a/go.sum +++ b/go.sum @@ -127,6 +127,7 @@ github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7l github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= +github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/andybalholm/crlf v0.0.0-20171020200849-670099aa064f/go.mod h1:k8feO4+kXDxro6ErPXBRTJ/ro2mf0SsFG8s7doP9kJE= @@ -346,10 +347,13 @@ github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2H github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= +github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-git-fixtures/v4 v4.0.1/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw= github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= +github.com/go-git/go-git/v5 v5.1.0/go.mod h1:ZKfuPUoY1ZqIG4QG9BDBh3G4gLM5zvPuSJAozQrZuyM= github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -558,6 +562,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= +github.com/hashicorp/go-getter v1.4.0/go.mod h1:7qxyCd8rBfcShwsvxgIguu4KbS3l8bUCwg2Umn7RjeY= github.com/hashicorp/go-getter v1.5.3 h1:NF5+zOlQegim+w/EUhSLh6QhXHmZMEeHLQzllkQ3ROU= github.com/hashicorp/go-getter v1.5.3/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= @@ -608,15 +613,15 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= +github.com/hashicorp/terraform-exec v0.12.0/go.mod h1:SGhto91bVRlgXQWcJ5znSz+29UZIa8kpBbkGwQ+g9E8= +github.com/hashicorp/terraform-exec v0.14.0 h1:UQoUcxKTZZXhyyK68Cwn4mApT4mnFPmEXPiqaHL9r+w= github.com/hashicorp/terraform-exec v0.14.0/go.mod h1:qrAASDq28KZiMPDnQ02sFS9udcqEkRly002EA2izXTA= -github.com/hashicorp/terraform-exec v0.15.0 h1:cqjh4d8HYNQrDoEmlSGelHmg2DYDh5yayckvJ5bV18E= -github.com/hashicorp/terraform-exec v0.15.0/go.mod h1:H4IG8ZxanU+NW0ZpDRNsvh9f0ul7C0nHP+rUR/CHs7I= +github.com/hashicorp/terraform-json v0.8.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE= github.com/hashicorp/terraform-json v0.9.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE= +github.com/hashicorp/terraform-json v0.12.0 h1:8czPgEEWWPROStjkWPUnTQDXmpmZPlkQAwYYLETaTvw= github.com/hashicorp/terraform-json v0.12.0/go.mod h1:pmbq9o4EuL43db5+0ogX10Yofv1nozM+wskr/bGFJpI= -github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= -github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= -github.com/hashicorp/terraform-plugin-docs v0.5.1 h1:WwrUcamix9x0TqfTw/WGHMRqoTe1QPZKaeWJPuFb4lQ= -github.com/hashicorp/terraform-plugin-docs v0.5.1/go.mod h1:SQwEgy0/B0UPQ07rNEG1Wpt6E3jvRcCwkVHPNybGgc0= +github.com/hashicorp/terraform-plugin-docs v0.4.0 h1:xJIXsMzBFwBvC1zcjoNz743GL2tNEfYFFU9+Hjp4Uek= +github.com/hashicorp/terraform-plugin-docs v0.4.0/go.mod h1:fKj/V3t45tiXpSlUms/0G4OrBayyWpbUJ4WtLjBkINU= github.com/hashicorp/terraform-plugin-go v0.4.0 h1:LFbXNeLDo0J/wR0kUzSPq0RpdmFh2gNedzU0n/gzPAo= github.com/hashicorp/terraform-plugin-go v0.4.0/go.mod h1:7u/6nt6vaiwcWE2GuJKbJwNlDFnf5n95xKw4hqIVr58= github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 h1:GSumgrL6GGcRYU37YuF1CC59hRPR7Yzy6tpoFlo8wr4= @@ -635,6 +640,7 @@ github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -673,6 +679,7 @@ github.com/jarcoal/httpmock v1.0.4/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT github.com/jarcoal/httpmock v1.0.5/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= +github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= @@ -716,6 +723,7 @@ github.com/kataras/sitemap v0.0.5/go.mod h1:KY2eugMKiPwsJgx7+U103YZehfvNGOXURubc github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kelseyhightower/envconfig v1.3.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= +github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= @@ -778,6 +786,7 @@ github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVc github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.11 h1:nQ+aFkoE2TMGc0b68U2OKSexC+eq46+XwZzWXHRmPYs= github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= @@ -813,6 +822,7 @@ github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/le github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= +github.com/mitchellh/cli v1.1.1/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/cli v1.1.2 h1:PvH+lL2B7IQ101xQL63Of8yFS2y+aDlsFcsqNc+u/Kw= github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= @@ -1010,6 +1020,7 @@ github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGr github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= +github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= @@ -1031,6 +1042,7 @@ github.com/vmihailenco/msgpack/v4 v4.3.11/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+ github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= +github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -1055,11 +1067,11 @@ github.com/zalando/go-keyring v0.1.0/go.mod h1:RaxNwUITJaHVdQ0VC7pELPZ3tOWn13nr0 github.com/zalando/go-keyring v0.1.1/go.mod h1:OIC+OZ28XbmwFxU/Rp9V7eKzZjamBJwRzC8UFJH9+L8= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= +github.com/zclconf/go-cty v1.7.1/go.mod h1:VDR4+I79ubFBGm1uJac1226K5yANQFHeauxPBoP54+o= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.8.4/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= -github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= @@ -1241,6 +1253,7 @@ golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= From 714266274517d0d8e2265e9ef2417e9c492e7c09 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Sat, 20 Nov 2021 00:30:53 +1100 Subject: [PATCH 07/15] Fix typo and regenerate docs --- docs/resources/oauth_integration.md | 2 +- pkg/resources/oauth_integration.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/oauth_integration.md b/docs/resources/oauth_integration.md index e88e845cb5..5cbcc7f083 100644 --- a/docs/resources/oauth_integration.md +++ b/docs/resources/oauth_integration.md @@ -39,7 +39,7 @@ resource "snowflake_oauth_integration" "tableau_desktop" { - **id** (String) The ID of this resource. - **oauth_issue_refresh_tokens** (Boolean) Specifies whether to allow the client to exchange a refresh token for an access token when the current access token has expired. - **oauth_refresh_token_validity** (Number) Specifies how long refresh tokens should be valid (in seconds). OAUTH_ISSUE_REFRESH_TOKENS must be set to TRUE. -- **oauth_use_secondary_roles** (String) +- **oauth_use_secondary_roles** (String) Specifies whether default secondary roles set in the user properties are activated by default in the session being opened. ### Read-Only diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index 7c38967dcb..cf60462755 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -40,7 +40,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ "oauth_use_secondary_roles": { Type: schema.TypeString, Optional: true, - Description: "Specifiesa whether default secondary roles set in the user properties are activated by default in the session being opened.", + Description: "Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.", ValidateFunc: validation.StringInSlice([]string{ "IMPLICIT", "NONE", }, false), From d10af876d67d47a4cf0b88b4873f66affd9ad5d5 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Tue, 23 Nov 2021 10:27:25 +1100 Subject: [PATCH 08/15] Update pkg/resources/oauth_integration.go Co-authored-by: Eduardo Lopez --- pkg/resources/oauth_integration.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index cf60462755..ad92fc5c62 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -46,7 +46,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ }, false), }, "blocked_roles_list": { - Type: schema.TypeList, + Type: schema.TypeSet, Elem: &schema.Schema{Type: schema.TypeString}, Optional: true, Description: "List of roles that a user cannot explicitly consent to using after authenticating.", From 88c819eda459c07f8747e7489a4b85b4667e9aa7 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Wed, 24 Nov 2021 15:30:56 +1100 Subject: [PATCH 09/15] Update casting for set type --- pkg/resources/oauth_integration.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index ad92fc5c62..2c01de3c79 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -105,7 +105,7 @@ func CreateOAuthIntegration(d *schema.ResourceData, meta interface{}) error { stmt.SetString(`OAUTH_USE_SECONDARY_ROLES`, d.Get("oauth_use_secondary_roles").(string)) } if _, ok := d.GetOk("blocked_roles_list"); ok { - stmt.SetStringList(`BLOCKED_ROLES_LIST`, expandStringList(d.Get("blocked_roles_list").([]interface{}))) + stmt.SetStringList(`BLOCKED_ROLES_LIST`, expandStringList(d.Get("blocked_roles_list").(*schema.Set).List())) } if _, ok := d.GetOk("enabled"); ok { stmt.SetBool(`ENABLED`, d.Get("enabled").(bool)) From 3eb42aa94689e7625b3bef823c3602a46df4597c Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Wed, 24 Nov 2021 15:33:36 +1100 Subject: [PATCH 10/15] Update set type doc --- docs/resources/oauth_integration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/oauth_integration.md b/docs/resources/oauth_integration.md index 5cbcc7f083..370202947b 100644 --- a/docs/resources/oauth_integration.md +++ b/docs/resources/oauth_integration.md @@ -33,7 +33,7 @@ resource "snowflake_oauth_integration" "tableau_desktop" { ### Optional -- **blocked_roles_list** (List of String) List of roles that a user cannot explicitly consent to using after authenticating. +- **blocked_roles_list** (Set of String) List of roles that a user cannot explicitly consent to using after authenticating. - **comment** (String) Specifies a comment for the OAuth integration. - **enabled** (Boolean) Specifies whether this OAuth integration is enabled or disabled. - **id** (String) The ID of this resource. From 161f112adfa1031025ad86f4f5fb05f8f770030e Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Tue, 30 Nov 2021 14:12:00 +1100 Subject: [PATCH 11/15] Fix silly typo and enhance acceptance test --- pkg/resources/oauth_integration.go | 4 ++-- .../oauth_integration_acceptance_test.go | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index 2c01de3c79..c589b1f71b 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -68,7 +68,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ }, } -// OAuthIntegration returns a pointer to the resource representing a network policy +// OAuthIntegration returns a pointer to the resource representing an OAuth integration func OAuthIntegration() *schema.Resource { return &schema.Resource{ Create: CreateOAuthIntegration, @@ -96,7 +96,7 @@ func CreateOAuthIntegration(d *schema.ResourceData, meta interface{}) error { // Set optional fields if _, ok := d.GetOk("oauth_issue_refresh_tokens"); ok { - stmt.SetBool(`OAUTH_ISSUE_REFRESH_TOKENS`, d.Get("network_policy").(bool)) + stmt.SetBool(`OAUTH_ISSUE_REFRESH_TOKENS`, d.Get("oauth_issue_refresh_tokens").(bool)) } if _, ok := d.GetOk("oauth_refresh_token_validity"); ok { stmt.SetInt(`OAUTH_REFRESH_TOKEN_VALIDITY`, d.Get("oauth_refresh_token_validity").(int)) diff --git a/pkg/resources/oauth_integration_acceptance_test.go b/pkg/resources/oauth_integration_acceptance_test.go index 7be8d7993b..9d9841ef8e 100644 --- a/pkg/resources/oauth_integration_acceptance_test.go +++ b/pkg/resources/oauth_integration_acceptance_test.go @@ -21,10 +21,10 @@ func TestAcc_OAuthIntegration(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "name", oauthIntName), resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "oauth_client", integrationType), - resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "oauth_issue_refresh_tokens"), - resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "oauth_refresh_token_validity"), - resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "blocked_roles_list"), - resource.TestCheckResourceAttrSet("snowflake_oauth_integration.test", "created_on"), + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "oauth_issue_refresh_tokens", "true"), + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "oauth_refresh_token_validity", "3600"), + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "blocked_roles_list.#", "1"), + resource.TestCheckResourceAttr("snowflake_oauth_integration.test", "blocked_roles_list.0", "SYSADMIN"), ), }, { @@ -39,12 +39,12 @@ func TestAcc_OAuthIntegration(t *testing.T) { func oauthIntegrationConfig(name string, integrationType string) string { return fmt.Sprintf(` resource "snowflake_oauth_integration" "test" { - name = "%s" - oauth_client = "%s" - enabled = true - oauth_issue_refresh_tokens = true + name = "%s" + oauth_client = "%s" + enabled = true + oauth_issue_refresh_tokens = true oauth_refresh_token_validity = 3600 - blocked_roles_list = ["SYSADMIN"] + blocked_roles_list = ["SYSADMIN"] } `, name, integrationType) } From c1653557d99798e9691342856c407ce8c6d63e51 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Tue, 30 Nov 2021 16:26:07 +1100 Subject: [PATCH 12/15] Treat property list values as strings --- pkg/resources/oauth_integration.go | 13 +++++++++++-- pkg/resources/oauth_integration_test.go | 3 ++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index c589b1f71b..c1a8cecd65 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -4,6 +4,7 @@ import ( "database/sql" "fmt" "log" + "strconv" "strings" "github.com/chanzuckerberg/terraform-provider-snowflake/pkg/snowflake" @@ -184,11 +185,19 @@ func ReadOAuthIntegration(d *schema.ResourceData, meta interface{}) error { case "COMMENT": // We set this using the SHOW INTEGRATION call so let's ignore it here case "OAUTH_ISSUE_REFRESH_TOKENS": - if err = d.Set("oauth_issue_refresh_tokens", v.(bool)); err != nil { + b, err := strconv.ParseBool(v.(string)) + if err != nil { + return errors.Wrap(err, "returned OAuth issue refresh tokens that is not boolean") + } + if err = d.Set("oauth_issue_refresh_tokens", b); err != nil { return errors.Wrap(err, "unable to set OAuth issue refresh tokens for security integration") } case "OAUTH_REFRESH_TOKEN_VALIDITY": - if err = d.Set("oauth_refresh_token_validity", v.(int64)); err != nil { + i, err := strconv.Atoi(v.(string)) + if err != nil { + return errors.Wrap(err, "returned OAuth refresh token validity that is not integer") + } + if err = d.Set("oauth_refresh_token_validity", i); err != nil { return errors.Wrap(err, "unable to set OAuth refresh token validity for security integration") } case "OAUTH_USE_SECONDARY_ROLES": diff --git a/pkg/resources/oauth_integration_test.go b/pkg/resources/oauth_integration_test.go index 531e546b73..81bdfe7552 100644 --- a/pkg/resources/oauth_integration_test.go +++ b/pkg/resources/oauth_integration_test.go @@ -72,7 +72,8 @@ func expectReadOAuthIntegration(mock sqlmock.Sqlmock) { descRows := sqlmock.NewRows([]string{ "property", "property_type", "property_value", "property_default", - }).AddRow("OAUTH_REFRESH_TOKEN_VALIDITY", "Integer", 86400, nil). + }).AddRow("OAUTH_ISSUE_REFRESH_TOKENS", "Boolean", "true", "true"). + AddRow("OAUTH_REFRESH_TOKEN_VALIDITY", "Integer", "86400", "7776000"). AddRow("BLOCKED_ROLES_LIST", "List", "ACCOUNTADMIN,SECURITYADMIN", nil) mock.ExpectQuery(`DESCRIBE SECURITY INTEGRATION "test_oauth_integration"$`).WillReturnRows(descRows) From 5033fa633d6f1b4082045147b39f0a5514a4c1b9 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Wed, 1 Dec 2021 10:30:26 +1100 Subject: [PATCH 13/15] Change OAuth integration type for acceptance test --- pkg/resources/oauth_integration_acceptance_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/resources/oauth_integration_acceptance_test.go b/pkg/resources/oauth_integration_acceptance_test.go index 9d9841ef8e..dfbc3ca7f0 100644 --- a/pkg/resources/oauth_integration_acceptance_test.go +++ b/pkg/resources/oauth_integration_acceptance_test.go @@ -11,7 +11,7 @@ import ( func TestAcc_OAuthIntegration(t *testing.T) { oauthIntName := strings.ToUpper(acctest.RandStringFromCharSet(10, acctest.CharSetAlpha)) - integrationType := "TABLEAU_DESKTOP" + integrationType := "TABLEAU_SERVER" resource.ParallelTest(t, resource.TestCase{ Providers: providers(), From c2634c876c7db9a5277ecbdc937b162fd997be91 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Wed, 1 Dec 2021 11:42:42 +1100 Subject: [PATCH 14/15] Add oauth_use_secondary_roles default for OAuth integration --- pkg/resources/oauth_integration.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index c1a8cecd65..fb3aab940d 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -41,6 +41,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ "oauth_use_secondary_roles": { Type: schema.TypeString, Optional: true, + Default: "NONE", Description: "Specifies whether default secondary roles set in the user properties are activated by default in the session being opened.", ValidateFunc: validation.StringInSlice([]string{ "IMPLICIT", "NONE", From e40332dde127ccfd7e7e8f90cd9d95b08c763870 Mon Sep 17 00:00:00 2001 From: Mike Gouline <1960272+gouline@users.noreply.github.com> Date: Wed, 1 Dec 2021 13:10:03 +1100 Subject: [PATCH 15/15] Filter out implicit values from blocked_roles_list --- docs/resources/oauth_integration.md | 2 +- pkg/resources/oauth_integration.go | 15 +++++++++++++-- pkg/resources/oauth_integration_test.go | 2 +- pkg/resources/storage_integration_test.go | 2 +- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/docs/resources/oauth_integration.md b/docs/resources/oauth_integration.md index 370202947b..772abbca15 100644 --- a/docs/resources/oauth_integration.md +++ b/docs/resources/oauth_integration.md @@ -33,7 +33,7 @@ resource "snowflake_oauth_integration" "tableau_desktop" { ### Optional -- **blocked_roles_list** (Set of String) List of roles that a user cannot explicitly consent to using after authenticating. +- **blocked_roles_list** (Set of String) List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates. - **comment** (String) Specifies a comment for the OAuth integration. - **enabled** (Boolean) Specifies whether this OAuth integration is enabled or disabled. - **id** (String) The ID of this resource. diff --git a/pkg/resources/oauth_integration.go b/pkg/resources/oauth_integration.go index fb3aab940d..599700ff2c 100644 --- a/pkg/resources/oauth_integration.go +++ b/pkg/resources/oauth_integration.go @@ -51,7 +51,7 @@ var oauthIntegrationSchema = map[string]*schema.Schema{ Type: schema.TypeSet, Elem: &schema.Schema{Type: schema.TypeString}, Optional: true, - Description: "List of roles that a user cannot explicitly consent to using after authenticating.", + Description: "List of roles that a user cannot explicitly consent to using after authenticating. Do not include ACCOUNTADMIN, ORGADMIN or SECURITYADMIN as they are already implicitly enforced and will cause in-place updates.", }, "comment": { Type: schema.TypeString, @@ -206,7 +206,18 @@ func ReadOAuthIntegration(d *schema.ResourceData, meta interface{}) error { return errors.Wrap(err, "unable to set OAuth use secondary roles for security integration") } case "BLOCKED_ROLES_LIST": - if err = d.Set("blocked_roles_list", strings.Split(v.(string), ",")); err != nil { + blockedRolesAll := strings.Split(v.(string), ",") + + // Only roles other than ACCOUNTADMIN, ORGADMIN and SECURITYADMIN can be specified custom, + // those three are enforced with no option to remove them + blockedRolesCustom := []string{} + for _, role := range blockedRolesAll { + if role != "ACCOUNTADMIN" && role != "ORGADMIN" && role != "SECURITYADMIN" { + blockedRolesCustom = append(blockedRolesCustom, role) + } + } + + if err = d.Set("blocked_roles_list", blockedRolesCustom); err != nil { return errors.Wrap(err, "unable to set blocked roles list for security integration") } case "OAUTH_CLIENT_TYPE": diff --git a/pkg/resources/oauth_integration_test.go b/pkg/resources/oauth_integration_test.go index 81bdfe7552..1c213b17dc 100644 --- a/pkg/resources/oauth_integration_test.go +++ b/pkg/resources/oauth_integration_test.go @@ -30,7 +30,7 @@ func TestOAuthIntegrationCreate(t *testing.T) { WithMockDb(t, func(db *sql.DB, mock sqlmock.Sqlmock) { mock.ExpectExec( - `^CREATE SECURITY INTEGRATION "test_oauth_integration" TYPE=OAUTH OAUTH_CLIENT='TABLEAU_DESKTOP'$`, + `^CREATE SECURITY INTEGRATION "test_oauth_integration" TYPE=OAUTH OAUTH_CLIENT='TABLEAU_DESKTOP' OAUTH_USE_SECONDARY_ROLES='NONE'$`, ).WillReturnResult(sqlmock.NewResult(1, 1)) expectReadOAuthIntegration(mock) diff --git a/pkg/resources/storage_integration_test.go b/pkg/resources/storage_integration_test.go index 603df0f293..dbecc3f4c3 100644 --- a/pkg/resources/storage_integration_test.go +++ b/pkg/resources/storage_integration_test.go @@ -66,7 +66,7 @@ func TestStorageIntegrationReadEmpty(t *testing.T) { err := resources.ReadStorageIntegration(d, db) r.Nil(err) - }) + }) } func TestStorageIntegrationUpdate(t *testing.T) {