Update IdP identifiers to accept a list in access group schema #739
Conversation
ghost
added
size/M
kind/documentation
|
The current test suite is all green however we should probably a new test case to excercise multiple values in https://github.com/terraform-providers/terraform-provider-cloudflare/blob/master/cloudflare/resource_cloudflare_access_group_test.go. |
|
@jacobbednarz Sure thing. Do you know if those tests create/destroy actual resources? If so, I think these tests will require an IdP to be created beforehand (along with their respective IdP groups) and I'm not sure I know the best way to go about that. |
|
Yep, the integration tests do create/destroy real resources however I think we can get away with dummy values like we already do at https://github.com/terraform-providers/terraform-provider-cloudflare/blob/55c2d9946b52853ebb4decaa542842ed72544eb9/cloudflare/resource_cloudflare_access_identity_provider_test.go#L174-L185 Within the test, you can try creating the fake IdP and then attaching the groups to it. I know I had issues with it in the past but I think that was for actual reproduction test cases and not integration testing (as we're really only asserting the Terraform state). Let me know if you have issues though and we can either rely on a mocked values or I'll setup a real SSO provider for it. |
Justin-Holmes
force-pushed
the
justin/remove-idp-redundancy
branch
2 times, most recently
from
a439159 to
251614f
Compare
|
@jacobbednarz it looks like the acceptance tests are failing because of missing credentials. Let me know if there is anything I can do on my end to help! |
There was a problem hiding this comment.
I've pushed up a fix for the resource naming but it still looks like teams/team is missing from the GitHub IdP which we will need. I'm not sure if you're intending on using team or teams but my vote would be for the latter as IIRC, you can have multiple teams.
|
@jacobbednarz thank you, good catch! |
Prior to this change, we were passing through the full resource when it only required the `rnd` value. In doing so, made the resource: ``` resource "cloudflare_access_group" "cloudflare_access_group.ohvdwhgf" ``` when we only needed ``` resource "cloudflare_access_group" "ohvdwhgf" ```
Justin-Holmes
force-pushed
the
justin/remove-idp-redundancy
branch
from
3dbf4f1 to
f6a5b34
Compare
I rebased master and kept the vendor directory without realizing that it’s no longer needed.
The value ends up being a UUID from another resource which makes asserting specific values very hard. Instead, just check it's set.
|
we're green! thanks! |
|
This PR breaks Cloudflare <> Okta for us. 'Error: missing expected [' even though the expected string to string array conversion is there.
|
|
@analytically are you able to provide a new issue with a reproduction case and I can take a look? |
|
I see the same issue on Okta. |
|
@groodt do you mind opening an issue with a reproduction test case and I'll dig into it? |
|
Sorry don't have time. |
…terraformAppLauncherVisible Add app_launcher_visible to Access Application
This PR should clean up redundancy in our IdP policy rules and create an API that's consistent with our dashboard UI. Here is an example of the proposed change:
Current
New
Unfortunately, I wasn't able to run the acceptance tests but I was able to create resources in my local environment without any issues.