Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New resource: aws_cognito_user_pool_app_client #2874

Closed

Conversation

tomelliff
Copy link
Contributor

@tomelliff tomelliff commented Jan 5, 2018

Minimal Cognito User Pool App/Client resource.
Only implements generate_secret, refresh_token_validity and read/write_attributes so far.
All the Oauth stuff has been left for work at a later date.

@tomelliff
Copy link
Contributor Author

$ make testacc TEST=./aws TESTARGS="-run=TestAccAWSCognitoUserPoolAppClient"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSCognitoUserPoolAppClient -timeout 120m
=== RUN   TestAccAWSCognitoUserPoolAppClient_basic
--- PASS: TestAccAWSCognitoUserPoolAppClient_basic (28.67s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_generate_secret
--- PASS: TestAccAWSCognitoUserPoolAppClient_generate_secret (28.65s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_complex
--- PASS: TestAccAWSCognitoUserPoolAppClient_complex (52.34s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	109.667s

@tomelliff tomelliff changed the title WIP: Minimal Cognito User Pool App Client Minimal Cognito User Pool App Client Jan 5, 2018
Minimal Cognito User Pool App/Client resource.
Only implements generate_secret, refresh_token_validity and read/write_attributes so far.
All the Oauth stuff has been left for work at a later date.
@tomelliff tomelliff force-pushed the add-cognito-user-pool-app-client branch from 8a70324 to 9b9c56a Compare January 5, 2018 15:27
@tomelliff
Copy link
Contributor Author

tomelliff commented Jan 5, 2018

Interestingly I managed to accidentally return resourceAwsCognitoUserPoolRead from the update instead of resourceAwsCognitoUserPoolAppClientRead but all my tests still passed. When I checked, I had a Cognito user pool still left in us-west-2 from the test that hadn't been destroyed despite all the tests having a CheckDestroy that looks like it should be fine.

I've since fixed the mistake and squashed the fix but have I done something wrong there?

@tomelliff tomelliff changed the title Minimal Cognito User Pool App Client WIP: Minimal Cognito User Pool App Client Jan 5, 2018
@tomelliff
Copy link
Contributor Author

Moving this back to WIP because after a little bit of testing it looks like updating either read or write attributes but not both then wipes the other one. I'll try and debug what's going on there but it's not good to be merged until then.

@tomelliff tomelliff changed the title WIP: Minimal Cognito User Pool App Client Minimal Cognito User Pool App Client Jan 5, 2018
@tomelliff tomelliff force-pushed the add-cognito-user-pool-app-client branch from 6ced0dc to 80fb1be Compare January 5, 2018 17:30
@tomelliff
Copy link
Contributor Author

Think that's fixed everything and have tests to cover that last issue too:

$ make testacc TEST=./aws TESTARGS="-run=TestAccAWSCognitoUserPoolAppClient"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSCognitoUserPoolAppClient -timeout 120m
=== RUN   TestAccAWSCognitoUserPoolAppClient_basic
--- PASS: TestAccAWSCognitoUserPoolAppClient_basic (28.99s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_update_basic
--- PASS: TestAccAWSCognitoUserPoolAppClient_update_basic (28.35s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_generate_secret
--- PASS: TestAccAWSCognitoUserPoolAppClient_generate_secret (28.47s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_complex
--- PASS: TestAccAWSCognitoUserPoolAppClient_complex (53.17s)
=== RUN   TestAccAWSCognitoUserPoolAppClient_update_non_attributes
--- PASS: TestAccAWSCognitoUserPoolAppClient_update_non_attributes (48.38s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	187.378s

…clients

If these aren't set when the resource is updated then they are removed.
If there are no read/write attributes set then Cognito defaults to allowing users to read/write all attributes.

From testing, the 'name' and 'refresh_token_validity' parameters aren't affected in the same way.
@tomelliff tomelliff force-pushed the add-cognito-user-pool-app-client branch from 80fb1be to 25508a2 Compare January 5, 2018 17:32
@jen20 jen20 added new-resource Introduces a new resource. service/cognito labels Jan 6, 2018
@jen20
Copy link
Contributor

jen20 commented Jan 6, 2018

Hi @tomelliff! Thanks for the comprehensive pull request. I have another couple to review ahead of this one but if no-one else picks this up first I will do so shortly.

@tomelliff
Copy link
Contributor Author

Cool, thanks. The only time I get to write any Go is when I contribute to Terraform so let me know if there's anything I've done wrong or could do better.

@tomelliff tomelliff changed the title Minimal Cognito User Pool App Client New resource: aws_cognito_user_pool_app_client Jan 10, 2018
@radeksimko
Copy link
Member

Hi @tomelliff
this looks like a duplicate of a resource which I just merged: #1803 (admittedly raised earlier) c583147

Can you please take a look and confirm that we can close this PR?

Thanks.

@radeksimko radeksimko added the waiting-response Maintainers are waiting on response from community or contributor. label Jan 11, 2018
@tomelliff
Copy link
Contributor Author

Ack, I'm not doing too well with Github search apparently and keep missing things that other people have done before starting.

Looking at the discussion in the PR I can see this comment that seems to suggest that there's no support for custom attributes but I can't see why not because it was straightforward for me to add them (and I have tests for them too).

I also noticed that the read_attributes and write_attributes are only set on an update when they are changed (c583147#diff-691a9416b6661d1ee9e2ed38b6dce6fdR269) but this won't actually work because if you set just the read attributes and not the write attributes the API annoyingly blanks the write attributes and vice versa. This has the awful fallback of making everything readable/writable as well :( I added a test in my PR to cover that use case but I could probably rework fixes on top of that work and close that PR if you want? I'd probably want to test the update a bit more heavily with a test case that loops through a lot of changes just from the weirdness going on with the attributes.

@radeksimko
Copy link
Member

I could probably rework fixes on top of that work and close that PR if you want?

That sounds like a good plan 👍 Thanks.

@radeksimko
Copy link
Member

I'm going to close this PR then and let you pick any changes & PR them separately.

Thanks for all the efforts!

@radeksimko radeksimko closed this Jan 17, 2018
@ghost
Copy link

ghost commented Apr 8, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 8, 2020
@breathingdust breathingdust removed the waiting-response Maintainers are waiting on response from community or contributor. label Sep 17, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
new-resource Introduces a new resource.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants