Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: modify update method to use api to add or remove client ids wit… #37612

Merged

Conversation

rromic
Copy link
Contributor

@rromic rromic commented May 20, 2024

…hout destroying openid connect provider

Description

This PR adds option to not recreate openid connect on changes in client list ids, as recreation is causing short downtime for existing clients which makes maintenance with terraform configuration bit harder.

On update on client ids now its using dedicated APIs to ADD and to REMOVE diffs in client list ids. Those APIs are idempotent, so if you try to add same client id it wont fail or if you try to delete non existing client id.

Added acceptance tests to cover new cases.

Relations

Closes #23099

References

Output from Acceptance Testing

make testacc TESTS='TestAccIAMOpenIDConnectProvider_' PKG=iam 
==> Checking that code complies with gofmt requirements...

TF_ACC=1 go1.22.2 test ./internal/service/iam/... -v -count 1 -parallel 20 -run='TestAccIAMOpenIDConnectProvider_'  -timeout 360m
=== RUN   TestAccIAMOpenIDConnectProvider_tags
=== PAUSE TestAccIAMOpenIDConnectProvider_tags
=== RUN   TestAccIAMOpenIDConnectProvider_tags_null
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_null
=== RUN   TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_basic
=== PAUSE TestAccIAMOpenIDConnectProvider_basic
=== RUN   TestAccIAMOpenIDConnectProvider_disappears
=== PAUSE TestAccIAMOpenIDConnectProvider_disappears
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDModification
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDModification
=== CONT  TestAccIAMOpenIDConnectProvider_tags
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== CONT  TestAccIAMOpenIDConnectProvider_tags_null
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDModification
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== CONT  TestAccIAMOpenIDConnectProvider_disappears
=== CONT  TestAccIAMOpenIDConnectProvider_basic
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
--- PASS: TestAccIAMOpenIDConnectProvider_disappears (49.01s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag (64.93s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag (65.38s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag (65.91s)
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDListOrder (68.12s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate (68.31s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_null (79.12s)
--- PASS: TestAccIAMOpenIDConnectProvider_basic (85.50s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly (86.04s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace (88.79s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly (89.50s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate (90.47s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace (94.58s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate (95.10s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add (95.51s)
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDModification (107.84s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add (108.95s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping (112.84s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags (127.10s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping (79.82s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly (130.39s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/iam        135.250s

Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/iam Issues and PRs that pertain to the iam service. labels May 20, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label May 20, 2024
@rromic rromic force-pushed the f-aws_iam_openid_connect_provider-client-ids branch from 80f0145 to 02cd3f5 Compare May 20, 2024 22:31
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label May 21, 2024
@ewbankkit ewbankkit self-assigned this May 21, 2024
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label May 21, 2024
@ewbankkit ewbankkit added the enhancement Requests to existing resources that expand the functionality or scope. label May 21, 2024
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccIAMOpenIDConnectProvider_' PKG=iam ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/iam/... -v -count 1 -parallel 2  -run=TestAccIAMOpenIDConnectProvider_ -timeout 360m
=== RUN   TestAccIAMOpenIDConnectProvider_tags
=== PAUSE TestAccIAMOpenIDConnectProvider_tags
=== RUN   TestAccIAMOpenIDConnectProvider_tags_null
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_null
=== RUN   TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_basic
=== PAUSE TestAccIAMOpenIDConnectProvider_basic
=== RUN   TestAccIAMOpenIDConnectProvider_disappears
=== PAUSE TestAccIAMOpenIDConnectProvider_disappears
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDModification
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDModification
=== CONT  TestAccIAMOpenIDConnectProvider_tags
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag (13.03s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace (23.96s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDModification
--- PASS: TestAccIAMOpenIDConnectProvider_tags (42.41s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDListOrder
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDListOrder (13.11s)
=== CONT  TestAccIAMOpenIDConnectProvider_disappears
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDModification (28.37s)
=== CONT  TestAccIAMOpenIDConnectProvider_basic
--- PASS: TestAccIAMOpenIDConnectProvider_disappears (9.94s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate (16.11s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
--- PASS: TestAccIAMOpenIDConnectProvider_basic (19.47s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag (12.59s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add (24.39s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag (12.73s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly (19.55s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly (43.14s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly (20.45s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping (32.80s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping (32.62s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace (19.95s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate (21.80s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
--- PASS: TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate (19.87s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_null
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add (30.66s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_null (16.62s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/iam	244.595s

@ewbankkit
Copy link
Contributor

@rromic Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 7ca400c into hashicorp:main May 21, 2024
46 checks passed
@github-actions github-actions bot added this to the v5.51.0 milestone May 21, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label May 24, 2024
Copy link

This functionality has been released in v5.51.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Implement management of client-ids for aws_iam_openid_connect_provider
2 participants