From 6f44af34ad6b3cd73bdbf2d4b3d6e86faa298b7d Mon Sep 17 00:00:00 2001 From: tombuildsstuff <git@ibuildstuff.co.uk> Date: Fri, 23 Nov 2018 07:42:29 +0100 Subject: [PATCH 1/2] backend/azurerm: removing the `arm_` prefix from keys --- backend/remote-state/azure/backend.go | 75 ++++++++++++++++----- backend/remote-state/azure/backend_test.go | 48 ++++++++++--- backend/remote-state/azure/client_test.go | 28 ++++---- website/docs/backends/types/azurerm.html.md | 20 +++--- 4 files changed, 121 insertions(+), 50 deletions(-) diff --git a/backend/remote-state/azure/backend.go b/backend/remote-state/azure/backend.go index 279db5060ec2..0599db420e29 100644 --- a/backend/remote-state/azure/backend.go +++ b/backend/remote-state/azure/backend.go @@ -57,28 +57,28 @@ func New() backend.Backend { Description: "The resource group name.", }, - "arm_subscription_id": { - Type: schema.TypeString, - Optional: true, - Description: "The Subscription ID.", - DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""), - }, - - "arm_client_id": { + "client_id": { Type: schema.TypeString, Optional: true, Description: "The Client ID.", DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""), }, - "arm_client_secret": { + "client_secret": { Type: schema.TypeString, Optional: true, Description: "The Client Secret.", DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""), }, - "arm_tenant_id": { + "subscription_id": { + Type: schema.TypeString, + Optional: true, + Description: "The Subscription ID.", + DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""), + }, + + "tenant_id": { Type: schema.TypeString, Optional: true, Description: "The Tenant ID.", @@ -99,7 +99,35 @@ func New() backend.Backend { DefaultFunc: schema.EnvDefaultFunc("ARM_MSI_ENDPOINT", ""), }, - // TODO: rename these fields + // Deprecated fields + "arm_client_id": { + Type: schema.TypeString, + Optional: true, + Description: "The Client ID.", + Deprecated: "`arm_client_id` has been replaced by `client_id`", + }, + + "arm_client_secret": { + Type: schema.TypeString, + Optional: true, + Description: "The Client Secret.", + Deprecated: "`arm_client_secret` has been replaced by `client_secret`", + }, + + "arm_subscription_id": { + Type: schema.TypeString, + Optional: true, + Description: "The Subscription ID.", + Deprecated: "`arm_subscription_id` has been replaced by `subscription_id`", + }, + + "arm_tenant_id": { + Type: schema.TypeString, + Optional: true, + Description: "The Tenant ID.", + Deprecated: "`arm_tenant_id` has been replaced by `tenant_id`", + }, + // TODO: support for custom resource manager endpoints }, } @@ -142,21 +170,26 @@ func (b *Backend) configure(ctx context.Context) error { // Grab the resource data data := schema.FromContextBackendConfig(ctx) - b.containerName = data.Get("container_name").(string) b.keyName = data.Get("key").(string) + // support for previously deprecated fields + clientId := valueFromDeprecatedField(data, "client_id", "arm_client_id") + clientSecret := valueFromDeprecatedField(data, "client_secret", "arm_client_secret") + subscriptionId := valueFromDeprecatedField(data, "subscription_id", "arm_subscription_id") + tenantId := valueFromDeprecatedField(data, "tenant_id", "arm_tenant_id") + config := BackendConfig{ AccessKey: data.Get("access_key").(string), - ClientID: data.Get("arm_client_id").(string), - ClientSecret: data.Get("arm_client_secret").(string), + ClientID: clientId, + ClientSecret: clientSecret, Environment: data.Get("environment").(string), MsiEndpoint: data.Get("msi_endpoint").(string), ResourceGroupName: data.Get("resource_group_name").(string), SasToken: data.Get("sas_token").(string), StorageAccountName: data.Get("storage_account_name").(string), - SubscriptionID: data.Get("arm_subscription_id").(string), - TenantID: data.Get("arm_tenant_id").(string), + SubscriptionID: subscriptionId, + TenantID: tenantId, UseMsi: data.Get("use_msi").(bool), } @@ -172,3 +205,13 @@ func (b *Backend) configure(ctx context.Context) error { b.armClient = armClient return nil } + +func valueFromDeprecatedField(d *schema.ResourceData, key, deprecatedFieldKey string) string { + v := d.Get(key).(string) + + if v == "" { + v = d.Get(deprecatedFieldKey).(string) + } + + return v +} diff --git a/backend/remote-state/azure/backend_test.go b/backend/remote-state/azure/backend_test.go index 81f2035931a8..eb506e462bf4 100644 --- a/backend/remote-state/azure/backend_test.go +++ b/backend/remote-state/azure/backend_test.go @@ -79,8 +79,8 @@ func TestBackendManagedServiceIdentityBasic(t *testing.T) { "key": res.storageKeyName, "resource_group_name": res.resourceGroup, "use_msi": true, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) @@ -129,6 +129,34 @@ func TestBackendServicePrincipalBasic(t *testing.T) { t.Fatalf("Error creating Test Resources: %q", err) } + b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ + "storage_account_name": res.storageAccountName, + "container_name": res.storageContainerName, + "key": res.storageKeyName, + "resource_group_name": res.resourceGroup, + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "environment": os.Getenv("ARM_ENVIRONMENT"), + })).(*Backend) + + backend.TestBackendStates(t, b) +} + +func TestBackendServicePrincipalDeprecatedFields(t *testing.T) { + testAccAzureBackend(t) + rs := acctest.RandString(4) + res := testResourceNames(rs, "testState") + armClient := buildTestClient(t, res) + + ctx := context.TODO() + err := armClient.buildTestResources(ctx, &res) + defer armClient.destroyTestResources(ctx, res) + if err != nil { + t.Fatalf("Error creating Test Resources: %q", err) + } + b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ "storage_account_name": res.storageAccountName, "container_name": res.storageContainerName, @@ -195,10 +223,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) { "container_name": res.storageContainerName, "key": res.storageKeyName, "access_key": res.storageAccountAccessKey, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) @@ -207,10 +235,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) { "container_name": res.storageContainerName, "key": res.storageKeyName, "access_key": res.storageAccountAccessKey, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) diff --git a/backend/remote-state/azure/client_test.go b/backend/remote-state/azure/client_test.go index 7b73472bf014..c6d0c0eeff3a 100644 --- a/backend/remote-state/azure/client_test.go +++ b/backend/remote-state/azure/client_test.go @@ -64,8 +64,8 @@ func TestRemoteClientManagedServiceIdentityBasic(t *testing.T) { "key": res.storageKeyName, "resource_group_name": res.resourceGroup, "use_msi": true, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) @@ -129,10 +129,10 @@ func TestRemoteClientServicePrincipalBasic(t *testing.T) { "container_name": res.storageContainerName, "key": res.storageKeyName, "resource_group_name": res.resourceGroup, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) @@ -204,10 +204,10 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) { "container_name": res.storageContainerName, "key": res.storageKeyName, "resource_group_name": res.resourceGroup, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) @@ -216,10 +216,10 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) { "container_name": res.storageContainerName, "key": res.storageKeyName, "resource_group_name": res.resourceGroup, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), + "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), + "tenant_id": os.Getenv("ARM_TENANT_ID"), + "client_id": os.Getenv("ARM_CLIENT_ID"), + "client_secret": os.Getenv("ARM_CLIENT_SECRET"), "environment": os.Getenv("ARM_ENVIRONMENT"), })).(*Backend) diff --git a/website/docs/backends/types/azurerm.html.md b/website/docs/backends/types/azurerm.html.md index 75f0ec297e27..04fb2d2eb6fe 100644 --- a/website/docs/backends/types/azurerm.html.md +++ b/website/docs/backends/types/azurerm.html.md @@ -36,8 +36,8 @@ terraform { container_name = "tfstate" key = "prod.terraform.tfstate" use_msi = true - arm_subscription_id = "00000000-0000-0000-0000-000000000000" - arm_tenant_id = "00000000-0000-0000-0000-000000000000" + subscription_id = "00000000-0000-0000-0000-000000000000" + tenant_id = "00000000-0000-0000-0000-000000000000" } } ``` @@ -101,8 +101,8 @@ data "terraform_remote_state" "foo" { container_name = "terraform-state" key = "prod.terraform.tfstate" use_msi = true - arm_subscription_id = "00000000-0000-0000-0000-000000000000" - arm_tenant_id = "00000000-0000-0000-0000-000000000000" + subscription_id = "00000000-0000-0000-0000-000000000000" + tenant_id = "00000000-0000-0000-0000-000000000000" } } ``` @@ -156,9 +156,9 @@ The following configuration options are supported: When authenticating using the Managed Service Identity (MSI) - the following fields are also supported: -* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. +* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. -* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. +* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. * `msi_endpoint` - (Optional) The path to a custom Managed Service Identity endpoint which is automatically determined if not specified. This can also be sourced from the `ARM_MSI_ENDPOINT` environment variable. @@ -182,10 +182,10 @@ When authenticating using a Service Principal - the following fields are also su * `resource_group_name` - (Required) The Name of the Resource Group in which the Storage Account exists. -* `arm_client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable. +* `client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable. -* `arm_client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable. +* `client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable. -* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. +* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. -* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. +* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. From 78e0f7ff786aac5ab4bbc7165dfe0b581a102323 Mon Sep 17 00:00:00 2001 From: tombuildsstuff <git@ibuildstuff.co.uk> Date: Fri, 23 Nov 2018 20:49:33 +0100 Subject: [PATCH 2/2] removing the deprecated fields test because the deprecation makes it fail --- backend/remote-state/azure/backend_test.go | 28 ---------------------- 1 file changed, 28 deletions(-) diff --git a/backend/remote-state/azure/backend_test.go b/backend/remote-state/azure/backend_test.go index eb506e462bf4..619b0d78d142 100644 --- a/backend/remote-state/azure/backend_test.go +++ b/backend/remote-state/azure/backend_test.go @@ -144,34 +144,6 @@ func TestBackendServicePrincipalBasic(t *testing.T) { backend.TestBackendStates(t, b) } -func TestBackendServicePrincipalDeprecatedFields(t *testing.T) { - testAccAzureBackend(t) - rs := acctest.RandString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) - if err != nil { - t.Fatalf("Error creating Test Resources: %q", err) - } - - b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "arm_tenant_id": os.Getenv("ARM_TENANT_ID"), - "arm_client_id": os.Getenv("ARM_CLIENT_ID"), - "arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - })).(*Backend) - - backend.TestBackendStates(t, b) -} - func TestBackendAccessKeyLocked(t *testing.T) { testAccAzureBackend(t) rs := acctest.RandString(4)