chore: Adds mongodbatlas_encryption_at_rest_private_endpoint acceptance test using azapi to approve private endpoint & check ACTIVE status
#2558
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maastha
changed the title
mongodbatlas_encryption_at_rest_private_endpoint acceptance test using azapi to approve private endpoint & check ACTIVE status
lantoli
reviewed
Sep 6, 2024
lantoli
reviewed
Sep 6, 2024
| @@ -134,6 +126,8 @@ func TestMigEncryptionAtRest_basicAzure(t *testing.T) { | |||
| "subscription_id": azureKeyVault.GetSubscriptionID(), | |||
| "tenant_id": azureKeyVault.GetTenantID(), | |||
| } | |||
|
|
|||
| useDatasource = mig.IsProviderVersionAtLeast("1.19.0") // data source introduced in this version | |||
lantoli
reviewed
Sep 6, 2024
lantoli
reviewed
Sep 6, 2024
| @@ -70,6 +71,53 @@ func basicTestCase(tb testing.TB) *resource.TestCase { | |||
| } | |||
| } | |||
|
|
|||
| func TestAccEncryptionAtRestPrivateEndpoint_approveEndpointWithAzureProvider(t *testing.T) { | |||
| acc.SkipTestForCI(t) // uses azure/azapi Terraform provider which can log sensitive information in CI like Azure subscriptionID used in parent_id of the resource | |||
There was a problem hiding this comment.
if we know the patterns, GH allows to hide sensitive info, e.g.: https://github.com/marketplace/actions/hide-sensitive-inputs
but maybe it's not possible in this situation
There was a problem hiding this comment.
The issue is we don't need to hide once specific attribute here that is a direct input to the action. The attribute that's concerning is the parent_id which is constructed/initialized inside the TF config.
Then when a failure happens, the azure provider includes that value in it's failure message. So essentially it's the failure message that can log that information.
Does that make sense?
lantoli
reviewed
Sep 6, 2024
internal/service/encryptionatrestprivateendpoint/resource_test.go
Outdated
Show resolved
Hide resolved
lantoli
approved these changes
Sep 6, 2024
maastha
added a commit
that referenced
this pull request
Sep 9, 2024
…o master (#2569) * update sdk dev (#2490) * chore: Creates TF models & interfaces for new `mongodbatlas_encryption_at_rest_private_endpoint` resource (#2493) * chore: Creates TF models & interfaces for new `mongodbatlas_encryption_at_rest_private_endpoint` data source (#2500) * feat: Updates `mongodbatlas_encryption_at_rest` resource to use new `azure_key_vault_config.require_private_networking` field (#2509) * chore: Creates TF models & interfaces for `mongodbatlas_encryption_at_rest_private_endpoints` plural data source (#2502) * feat: Implements `mongodbatlas_encryption_at_rest_private_endpoint` resource (#2512) * wip - implementing CRUD * include changelog entry * small adjustments * supporting state transition logic * implement acceptance test * add unit testing for state transitions * handle return error message if failed status is present * add acceptance test transitioning for public to private network * improve messaging for failed status * fix prechecks * use global const for resource name * avoid hardcoded value * adjust state transition logic for delete * adjusting target version in migration test to 1.19.0 * adjust default refresh to 30 seconds for quicker response * feat: Implements `mongodbatlas_encryption_at_rest_private_endpoint` singular data source (#2527) * implement singular data source * including changelog entry * doc: Updates existing documentation for `mongodbatlas_encryption_at_rest` resource to be auto-generated (#2529) * doc: Include example for new `mongodbatlas_encryption_at_rest_private_endpoint` resource (#2540) * Include example for ear with private endpoint * fix example * adjust readme * Update examples/mongodbatlas_encryption_at_rest_private_endpoint/azure/README.md Co-authored-by: maastha <[email protected]> * Update examples/mongodbatlas_encryption_at_rest_private_endpoint/azure/README.md Co-authored-by: maastha <[email protected]> * add example cli command * make use of variables to make value of resource id more compact --------- Co-authored-by: maastha <[email protected]> * feat: Implements new `mongodbatlas_encryption_at_rest_private_endpoints` data source (#2536) * temporary change to cloud provider access and getting latest sdk * implements plural data source * adapted cloud provider access with latest changes from dev preview * fix unit test * adding changelog entry * add changes to verify plural data source in basic test case * doc adjust to cloud_provider attribute * feat: Implements new `mongodbatlas_encryption_at_rest` singular data source & adds `valid` attribute for cloud provider configs in the resource (#2538) * fix: Adds error message handling to `mongodbatlas_encryption_at_rest_private_endpoint` resource (#2544) * doc: Adds documentation for new `encryption_at_rest_private_endpoint` resource and data sources (#2547) * adding documentation for encryption_at_rest_private_endpoint resource and data sources * align generated docs * minor typo fix * Adjust description of project_id to make it more concise * align note stating feature is available by request as defined in general docs * chore: Adopt latest changes from master into ear private endpoint dev branch to adopt latest SDK (#2549) * test: Reduce instance size and use of provisioned disk iops for test that verifies transition for symmetric to asymmetric configuration (#2503) * doc: Include changelog entries to mention 2 new guides (#2506) * add entry for 2 new guides * add link * chore: Updates examples link in index.md for v1.18.0 release * chore: Updates CHANGELOG.md header for v1.18.0 release * doc: Update Atlas SP db_role_to_execute info. (#2508) * (DOCSP-41590) Updating Atlas SP db_role_to_execute info. * Update docs/resources/stream_connection.md Co-authored-by: kanchana-mongodb <[email protected]> --------- Co-authored-by: kanchana-mongodb <[email protected]> * doc: Contributing Guidelines Updates (#2494) * Contributing Guidelines Updates * Update README.md * Update README.md * Update contributing/README.md Co-authored-by: kyuan-mongodb <[email protected]> --------- Co-authored-by: kyuan-mongodb <[email protected]> * test: Simply migration test checks after 1.18.0 release and adjust version constraint in advanced_cluster examples uing new schema (#2510) * doc: Add references to the terraform modules in the resources documentations (#2513) * add references to the modules in the resources documentations * fix pr comments * chore: Bump hashicorp/setup-terraform from 3.1.1 to 3.1.2 (#2515) Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](hashicorp/setup-terraform@651471c...b9cd54a) --- updated-dependencies: - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Add mention of support ticket when opening a pull request (#2507) * Add mention of creating support ticket when opening PR * rephrasing to avoid mention of priority * including suggestion * doc: Updates`mongodbatlas_advanced_cluster` ISS migration guide & resource doc with expected 500 error on update (#2525) * chore: Updates mongodbatlas_advanced_cluster tests to expect temporary SERVICE_UNAVAILABLE error when migrating from old to new schema (#2523) * doc: Fixes wordings in the new advanced_cluster sharding guide. (#2524) * chore: Updates examples link in index.md for v1.18.1 release * chore: Updates CHANGELOG.md header for v1.18.1 release * chore: upgrades go SDK from `v20240805001` to `v20240805002` (#2534) * chore: Updates to Go 1.23 (#2535) * update asdf TF version * update to Go 1.23 * update linter * update golang-ci linter * disable Go telemetry * revert TF change * chore: Bump go.mongodb.org/atlas from 0.36.0 to 0.37.0 (#2532) Bumps [go.mongodb.org/atlas](https://github.com/mongodb/go-client-mongodb-atlas) from 0.36.0 to 0.37.0. - [Release notes](https://github.com/mongodb/go-client-mongodb-atlas/releases) - [Changelog](https://github.com/mongodb/go-client-mongodb-atlas/blob/master/CHANGELOG.md) - [Commits](mongodb/go-client-mongodb-atlas@v0.36.0...v0.37.0) --- updated-dependencies: - dependency-name: go.mongodb.org/atlas dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Bump github.com/hashicorp/hcl/v2 from 2.21.0 to 2.22.0 (#2530) Bumps [github.com/hashicorp/hcl/v2](https://github.com/hashicorp/hcl) from 2.21.0 to 2.22.0. - [Release notes](https://github.com/hashicorp/hcl/releases) - [Changelog](https://github.com/hashicorp/hcl/blob/main/CHANGELOG.md) - [Commits](hashicorp/hcl@v2.21.0...v2.22.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/hcl/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * update asdf TF version to 1.9.5 (#2537) * chore: Changes deprecation message for labels attribute (#2542) * chore: Upgrades go SDK from `v20240805002` to `v20240805003` (#2545) * major version update calling gomajor tool * manual change to reincorporate v20240530005 * reverts temp changes in cloud provider resources, fixes sdk versions in new implementations --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: svc-apix-bot <[email protected]> Co-authored-by: lmkerbey-mdb <[email protected]> Co-authored-by: kanchana-mongodb <[email protected]> Co-authored-by: Zuhair Ahmed <[email protected]> Co-authored-by: kyuan-mongodb <[email protected]> Co-authored-by: rubenVB01 <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: maastha <[email protected]> Co-authored-by: Marco Suma <[email protected]> Co-authored-by: Espen Albert <[email protected]> Co-authored-by: Leo Antoli <[email protected]> Co-authored-by: Oriol <[email protected]> * doc: Adds documentation & examples for `mongodbatlas_encryption_at_rest` singular data source (#2543) * chore: Enables `mongodbatlas_encryption_at_rest` (Azure) tests to run in CI (#2551) * chore: Adds `mongodbatlas_encryption_at_rest_private_endpoint` acceptance test using azapi to approve private endpoint & check ACTIVE status (#2558) * doc: Add user journey considerations in current resource and example documentation (#2559) * minor typo fix * improve initial description in ear * adjust ear docs with mention of azure private link * private link doc adjustments * improve example * improve example * add mention in ear examples about policies * add note on update operation * link adjustments and add header for handling existing clusters * add note on private endpoint * add note in data sources * Update docs/resources/encryption_at_rest_private_endpoint.md Co-authored-by: maastha <[email protected]> * add clarification of preview flag for data sources --------- Co-authored-by: maastha <[email protected]> * update project_ip_addresses action * address doc comment --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Agustin Bettati <[email protected]> Co-authored-by: svc-apix-bot <[email protected]> Co-authored-by: lmkerbey-mdb <[email protected]> Co-authored-by: kanchana-mongodb <[email protected]> Co-authored-by: Zuhair Ahmed <[email protected]> Co-authored-by: kyuan-mongodb <[email protected]> Co-authored-by: rubenVB01 <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Suma <[email protected]> Co-authored-by: Espen Albert <[email protected]> Co-authored-by: Leo Antoli <[email protected]> Co-authored-by: Oriol <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Adds
mongodbatlas_encryption_at_rest_private_endpointacceptance test using azapi to approve private endpoint & check ACTIVE status and minor improvements to tests.The new test uses azure/azapi Terraform provider which can log sensitive information in CI like Azure subscriptionID used in parent_id of the resource in case of failures, hence this test is disabled to run in CI but maybe run locally without any additional setup.
Link to any related issue(s): CLOUDP-270777
Type of change:
Required Checklist:
Further comments