From 33f393446169bc425cb2bdf443a087d8535c7934 Mon Sep 17 00:00:00 2001 From: = Date: Mon, 17 Jun 2024 15:03:01 +0530 Subject: [PATCH] feat: switched to seperate tag resource and datasource model --- .../infisical_secret_tag/data-source.tf | 24 ++ .../resources/infisical_secret/resource.tf | 9 + internal/client/model.go | 39 +++ internal/client/project_tags.go | 96 ++++++- .../datasource/secret_tag_data_source.go | 131 +++++++++ internal/provider/provider.go | 2 + .../provider/resource/project_secret_tag.go | 260 ++++++++++++++++++ internal/provider/resource/secret_resource.go | 88 +----- 8 files changed, 574 insertions(+), 75 deletions(-) create mode 100644 examples/data-sources/infisical_secret_tag/data-source.tf create mode 100644 internal/provider/datasource/secret_tag_data_source.go create mode 100644 internal/provider/resource/project_secret_tag.go diff --git a/examples/data-sources/infisical_secret_tag/data-source.tf b/examples/data-sources/infisical_secret_tag/data-source.tf new file mode 100644 index 0000000..0c287c2 --- /dev/null +++ b/examples/data-sources/infisical_secret_tag/data-source.tf @@ -0,0 +1,24 @@ +terraform { + required_providers { + infisical = { + # version = + source = "infisical/infisical" + } + } +} + +provider "infisical" { + host = "https://app.infisical.com" # Only required if using self hosted instance of Infisical, default is https://app.infisical.com + client_id = "<>" + client_secret = "<>" +} + +data "infisical_secret_tag" "terraform" { + slug = "terraform" + project_id = "PROJECT_ID" +} + +output "secret-tag" { + value = data.infisical_secret_tag.terraform +} + diff --git a/examples/resources/infisical_secret/resource.tf b/examples/resources/infisical_secret/resource.tf index 40f804f..45e9102 100644 --- a/examples/resources/infisical_secret/resource.tf +++ b/examples/resources/infisical_secret/resource.tf @@ -29,10 +29,19 @@ resource "infisical_secret" "smtp_secret" { folder_path = "/mail-service" } + +resource "infisical_secret_tag" "terraform" { + name = "terraform" + slug = "terraform" + color = "#fff" + project_id = "PROJECT_ID" +} + resource "infisical_secret" "github_action_secret" { name = "GITHUB_ACTION" value = "" env_slug = "dev" workspace_id = "PROJECT_ID" folder_path = "/" + tag_ids = [infisical_secret_tag.terraform.id] } diff --git a/internal/client/model.go b/internal/client/model.go index f5a9c62..35756fd 100644 --- a/internal/client/model.go +++ b/internal/client/model.go @@ -658,3 +658,42 @@ type CreateProjectTagRequest struct { type CreateProjectTagResponse struct { Tag ProjectTag `json:"workspaceTag"` } + +type UpdateProjectTagRequest struct { + Name string `json:"name,omitempty"` + Color string `json:"color,omitempty"` + Slug string `json:"slug,omitempty"` + ProjectID string `json:"projectId"` + TagID string `json:"tagId"` +} + +type UpdateProjectTagResponse struct { + Tag ProjectTag `json:"workspaceTag"` +} + +type DeleteProjectTagRequest struct { + ProjectID string `json:"projectId"` + TagID string `json:"tagId"` +} + +type DeleteProjectTagResponse struct { + Tag ProjectTag `json:"workspaceTag"` +} + +type GetProjectTagByIDRequest struct { + ProjectID string `json:"projectId"` + TagID string `json:"tagId"` +} + +type GetProjectTagByIDResponse struct { + Tag ProjectTag `json:"workspaceTag"` +} + +type GetProjectTagBySlugRequest struct { + ProjectID string `json:"projectId"` + TagSlug string `json:"tagSlug"` +} + +type GetProjectTagBySlugResponse struct { + Tag ProjectTag `json:"workspaceTag"` +} diff --git a/internal/client/project_tags.go b/internal/client/project_tags.go index 40fb199..d8aa81c 100644 --- a/internal/client/project_tags.go +++ b/internal/client/project_tags.go @@ -1,7 +1,13 @@ package infisicalclient import ( + "errors" "fmt" + "net/http" +) + +var ( + ErrNotFound = errors.New("Resource not found") ) func (client Client) GetProjectTags(request GetProjectTagsRequest) (GetProjectTagsResponse, error) { @@ -25,7 +31,7 @@ func (client Client) GetProjectTags(request GetProjectTagsRequest) (GetProjectTa return body, nil } -func (client Client) CreateProjectTags(request CreateProjectTagRequest) (CreateProjectTagResponse, error) { +func (client Client) CreateProjectTag(request CreateProjectTagRequest) (CreateProjectTagResponse, error) { var body CreateProjectTagResponse response, err := client.Config.HttpClient. R(). @@ -44,3 +50,91 @@ func (client Client) CreateProjectTags(request CreateProjectTagRequest) (CreateP return body, nil } + +func (client Client) UpdateProjectTag(request UpdateProjectTagRequest) (UpdateProjectTagResponse, error) { + var body UpdateProjectTagResponse + response, err := client.Config.HttpClient. + R(). + SetResult(&body). + SetHeader("User-Agent", USER_AGENT). + SetBody(request). + Patch("api/v1/workspace/" + request.ProjectID + "/tags/" + request.TagID) + + if err != nil { + return UpdateProjectTagResponse{}, fmt.Errorf("CallUpdateProjectTag: Unable to complete api request [err=%s]", err) + } + + if response.IsError() { + return UpdateProjectTagResponse{}, fmt.Errorf("CallUpdateProjectTag: Unsuccessful response. [response=%s]", string(response.Body())) + } + + return body, nil +} + +func (client Client) GetProjectTagByID(request GetProjectTagByIDRequest) (GetProjectTagByIDResponse, error) { + var body GetProjectTagByIDResponse + response, err := client.Config.HttpClient. + R(). + SetResult(&body). + SetHeader("User-Agent", USER_AGENT). + SetBody(request). + Get("api/v1/workspace/" + request.ProjectID + "/tags/" + request.TagID) + + if response.StatusCode() == http.StatusNotFound { + return GetProjectTagByIDResponse{}, ErrNotFound + } + + if err != nil { + return GetProjectTagByIDResponse{}, fmt.Errorf("CallGetProjectTag: Unable to complete api request [err=%s]", err) + } + + if response.IsError() { + return GetProjectTagByIDResponse{}, fmt.Errorf("CallGetProjectTag: Unsuccessful response. [response=%s]", string(response.Body())) + } + + return body, nil +} + +func (client Client) GetProjectTagBySlug(request GetProjectTagBySlugRequest) (GetProjectTagBySlugResponse, error) { + var body GetProjectTagBySlugResponse + response, err := client.Config.HttpClient. + R(). + SetResult(&body). + SetHeader("User-Agent", USER_AGENT). + SetBody(request). + Get("api/v1/workspace/" + request.ProjectID + "/tags/slug/" + request.TagSlug) + + if response.StatusCode() == http.StatusNotFound { + return GetProjectTagBySlugResponse{}, ErrNotFound + } + + if err != nil { + return GetProjectTagBySlugResponse{}, fmt.Errorf("CallGetProjectTagBySlug: Unable to complete api request [err=%s]", err) + } + + if response.IsError() { + return GetProjectTagBySlugResponse{}, fmt.Errorf("CallGetProjectTagBySlug: Unsuccessful response. [response=%s]", string(response.Body())) + } + + return body, nil +} + +func (client Client) DeleteProjectTag(request DeleteProjectTagRequest) (DeleteProjectTagResponse, error) { + var body DeleteProjectTagResponse + response, err := client.Config.HttpClient. + R(). + SetResult(&body). + SetHeader("User-Agent", USER_AGENT). + SetBody(request). + Delete("api/v1/workspace/" + request.ProjectID + "/tags/" + request.TagID) + + if err != nil { + return DeleteProjectTagResponse{}, fmt.Errorf("CallDeleteProjectTag: Unable to complete api request [err=%s]", err) + } + + if response.IsError() { + return DeleteProjectTagResponse{}, fmt.Errorf("CallDeleteProjectTag: Unsuccessful response. [response=%s]", string(response.Body())) + } + + return body, nil +} diff --git a/internal/provider/datasource/secret_tag_data_source.go b/internal/provider/datasource/secret_tag_data_source.go new file mode 100644 index 0000000..21fd293 --- /dev/null +++ b/internal/provider/datasource/secret_tag_data_source.go @@ -0,0 +1,131 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package datasource + +import ( + "context" + "fmt" + + infisical "terraform-provider-infisical/internal/client" + + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/types" +) + +// Ensure provider defined types fully satisfy framework interfaces. +var _ datasource.DataSource = &SecretTagsDataSource{} + +func NewSecretTagDataSource() datasource.DataSource { + return &SecretTagsDataSource{} +} + +// SecretDataSource defines the data source implementation. +type SecretTagsDataSource struct { + client *infisical.Client +} + +// ExampleDataSourceModel describes the data source data model. +type SecretTagDataSourceModel struct { + ID types.String `tfsdk:"id"` + ProjectID types.String `tfsdk:"project_id"` + Name types.String `tfsdk:"name"` + Slug types.String `tfsdk:"slug"` + Color types.String `tfsdk:"color"` +} + +func (d *SecretTagsDataSource) Metadata(ctx context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { + resp.TypeName = req.ProviderTypeName + "_secret_tag" +} + +func (d *SecretTagsDataSource) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) { + resp.Schema = schema.Schema{ + Description: "Interact with Infisical secretTag secret tag.", + Attributes: map[string]schema.Attribute{ + "slug": schema.StringAttribute{ + Description: "The slug of the tag to fetch", + Required: true, + }, + "project_id": schema.StringAttribute{ + Description: "The secretTag ID of the tag to fetch", + Required: true, + }, + + "id": schema.StringAttribute{ + Description: "The ID of the secret tag", + Computed: true, + }, + "name": schema.StringAttribute{ + Description: "The name of the secret tag", + Computed: true, + }, + "color": schema.StringAttribute{ + Description: "The color of the secret tag", + Computed: true, + }, + }, + } +} + +func (d *SecretTagsDataSource) Configure(ctx context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) { + // Prevent panic if the provider has not been configured. + if req.ProviderData == nil { + return + } + + client, ok := req.ProviderData.(*infisical.Client) + + if !ok { + resp.Diagnostics.AddError( + "Unexpected Data Source Configure Type", + fmt.Sprintf("Expected *http.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData), + ) + + return + } + + d.client = client +} + +func (d *SecretTagsDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { + + if d.client.Config.AuthStrategy != infisical.AuthStrategy.UNIVERSAL_MACHINE_IDENTITY { + resp.Diagnostics.AddError( + "Unable to create secretTag tag", + "Only Machine Identity authentication is supported for this operation", + ) + return + } + + var data SecretTagDataSourceModel + + // Read Terraform configuration data into the model + resp.Diagnostics.Append(req.Config.Get(ctx, &data)...) + + if resp.Diagnostics.HasError() { + return + } + + secretTag, err := d.client.GetProjectTagBySlug(infisical.GetProjectTagBySlugRequest{ + TagSlug: data.Slug.ValueString(), + ProjectID: data.ProjectID.ValueString(), + }) + if err != nil { + resp.Diagnostics.AddError( + "Something went wrong while fetching the secret tag", + "If the error is not clear, please get in touch at infisical.com/slack\n\n"+ + "Infisical Client Error: "+err.Error(), + ) + } + + data = SecretTagDataSourceModel{ + ID: types.StringValue(secretTag.Tag.ID), + Name: types.StringValue(secretTag.Tag.Name), + Slug: types.StringValue(secretTag.Tag.Slug), + ProjectID: data.ProjectID, + } + + // Save data into Terraform state + resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) +} diff --git a/internal/provider/provider.go b/internal/provider/provider.go index dfe4d03..c513641 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -153,6 +153,7 @@ func (p *infisicalProvider) DataSources(_ context.Context) []func() datasource.D return []func() datasource.DataSource{ infisicalDatasource.NewSecretDataSource, infisicalDatasource.NewProjectDataSource, + infisicalDatasource.NewSecretTagDataSource, } } @@ -165,5 +166,6 @@ func (p *infisicalProvider) Resources(_ context.Context) []func() resource.Resou infisicalResource.NewProjectIdentityResource, infisicalResource.NewProjectRoleResource, infisicalResource.NewProjectIdentitySpecificPrivilegeResource, + infisicalResource.NewProjectSecretTagResource, } } diff --git a/internal/provider/resource/project_secret_tag.go b/internal/provider/resource/project_secret_tag.go new file mode 100644 index 0000000..a9eb4b5 --- /dev/null +++ b/internal/provider/resource/project_secret_tag.go @@ -0,0 +1,260 @@ +package resource + +import ( + "context" + "fmt" + infisical "terraform-provider-infisical/internal/client" + infisicalclient "terraform-provider-infisical/internal/client" + + "github.com/hashicorp/terraform-plugin-framework/resource" + "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/types" +) + +// NewProjectSecretTagResource is a helper function to simplify the provider implementation. +func NewProjectSecretTagResource() resource.Resource { + return &projectSecretTagResource{} +} + +// projectSecretTagResource is the resource implementation. +type projectSecretTagResource struct { + client *infisical.Client +} + +// projectSecretTagResourceSourceModel describes the data source data model. +type projectSecretTagResourceModel struct { + ID types.String `tfsdk:"id"` + Name types.String `tfsdk:"name"` + Slug types.String `tfsdk:"slug"` + Color types.String `tfsdk:"color"` + ProjectID types.String `tfsdk:"project_id"` +} + +// Metadata returns the resource type name. +func (r *projectSecretTagResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { + resp.TypeName = req.ProviderTypeName + "_secret_tag" +} + +// Schema defines the schema for the resource. +func (r *projectSecretTagResource) Schema(_ context.Context, _ resource.SchemaRequest, resp *resource.SchemaResponse) { + resp.Schema = schema.Schema{ + Description: "Create secret tag & save to Infisical.", + Attributes: map[string]schema.Attribute{ + "slug": schema.StringAttribute{ + Description: "The slug for the new tag", + Required: true, + }, + "name": schema.StringAttribute{ + Description: "The name for the new tag", + Required: true, + }, + "color": schema.StringAttribute{ + Description: "Color code for the tag.", + Required: true, + }, + "project_id": schema.StringAttribute{ + Description: "The ID of the project to create tag", + Required: true, + }, + "id": schema.StringAttribute{ + Description: "The ID of the role", + Computed: true, + PlanModifiers: []planmodifier.String{stringplanmodifier.UseStateForUnknown()}, + }, + }, + } +} + +// Configure adds the provider configured client to the resource. +func (r *projectSecretTagResource) Configure(_ context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse) { + if req.ProviderData == nil { + return + } + + client, ok := req.ProviderData.(*infisical.Client) + + if !ok { + resp.Diagnostics.AddError( + "Unexpected Data Source Configure Type", + fmt.Sprintf("Expected *http.Client, got: %T. Please report this issue to the provider developers.", req.ProviderData), + ) + + return + } + + r.client = client +} + +// Create creates the resource and sets the initial Terraform state. +func (r *projectSecretTagResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { + if r.client.Config.AuthStrategy != infisical.AuthStrategy.UNIVERSAL_MACHINE_IDENTITY { + resp.Diagnostics.AddError( + "Unable to create secret tag", + "Only Machine Identity authentication is supported for this operation", + ) + return + } + + // Retrieve values from plan + var plan projectSecretTagResourceModel + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + newProjectSecretTag, err := r.client.CreateProjectTag(infisical.CreateProjectTagRequest{ + ProjectID: plan.ProjectID.ValueString(), + Slug: plan.Slug.ValueString(), + Name: plan.Name.ValueString(), + Color: plan.Color.ValueString(), + }) + + if err != nil { + resp.Diagnostics.AddError( + "Error creating project secret tag", + "Couldn't save tag to Infiscial, unexpected error: "+err.Error(), + ) + return + } + + plan.ID = types.StringValue(newProjectSecretTag.Tag.ID) + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + +} + +// Read refreshes the Terraform state with the latest data. +func (r *projectSecretTagResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { + if r.client.Config.AuthStrategy != infisical.AuthStrategy.UNIVERSAL_MACHINE_IDENTITY { + resp.Diagnostics.AddError( + "Unable to read project tag role", + "Only Machine Identity authentication is supported for this operation", + ) + return + } + + // Get current state + var state projectSecretTagResourceModel + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + // Get the latest data from the API + secretTag, err := r.client.GetProjectTagByID(infisical.GetProjectTagByIDRequest{ + ProjectID: state.ProjectID.ValueString(), + TagID: state.ID.ValueString(), + }) + + if err != nil { + if err == infisicalclient.ErrNotFound { + resp.State.RemoveResource(ctx) + return + } else { + resp.Diagnostics.AddError( + "Error reading project secret tag", + "Couldn't read project secret tag from Infiscial, unexpected error: "+err.Error(), + ) + return + } + } + + state.Color = types.StringValue(secretTag.Tag.Color) + state.Name = types.StringValue(secretTag.Tag.Name) + state.Slug = types.StringValue(secretTag.Tag.Slug) + diags = resp.State.Set(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } +} + +// Update updates the resource and sets the updated Terraform state on success. +func (r *projectSecretTagResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { + if r.client.Config.AuthStrategy != infisical.AuthStrategy.UNIVERSAL_MACHINE_IDENTITY { + resp.Diagnostics.AddError( + "Unable to update secret tag", + "Only Machine Identity authentication is supported for this operation", + ) + return + } + + // Retrieve values from plan + var plan projectSecretTagResourceModel + diags := req.Plan.Get(ctx, &plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + var state projectSecretTagResourceModel + diags = req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + _, err := r.client.UpdateProjectTag(infisical.UpdateProjectTagRequest{ + ProjectID: plan.ProjectID.ValueString(), + Slug: plan.Slug.ValueString(), + Name: plan.Name.ValueString(), + Color: plan.Color.ValueString(), + TagID: plan.ID.ValueString(), + }) + + if err != nil { + resp.Diagnostics.AddError( + "Error updating secret tag", + "Couldn't update secret tag from Infiscial, unexpected error: "+err.Error(), + ) + return + } + + diags = resp.State.Set(ctx, plan) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + +} + +// Delete deletes the resource and removes the Terraform state on success. +func (r *projectSecretTagResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { + + if r.client.Config.AuthStrategy != infisical.AuthStrategy.UNIVERSAL_MACHINE_IDENTITY { + resp.Diagnostics.AddError( + "Unable to delete secret tag", + "Only Machine Identity authentication is supported for this operation", + ) + return + } + + var state projectSecretTagResourceModel + diags := req.State.Get(ctx, &state) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + + _, err := r.client.DeleteProjectTag(infisical.DeleteProjectTagRequest{ + ProjectID: state.ProjectID.ValueString(), + TagID: state.ID.ValueString(), + }) + + if err != nil { + resp.Diagnostics.AddError( + "Error deleting secret tag", + "Couldn't delete secret tag from Infiscial, unexpected error: "+err.Error(), + ) + return + } + +} diff --git a/internal/provider/resource/secret_resource.go b/internal/provider/resource/secret_resource.go index 6754317..49297b9 100644 --- a/internal/provider/resource/secret_resource.go +++ b/internal/provider/resource/secret_resource.go @@ -12,7 +12,6 @@ import ( "github.com/hashicorp/terraform-plugin-framework/resource" "github.com/hashicorp/terraform-plugin-framework/resource/schema" "github.com/hashicorp/terraform-plugin-framework/types" - "github.com/hashicorp/terraform-plugin-log/tflog" ) // Ensure the implementation satisfies the expected interfaces. @@ -38,7 +37,7 @@ type secretResourceModel struct { Value types.String `tfsdk:"value"` WorkspaceId types.String `tfsdk:"workspace_id"` LastUpdated types.String `tfsdk:"last_updated"` - Tags types.List `tfsdk:"tags"` + Tags types.List `tfsdk:"tag_ids"` } // Metadata returns the resource type name. @@ -81,10 +80,10 @@ func (r *secretResource) Schema(_ context.Context, _ resource.SchemaRequest, res "last_updated": schema.StringAttribute{ Computed: true, }, - "tags": schema.ListAttribute{ + "tag_ids": schema.ListAttribute{ ElementType: types.StringType, Optional: true, - Description: "Tag slugs to be attached for the secrets.", + Description: "Tag ids to be attached for the secrets.", }, }, } @@ -110,46 +109,6 @@ func (r *secretResource) Configure(_ context.Context, req resource.ConfigureRequ r.client = client } -func (r *secretResource) getAllTagIds(ctx context.Context, projectID string, tagSlugs []string) ([]string, error) { - if len(tagSlugs) == 0 { - return []string{}, nil - } - - projectTags, err := r.client.GetProjectTags(infisical.GetProjectTagsRequest{ - ProjectID: projectID, - }) - if err != nil { - return nil, err - } - - var tagIds []string - projectTagGroupBySlug := make(map[string]string) - - for _, tag := range projectTags.Tags { - projectTagGroupBySlug[tag.Slug] = tag.ID - } - - for _, slug := range tagSlugs { - if id, ok := projectTagGroupBySlug[slug]; ok { - tagIds = append(tagIds, id) - } else { - newTag, err := r.client.CreateProjectTags(infisical.CreateProjectTagRequest{ - ProjectID: projectID, - Name: slug, - Slug: slug, - Color: "#B5C02E", - }) - if err != nil { - tflog.Error(ctx, err.Error()) - } else { - tagIds = append(tagIds, newTag.Tag.ID) - } - } - } - - return tagIds, nil -} - // Create creates the resource and sets the initial Terraform state. func (r *secretResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { @@ -161,27 +120,16 @@ func (r *secretResource) Create(ctx context.Context, req resource.CreateRequest, return } - planSecretTagSlugs := make([]types.String, 0, len(plan.Tags.Elements())) - diags = plan.Tags.ElementsAs(ctx, &planSecretTagSlugs, false) + planSecretTagIds := make([]types.String, 0, len(plan.Tags.Elements())) + diags = plan.Tags.ElementsAs(ctx, &planSecretTagIds, false) resp.Diagnostics.Append(diags...) if resp.Diagnostics.HasError() { return } - secretTagSlugs := make([]string, 0, len(planSecretTagSlugs)) - for _, slug := range planSecretTagSlugs { - secretTagSlugs = append(secretTagSlugs, strings.ToLower(slug.ValueString())) - } - secretTagIds, err := r.getAllTagIds(ctx, plan.WorkspaceId.ValueString(), secretTagSlugs) - for _, e := range secretTagIds { - tflog.Info(ctx, e) - } - if err != nil { - resp.Diagnostics.AddError( - "Error creating secret", - "Could not get tag details, unexpected error: "+err.Error(), - ) - return + secretTagIds := make([]string, 0, len(planSecretTagIds)) + for _, slug := range planSecretTagIds { + secretTagIds = append(secretTagIds, strings.ToLower(slug.ValueString())) } if r.client.Config.AuthStrategy == infisical.AuthStrategy.SERVICE_TOKEN { @@ -512,24 +460,16 @@ func (r *secretResource) Update(ctx context.Context, req resource.UpdateRequest, return } - planSecretTagSlugs := make([]types.String, 0, len(plan.Tags.Elements())) - diags = plan.Tags.ElementsAs(ctx, &planSecretTagSlugs, false) + planSecretTagIds := make([]types.String, 0, len(plan.Tags.Elements())) + diags = plan.Tags.ElementsAs(ctx, &planSecretTagIds, false) resp.Diagnostics.Append(diags...) if resp.Diagnostics.HasError() { return } - secretTagSlugs := make([]string, 0, len(planSecretTagSlugs)) - for _, slug := range planSecretTagSlugs { - secretTagSlugs = append(secretTagSlugs, strings.ToLower(slug.ValueString())) - } - secretTagIds, err := r.getAllTagIds(ctx, plan.WorkspaceId.ValueString(), secretTagSlugs) - if err != nil { - resp.Diagnostics.AddError( - "Error updating secret", - "Could not get tag details, unexpected error: "+err.Error(), - ) - return + secretTagIds := make([]string, 0, len(planSecretTagIds)) + for _, slug := range planSecretTagIds { + secretTagIds = append(secretTagIds, strings.ToLower(slug.ValueString())) } if r.client.Config.AuthStrategy == infisical.AuthStrategy.SERVICE_TOKEN { @@ -689,7 +629,7 @@ func (r *secretResource) Delete(ctx context.Context, req resource.DeleteRequest, } } else { resp.Diagnostics.AddError( - "Error creating secret", + "Error deleting secret", "Unknown authentication strategy", ) return