From 1a1520702233dc43408c3d859cbff9cf9d80638a Mon Sep 17 00:00:00 2001 From: = Date: Mon, 9 Dec 2024 19:21:33 +0530 Subject: [PATCH 1/6] fix: resolved update not change the integration auth --- .../resource.tf | 5 +- .../resource.tf | 7 +- internal/client/integrations_auth.go | 20 ++++++ internal/client/model.go | 12 ++++ .../integration_aws_parameter_store.go | 19 +++++- .../integration_aws_secrets_manager.go | 64 +++++++++++++++---- .../provider/resource/integration_circleci.go | 18 +++++- .../resource/integration_databricks.go | 15 +++++ .../integration_gcp_secret_manager.go | 16 ++++- 9 files changed, 155 insertions(+), 21 deletions(-) diff --git a/examples/resources/infisical_integration_aws_parameter_store/resource.tf b/examples/resources/infisical_integration_aws_parameter_store/resource.tf index 30162b2..04ddf82 100644 --- a/examples/resources/infisical_integration_aws_parameter_store/resource.tf +++ b/examples/resources/infisical_integration_aws_parameter_store/resource.tf @@ -19,7 +19,7 @@ resource "infisical_integration_aws_parameter_store" "parameter-store-integratio environment = "" // example, dev secret_path = "" // example, /folder, or / - parameter_store_path = "/example/secrets" + parameter_store_path = "/example/secrets/" aws_region = "" // example, us-east-2 @@ -40,4 +40,5 @@ resource "infisical_integration_aws_parameter_store" "parameter-store-integratio }, ] } -} \ No newline at end of file +} + diff --git a/examples/resources/infisical_integration_aws_secrets_manager/resource.tf b/examples/resources/infisical_integration_aws_secrets_manager/resource.tf index f4a49a2..9cc880e 100644 --- a/examples/resources/infisical_integration_aws_secrets_manager/resource.tf +++ b/examples/resources/infisical_integration_aws_secrets_manager/resource.tf @@ -20,8 +20,8 @@ resource "infisical_integration_aws_secrets_manager" "secrets-manager-integratio secret_path = "" // example, /folder, or / - secrets_manager_path = "/example/secrets" # Only required if mapping_behavior is one-to-one - mapping_behavior = "one-to-one" # Optional, default is many-to-one + secrets_manager_path = "/example/secrets/" # Only required if mapping_behavior is one-to-one + mapping_behavior = "one-to-one" # Optional, default is many-to-one # AWS Authentication access_key_id = "" @@ -38,4 +38,5 @@ resource "infisical_integration_aws_secrets_manager" "secrets-manager-integratio }, ] } -} \ No newline at end of file +} + diff --git a/internal/client/integrations_auth.go b/internal/client/integrations_auth.go index cb4fdc9..c1c5de3 100644 --- a/internal/client/integrations_auth.go +++ b/internal/client/integrations_auth.go @@ -35,6 +35,26 @@ func (client Client) CreateIntegrationAuth(request CreateIntegrationAuthRequest) return body, nil } +func (client Client) UpdateIntegrationAuth(request UpdateIntegrationAuthRequest) (CreateIntegrationAuthResponse, error) { + var body CreateIntegrationAuthResponse + response, err := client.Config.HttpClient. + R(). + SetResult(&body). + SetHeader("User-Agent", USER_AGENT). + SetBody(request). + Patch("api/v1/integration-auth/" + request.IntegrationAuthId) + + if err != nil { + return CreateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unable to complete api request [err=%s]", err) + } + + if response.IsError() { + return CreateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unsuccessful response. [response=%s]", string(response.Body())) + } + + return body, nil +} + // Deleting integration auth triggers a cascade effect, that will also delete the associated integration. func (client Client) DeleteIntegrationAuth(request DeleteIntegrationAuthRequest) (DeleteIntegrationAuthResponse, error) { var body DeleteIntegrationAuthResponse diff --git a/internal/client/model.go b/internal/client/model.go index 5e357d7..4de355a 100644 --- a/internal/client/model.go +++ b/internal/client/model.go @@ -1552,6 +1552,16 @@ type CreateIntegrationAuthRequest struct { Integration IntegrationAuthType `json:"integration"` } +type UpdateIntegrationAuthRequest struct { + AccessId string `json:"accessId,omitempty"` + AccessToken string `json:"accessToken,omitempty"` + AWSAssumeIamRoleArn string `json:"awsAssumeIamRoleArn,omitempty"` + RefreshToken string `json:"refreshToken,omitempty"` + URL string `json:"url,omitempty"` + Integration IntegrationAuthType `json:"integration"` + IntegrationAuthId string `json:"integrationAuthId"` +} + type CreateIntegrationAuthResponse struct { IntegrationAuth struct { ID string `json:"id"` @@ -1661,6 +1671,8 @@ type UpdateIntegrationRequest struct { Environment string `json:"environment,omitempty"` Metadata map[string]interface{} `json:"metadata,omitempty"` IsActive bool `json:"isActive"` + Region string `json:"region,omitempty"` + Path string `json:"path,omitempty"` } type UpdateIntegrationResponse struct { diff --git a/internal/provider/resource/integration_aws_parameter_store.go b/internal/provider/resource/integration_aws_parameter_store.go index 8a5dee5..7bacc1c 100644 --- a/internal/provider/resource/integration_aws_parameter_store.go +++ b/internal/provider/resource/integration_aws_parameter_store.go @@ -214,7 +214,6 @@ func (r *IntegrationAWSParameterStoreResource) Create(ctx context.Context, req r } authMethod, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) - if err != nil { resp.Diagnostics.AddError( "Error validating AWS credentials", @@ -392,8 +391,7 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r return } - _, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) - + authMethod, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) if err != nil { resp.Diagnostics.AddError( "Error validating AWS credentials", @@ -412,6 +410,19 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r } } + updateIntegrationAuthRequest := infisical.UpdateIntegrationAuthRequest{ + Integration: infisical.IntegrationAuthTypeAwsSecretsManager, + IntegrationAuthId: plan.IntegrationAuthID.String(), + } + if authMethod == pkg.AwsAuthMethodAccessKey { + updateIntegrationAuthRequest.AccessId = plan.AccessKeyID.ValueString() + updateIntegrationAuthRequest.AccessToken = plan.SecretAccessKey.ValueString() + } else if authMethod == pkg.AwsAuthMethodAssumeRole { + updateIntegrationAuthRequest.AWSAssumeIamRoleArn = plan.AssumeRoleArn.ValueString() + } + + _, err = r.client.UpdateIntegrationAuth(updateIntegrationAuthRequest) + // Convert metadata to map[string]interface{} if needed metadataMap := map[string]interface{}{} @@ -428,6 +439,8 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r Metadata: metadataMap, Environment: plan.Environment.ValueString(), SecretPath: plan.SecretPath.ValueString(), + Region: plan.AWSRegion.ValueString(), + Path: plan.AWSPath.String(), }) if err != nil { diff --git a/internal/provider/resource/integration_aws_secrets_manager.go b/internal/provider/resource/integration_aws_secrets_manager.go index 55fcf63..a28d555 100644 --- a/internal/provider/resource/integration_aws_secrets_manager.go +++ b/internal/provider/resource/integration_aws_secrets_manager.go @@ -434,8 +434,22 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r return } - _, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) + var planOptions AwsSecretsManagerOptions + if !plan.Options.IsNull() { + diags := plan.Options.As(ctx, &planOptions, basetypes.ObjectAsOptions{}) + resp.Diagnostics.Append(diags...) + if resp.Diagnostics.HasError() { + return + } + } + + updateIntegrationAuthRequest := infisical.UpdateIntegrationAuthRequest{ + Integration: infisical.IntegrationAuthTypeAwsSecretsManager, + IntegrationAuthId: plan.IntegrationAuthID.String(), + } + + authMethod, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) if err != nil { resp.Diagnostics.AddError( "Error validating AWS credentials", @@ -444,14 +458,36 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r return } - var planOptions AwsSecretsManagerOptions + if authMethod == pkg.AwsAuthMethodAccessKey { + updateIntegrationAuthRequest.AccessId = plan.AccessKeyID.ValueString() + updateIntegrationAuthRequest.AccessToken = plan.SecretAccessKey.ValueString() + } else if authMethod == pkg.AwsAuthMethodAssumeRole { + updateIntegrationAuthRequest.AWSAssumeIamRoleArn = plan.AssumeRoleArn.ValueString() + } - if !plan.Options.IsNull() { - diags := plan.Options.As(ctx, &planOptions, basetypes.ObjectAsOptions{}) - resp.Diagnostics.Append(diags...) - if resp.Diagnostics.HasError() { - return - } + _, err = r.client.UpdateIntegrationAuth(updateIntegrationAuthRequest) + if err != nil { + resp.Diagnostics.AddError( + "Error updating integration auth", + err.Error(), + ) + return + } + + if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_MANY_TO_ONE && (plan.AWSPath.IsNull() || plan.AWSPath.ValueString() == "") { + resp.Diagnostics.AddError( + "Invalid plan", + "secrets_manager_path is required when mapping_behavior is 'many-to-one'", + ) + return + } + + if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_ONE_TO_ONE && (!plan.AWSPath.IsNull() && plan.AWSPath.ValueString() != "") { + resp.Diagnostics.AddError( + "Invalid plan", + "secrets_manager_path should not be used when mapping_behavior is 'one-to-one'", + ) + return } // Convert metadata to map[string]interface{} if needed @@ -468,13 +504,19 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r metadataMap["secretAWSTag"] = []infisical.AwsTag{} } - // Update the integration - updatedIntegration, err := r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ + updateIntegrationRequest := infisical.UpdateIntegrationRequest{ ID: state.IntegrationID.ValueString(), Metadata: metadataMap, Environment: plan.Environment.ValueString(), SecretPath: plan.SecretPath.ValueString(), - }) + Region: plan.AWSRegion.ValueString(), + } + if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_MANY_TO_ONE { + updateIntegrationRequest.App = plan.AWSPath.ValueString() + } + + // Update the integration + updatedIntegration, err := r.client.UpdateIntegration(updateIntegrationRequest) if err != nil { resp.Diagnostics.AddError( diff --git a/internal/provider/resource/integration_circleci.go b/internal/provider/resource/integration_circleci.go index 7c6aa67..45a15aa 100644 --- a/internal/provider/resource/integration_circleci.go +++ b/internal/provider/resource/integration_circleci.go @@ -256,11 +256,27 @@ func (r *IntegrationCircleCIResource) Update(ctx context.Context, req resource.U return } + _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ + Integration: infisical.IntegrationAuthTypeCircleCi, + IntegrationAuthId: plan.IntegrationAuthID.String(), + AccessToken: plan.CircleCIToken.ValueString(), + }) + if err != nil { + resp.Diagnostics.AddError( + "Error updating integration auth", + err.Error(), + ) + return + } + // Update the integration - _, err := r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ + _, err = r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ ID: state.IntegrationID.ValueString(), Environment: plan.Environment.ValueString(), SecretPath: plan.SecretPath.ValueString(), + App: plan.CircleCIProjectID.ValueString(), // Needs to be the project slug + AppID: plan.CircleCIProjectID.ValueString(), // Needs to be the project ID + Owner: plan.CircleCIOrgSlug.ValueString(), // Needs to be the organization slug }) if err != nil { diff --git a/internal/provider/resource/integration_databricks.go b/internal/provider/resource/integration_databricks.go index 3350d45..d283904 100644 --- a/internal/provider/resource/integration_databricks.go +++ b/internal/provider/resource/integration_databricks.go @@ -253,11 +253,26 @@ func (r *IntegrationDatabricksResource) Update(ctx context.Context, req resource return } + _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ + Integration: infisical.IntegrationAuthTypeDatabricks, + IntegrationAuthId: plan.IntegrationAuthID.String(), + AccessToken: plan.DatabricksAccessToken.ValueString(), + URL: plan.DatabricksHostURL.ValueString(), + }) + if err != nil { + resp.Diagnostics.AddError( + "Error updating integration auth", + err.Error(), + ) + return + } + // Update the integration updatedIntegration, err := r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ ID: state.IntegrationID.ValueString(), Environment: plan.Environment.ValueString(), SecretPath: plan.SecretPath.ValueString(), + App: plan.DatabricksSecretScope.ValueString(), }) if err != nil { diff --git a/internal/provider/resource/integration_gcp_secret_manager.go b/internal/provider/resource/integration_gcp_secret_manager.go index ae2b0b0..1a99c72 100644 --- a/internal/provider/resource/integration_gcp_secret_manager.go +++ b/internal/provider/resource/integration_gcp_secret_manager.go @@ -365,6 +365,20 @@ func (r *IntegrationGCPSecretManagerResource) Update(ctx context.Context, req re return } + _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ + Integration: infisical.IntegrationAuthTypeGcpSecretManager, + IntegrationAuthId: plan.IntegrationAuthID.String(), + RefreshToken: plan.ServiceAccountJson.ValueString(), + }) + + if err != nil { + resp.Diagnostics.AddError( + "Error updating integration auth", + err.Error(), + ) + return + } + var options struct { SecretPrefix types.String `tfsdk:"secret_prefix"` SecretSuffix types.String `tfsdk:"secret_suffix"` @@ -376,7 +390,7 @@ func (r *IntegrationGCPSecretManagerResource) Update(ctx context.Context, req re "secretSuffix": options.SecretSuffix.ValueString(), } - _, err := r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ + _, err = r.client.UpdateIntegration(infisical.UpdateIntegrationRequest{ IsActive: true, ID: state.IntegrationID.ValueString(), Environment: plan.Environment.ValueString(), From 86813a62d9d08a9c22d25985d6887313c2e33330 Mon Sep 17 00:00:00 2001 From: = Date: Mon, 9 Dec 2024 20:16:57 +0530 Subject: [PATCH 2/6] feat: resolved linting issue --- .../provider/resource/integration_aws_parameter_store.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/internal/provider/resource/integration_aws_parameter_store.go b/internal/provider/resource/integration_aws_parameter_store.go index 7bacc1c..b57b9e1 100644 --- a/internal/provider/resource/integration_aws_parameter_store.go +++ b/internal/provider/resource/integration_aws_parameter_store.go @@ -422,6 +422,13 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r } _, err = r.client.UpdateIntegrationAuth(updateIntegrationAuthRequest) + if err != nil { + resp.Diagnostics.AddError( + "Error updating integration auth", + err.Error(), + ) + return + } // Convert metadata to map[string]interface{} if needed metadataMap := map[string]interface{}{} From fe0d5e893e4e76884c91a6817c6c3f0d421374b8 Mon Sep 17 00:00:00 2001 From: = Date: Mon, 9 Dec 2024 20:19:05 +0530 Subject: [PATCH 3/6] feat: resolved doc generation diff --- docs/resources/integration_aws_parameter_store.md | 2 +- docs/resources/integration_aws_secrets_manager.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/resources/integration_aws_parameter_store.md b/docs/resources/integration_aws_parameter_store.md index 949ad84..4e930aa 100644 --- a/docs/resources/integration_aws_parameter_store.md +++ b/docs/resources/integration_aws_parameter_store.md @@ -34,7 +34,7 @@ resource "infisical_integration_aws_parameter_store" "parameter-store-integratio environment = "" // example, dev secret_path = "" // example, /folder, or / - parameter_store_path = "/example/secrets" + parameter_store_path = "/example/secrets/" aws_region = "" // example, us-east-2 diff --git a/docs/resources/integration_aws_secrets_manager.md b/docs/resources/integration_aws_secrets_manager.md index 4676129..c9b5908 100644 --- a/docs/resources/integration_aws_secrets_manager.md +++ b/docs/resources/integration_aws_secrets_manager.md @@ -35,8 +35,8 @@ resource "infisical_integration_aws_secrets_manager" "secrets-manager-integratio secret_path = "" // example, /folder, or / - secrets_manager_path = "/example/secrets" # Only required if mapping_behavior is one-to-one - mapping_behavior = "one-to-one" # Optional, default is many-to-one + secrets_manager_path = "/example/secrets/" # Only required if mapping_behavior is one-to-one + mapping_behavior = "one-to-one" # Optional, default is many-to-one # AWS Authentication access_key_id = "" From 6a316e71959fc839df7974a3240cef7258cf29d2 Mon Sep 17 00:00:00 2001 From: = Date: Tue, 10 Dec 2024 13:16:04 +0530 Subject: [PATCH 4/6] feat: updated based on review comments --- internal/client/integrations_auth.go | 8 ++--- internal/client/model.go | 6 ++++ .../integration_aws_secrets_manager.go | 32 +++++++++---------- 3 files changed, 26 insertions(+), 20 deletions(-) diff --git a/internal/client/integrations_auth.go b/internal/client/integrations_auth.go index c1c5de3..eea8adb 100644 --- a/internal/client/integrations_auth.go +++ b/internal/client/integrations_auth.go @@ -35,8 +35,8 @@ func (client Client) CreateIntegrationAuth(request CreateIntegrationAuthRequest) return body, nil } -func (client Client) UpdateIntegrationAuth(request UpdateIntegrationAuthRequest) (CreateIntegrationAuthResponse, error) { - var body CreateIntegrationAuthResponse +func (client Client) UpdateIntegrationAuth(request UpdateIntegrationAuthRequest) (UpdateIntegrationAuthResponse, error) { + var body UpdateIntegrationAuthResponse response, err := client.Config.HttpClient. R(). SetResult(&body). @@ -45,11 +45,11 @@ func (client Client) UpdateIntegrationAuth(request UpdateIntegrationAuthRequest) Patch("api/v1/integration-auth/" + request.IntegrationAuthId) if err != nil { - return CreateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unable to complete api request [err=%s]", err) + return UpdateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unable to complete api request [err=%s]", err) } if response.IsError() { - return CreateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unsuccessful response. [response=%s]", string(response.Body())) + return UpdateIntegrationAuthResponse{}, fmt.Errorf("UpdateIntegrationAuth: Unsuccessful response. [response=%s]", string(response.Body())) } return body, nil diff --git a/internal/client/model.go b/internal/client/model.go index 4de355a..624b0ee 100644 --- a/internal/client/model.go +++ b/internal/client/model.go @@ -1568,6 +1568,12 @@ type CreateIntegrationAuthResponse struct { } `json:"integrationAuth"` } +type UpdateIntegrationAuthResponse struct { + IntegrationAuth struct { + ID string `json:"id"` + } `json:"integrationAuth"` +} + type DeleteIntegrationAuthRequest struct { ID string `json:"id"` } diff --git a/internal/provider/resource/integration_aws_secrets_manager.go b/internal/provider/resource/integration_aws_secrets_manager.go index a28d555..1bf37e3 100644 --- a/internal/provider/resource/integration_aws_secrets_manager.go +++ b/internal/provider/resource/integration_aws_secrets_manager.go @@ -444,6 +444,22 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r } } + if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_MANY_TO_ONE && (plan.AWSPath.IsNull() || plan.AWSPath.ValueString() == "") { + resp.Diagnostics.AddError( + "Invalid plan", + "secrets_manager_path is required when mapping_behavior is 'many-to-one'", + ) + return + } + + if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_ONE_TO_ONE && (!plan.AWSPath.IsNull() && plan.AWSPath.ValueString() != "") { + resp.Diagnostics.AddError( + "Invalid plan", + "secrets_manager_path should not be used when mapping_behavior is 'one-to-one'", + ) + return + } + updateIntegrationAuthRequest := infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeAwsSecretsManager, IntegrationAuthId: plan.IntegrationAuthID.String(), @@ -474,22 +490,6 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r return } - if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_MANY_TO_ONE && (plan.AWSPath.IsNull() || plan.AWSPath.ValueString() == "") { - resp.Diagnostics.AddError( - "Invalid plan", - "secrets_manager_path is required when mapping_behavior is 'many-to-one'", - ) - return - } - - if plan.MappingBehavior.ValueString() == MAPPING_BEHAVIOR_ONE_TO_ONE && (!plan.AWSPath.IsNull() && plan.AWSPath.ValueString() != "") { - resp.Diagnostics.AddError( - "Invalid plan", - "secrets_manager_path should not be used when mapping_behavior is 'one-to-one'", - ) - return - } - // Convert metadata to map[string]interface{} if needed metadataMap := map[string]interface{}{} From 54e019a697fec1eb43b20e5ed9cb58fb3b5dd097 Mon Sep 17 00:00:00 2001 From: = Date: Wed, 11 Dec 2024 12:27:25 +0530 Subject: [PATCH 5/6] feat: removed replace from state of integration resources --- .../integration_aws_parameter_store.go | 29 ++++++++----------- .../integration_aws_secrets_manager.go | 29 ++++++++----------- .../provider/resource/integration_circleci.go | 17 +++++------ .../resource/integration_databricks.go | 17 +++++------ 4 files changed, 38 insertions(+), 54 deletions(-) diff --git a/internal/provider/resource/integration_aws_parameter_store.go b/internal/provider/resource/integration_aws_parameter_store.go index b57b9e1..4567262 100644 --- a/internal/provider/resource/integration_aws_parameter_store.go +++ b/internal/provider/resource/integration_aws_parameter_store.go @@ -125,29 +125,25 @@ func (r *IntegrationAWSParameterStoreResource) Schema(_ context.Context, _ resou }, "aws_region": schema.StringAttribute{ - Required: true, - Description: "The AWS region to sync secrets to. (us-east-1, us-east-2, etc)", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The AWS region to sync secrets to. (us-east-1, us-east-2, etc)", }, "access_key_id": schema.StringAttribute{ - Sensitive: true, - Optional: true, - Description: "The AWS access key ID. Used to authenticate with AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Sensitive: true, + Optional: true, + Description: "The AWS access key ID. Used to authenticate with AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "secret_access_key": schema.StringAttribute{ - Sensitive: true, - Optional: true, - Description: "The AWS secret access key. Used to authenticate with AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Sensitive: true, + Optional: true, + Description: "The AWS secret access key. Used to authenticate with AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "assume_role_arn": schema.StringAttribute{ - Optional: true, - Description: "The ARN of the role to assume when syncing secrets to AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Optional: true, + Description: "The ARN of the role to assume when syncing secrets to AWS Parameter Store. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "project_id": schema.StringAttribute{ @@ -157,9 +153,8 @@ func (r *IntegrationAWSParameterStoreResource) Schema(_ context.Context, _ resou }, "parameter_store_path": schema.StringAttribute{ - Required: true, - Description: "The path in AWS Parameter Store to sync secrets to.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The path in AWS Parameter Store to sync secrets to.", }, "environment": schema.StringAttribute{ diff --git a/internal/provider/resource/integration_aws_secrets_manager.go b/internal/provider/resource/integration_aws_secrets_manager.go index 1bf37e3..d268ccf 100644 --- a/internal/provider/resource/integration_aws_secrets_manager.go +++ b/internal/provider/resource/integration_aws_secrets_manager.go @@ -130,29 +130,25 @@ func (r *IntegrationAWSSecretsManagerResource) Schema(_ context.Context, _ resou }, "aws_region": schema.StringAttribute{ - Required: true, - Description: "The AWS region to sync secrets to. (us-east-1, us-east-2, etc)", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The AWS region to sync secrets to. (us-east-1, us-east-2, etc)", }, "access_key_id": schema.StringAttribute{ - Sensitive: true, - Optional: true, - Description: "The AWS access key ID. Used to authenticate with AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Sensitive: true, + Optional: true, + Description: "The AWS access key ID. Used to authenticate with AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "secret_access_key": schema.StringAttribute{ - Sensitive: true, - Optional: true, - Description: "The AWS secret access key. Used to authenticate with AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Sensitive: true, + Optional: true, + Description: "The AWS secret access key. Used to authenticate with AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "assume_role_arn": schema.StringAttribute{ - Optional: true, - Description: "The ARN of the role to assume when syncing secrets to AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Optional: true, + Description: "The ARN of the role to assume when syncing secrets to AWS Secrets Manager. You must either set secret_access_key and access_key_id, or set assume_role_arn to assume a role.", }, "project_id": schema.StringAttribute{ @@ -174,9 +170,8 @@ func (r *IntegrationAWSSecretsManagerResource) Schema(_ context.Context, _ resou }, "secrets_manager_path": schema.StringAttribute{ - Optional: true, - Description: "The path in AWS Secrets Manager to sync secrets to. This is required if mapping_behavior is 'many-to-one'.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Optional: true, + Description: "The path in AWS Secrets Manager to sync secrets to. This is required if mapping_behavior is 'many-to-one'.", }, "secret_path": schema.StringAttribute{ diff --git a/internal/provider/resource/integration_circleci.go b/internal/provider/resource/integration_circleci.go index 45a15aa..db58da0 100644 --- a/internal/provider/resource/integration_circleci.go +++ b/internal/provider/resource/integration_circleci.go @@ -65,10 +65,9 @@ func (r *IntegrationCircleCIResource) Schema(_ context.Context, _ resource.Schem }, "circleci_token": schema.StringAttribute{ - Required: true, - Sensitive: true, - Description: "Your personal CircleCI token to authenticate with.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Sensitive: true, + Description: "Your personal CircleCI token to authenticate with.", }, "project_id": schema.StringAttribute{ @@ -88,15 +87,13 @@ func (r *IntegrationCircleCIResource) Schema(_ context.Context, _ resource.Schem }, "circleci_org_slug": schema.StringAttribute{ - Required: true, - Description: "The organization slug of your CircleCI organization.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The organization slug of your CircleCI organization.", }, "circleci_project_id": schema.StringAttribute{ - Required: true, - Description: "The project ID of your CircleCI project.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The project ID of your CircleCI project.", }, }, } diff --git a/internal/provider/resource/integration_databricks.go b/internal/provider/resource/integration_databricks.go index d283904..bb4df4b 100644 --- a/internal/provider/resource/integration_databricks.go +++ b/internal/provider/resource/integration_databricks.go @@ -80,22 +80,19 @@ func (r *IntegrationDatabricksResource) Schema(_ context.Context, _ resource.Sch }, "databricks_host": schema.StringAttribute{ - Required: true, - Description: "The Databricks host URL.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The Databricks host URL.", }, "databricks_token": schema.StringAttribute{ - Required: true, - Sensitive: true, - Description: "The Databricks access token.", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Sensitive: true, + Description: "The Databricks access token.", }, "databricks_secret_scope": schema.StringAttribute{ - Required: true, - Description: "The Databricks secret scope. Example: your-secret-scope", - PlanModifiers: []planmodifier.String{stringplanmodifier.RequiresReplace()}, + Required: true, + Description: "The Databricks secret scope. Example: your-secret-scope", }, }, } From 56e6b935bbb7cf905b57815cbd79fde1f82a59a5 Mon Sep 17 00:00:00 2001 From: = Date: Wed, 11 Dec 2024 15:05:22 +0530 Subject: [PATCH 6/6] feat: resolved string being empty --- internal/provider/resource/integration_aws_parameter_store.go | 4 ++-- internal/provider/resource/integration_aws_secrets_manager.go | 2 +- internal/provider/resource/integration_circleci.go | 2 +- internal/provider/resource/integration_databricks.go | 2 +- internal/provider/resource/integration_gcp_secret_manager.go | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/internal/provider/resource/integration_aws_parameter_store.go b/internal/provider/resource/integration_aws_parameter_store.go index 4567262..fa6c540 100644 --- a/internal/provider/resource/integration_aws_parameter_store.go +++ b/internal/provider/resource/integration_aws_parameter_store.go @@ -407,7 +407,7 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r updateIntegrationAuthRequest := infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeAwsSecretsManager, - IntegrationAuthId: plan.IntegrationAuthID.String(), + IntegrationAuthId: plan.IntegrationAuthID.ValueString(), } if authMethod == pkg.AwsAuthMethodAccessKey { updateIntegrationAuthRequest.AccessId = plan.AccessKeyID.ValueString() @@ -442,7 +442,7 @@ func (r *IntegrationAWSParameterStoreResource) Update(ctx context.Context, req r Environment: plan.Environment.ValueString(), SecretPath: plan.SecretPath.ValueString(), Region: plan.AWSRegion.ValueString(), - Path: plan.AWSPath.String(), + Path: plan.AWSPath.ValueString(), }) if err != nil { diff --git a/internal/provider/resource/integration_aws_secrets_manager.go b/internal/provider/resource/integration_aws_secrets_manager.go index d268ccf..36fbcd8 100644 --- a/internal/provider/resource/integration_aws_secrets_manager.go +++ b/internal/provider/resource/integration_aws_secrets_manager.go @@ -457,7 +457,7 @@ func (r *IntegrationAWSSecretsManagerResource) Update(ctx context.Context, req r updateIntegrationAuthRequest := infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeAwsSecretsManager, - IntegrationAuthId: plan.IntegrationAuthID.String(), + IntegrationAuthId: plan.IntegrationAuthID.ValueString(), } authMethod, err := pkg.ValidateAwsInputCredentials(plan.AccessKeyID, plan.SecretAccessKey, plan.AssumeRoleArn) diff --git a/internal/provider/resource/integration_circleci.go b/internal/provider/resource/integration_circleci.go index db58da0..dae3ba2 100644 --- a/internal/provider/resource/integration_circleci.go +++ b/internal/provider/resource/integration_circleci.go @@ -255,7 +255,7 @@ func (r *IntegrationCircleCIResource) Update(ctx context.Context, req resource.U _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeCircleCi, - IntegrationAuthId: plan.IntegrationAuthID.String(), + IntegrationAuthId: plan.IntegrationAuthID.ValueString(), AccessToken: plan.CircleCIToken.ValueString(), }) if err != nil { diff --git a/internal/provider/resource/integration_databricks.go b/internal/provider/resource/integration_databricks.go index bb4df4b..767cd41 100644 --- a/internal/provider/resource/integration_databricks.go +++ b/internal/provider/resource/integration_databricks.go @@ -252,7 +252,7 @@ func (r *IntegrationDatabricksResource) Update(ctx context.Context, req resource _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeDatabricks, - IntegrationAuthId: plan.IntegrationAuthID.String(), + IntegrationAuthId: plan.IntegrationAuthID.ValueString(), AccessToken: plan.DatabricksAccessToken.ValueString(), URL: plan.DatabricksHostURL.ValueString(), }) diff --git a/internal/provider/resource/integration_gcp_secret_manager.go b/internal/provider/resource/integration_gcp_secret_manager.go index 1a99c72..aa193b9 100644 --- a/internal/provider/resource/integration_gcp_secret_manager.go +++ b/internal/provider/resource/integration_gcp_secret_manager.go @@ -367,7 +367,7 @@ func (r *IntegrationGCPSecretManagerResource) Update(ctx context.Context, req re _, err := r.client.UpdateIntegrationAuth(infisical.UpdateIntegrationAuthRequest{ Integration: infisical.IntegrationAuthTypeGcpSecretManager, - IntegrationAuthId: plan.IntegrationAuthID.String(), + IntegrationAuthId: plan.IntegrationAuthID.ValueString(), RefreshToken: plan.ServiceAccountJson.ValueString(), })