Skip to content

Commit a548eaf

Browse files
authored
Allow provider to start without credentials (#195)
Without RSC credentials the provider still support CDM bootstrapping.
1 parent e7f19f6 commit a548eaf

File tree

4 files changed

+64
-35
lines changed

4 files changed

+64
-35
lines changed

go.mod

+1-1
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ require (
88
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
99
github.com/hashicorp/terraform-plugin-docs v0.16.0
1010
github.com/hashicorp/terraform-plugin-sdk/v2 v2.10.0
11-
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.1
11+
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2
1212
)
1313

1414
require (

go.sum

+2-2
Original file line numberDiff line numberDiff line change
@@ -412,8 +412,8 @@ github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L
412412
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
413413
github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
414414
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
415-
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.1 h1:9yIQxW8d2outzWALXSuxDrcYGryy/7RQJ7d6ZCZbaeI=
416-
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.1/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
415+
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2 h1:JQlwbV6KsgEJ9CczJAWYvKS5cCc9ozuB0wV7lKQBrDI=
416+
github.com/rubrikinc/rubrik-polaris-sdk-for-go v0.11.0-beta.2/go.mod h1:ryJGDKlbaCvozY3Wvt+TPSN2OZRChQedHUNsnVfCbXE=
417417
github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww=
418418
github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY=
419419
github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4=

internal/provider/provider.go

+27-21
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ package provider
2323
import (
2424
"context"
2525
"errors"
26+
"fmt"
2627
"strings"
2728

2829
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
@@ -116,31 +117,24 @@ func Provider() *schema.Provider {
116117
type client struct {
117118
cdmClient *cdm.BootstrapClient
118119
polarisClient *polaris.Client
119-
}
120-
121-
func newClient(account polaris.Account, params polaris.CacheParams, logger log.Logger) (*client, diag.Diagnostics) {
122-
polarisClient, err := polaris.NewClientWithLoggerAndCacheParams(account, params, logger)
123-
if err != nil {
124-
return nil, diag.FromErr(err)
125-
}
126-
127-
return &client{
128-
cdmClient: cdm.NewBootstrapClientWithLogger(true, logger),
129-
polarisClient: polarisClient,
130-
}, nil
120+
polarisErr error
131121
}
132122

133123
func (c *client) cdm() (*cdm.BootstrapClient, error) {
134124
if c.cdmClient == nil {
135-
return nil, errors.New("cdm functionality has not been configured in the provider block")
125+
return nil, errors.New("CDM functionality has not been configured in the provider block")
136126
}
137127

138128
return c.cdmClient, nil
139129
}
140130

141131
func (c *client) polaris() (*polaris.Client, error) {
142132
if c.polarisClient == nil {
143-
return nil, errors.New("polaris functionality has not been configured in the provider block")
133+
err := errors.New("RSC functionality has not been configured in the provider block")
134+
if c.polarisErr != nil {
135+
err = fmt.Errorf("%s: %s", err, c.polarisErr)
136+
}
137+
return nil, err
144138
}
145139

146140
return c.polarisClient, nil
@@ -153,17 +147,29 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (any, diag.D
153147
return nil, diag.FromErr(err)
154148
}
155149

150+
client := &client{
151+
cdmClient: cdm.NewBootstrapClientWithLogger(true, logger),
152+
}
153+
156154
account, err := polaris.FindAccount(d.Get("credentials").(string), true)
157-
if err != nil {
155+
switch {
156+
case errors.Is(err, polaris.ErrAccountNotFound):
157+
client.polarisErr = err
158+
case err != nil:
158159
return nil, diag.FromErr(err)
160+
default:
161+
cacheParams := polaris.CacheParams{
162+
Enable: d.Get("token_cache").(bool),
163+
Dir: d.Get("token_cache_dir").(string),
164+
Secret: d.Get("token_cache_secret").(string),
165+
}
166+
client.polarisClient, err = polaris.NewClientWithLoggerAndCacheParams(account, cacheParams, logger)
167+
if err != nil {
168+
return nil, diag.FromErr(err)
169+
}
159170
}
160171

161-
cacheParams := polaris.CacheParams{
162-
Enable: d.Get("token_cache").(bool),
163-
Dir: d.Get("token_cache_dir").(string),
164-
Secret: d.Get("token_cache_secret").(string),
165-
}
166-
return newClient(account, cacheParams, logger)
172+
return client, nil
167173
}
168174

169175
// description returns the description string with all acute accents replaced

internal/provider/provider_test.go

+34-11
Original file line numberDiff line numberDiff line change
@@ -56,8 +56,7 @@ func TestAccProviderCredentialsInEnv_basic(t *testing.T) {
5656
t.Fatal(err)
5757
}
5858

59-
// Valid service account in env.
60-
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS", credentials)
59+
// Valid service account in RUBRIK_POLARIS_SERVICEACCOUNT_FILE.
6160
resource.Test(t, resource.TestCase{
6261
ProviderFactories: providerFactories,
6362
Steps: []resource.TestStep{{
@@ -69,31 +68,43 @@ func TestAccProviderCredentialsInEnv_basic(t *testing.T) {
6968
}},
7069
})
7170

72-
// Invalid service account in env.
73-
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS", "invalid")
71+
// Non-existing service account in RUBRIK_POLARIS_SERVICEACCOUNT_FILE.
72+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_FILE", "03147711-359c-40fd-b635-69619fcf374d")
7473
resource.Test(t, resource.TestCase{
7574
ProviderFactories: providerFactories,
7675
Steps: []resource.TestStep{{
7776
Config: credentialsFromEnv,
78-
ExpectError: regexp.MustCompile("failed to unmarshal RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS: invalid character 'i' looking for beginning of value"),
77+
ExpectError: regexp.MustCompile("RSC functionality has not been configured in the provider block: account not found, searched: default service account file and env"),
7978
}},
8079
})
81-
}
8280

83-
func TestAccProviderMissingCredentialsInEnv_basic(t *testing.T) {
84-
// No service account in env. This could happen if the provider is used to
85-
// bootstrap a CDM cluster without RSC credentials, but an RSC resource is
86-
// used.
81+
// Valid service account in RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS.
82+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_FILE", "")
83+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS", credentials)
84+
resource.Test(t, resource.TestCase{
85+
ProviderFactories: providerFactories,
86+
Steps: []resource.TestStep{{
87+
Config: credentialsFromEnv,
88+
Check: resource.ComposeTestCheckFunc(
89+
resource.TestCheckResourceAttr("data.polaris_role.admin", "id", "00000000-0000-0000-0000-000000000000"),
90+
resource.TestCheckResourceAttr("data.polaris_role.admin", "name", "Administrator"),
91+
),
92+
}},
93+
})
94+
95+
// Invalid service account in RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS.
96+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS", "invalid")
8797
resource.Test(t, resource.TestCase{
8898
ProviderFactories: providerFactories,
8999
Steps: []resource.TestStep{{
90100
Config: credentialsFromEnv,
91-
ExpectError: regexp.MustCompile("polaris functionality has not been configured in the provider block"),
101+
ExpectError: regexp.MustCompile("RSC functionality has not been configured in the provider block: account not found, searched: default service account file and env"),
92102
}},
93103
})
94104

95105
// Partial service account in env. This could happen if the service account
96106
// is given in parts and one of the parts is missing.
107+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_CREDENTIALS", "")
97108
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_NAME", "name")
98109
resource.Test(t, resource.TestCase{
99110
ProviderFactories: providerFactories,
@@ -102,6 +113,18 @@ func TestAccProviderMissingCredentialsInEnv_basic(t *testing.T) {
102113
ExpectError: regexp.MustCompile("invalid service account client id"),
103114
}},
104115
})
116+
117+
// No service account in env. This could happen if the provider is used to
118+
// bootstrap a CDM cluster without RSC credentials, but an RSC resource is
119+
// used.
120+
t.Setenv("RUBRIK_POLARIS_SERVICEACCOUNT_NAME", "")
121+
resource.Test(t, resource.TestCase{
122+
ProviderFactories: providerFactories,
123+
Steps: []resource.TestStep{{
124+
Config: credentialsFromEnv,
125+
ExpectError: regexp.MustCompile("RSC functionality has not been configured in the provider block: account not found, searched: default service account file and env"),
126+
}},
127+
})
105128
}
106129

107130
// loadTestCredentials returns the content of the file pointed to by the

0 commit comments

Comments
 (0)