Merge pull request #51 from ConductorOne/goldschmidt/fix-sync-secrets

johnallers · web-flow · commit 1cc26ece8a0d · 2025-03-20T14:45:37.000-04:00
fix: sync fail when sync secrets is false
diff --git a/pkg/connector/connector.go b/pkg/connector/connector.go
@@ -20,9 +20,9 @@ type Connector struct {
 // ResourceSyncers returns a ResourceSyncer for each resource type that should be synced from the upstream service.
 func (d *Connector) ResourceSyncers(ctx context.Context) []connectorbuilder.ResourceSyncer {
 	builders := []connectorbuilder.ResourceSyncer{
-		newUserBuilder(d.Client),
+		newUserBuilder(d.Client, d.syncSecrets),
 		newAccountRoleBuilder(d.Client),
-		newDatabaseBuilder(d.Client),
+		newDatabaseBuilder(d.Client, d.syncSecrets),
 	}
 
 	if d.syncSecrets {
diff --git a/pkg/connector/databases.go b/pkg/connector/databases.go
@@ -16,13 +16,14 @@ import (
 type databaseBuilder struct {
 	resourceType *v2.ResourceType
 	client       *snowflake.Client
+	syncSecrets  bool
 }
 
 func (o *databaseBuilder) ResourceType(ctx context.Context) *v2.ResourceType {
 	return databaseResourceType
 }
 
-func databaseResource(database *snowflake.Database) (*v2.Resource, error) {
+func databaseResource(database *snowflake.Database, syncSecrets bool) (*v2.Resource, error) {
 	profile := map[string]interface{}{
 		"name": database.Name,
 	}
@@ -31,8 +32,18 @@ func databaseResource(database *snowflake.Database) (*v2.Resource, error) {
 		rs.WithAppProfile(profile),
 	}
 
+	var opts []rs.ResourceOption
+	if syncSecrets {
+		opts = append(opts, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: secretResourceType.Id}))
+	}
+
 	resource, err := rs.NewAppResource(
-		database.Name, databaseResourceType, database.Name, databaseTraits, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: secretResourceType.Id}))
+		database.Name,
+		databaseResourceType,
+		database.Name,
+		databaseTraits,
+		opts...,
+	)
 	if err != nil {
 		return nil, err
 	}
@@ -53,7 +64,7 @@ func (o *databaseBuilder) List(ctx context.Context, parentResourceID *v2.Resourc
 
 	var resources []*v2.Resource
 	for _, database := range databases {
-		resource, err := databaseResource(&database) // #nosec G601
+		resource, err := databaseResource(&database, o.syncSecrets) // #nosec G601
 		if err != nil {
 			return nil, "", nil, wrapError(err, "failed to create database resource")
 		}
@@ -125,9 +136,10 @@ func (o *databaseBuilder) Grants(ctx context.Context, resource *v2.Resource, pTo
 	return grants, "", nil, nil
 }
 
-func newDatabaseBuilder(client *snowflake.Client) *databaseBuilder {
+func newDatabaseBuilder(client *snowflake.Client, syncSecrets bool) *databaseBuilder {
 	return &databaseBuilder{
 		resourceType: databaseResourceType,
 		client:       client,
+		syncSecrets:  syncSecrets,
 	}
 }
diff --git a/pkg/connector/users.go b/pkg/connector/users.go
@@ -13,13 +13,14 @@ import (
 type userBuilder struct {
 	resourceType *v2.ResourceType
 	client       *snowflake.Client
+	syncSecrets  bool
 }
 
 func (o *userBuilder) ResourceType(ctx context.Context) *v2.ResourceType {
 	return userResourceType
 }
 
-func userResource(ctx context.Context, user *snowflake.User) (*v2.Resource, error) {
+func userResource(ctx context.Context, user *snowflake.User, syncSecrets bool) (*v2.Resource, error) {
 	profile := map[string]interface{}{
 		"email":        user.Email,
 		"login":        user.Login,
@@ -52,12 +53,18 @@ func userResource(ctx context.Context, user *snowflake.User) (*v2.Resource, erro
 			displayName = user.Login
 		}
 	}
+
+	var opts []rs.ResourceOption
+	if syncSecrets {
+		opts = append(opts, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: rsaPublicKeyResourceType.Id}))
+	}
+
 	resource, err := rs.NewUserResource(
 		displayName,
 		userResourceType,
 		user.Username,
 		userTraits,
-		rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: rsaPublicKeyResourceType.Id}),
+		opts...,
 	)
 
 	if err != nil {
@@ -113,7 +120,7 @@ func (o *userBuilder) List(ctx context.Context, parentResourceID *v2.ResourceId,
 
 	var resources []*v2.Resource
 	for _, user := range users {
-		resource, err := userResource(ctx, &user) // #nosec G601
+		resource, err := userResource(ctx, &user, o.syncSecrets) // #nosec G601
 		if err != nil {
 			return nil, "", nil, wrapError(err, "failed to create user resource")
 		}
@@ -143,9 +150,10 @@ func (o *userBuilder) Grants(ctx context.Context, resource *v2.Resource, pToken
 	return nil, "", nil, nil
 }
 
-func newUserBuilder(client *snowflake.Client) *userBuilder {
+func newUserBuilder(client *snowflake.Client, syncSecrets bool) *userBuilder {
 	return &userBuilder{
 		resourceType: userResourceType,
 		client:       client,
+		syncSecrets:  syncSecrets,
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -16,13 +16,14 @@ import (`
`16`	`16`	`type databaseBuilder struct {`
`17`	`17`	`resourceType *v2.ResourceType`
`18`	`18`	`client *snowflake.Client`
	`19`	`+ syncSecrets bool`
`19`	`20`	`}`
`20`	`21`
`21`	`22`	`func (o databaseBuilder) ResourceType(ctx context.Context) v2.ResourceType {`
`22`	`23`	`return databaseResourceType`
`23`	`24`	`}`
`24`	`25`
`25`		`-func databaseResource(database snowflake.Database) (v2.Resource, error) {`
	`26`	`+func databaseResource(database snowflake.Database, syncSecrets bool) (v2.Resource, error) {`
`26`	`27`	`profile := map[string]interface{}{`
`27`	`28`	`"name": database.Name,`
`28`	`29`	`}`
`@@ -31,8 +32,18 @@ func databaseResource(database snowflake.Database) (v2.Resource, error) {`
`31`	`32`	`rs.WithAppProfile(profile),`
`32`	`33`	`}`
`33`	`34`
	`35`	`+ var opts []rs.ResourceOption`
	`36`	`+ if syncSecrets {`
	`37`	`+ opts = append(opts, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: secretResourceType.Id}))`
	`38`	`+ }`
	`39`	`+`
`34`	`40`	`resource, err := rs.NewAppResource(`
`35`		`- database.Name, databaseResourceType, database.Name, databaseTraits, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: secretResourceType.Id}))`
	`41`	`+ database.Name,`
	`42`	`+ databaseResourceType,`
	`43`	`+ database.Name,`
	`44`	`+ databaseTraits,`
	`45`	`+ opts...,`
	`46`	`+ )`
`36`	`47`	`if err != nil {`
`37`	`48`	`return nil, err`
`38`	`49`	`}`
`@@ -53,7 +64,7 @@ func (o databaseBuilder) List(ctx context.Context, parentResourceID v2.Resourc`
`53`	`64`
`54`	`65`	`var resources []*v2.Resource`
`55`	`66`	`for _, database := range databases {`
`56`		`- resource, err := databaseResource(&database) // #nosec G601`
	`67`	`+ resource, err := databaseResource(&database, o.syncSecrets) // #nosec G601`
`57`	`68`	`if err != nil {`
`58`	`69`	`return nil, "", nil, wrapError(err, "failed to create database resource")`
`59`	`70`	`}`
`@@ -125,9 +136,10 @@ func (o databaseBuilder) Grants(ctx context.Context, resource v2.Resource, pTo`
`125`	`136`	`return grants, "", nil, nil`
`126`	`137`	`}`
`127`	`138`
`128`		`-func newDatabaseBuilder(client snowflake.Client) databaseBuilder {`
	`139`	`+func newDatabaseBuilder(client snowflake.Client, syncSecrets bool) databaseBuilder {`
`129`	`140`	`return &databaseBuilder{`
`130`	`141`	`resourceType: databaseResourceType,`
`131`	`142`	`client: client,`
	`143`	`+ syncSecrets: syncSecrets,`
`132`	`144`	`}`
`133`	`145`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,13 +13,14 @@ import (`
`13`	`13`	`type userBuilder struct {`
`14`	`14`	`resourceType *v2.ResourceType`
`15`	`15`	`client *snowflake.Client`
	`16`	`+ syncSecrets bool`
`16`	`17`	`}`
`17`	`18`
`18`	`19`	`func (o userBuilder) ResourceType(ctx context.Context) v2.ResourceType {`
`19`	`20`	`return userResourceType`
`20`	`21`	`}`
`21`	`22`
`22`		`-func userResource(ctx context.Context, user snowflake.User) (v2.Resource, error) {`
	`23`	`+func userResource(ctx context.Context, user snowflake.User, syncSecrets bool) (v2.Resource, error) {`
`23`	`24`	`profile := map[string]interface{}{`
`24`	`25`	`"email": user.Email,`
`25`	`26`	`"login": user.Login,`
`@@ -52,12 +53,18 @@ func userResource(ctx context.Context, user snowflake.User) (v2.Resource, erro`
`52`	`53`	`displayName = user.Login`
`53`	`54`	`}`
`54`	`55`	`}`
	`56`	`+`
	`57`	`+ var opts []rs.ResourceOption`
	`58`	`+ if syncSecrets {`
	`59`	`+ opts = append(opts, rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: rsaPublicKeyResourceType.Id}))`
	`60`	`+ }`
	`61`	`+`
`55`	`62`	`resource, err := rs.NewUserResource(`
`56`	`63`	`displayName,`
`57`	`64`	`userResourceType,`
`58`	`65`	`user.Username,`
`59`	`66`	`userTraits,`
`60`		`- rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: rsaPublicKeyResourceType.Id}),`
	`67`	`+ opts...,`
`61`	`68`	`)`
`62`	`69`
`63`	`70`	`if err != nil {`
`@@ -113,7 +120,7 @@ func (o userBuilder) List(ctx context.Context, parentResourceID v2.ResourceId,`
`113`	`120`
`114`	`121`	`var resources []*v2.Resource`
`115`	`122`	`for _, user := range users {`
`116`		`- resource, err := userResource(ctx, &user) // #nosec G601`
	`123`	`+ resource, err := userResource(ctx, &user, o.syncSecrets) // #nosec G601`
`117`	`124`	`if err != nil {`
`118`	`125`	`return nil, "", nil, wrapError(err, "failed to create user resource")`
`119`	`126`	`}`
`@@ -143,9 +150,10 @@ func (o userBuilder) Grants(ctx context.Context, resource v2.Resource, pToken`
`143`	`150`	`return nil, "", nil, nil`
`144`	`151`	`}`
`145`	`152`
`146`		`-func newUserBuilder(client snowflake.Client) userBuilder {`
	`153`	`+func newUserBuilder(client snowflake.Client, syncSecrets bool) userBuilder {`
`147`	`154`	`return &userBuilder{`
`148`	`155`	`resourceType: userResourceType,`
`149`	`156`	`client: client,`
	`157`	`+ syncSecrets: syncSecrets,`
`150`	`158`	`}`
`151`	`159`	`}`