Support tokenId feature (#10)

* bump argocd deps to 1.5.4, use cristalhq/jwt/v2 in place of go-jose/jwt, wip at tokenId feature support
* added project-scoped tokenMutexes, instead of provider instance token mutexes
* added featureVersionConstraint unit tests
* workaround for 1.5.3+ redis install issues with buggy simultaneous login limit feature

Author: oboukili

.github/workflows/acceptance.yml

@@ -1,4 +1,4 @@
-name: Acceptance Tests
+name: Tests
 on:
   push:
     branches: ["master"]
@@ -11,7 +11,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        argocd_version: ["v1.5.2", "v1.4.3"]
+        argocd_version: ["v1.5.4", "v1.4.3"]
     steps:
       - uses: actions/checkout@v1
       - uses: actions/setup-go@v1
@@ -26,13 +26,21 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-go-
 
-      - name: Install Kind
-        run: GO111MODULE=on go get sigs.k8s.io/kind
+      - name: Install Kustomize
+        run: |
+          curl -sL "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash
+          chmod +x ./kustomize
+
+      - name: Install Kind 0.8.1
+        run: |
+          curl -sLo ./kind https://kind.sigs.k8s.io/dl/v0.8.1/kind-$(uname)-amd64
+          chmod +x ./kind
 
       - name: Set up ArgoCD ${{ matrix.argocd_version }}
         env:
           ARGOCD_VERSION: ${{ matrix.argocd_version }}
         run: |
+          curl https://raw.githubusercontent.com/argoproj/argo-cd/${ARGOCD_VERSION}/manifests/install.yaml > manifests/install/install.yml
           sh scripts/testacc_prepare_env.sh
           kubectl port-forward -n argocd service/argocd-server --address 127.0.0.1 8080:443&
           until $(nc -z 127.0.0.1 8080); do sleep 2;done

.gitignore

@@ -1,2 +1,3 @@
 .idea
 terraform-provider-argocd
+./manifests/install/install.yml

argocd/features.go

@@ -0,0 +1,37 @@
+package argocd
+
+import (
+	"fmt"
+	"github.com/Masterminds/semver"
+	argoCDApiClient "github.com/argoproj/argo-cd/pkg/apiclient"
+	"github.com/argoproj/argo-cd/pkg/apiclient/version"
+)
+
+const (
+	featureTokenIDs = iota
+)
+
+var (
+	featureVersionConstraintsMap = map[int]*semver.Version{
+		featureTokenIDs: semver.MustParse("1.5.3"),
+	}
+)
+
+type ServerInterface struct {
+	ApiClient            argoCDApiClient.Client
+	ServerVersion        *semver.Version
+	ServerVersionMessage *version.VersionMessage
+}
+
+// Checks that a specific feature is available for the current ArgoCD server version.
+// 'feature' argument must match one of the predefined feature* constants.
+func (p ServerInterface) isFeatureSupported(feature int) (bool, error) {
+	versionConstraint, ok := featureVersionConstraintsMap[feature]
+	if !ok {
+		return false, fmt.Errorf("feature constraint is not handled by the provider")
+	}
+	if i := versionConstraint.Compare(p.ServerVersion); i == 1 {
+		return false, nil
+	}
+	return true, nil
+}

argocd/features_test.go

@@ -0,0 +1,112 @@
+package argocd
+
+import (
+	"fmt"
+	"github.com/Masterminds/semver"
+	"github.com/argoproj/argo-cd/pkg/apiclient/version"
+	"math/rand"
+	"testing"
+)
+
+const (
+	semverEquals = iota
+	semverGreater
+	semverLess
+)
+
+func serverInterfaceTestData(argocdVersion string, semverOperator int) ServerInterface {
+
+	v, err := semver.NewVersion(argocdVersion)
+	if err != nil {
+		panic(err)
+	}
+	incPatch := rand.Int63n(100)
+	incMinor := rand.Int63n(100)
+	incMajor := rand.Int63n(100)
+
+	switch semverOperator {
+	case semverEquals:
+	case semverGreater:
+		if v, err = semver.NewVersion(
+			fmt.Sprintf("%d.%d.%d",
+				v.Major()+incMajor,
+				v.Minor()+incMinor,
+				v.Patch()+incPatch,
+			)); err != nil {
+			panic(err)
+		}
+
+	case semverLess:
+		if v, err = semver.NewVersion(
+			fmt.Sprintf("%d.%d.%d",
+				v.Major()-incMajor%v.Major(),
+				v.Minor()-incMinor%v.Minor(),
+				v.Patch()-incPatch%v.Patch(),
+			)); err != nil {
+			panic(err)
+		}
+	default:
+		panic("unsupported semver test semverOperator")
+	}
+
+	vm := &version.VersionMessage{
+		Version: v.String(),
+	}
+	return ServerInterface{
+		ApiClient:            nil,
+		ServerVersion:        v,
+		ServerVersionMessage: vm,
+	}
+}
+
+func TestServerInterface_isFeatureSupported(t *testing.T) {
+	type args struct {
+		feature int
+	}
+	tests := []struct {
+		name    string
+		fields  ServerInterface
+		args    args
+		want    bool
+		wantErr bool
+	}{
+		{
+			name:    "featureTokenID-1.5.3",
+			fields:  serverInterfaceTestData("1.5.3", semverEquals),
+			args:    args{feature: featureTokenIDs},
+			want:    true,
+			wantErr: false,
+		},
+		{
+			name:    "featureTokenID-1.5.3+",
+			fields:  serverInterfaceTestData("1.5.3", semverGreater),
+			args:    args{feature: featureTokenIDs},
+			want:    true,
+			wantErr: false,
+		},
+		{
+			name:    "featureTokenID-1.5.3-",
+			fields:  serverInterfaceTestData("1.5.3", semverLess),
+			args:    args{feature: featureTokenIDs},
+			want:    false,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			p := ServerInterface{
+				ApiClient:            tt.fields.ApiClient,
+				ServerVersion:        tt.fields.ServerVersion,
+				ServerVersionMessage: tt.fields.ServerVersionMessage,
+			}
+			got, err := p.isFeatureSupported(tt.args.feature)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("isFeatureSupported() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("isFeatureSupported() got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

argocd/provider.go

@@ -2,9 +2,12 @@ package argocd
 
 import (
 	"context"
+	"fmt"
+	"github.com/Masterminds/semver"
 	argoCDApiClient "github.com/argoproj/argo-cd/pkg/apiclient"
 	"github.com/argoproj/argo-cd/pkg/apiclient/session"
 	"github.com/argoproj/argo-cd/util"
+	"github.com/golang/protobuf/ptypes/empty"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
 )
@@ -165,6 +168,31 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 		}
 	}
 
-	client, err := argoCDApiClient.NewClient(&opts)
-	return client, err
+	apiClient, err := argoCDApiClient.NewClient(&opts)
+	if err != nil {
+		return nil, err
+	}
+	// Get API version
+	acCloser, versionClient, err := apiClient.NewVersionClient()
+	if err != nil {
+		return nil, err
+	}
+	defer util.Close(acCloser)
+
+	serverVersionMessage, err := versionClient.Version(context.Background(), &empty.Empty{})
+	if err != nil {
+		return nil, err
+	}
+	if serverVersionMessage == nil {
+		return nil, fmt.Errorf("could not get server version information")
+	}
+	serverVersion, err := semver.NewVersion(serverVersionMessage.Version)
+	if err != nil {
+		return nil, fmt.Errorf("could not parse server semantic version: %s", serverVersionMessage.Version)
+	}
+
+	return ServerInterface{
+		apiClient,
+		serverVersion,
+		serverVersionMessage}, err
 }

argocd/resource_argocd_project.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	argoCDApiClient "github.com/argoproj/argo-cd/pkg/apiclient"
 	argoCDProject "github.com/argoproj/argo-cd/pkg/apiclient/project"
 	argoCDAppv1 "github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1"
 	"github.com/argoproj/argo-cd/util"
@@ -35,8 +34,10 @@ func resourceArgoCDProjectCreate(d *schema.ResourceData, meta interface{}) error
 	if err != nil {
 		return err
 	}
-	client := meta.(argoCDApiClient.Client)
-	closer, c, err := client.NewProjectClient()
+
+	server := meta.(ServerInterface)
+	apiClient := server.ApiClient
+	closer, c, err := apiClient.NewProjectClient()
 	if err != nil {
 		return err
 	}
@@ -81,8 +82,9 @@ func resourceArgoCDProjectCreate(d *schema.ResourceData, meta interface{}) error
 }
 
 func resourceArgoCDProjectRead(d *schema.ResourceData, meta interface{}) error {
-	client := meta.(argoCDApiClient.Client)
-	closer, c, err := client.NewProjectClient()
+	server := meta.(ServerInterface)
+	apiClient := server.ApiClient
+	closer, c, err := apiClient.NewProjectClient()
 	if err != nil {
 		return err
 	}
@@ -123,8 +125,10 @@ func resourceArgoCDProjectUpdate(d *schema.ResourceData, meta interface{}) error
 		if err != nil {
 			return err
 		}
-		client := meta.(argoCDApiClient.Client)
-		closer, c, err := client.NewProjectClient()
+
+		server := meta.(ServerInterface)
+		apiClient := server.ApiClient
+		closer, c, err := apiClient.NewProjectClient()
 		if err != nil {
 			return err
 		}
@@ -167,8 +171,9 @@ func resourceArgoCDProjectUpdate(d *schema.ResourceData, meta interface{}) error
 }
 
 func resourceArgoCDProjectDelete(d *schema.ResourceData, meta interface{}) error {
-	client := meta.(argoCDApiClient.Client)
-	closer, c, err := client.NewProjectClient()
+	server := meta.(ServerInterface)
+	apiClient := server.ApiClient
+	closer, c, err := apiClient.NewProjectClient()
 	if err != nil {
 		return err
 	}

argocd/resource_argocd_project_test.go

@@ -55,7 +55,7 @@ func TestAccArgoCDProject(t *testing.T) {
 			// Check with the same name for rapid project recreation robustness
 			{
 				Config: testAccArgoCDProjectSimple(name),
-				Check: resource.ComposeAggregateTestCheckFunc(
+				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet(
 						"argocd_project.simple",
 						"metadata.0.uid",
@@ -78,7 +78,7 @@ func TestAccArgoCDProject_tokensCoexistence(t *testing.T) {
 					"test-acc-"+acctest.RandString(10),
 					4,
 				),
-				Check: resource.ComposeAggregateTestCheckFunc(
+				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet(
 						"argocd_project.coexistence",
 						"metadata.0.uid",