Skip to content

Commit 3c89aee

Browse files
hectorcast-dbhectorcast-db
authored
Remove requirement to provide accountId in mws_credentials resource (#3028)
1 parent 1ff9e88 commit 3c89aee

File tree

3 files changed

+126
-1
lines changed

3 files changed

+126
-1
lines changed

common/client.go

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,20 @@ func (c *DatabricksClient) WorkspaceClient() (*databricks.WorkspaceClient, error
6767
return w, nil
6868
}
6969

70+
func (c *DatabricksClient) SetAccountId(accountId string) error {
71+
c.mu.Lock()
72+
defer c.mu.Unlock()
73+
if accountId == "" {
74+
return nil
75+
}
76+
oldAccountID := c.DatabricksClient.Config.AccountID
77+
if oldAccountID != "" && oldAccountID != accountId {
78+
return fmt.Errorf("account ID is already set to %s", oldAccountID)
79+
}
80+
c.DatabricksClient.Config.AccountID = accountId
81+
return nil
82+
}
83+
7084
func (c *DatabricksClient) AccountClient() (*databricks.AccountClient, error) {
7185
c.mu.Lock()
7286
defer c.mu.Unlock()

mws/resource_mws_credentials.go

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,10 @@ func ResourceMwsCredentials() *schema.Resource {
4949
p := common.NewPairSeparatedID("account_id", "credentials_id", "/")
5050
return common.Resource{
5151
Create: func(ctx context.Context, d *schema.ResourceData, c *common.DatabricksClient) error {
52+
err := c.SetAccountId(d.Get("account_id").(string))
53+
if err != nil {
54+
return err
55+
}
5256
acc, err := c.AccountClient()
5357
if err != nil {
5458
return err
@@ -105,6 +109,10 @@ func ResourceMwsCredentials() *schema.Resource {
105109
}
106110
return acc.Credentials.DeleteByCredentialsId(ctx, credsId)
107111
},
108-
Schema: common.StructToSchema(CredentialInfo{}, common.NoCustomize),
112+
Schema: common.StructToSchema(CredentialInfo{}, func(s map[string]*schema.Schema) map[string]*schema.Schema {
113+
// nolint
114+
s["account_id"].Deprecated = "`account_id` should be set as part of the Databricks Config, not in the resource."
115+
return s
116+
}),
109117
}.ToResource()
110118
}

mws/resource_mws_credentials_test.go

Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,109 @@ func TestResourceCredentialsCreate(t *testing.T) {
5656
})
5757
}
5858

59+
func TestAccountIdOnlyInState(t *testing.T) {
60+
qa.ResourceFixture{
61+
Fixtures: []qa.HTTPFixture{
62+
{
63+
Method: "POST",
64+
Resource: "/api/2.0/accounts/abc/credentials",
65+
ExpectedRequest: Credentials{
66+
CredentialsName: "Cross-account ARN",
67+
AwsCredentials: &AwsCredentials{
68+
StsRole: &StsRole{
69+
RoleArn: "arn:aws:iam::098765:role/cross-account",
70+
},
71+
},
72+
},
73+
Response: Credentials{
74+
CredentialsID: "cid",
75+
},
76+
},
77+
{
78+
Method: "GET",
79+
Resource: "/api/2.0/accounts/abc/credentials/cid?",
80+
Response: Credentials{
81+
CredentialsID: "cid",
82+
CredentialsName: "Cross-account ARN",
83+
AwsCredentials: &AwsCredentials{
84+
StsRole: &StsRole{
85+
RoleArn: "arn:aws:iam::098765:role/cross-account",
86+
},
87+
},
88+
},
89+
},
90+
},
91+
Resource: ResourceMwsCredentials(),
92+
State: map[string]any{
93+
"account_id": "abc",
94+
"credentials_name": "Cross-account ARN",
95+
"role_arn": "arn:aws:iam::098765:role/cross-account",
96+
},
97+
Create: true,
98+
}.ApplyAndExpectData(t, map[string]any{
99+
"id": "abc/cid",
100+
"role_arn": "arn:aws:iam::098765:role/cross-account",
101+
})
102+
}
103+
104+
func TestAccountIdOnlyInConfig(t *testing.T) {
105+
qa.ResourceFixture{
106+
Fixtures: []qa.HTTPFixture{
107+
{
108+
Method: "POST",
109+
Resource: "/api/2.0/accounts/abc/credentials",
110+
ExpectedRequest: Credentials{
111+
CredentialsName: "Cross-account ARN",
112+
AwsCredentials: &AwsCredentials{
113+
StsRole: &StsRole{
114+
RoleArn: "arn:aws:iam::098765:role/cross-account",
115+
},
116+
},
117+
},
118+
Response: Credentials{
119+
CredentialsID: "cid",
120+
},
121+
},
122+
{
123+
Method: "GET",
124+
Resource: "/api/2.0/accounts/abc/credentials/cid?",
125+
Response: Credentials{
126+
CredentialsID: "cid",
127+
CredentialsName: "Cross-account ARN",
128+
AwsCredentials: &AwsCredentials{
129+
StsRole: &StsRole{
130+
RoleArn: "arn:aws:iam::098765:role/cross-account",
131+
},
132+
},
133+
},
134+
},
135+
},
136+
Resource: ResourceMwsCredentials(),
137+
State: map[string]any{
138+
"credentials_name": "Cross-account ARN",
139+
"role_arn": "arn:aws:iam::098765:role/cross-account",
140+
},
141+
Create: true,
142+
AccountID: "abc",
143+
}.ApplyAndExpectData(t, map[string]any{
144+
"id": "abc/cid",
145+
"role_arn": "arn:aws:iam::098765:role/cross-account",
146+
})
147+
}
148+
149+
func TestFailIfDifferentAccountIds(t *testing.T) {
150+
qa.ResourceFixture{
151+
Resource: ResourceMwsCredentials(),
152+
State: map[string]any{
153+
"account_id": "another",
154+
"credentials_name": "Cross-account ARN",
155+
"role_arn": "arn:aws:iam::098765:role/cross-account",
156+
},
157+
Create: true,
158+
AccountID: "abc",
159+
}.ExpectError(t, "account ID is already set to abc")
160+
}
161+
59162
func TestResourceCredentialsCreateWithoutAccId(t *testing.T) {
60163
qa.ResourceFixture{
61164
Fixtures: []qa.HTTPFixture{

0 commit comments

Comments
 (0)