Use correct verb for permissions on SQL Endpoint (#1172)

* Use correct verb for permissions on SQL Endpoint

Use correct HTTP verb for `databricks_permissions` on `databricks_sql_endpoint`. Authorized user, assumingly part of `admins` group, is no longer sending `CAN_MANAGE` permission in the HTTP PUT request.

Fixes #1163

Author: nfx

CHANGELOG.md

@@ -4,6 +4,8 @@
 
 * Failures in [exporter](https://asciinema.org/a/Rv8ZFJQpfrfp6ggWddjtyXaOy) resource listing no longer halt the entire command run ([#1166](https://github.com/databrickslabs/terraform-provider-databricks/issues/1166)).
 * Removed client-side validation in `databricks_service_principal` for `application_id`, that may not always be available in the planning stage ([#1165](https://github.com/databrickslabs/terraform-provider-databricks/issues/1165)).
+* Use correct HTTP verb for modifying `databricks_permissions` on `databricks_sql_endpoint` entities. Authorized user, assumingly part of `admins` group, is no longer sending `CAN_MANAGE` permission in the HTTP PUT request ([#1163](https://github.com/databrickslabs/terraform-provider-databricks/issues/1163)).
+* Added diff suppression for `min_num_clusters` field in `databricks_sql_endpoint` ([#1172](https://github.com/databrickslabs/terraform-provider-databricks/pull/1172)).
 
 Updated dependency versions:
 

permissions/resource_permissions.go

@@ -111,8 +111,12 @@ type PermissionsAPI struct {
 	context context.Context
 }
 
+func isDbsqlPermissionsWorkaroundNecessary(objectID string) bool {
+	return strings.HasPrefix(objectID, "/sql/") && !strings.HasPrefix(objectID, "/sql/endpoints")
+}
+
 func urlPathForObjectID(objectID string) string {
-	if strings.HasPrefix(objectID, "/sql/") && !strings.HasPrefix(objectID, "/sql/endpoints") {
+	if isDbsqlPermissionsWorkaroundNecessary(objectID) {
 		// Permissions for SQLA entities are routed differently from the others.
 		return "/preview/sql/permissions" + objectID[4:]
 	}
@@ -121,7 +125,7 @@ func urlPathForObjectID(objectID string) string {
 
 // Helper function to select the correct HTTP method depending on the object types.
 func (a PermissionsAPI) put(objectID string, objectACL AccessControlChangeList) error {
-	if strings.HasPrefix(objectID, "/sql/") {
+	if isDbsqlPermissionsWorkaroundNecessary(objectID) {
 		// SQLA entities always have `CAN_MANAGE` permission for the calling user.
 		me, err := scim.NewUsersAPI(a.context, a.client).Me()
 		if err != nil {
@@ -131,15 +135,9 @@ func (a PermissionsAPI) put(objectID string, objectACL AccessControlChangeList)
 			UserName:        me.UserName,
 			PermissionLevel: "CAN_MANAGE",
 		})
-
-		if strings.HasPrefix(objectID, "/sql/endpoints/") {
-			return a.client.Patch(a.context, urlPathForObjectID(objectID), objectACL)
-		} else {
-			// The rest of SQLA entities use HTTP POST for permission updates.
-			return a.client.Post(a.context, urlPathForObjectID(objectID), objectACL, nil)
-		}
+		// SQLA entities use POST for permission updates.
+		return a.client.Post(a.context, urlPathForObjectID(objectID), objectACL, nil)
 	}
-
 	return a.client.Put(a.context, urlPathForObjectID(objectID), objectACL)
 }
 

permissions/resource_permissions_test.go

@@ -506,18 +506,14 @@ func TestResourcePermissionsCreate_SQLA_Endpoint(t *testing.T) {
 		Fixtures: []qa.HTTPFixture{
 			me,
 			{
-				Method:   http.MethodPatch,
+				Method:   "PUT",
 				Resource: "/api/2.0/permissions/sql/endpoints/abc",
 				ExpectedRequest: AccessControlChangeList{
 					AccessControlList: []AccessControlChange{
 						{
 							UserName:        TestingUser,
 							PermissionLevel: "CAN_USE",
 						},
-						{
-							UserName:        TestingAdminUser,
-							PermissionLevel: "CAN_MANAGE",
-						},
 					},
 				},
 			},
@@ -532,10 +528,6 @@ func TestResourcePermissionsCreate_SQLA_Endpoint(t *testing.T) {
 							UserName:        TestingUser,
 							PermissionLevel: "CAN_USE",
 						},
-						{
-							UserName:        TestingAdminUser,
-							PermissionLevel: "CAN_MANAGE",
-						},
 					},
 				},
 			},

sql/resource_sql_endpoint.go

@@ -25,7 +25,7 @@ type SQLEndpoint struct {
 	Name                    string          `json:"name"`
 	ClusterSize             string          `json:"cluster_size"`
 	AutoStopMinutes         int             `json:"auto_stop_mins" tf:"default:120"`
-	MinNumClusters          int             `json:"min_num_clusters,omitempty" tf:"default:1"`
+	MinNumClusters          int             `json:"min_num_clusters,omitempty" tf:"default:1,suppress_diff"`
 	MaxNumClusters          int             `json:"max_num_clusters,omitempty" tf:"default:1"`
 	NumClusters             int             `json:"num_clusters,omitempty" tf:"default:1,suppress_diff"`
 	EnablePhoton            bool            `json:"enable_photon" tf:"default:true"`