Updates from review notes

mhodgson · timofurrer · commit a74f7676c9d5 · 2022-09-05T18:28:37.000+02:00
diff --git a/internal/provider/access_level_helpers.go b/internal/provider/access_level_helpers.go
@@ -65,14 +65,6 @@ var validProjectEnvironmentStates = []string{
 	"available", "stopped",
 }
 
-var validGroupSamlLinkAccessLevelNames = []string{
-	"Guest",
-	"Reporter",
-	"Developer",
-	"Maintainer",
-	"Owner",
-}
-
 var accessLevelNameToValue = map[string]gitlab.AccessLevelValue{
 	"no one":     gitlab.NoPermissions,
 	"minimal":    gitlab.MinimalAccessPermissions,
diff --git a/internal/provider/resource_gitlab_group_saml_link.go b/internal/provider/resource_gitlab_group_saml_link.go
@@ -4,14 +4,21 @@ import (
 	"context"
 	"fmt"
 	"log"
-	"strings"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	gitlab "github.com/xanzy/go-gitlab"
 )
 
+var validGroupSamlLinkAccessLevelNames = []string{
+	"Guest",
+	"Reporter",
+	"Developer",
+	"Maintainer",
+	"Owner",
+}
+
 var _ = registerResource("gitlab_group_saml_link", func() *schema.Resource {
 	return &schema.Resource{
 		Description: `The ` + "`gitlab_group_saml_link`" + ` resource allows to manage the lifecycle of an SAML integration with a group.
@@ -22,12 +29,12 @@ var _ = registerResource("gitlab_group_saml_link", func() *schema.Resource {
 		ReadContext:   resourceGitlabGroupSamlLinkRead,
 		DeleteContext: resourceGitlabGroupSamlLinkDelete,
 		Importer: &schema.ResourceImporter{
-			StateContext: resourceGitlabGroupSamlLinkImporter,
+			StateContext: schema.ImportStatePassthroughContext,
 		},
 
 		Schema: map[string]*schema.Schema{
-			"group_id": {
-				Description: "The id of the GitLab group.",
+			"group": {
+				Description: "The ID or path of the group to add the SAML Group Link to.",
 				Type:        schema.TypeString,
 				Required:    true,
 				ForceNew:    true,
@@ -45,65 +52,53 @@ var _ = registerResource("gitlab_group_saml_link", func() *schema.Resource {
 				Required:    true,
 				ForceNew:    true,
 			},
-			"force": {
-				Description: "If true, then delete and replace an existing SAML link if one exists.",
-				Type:        schema.TypeBool,
-				Optional:    true,
-				Default:     false,
-				ForceNew:    true,
-			},
 		},
 	}
 })
 
 func resourceGitlabGroupSamlLinkCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*gitlab.Client)
 
-	groupId := d.Get("group_id").(string)
+	group := d.Get("group").(string)
 	accessLevel := d.Get("access_level").(string)
 	samlGroupName := d.Get("saml_group_name").(string)
-	force := d.Get("force").(bool)
 
 	options := &gitlab.AddGroupSAMLLinkOptions{
-		AccessLevel:   &accessLevel,
-		SamlGroupName: &samlGroupName,
-	}
-
-	if force {
-		if err := resourceGitlabGroupSamlLinkDelete(ctx, d, meta); err != nil {
-			return err
-		}
+		AccessLevel:   gitlab.String(accessLevel),
+		SamlGroupName: gitlab.String(samlGroupName),
 	}
 
 	log.Printf("[DEBUG] Create GitLab group SamlLink %s", d.Id())
-	SamlLink, _, err := client.Groups.AddGroupSAMLLink(groupId, options, gitlab.WithContext(ctx))
+	SamlLink, _, err := client.Groups.AddGroupSAMLLink(group, options, gitlab.WithContext(ctx))
 	if err != nil {
 		return diag.FromErr(err)
 	}
 
-	d.SetId(buildTwoPartID(&groupId, &SamlLink.Name))
+	d.SetId(buildTwoPartID(&group, &SamlLink.Name))
 
 	return resourceGitlabGroupSamlLinkRead(ctx, d, meta)
 }
 
 func resourceGitlabGroupSamlLinkRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*gitlab.Client)
-	groupId := d.Get("group_id").(string)
+	group, samlGroupName, parse_err := parseTwoPartID(d.Id())
+	if parse_err != nil {
+		return diag.FromErr(parse_err)
+	}
 
 	// Try to fetch all group links from GitLab
-	log.Printf("[DEBUG] Read GitLab group SamlLinks %s", groupId)
-	samlLinks, _, err := client.Groups.ListGroupSAMLLinks(groupId, nil, gitlab.WithContext(ctx))
+	log.Printf("[DEBUG] Read GitLab group SamlLinks %s", group)
+	samlLinks, _, err := client.Groups.ListGroupSAMLLinks(group, nil, gitlab.WithContext(ctx))
 	if err != nil {
 		return diag.FromErr(err)
 	}
 
-	// If we got here and don't have links, assume GitLab is below version 12.8 and skip the check
 	if samlLinks != nil {
-		// Check if the LDAP link exists in the returned list of links
+		// Check if the SAML link exists in the returned list of links
 		found := false
 		for _, samlLink := range samlLinks {
-			if buildTwoPartID(&groupId, &samlLink.Name) == d.Id() {
-				d.Set("group_id", groupId)
+			if samlLink.Name == samlGroupName {
+				d.Set("group", group)
 				d.Set("access_level", samlLink.AccessLevel)
 				d.Set("saml_group_name", samlLink.Name)
 				found = true
@@ -112,8 +107,9 @@ func resourceGitlabGroupSamlLinkRead(ctx context.Context, d *schema.ResourceData
 		}
 
 		if !found {
+			log.Printf("[DEBUG] GitLab SAML Group Link %d, group ID %s not found, removing from state", samlGroupName, group)
 			d.SetId("")
-			return diag.Errorf("SamlLink %s does not exist.", d.Id())
+			return nil
 		}
 	}
 
@@ -122,42 +118,20 @@ func resourceGitlabGroupSamlLinkRead(ctx context.Context, d *schema.ResourceData
 
 func resourceGitlabGroupSamlLinkDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*gitlab.Client)
-	groupId := d.Get("group_id").(string)
-	samlGroupName := d.Get("saml_group_name").(string)
+	group, samlGroupName, parse_err := parseTwoPartID(d.Id())
+	if parse_err != nil {
+		return diag.FromErr(parse_err)
+	}
 
 	log.Printf("[DEBUG] Delete GitLab group SamlLink %s", d.Id())
-	_, err := client.Groups.DeleteGroupSAMLLink(groupId, samlGroupName, cn, gitlab.WithContext(ctx))
+	_, err := client.Groups.DeleteGroupSAMLLink(group, samlGroupName, gitlab.WithContext(ctx))
 	if err != nil {
-		switch err.(type) { // nolint // TODO: Resolve this golangci-lint issue: S1034: assigning the result of this type assertion to a variable (switch err := err.(type)) could eliminate type assertions in switch cases (gosimple)
-		case *gitlab.ErrorResponse:
-			// Ignore SAML links that don't exist
-			if strings.Contains(string(err.(*gitlab.ErrorResponse).Message), "Linked SAML group not found") { // nolint // TODO: Resolve this golangci-lint issue: S1034(related information): could eliminate this type assertion (gosimple)
-				log.Printf("[WARNING] %s", err)
-			} else {
-				return diag.FromErr(err)
-			}
-		default:
+		if is404(err) {
+			log.Printf("[WARNING] %s", err)
+		} else {
 			return diag.FromErr(err)
 		}
 	}
 
 	return nil
 }
-
-func resourceGitlabGroupSamlLinkImporter(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
-	parts := strings.SplitN(d.Id(), ":", 2)
-	if len(parts) != 2 {
-		return nil, fmt.Errorf("invalid saml link import id (should be <group id>:<saml group name>): %s", d.Id())
-	}
-
-	groupId, samlGroupName := parts[0], parts[1]
-	d.SetId(buildTwoPartID(&groupId, &samlGroupName))
-	d.Set("group_id", groupId)
-	d.Set("force", false)
-
-	diag := resourceGitlabGroupSamlLinkRead(ctx, d, meta)
-	if diag.HasError() {
-		return nil, fmt.Errorf("%s", diag[0].Summary)
-	}
-	return []*schema.ResourceData{d}, nil
-}
diff --git a/internal/provider/resource_gitlab_group_saml_link_test.go b/internal/provider/resource_gitlab_group_saml_link_test.go
@@ -32,7 +32,13 @@ func TestAccGitlabGroupSamlLink_basic(t *testing.T) {
 			// Create a group SAML link as a developer (uses testAccGitlabGroupLdapSamlCreateConfig for Config)
 			{
 				SkipFunc: isRunningInCE,
-				Config:   testAccGitlabGroupSamlLinkCreateConfig(rInt, &testSamlLink),
+				Config: fmt.Sprintf(`
+				resource "gitlab_group_saml_link" "foo" {
+					group_id 		= "%d"
+					access_level 	= "Developer"
+					saml_group_name = "%s"
+				
+				}`, rInt, rInt, testSamlLink.Name),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckGitlabGroupSamlLinkExists(resourceName, &samlLink)),
 			},
@@ -49,7 +55,12 @@ func TestAccGitlabGroupSamlLink_basic(t *testing.T) {
 			// Update the group SAML link to change the access level (uses testAccGitlabGroupSamlLinkUpdateConfig for Config)
 			{
 				SkipFunc: isRunningInCE,
-				Config:   testAccGitlabGroupSamlLinkUpdateConfig(rInt, &testSamlLink),
+				Config: fmt.Sprintf(`
+				resource "gitlab_group_saml_link" "foo" {
+					group_id 		= "%d"
+					access_level 	= "Maintainer"
+					saml_group_name = "%s"
+				}`, rInt, rInt, testSamlLink.Name),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckGitlabGroupSamlLinkExists(resourceName, &samlLink)),
 			},
@@ -155,35 +166,4 @@ func testAccGetGitlabGroupSamlLink(samlLink *gitlab.SAMLGroupLink, resourceState
 	}
 
 	return nil
-}
-
-func testAccGitlabGroupSamlLinkCreateConfig(rInt int, testSamlLink *gitlab.SAMLGroupLink) string {
-	return fmt.Sprintf(`
-resource "gitlab_group" "foo" {
-    name = "foo%d"
-	path = "foo%d"
-	description = "Terraform acceptance test - Group SAML Links 1"
-}
-
-resource "gitlab_group_saml_link" "foo" {
-    group_id 		= "${gitlab_group.foo.id}"
-	access_level 	= "Developer"
-	saml_group_name = "%s"
-
-}`, rInt, rInt, testSamlLink.Name)
-}
-
-func testAccGitlabGroupSamlLinkUpdateConfig(rInt int, testSamlLink *gitlab.SAMLGroupLink) string {
-	return fmt.Sprintf(`
-resource "gitlab_group" "foo" {
-    name = "foo%d"
-	path = "foo%d"
-	description = "Terraform acceptance test - Group SAML Links 2"
-}
-
-resource "gitlab_group_saml_link" "foo" {
-    group_id 		= "${gitlab_group.foo.id}"
-    access_level 	= "Maintainer"
-	saml_group_name = "%s"
-}`, rInt, rInt, testSamlLink.Name)
-}
+}
