fix: validation check. Prompt to remove pe ids and service ids if clo…

…ud provider is not bah
EnterpriseDB · Nov 8, 2024 · 319975b · 319975b
1 parent c609e0f
commit 319975b
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 6 deletions.
diff --git a/pkg/plan_modifier/cloud_provider.go b/pkg/plan_modifier/cloud_provider.go
@@ -0,0 +1,59 @@
+package plan_modifier
+
+import (
+	"context"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-go/tftypes"
+)
+
+func CustomCloudProvider() planmodifier.String {
+	return customCloudProviderModifier{}
+}
+
+type customCloudProviderModifier struct{}
+
+func (m customCloudProviderModifier) Description(_ context.Context) string {
+	return "Once set, the value of this attribute in state will not change."
+}
+
+func (m customCloudProviderModifier) MarkdownDescription(_ context.Context) string {
+	return "Once set, the value of this attribute in state will not change."
+}
+
+func (m customCloudProviderModifier) PlanModifyString(ctx context.Context, req planmodifier.StringRequest, resp *planmodifier.StringResponse) {
+	cloudProviderConfig := req.ConfigValue.ValueString()
+	var configObject map[string]tftypes.Value
+
+	err := req.Config.Raw.As(&configObject)
+	if err != nil {
+		resp.Diagnostics.AddError("Mapping config object in custom cloud provider modifier error", err.Error())
+		return
+	}
+
+	if !strings.Contains(cloudProviderConfig, "bah") {
+		peIds, ok := configObject["pe_allowed_principal_ids"]
+		if ok && peIds.IsNull() == false {
+			resp.Diagnostics.AddError("your cloud account 'pe_allowed_principal_ids' field not allowed error",
+				"field 'pe_allowed_principal_ids' should only be set if you are using 'bah' cloud provider, please remove 'pe_allowed_principal_ids'")
+			return
+		}
+
+		saIds, ok := configObject["service_account_ids"]
+		if ok && saIds.IsNull() == false {
+			resp.Diagnostics.AddError("your cloud account 'service_account_ids' field not allowed error",
+				"field 'service_account_ids' should only be set if you are using cloud provider 'bah:gcp', please remove 'service_account_ids'")
+			return
+		}
+	}
+
+	if strings.Contains(cloudProviderConfig, "bah") && !strings.Contains(cloudProviderConfig, "bah:gcp") {
+		saIds, ok := configObject["service_account_ids"]
+		if ok && saIds.IsNull() == false {
+			resp.Diagnostics.AddError("your cloud account 'service_account_ids' field not allowed error",
+				"you are not using cloud provider 'bah:gcp', field 'service_account_ids' should only be set if you are using cloud provider 'bah:gcp', please remove 'service_account_ids'")
+			return
+		}
+	}
+}
diff --git a/pkg/provider/resource_analytics_cluster.go b/pkg/provider/resource_analytics_cluster.go
@@ -169,8 +169,9 @@ func (r *analyticsClusterResource) Schema(ctx context.Context, req resource.Sche
 				PlanModifiers:       []planmodifier.String{stringplanmodifier.UseStateForUnknown()},
 			},
 			"cloud_provider": schema.StringAttribute{
-				Description: "Cloud provider. For example, \"aws\" or \"bah:aws\".",
-				Required:    true,
+				Description:   "Cloud provider. For example, \"aws\" or \"bah:aws\".",
+				Required:      true,
+				PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
 			},
 			"pg_type": schema.StringAttribute{
 				MarkdownDescription: "Postgres type. For example, \"epas\" or \"pgextended\".",

diff --git a/pkg/provider/resource_cluster.go b/pkg/provider/resource_cluster.go
@@ -325,8 +325,9 @@ func (c *clusterResource) Schema(ctx context.Context, req resource.SchemaRequest
 				PlanModifiers:       []planmodifier.String{stringplanmodifier.UseStateForUnknown()},
 			},
 			"cloud_provider": schema.StringAttribute{
-				Description: "Cloud provider. For example, \"aws\", \"azure\", \"gcp\" or \"bah:aws\", \"bah:gcp\".",
-				Required:    true,
+				Description:   "Cloud provider. For example, \"aws\", \"azure\", \"gcp\" or \"bah:aws\", \"bah:gcp\".",
+				Required:      true,
+				PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
 			},
 			"pg_type": schema.StringAttribute{
 				MarkdownDescription: "Postgres type. For example, \"epas\", \"pgextended\", or \"postgres\".",

diff --git a/pkg/provider/resource_pgd.go b/pkg/provider/resource_pgd.go
@@ -347,8 +347,9 @@ func PgdSchema(ctx context.Context) schema.Schema {
 							Required:    true,
 							Attributes: map[string]schema.Attribute{
 								"cloud_provider_id": schema.StringAttribute{
-									Description: "Data group cloud provider id.",
-									Required:    true,
+									Description:   "Data group cloud provider id.",
+									Required:      true,
+									PlanModifiers: []planmodifier.String{plan_modifier.CustomCloudProvider()},
 								},
 							},
 						},