Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement new resource "AWS Service Endpoint" #48

Closed
EliiseS opened this issue Jul 2, 2020 · 12 comments
Closed

Implement new resource "AWS Service Endpoint" #48

EliiseS opened this issue Jul 2, 2020 · 12 comments
Assignees
@phillebaba
Labels
new-feature

Comments

@EliiseS
Copy link
Member

EliiseS commented Jul 2, 2020

Migrated from #370
Originally created by @simongottschlag on Tue, 09 Jun 2020 21:02:33 GMT

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Implement AWS Service Endpoint.

New or Affected Resource(s)

  • azuredevops_serviceendpoint_aws

References

https://github.com/aws/aws-toolkit-azure-devops

https://aws.amazon.com/vsts/

  • #0000
@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @xuzhang3 on Fri, 12 Jun 2020 10:19:20 GMT

So I implemented an AWS service endpoint resource.
https://github.com/phillebaba/terraform-provider-azuredevops/blob/aws-service-connection/azuredevops/internal/service/serviceendpoint/resource_serviceendpoint_aws.go

The only thing that does not seem to work are the confidential values. The paramters secret_access_key and session_token are not returned by the api, causing issues with the state. @xuzhang3 do you know what might cause this, or is this an issue on AWS side that needs to be fixed?

@phillebaba Thanks for you contribute, wonderful work. I'm not experience with AWS, I guess that secret_access_key and session_token can only get from AWS portal or CLI. You can reference here Bitbucket handle password , password won't return by API too.

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @phillebaba on Thu, 11 Jun 2020 22:01:50 GMT

So I implemented an AWS service endpoint resource.
https://github.com/phillebaba/terraform-provider-azuredevops/blob/aws-service-connection/azuredevops/internal/service/serviceendpoint/resource_serviceendpoint_aws.go

The only thing that does not seem to work are the confidential values. The paramters secret_access_key and session_token are not returned by the api, causing issues with the state. @xuzhang3 do you know what might cause this, or is this an issue on AWS side that needs to be fixed?

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @xuzhang3 on Fri, 12 Jun 2020 10:22:23 GMT

@phillebaba I assign this task to you.

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @xuzhang3 on Wed, 10 Jun 2020 05:32:17 GMT

Potential HCL config:

resource "azuredevops_serviceendpoint_aws" "aws_serviceendpoint" {
  project_id            = azuredevops_project.project.id
  access_key_id         = "xxxx"
  secret_access_key     = "xxxx"
  service_endpoint_name = "aws_serviceendpoint"
  description           = "Managed by AzureDevOps"
}

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @xuzhang3 on Wed, 17 Jun 2020 03:17:24 GMT

@phillebaba We use Terraform acceptance test framework for testing, acceptance test will create real resource and destroy it after test finished (Acceptance Test Document). You don't need to judge whether the organization has installed the aws-toolkit-extension. When required resource not found, service API will return an error and acceptance test failed.

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @phillebaba on Tue, 16 Jun 2020 20:30:02 GMT

@xuzhang3 I made the changes so that the state is not out of sync all the time. I am not familiar with how your testing environment looks like though. Should I go ahead and implement a test that just assumes that aws-toolkit-azure-devops is installed?

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020

Migrated from #370 (comment)
Originally created by @phillebaba on Tue, 16 Jun 2020 08:47:54 GMT

I looked a bit closer at how the other resources did and realized that they do not store the secret as it is not returned by the API. Instead they use a custom diff function and a hash of the secret to detect when any changes are made.

I will change my secrets handling to it works in the same way, and I guess it should work.

@EliiseS
Copy link
Member Author

EliiseS commented Jul 2, 2020
edited
Loading

@phillebaba Can you comment on this issue so I can assign you back?

Context: isaacs/github#100 (comment)

@EliiseS EliiseS removed the moved label Jul 2, 2020
@phillebaba
Copy link
Contributor

Thank you for moving the PR! Did not know you could do this in Github.

@xuzhang3
Copy link
Collaborator

xuzhang3 commented Jul 3, 2020

@phillebaba We can only move the issues, cannot move the PR, you need submit another :D

@phillebaba phillebaba mentioned this issue Jul 5, 2020
Merged
11 tasks
@phillebaba
Copy link
Contributor

Oh, I was a bit too optimistic there I guess. Sorry for not getting to this earlier, but I have had a lot on my plate the last two weeks. Now there is a PR in the correct repo with the same changes.

@xuzhang3 xuzhang3 mentioned this issue Jul 10, 2020
Closed
@phillebaba
Copy link
Contributor

We can close this issue, as the PR has been merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@phillebaba phillebaba

Labels
new-feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@phillebaba @EliiseS @xuzhang3