From 216b216b38b5c34a24805d205654e93a7ff0da79 Mon Sep 17 00:00:00 2001
From: Jeremy Muriel <jeremy@jeremm.fr>
Date: Wed, 4 Dec 2024 15:21:30 +0100
Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=90=9B=20r/externalauth=5Fkerberos:?=
 =?UTF-8?q?=20deprecate=20login=5Fattribute=20argument?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

it produces Bad Request with API v3.12 : Additional properties are not allowed ('login_attribute' was unexpected)
& fix tests to test resource update
---
 .changes/hotfix_external_auth_kerberos.md     |  4 ++
 bastion/resource_externalauth_kerberos.go     |  7 +--
 .../resource_externalauth_kerberos_test.go    | 43 ++++++++++++++++---
 3 files changed, 44 insertions(+), 10 deletions(-)
 create mode 100644 .changes/hotfix_external_auth_kerberos.md

diff --git a/.changes/hotfix_external_auth_kerberos.md b/.changes/hotfix_external_auth_kerberos.md
new file mode 100644
index 0000000..bb3ecfd
--- /dev/null
+++ b/.changes/hotfix_external_auth_kerberos.md
@@ -0,0 +1,4 @@
+<!-- markdownlint-disable-file MD013 MD041 -->
+BUG FIXES:
+
+* **resource/wallix-bastion_externalauth_kerberos**: deprecate `login_attribute` argument (it produces Bad Request with API v3.12)
diff --git a/bastion/resource_externalauth_kerberos.go b/bastion/resource_externalauth_kerberos.go
index 8715a9b..bd8fc2c 100644
--- a/bastion/resource_externalauth_kerberos.go
+++ b/bastion/resource_externalauth_kerberos.go
@@ -21,7 +21,6 @@ type jsonExternalAuthKerberos struct {
 	Host                 string `json:"host"`
 	KerDomController     string `json:"ker_dom_controller"`
 	KeyTab               string `json:"keytab,omitempty"`
-	LoginAttribute       string `json:"login_attribute"`
 	Type                 string `json:"type"`
 }
 
@@ -69,6 +68,8 @@ func resourceExternalAuthKerberos() *schema.Resource {
 			"login_attribute": {
 				Type:     schema.TypeString,
 				Optional: true,
+				Deprecated: "Remove this attribute's configuration as it no longer is used" +
+					" and the attribute will be removed in the next major version of the provider.",
 			},
 			"use_primary_auth_domain": {
 				Type:     schema.TypeBool,
@@ -275,7 +276,6 @@ func prepareExternalAuthKerberosJSON(d *schema.ResourceData) jsonExternalAuthKer
 		Port:                 d.Get("port").(int),
 		Description:          d.Get("description").(string),
 		KeyTab:               d.Get("keytab").(string),
-		LoginAttribute:       d.Get("login_attribute").(string),
 		UsePrimaryAuthDomain: d.Get("use_primary_auth_domain").(bool),
 		Type:                 "KERBEROS",
 	}
@@ -328,9 +328,6 @@ func fillExternalAuthKerberos(d *schema.ResourceData, jsonData jsonExternalAuthK
 	if tfErr := d.Set("description", jsonData.Description); tfErr != nil {
 		panic(tfErr)
 	}
-	if tfErr := d.Set("login_attribute", jsonData.LoginAttribute); tfErr != nil {
-		panic(tfErr)
-	}
 	if tfErr := d.Set("use_primary_auth_domain", jsonData.UsePrimaryAuthDomain); tfErr != nil {
 		panic(tfErr)
 	}
diff --git a/bastion/resource_externalauth_kerberos_test.go b/bastion/resource_externalauth_kerberos_test.go
index 04b35a7..029e598 100644
--- a/bastion/resource_externalauth_kerberos_test.go
+++ b/bastion/resource_externalauth_kerberos_test.go
@@ -1,3 +1,4 @@
+// nolint: lll,nolintlint
 package bastion_test
 
 import (
@@ -33,12 +34,17 @@ func TestAccResourceExternalAuthKerberos_basic(t *testing.T) {
 				ImportState:   true,
 				ImportStateId: "testacc_ExternalAuthKerberos",
 			},
+			{
+				Config: testAccResourceExternalAuthKerberosCreate2(),
+			},
+			{
+				Config: testAccResourceExternalAuthKerberosUpdate2(),
+			},
 		},
 		PreventPostDestroyRefresh: true,
 	})
 }
 
-// nolint: lll,nolintlint
 func testAccResourceExternalAuthKerberosCreate() string {
 	k, _ := hex.DecodeString(keytabDataHexStr)
 	os.WriteFile("/tmp/testacc_data", k, 0644) //nolint: all
@@ -55,7 +61,6 @@ resource "wallix-bastion_externalauth_kerberos" "testacc_ExternalAuthKerberos" {
 `
 }
 
-// nolint: lll,nolintlint
 func testAccResourceExternalAuthKerberosUpdate() string {
 	return `
 data "wallix-bastion_version" "v" {}
@@ -63,10 +68,38 @@ resource "wallix-bastion_externalauth_kerberos" "testacc_ExternalAuthKerberos" {
   authentication_name     = "testacc_ExternalAuthKerberos"
   host                    = "server1"
   ker_dom_controller      = "EXAMPLE.COM"
-  port                    = 88
-  kerberos_password       = true
+  port                    = 188
   description             = "testacc ExternalAuthKerberos"
-  login_attribute         = "attribute"
+  use_primary_auth_domain = true
+  keytab                  = split(".", data.wallix-bastion_version.v.wab_version)[0] == "8" ? "" : filebase64("/tmp/testacc_data")
+}
+`
+}
+
+func testAccResourceExternalAuthKerberosCreate2() string {
+	return `
+data "wallix-bastion_version" "v" {}
+resource "wallix-bastion_externalauth_kerberos" "testacc_ExternalAuthKerberosPassword" {
+  authentication_name = "testacc_ExternalAuthKerberosPassword"
+  host                = "server2"
+  ker_dom_controller  = "EXAMPLE.COM"
+  kerberos_password   = true
+  port                = 88
+  keytab              = split(".", data.wallix-bastion_version.v.wab_version)[0] == "8" ? "" : filebase64("/tmp/testacc_data")
+}
+`
+}
+
+func testAccResourceExternalAuthKerberosUpdate2() string {
+	return `
+data "wallix-bastion_version" "v" {}
+resource "wallix-bastion_externalauth_kerberos" "testacc_ExternalAuthKerberosPassword" {
+  authentication_name     = "testacc_ExternalAuthKerberosPassword"
+  host                    = "server2"
+  ker_dom_controller      = "EXAMPLE.COM"
+  kerberos_password       = true
+  port                    = 188
+  description             = "testacc ExternalAuthKerberosPassword"
   use_primary_auth_domain = true
   keytab                  = split(".", data.wallix-bastion_version.v.wab_version)[0] == "8" ? "" : filebase64("/tmp/testacc_data")
 }

From 27f2e0e0aa5eba63b71946e932d26328615bdb1f Mon Sep 17 00:00:00 2001
From: bsimon-wallix <130672981+bsimonWallix@users.noreply.github.com>
Date: Tue, 10 Dec 2024 09:41:48 +0100
Subject: [PATCH 2/2] Update resource_externalauth_kerberos.go

---
 bastion/resource_externalauth_kerberos.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bastion/resource_externalauth_kerberos.go b/bastion/resource_externalauth_kerberos.go
index bd8fc2c..bebf951 100644
--- a/bastion/resource_externalauth_kerberos.go
+++ b/bastion/resource_externalauth_kerberos.go
@@ -68,7 +68,7 @@ func resourceExternalAuthKerberos() *schema.Resource {
 			"login_attribute": {
 				Type:     schema.TypeString,
 				Optional: true,
-				Deprecated: "Remove this attribute's configuration as it no longer is used" +
+				Deprecated: "Remove this attribute's configuration as it is not used anymore" +
 					" and the attribute will be removed in the next major version of the provider.",
 			},
 			"use_primary_auth_domain": {