From 3c07881a48b6f2ffabd3ee7d74e4bec421630def Mon Sep 17 00:00:00 2001 From: Tom Bamford Date: Fri, 12 Jun 2020 23:03:08 +0100 Subject: [PATCH 1/3] data.azuread_application: support the application_id argument --- azuread/data_application.go | 72 ++++++++++++++++-------- azuread/data_application_test.go | 47 +++++++++++++++- website/docs/d/application.html.markdown | 6 +- 3 files changed, 95 insertions(+), 30 deletions(-) diff --git a/azuread/data_application.go b/azuread/data_application.go index d30ce06044..517fece60d 100644 --- a/azuread/data_application.go +++ b/azuread/data_application.go @@ -18,19 +18,27 @@ func dataApplication() *schema.Resource { Schema: map[string]*schema.Schema{ "object_id": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ValidateFunc: validate.UUID, - ConflictsWith: []string{"name"}, + Type: schema.TypeString, + Optional: true, + Computed: true, + ExactlyOneOf: []string{"application_id", "name", "object_id"}, + ValidateFunc: validate.UUID, + }, + + "application_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ExactlyOneOf: []string{"application_id", "name", "object_id"}, + ValidateFunc: validate.UUID, }, "name": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ValidateFunc: validate.NoEmptyStrings, - ConflictsWith: []string{"object_id"}, + Type: schema.TypeString, + Optional: true, + Computed: true, + ExactlyOneOf: []string{"application_id", "name", "object_id"}, + ValidateFunc: validate.NoEmptyStrings, }, "homepage": { @@ -69,11 +77,6 @@ func dataApplication() *schema.Resource { Computed: true, }, - "application_id": { - Type: schema.TypeString, - Computed: true, - }, - "group_membership_claims": { Type: schema.TypeString, Computed: true, @@ -162,8 +165,19 @@ func dataApplicationRead(d *schema.ResourceData, meta interface{}) error { } app = resp - } else if name, ok := d.Get("name").(string); ok { - filter := fmt.Sprintf("displayName eq '%s'", name) + } else { + var fieldName, fieldValue string + if applicationId, ok := d.Get("application_id").(string); ok && applicationId != "" { + fieldName = "appId" + fieldValue = applicationId + } else if name, ok := d.Get("name").(string); ok && name != "" { + fieldName = "displayName" + fieldValue = name + } else { + return fmt.Errorf("one of `object_id` or `name` must be supplied") + } + + filter := fmt.Sprintf("%s eq '%s'", fieldName, fieldValue) resp, err := client.ListComplete(ctx, filter) if err != nil { @@ -182,18 +196,26 @@ func dataApplicationRead(d *schema.ResourceData, meta interface{}) error { } app = (*values)[0] - if app.DisplayName == nil { - return fmt.Errorf("nil DisplayName for AD Applications matching %q", filter) - } - if *app.DisplayName != name { - return fmt.Errorf("displayname for AD Applications matching %q does is does not match(%q!=%q)", filter, *app.DisplayName, name) + switch fieldName { + case "appId": + if app.AppID == nil { + return fmt.Errorf("nil AppID for AD Applications matching %q", filter) + } + if *app.AppID != fieldValue { + return fmt.Errorf("AppID for AD Applications matching %q does is does not match(%q!=%q)", filter, *app.AppID, fieldValue) + } + case "displayName": + if app.DisplayName == nil { + return fmt.Errorf("nil DisplayName for AD Applications matching %q", filter) + } + if *app.DisplayName != fieldValue { + return fmt.Errorf("DisplayName for AD Applications matching %q does is does not match(%q!=%q)", filter, *app.DisplayName, fieldValue) + } } - } else { - return fmt.Errorf("one of `object_id` or `name` must be supplied") } if app.ObjectID == nil { - return fmt.Errorf("Application objectId is nil") + return fmt.Errorf("Application ObjectId is nil") } d.SetId(*app.ObjectID) diff --git a/azuread/data_application_test.go b/azuread/data_application_test.go index 879192c03a..732d57e9b9 100644 --- a/azuread/data_application_test.go +++ b/azuread/data_application_test.go @@ -78,6 +78,36 @@ func TestAccAzureADApplicationDataSource_byObjectIdComplete(t *testing.T) { }) } +func TestAccAzureADApplicationDataSource_byApplicationId(t *testing.T) { + dataSourceName := "data.azuread_application.test" + ri := tf.AccRandTimeInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckADApplicationDestroy, + Steps: []resource.TestStep{ + { + Config: testAccADApplication_basic(ri), + }, + { + Config: testAccAzureADApplicationDataSource_applicationId(ri), + Check: resource.ComposeTestCheckFunc( + testCheckADApplicationExists(dataSourceName), + resource.TestCheckResourceAttr(dataSourceName, "name", fmt.Sprintf("acctest-APP-%d", ri)), + resource.TestCheckResourceAttr(dataSourceName, "homepage", fmt.Sprintf("https://acctest-APP-%d", ri)), + resource.TestCheckResourceAttr(dataSourceName, "identifier_uris.#", "0"), + resource.TestCheckResourceAttr(dataSourceName, "reply_urls.#", "0"), + resource.TestCheckResourceAttr(dataSourceName, "optional_claims.#", "0"), + resource.TestCheckResourceAttr(dataSourceName, "required_resource_access.#", "0"), + resource.TestCheckResourceAttr(dataSourceName, "oauth2_allow_implicit_flow", "false"), + resource.TestCheckResourceAttrSet(dataSourceName, "application_id"), + ), + }, + }, + }) +} + func TestAccAzureADApplicationDataSource_byName(t *testing.T) { dataSourceName := "data.azuread_application.test" ri := tf.AccRandTimeInt() @@ -114,7 +144,7 @@ func testAccAzureADApplicationDataSource_objectId(ri int) string { %s data "azuread_application" "test" { - object_id = "${azuread_application.test.object_id}" + object_id = azuread_application.test.object_id } `, template) } @@ -125,7 +155,18 @@ func testAccAzureADApplicationDataSource_objectIdComplete(ri int, pw string) str %s data "azuread_application" "test" { - object_id = "${azuread_application.test.object_id}" + object_id = azuread_application.test.object_id +} +`, template) +} + +func testAccAzureADApplicationDataSource_applicationId(ri int) string { + template := testAccADApplication_basic(ri) + return fmt.Sprintf(` +%s + +data "azuread_application" "test" { + application_id = azuread_application.test.application_id } `, template) } @@ -136,7 +177,7 @@ func testAccAzureADApplicationDataSource_name(ri int) string { %s data "azuread_application" "test" { - name = "${azuread_application.test.name}" + name = azuread_application.test.name } `, template) } diff --git a/website/docs/d/application.html.markdown b/website/docs/d/application.html.markdown index 5e74406b01..0ce1a92a34 100644 --- a/website/docs/d/application.html.markdown +++ b/website/docs/d/application.html.markdown @@ -20,7 +20,7 @@ data "azuread_application" "example" { } output "azure_ad_object_id" { - value = "${data.azuread_application.example.id}" + value = data.azuread_application.example.id } ``` @@ -28,9 +28,11 @@ output "azure_ad_object_id" { * `object_id` - (Optional) Specifies the Object ID of the Application within Azure Active Directory. +* `application_id` - (Optional) Specifies the Application ID of the Azure Active Directory Application. + * `name` - (Optional) Specifies the name of the Application within Azure Active Directory. --> **NOTE:** Either an `object_id` or `name` must be specified. +-> **NOTE:** One of `object_id`, `application_id` or `name` must be specified. ## Attributes Reference From 9e2bc410bfdec7f4131f424f90e9b7f224153d4d Mon Sep 17 00:00:00 2001 From: Tom Bamford Date: Fri, 12 Jun 2020 23:04:27 +0100 Subject: [PATCH 2/3] Update documentation examples to use Terraform 0.12 expressions --- website/docs/d/domains.html.markdown | 2 +- website/docs/r/application_certificate.html.markdown | 4 ++-- website/docs/r/application_password.html.markdown | 9 ++------- website/docs/r/group.markdown | 7 +++++-- website/docs/r/group_member.markdown | 4 ++-- website/docs/r/service_principal.html.markdown | 2 +- .../r/service_principal_certificate.html.markdown | 6 +++--- .../docs/r/service_principal_password.html.markdown | 11 +++-------- website/docs/r/user.html.markdown | 2 +- 9 files changed, 20 insertions(+), 27 deletions(-) diff --git a/website/docs/d/domains.html.markdown b/website/docs/d/domains.html.markdown index 3fb52801c5..ff946e1bec 100644 --- a/website/docs/d/domains.html.markdown +++ b/website/docs/d/domains.html.markdown @@ -18,7 +18,7 @@ Use this data source to access information about an existing Domains within Azur data "azuread_domains" "aad_domains" {} output "domains" { - value = "${data.azuread_domains.aad_domains.domains}" + value = data.azuread_domains.aad_domains.domains } ``` diff --git a/website/docs/r/application_certificate.html.markdown b/website/docs/r/application_certificate.html.markdown index 7c68a3c303..7f38533c9a 100644 --- a/website/docs/r/application_certificate.html.markdown +++ b/website/docs/r/application_certificate.html.markdown @@ -21,9 +21,9 @@ resource "azuread_application" "example" { } resource "azuread_application_certificate" "example" { - application_object_id = "${azuread_application.example.id}" + application_object_id = azuread_application.example.id type = "AsymmetricX509Cert" - value = "${file("cert.pem")}" + value = file("cert.pem") end_date = "2021-05-01T01:02:03Z" } ``` diff --git a/website/docs/r/application_password.html.markdown b/website/docs/r/application_password.html.markdown index a648e45a84..d26d4ae264 100644 --- a/website/docs/r/application_password.html.markdown +++ b/website/docs/r/application_password.html.markdown @@ -17,16 +17,11 @@ Manages a Password associated with an Application within Azure Active Directory. ```hcl resource "azuread_application" "example" { - name = "example" - homepage = "http://homepage" - identifier_uris = ["http://uri"] - reply_urls = ["http://replyurl"] - available_to_other_tenants = false - oauth2_allow_implicit_flow = true + name = "example" } resource "azuread_application_password" "example" { - application_object_id = "${azuread_application.example.id}" + application_object_id = azuread_application.example.id description = "My managed password" value = "VT=uSgbTanZhyz@%nL9Hpd+Tfay_MRV#" end_date = "2099-01-01T01:02:03Z" diff --git a/website/docs/r/group.markdown b/website/docs/r/group.markdown index df80da31fa..5dee3c0a9d 100644 --- a/website/docs/r/group.markdown +++ b/website/docs/r/group.markdown @@ -29,12 +29,15 @@ resource "azuread_group" "example" { resource "azuread_user" "example" { display_name = "J Doe" password = "notSecure123" - user_principal_name = "j.doe@terraform.onmicrosoft.com" + user_principal_name = "jdoe@hashicorp.com" } resource "azuread_group" "example" { name = "MyGroup" - members = [ "${azuread_user.example.object_id}" /*, more users */ ] + members = [ + azuread_user.example.object_id, + /* more users */ + ] } ``` diff --git a/website/docs/r/group_member.markdown b/website/docs/r/group_member.markdown index 3a6aab83a1..bd24c0e59a 100644 --- a/website/docs/r/group_member.markdown +++ b/website/docs/r/group_member.markdown @@ -26,8 +26,8 @@ resource "azuread_group" "example" { } resource "azuread_group_member" "example" { - group_object_id = "${azuread_group.example.id}" - member_object_id = "${data.azuread_user.example.id}" + group_object_id = azuread_group.example.id + member_object_id = data.azuread_user.example.id } ``` diff --git a/website/docs/r/service_principal.html.markdown b/website/docs/r/service_principal.html.markdown index 438df8dbd9..b2e28b4f6d 100644 --- a/website/docs/r/service_principal.html.markdown +++ b/website/docs/r/service_principal.html.markdown @@ -25,7 +25,7 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - application_id = "${azuread_application.example.application_id}" + application_id = azuread_application.example.application_id app_role_assignment_required = false tags = ["example", "tags", "here"] diff --git a/website/docs/r/service_principal_certificate.html.markdown b/website/docs/r/service_principal_certificate.html.markdown index c2a0cce9ae..abb77e6844 100644 --- a/website/docs/r/service_principal_certificate.html.markdown +++ b/website/docs/r/service_principal_certificate.html.markdown @@ -21,13 +21,13 @@ resource "azuread_application" "example" { } resource "azuread_service_principal" "example" { - application_id = "${azuread_application.example.application_id}" + application_id = azuread_application.example.application_id } resource "azuread_service_principal_certificate" "example" { - service_principal_id = "${azuread_service_principal.example.id}" + service_principal_id = azuread_service_principal.example.id type = "AsymmetricX509Cert" - value = "${file("cert.pem")}" + value = file("cert.pem") end_date = "2021-05-01T01:02:03Z" } ``` diff --git a/website/docs/r/service_principal_password.html.markdown b/website/docs/r/service_principal_password.html.markdown index ad31b94376..52459f0a1e 100644 --- a/website/docs/r/service_principal_password.html.markdown +++ b/website/docs/r/service_principal_password.html.markdown @@ -17,20 +17,15 @@ Manages a Password associated with a Service Principal within Azure Active Direc ```hcl resource "azuread_application" "example" { - name = "example" - homepage = "http://homepage" - identifier_uris = ["http://uri"] - reply_urls = ["http://replyurl"] - available_to_other_tenants = false - oauth2_allow_implicit_flow = true + name = "example" } resource "azuread_service_principal" "example" { - application_id = "${azuread_application.example.application_id}" + application_id = azuread_application.example.application_id } resource "azuread_service_principal_password" "example" { - service_principal_id = "${azuread_service_principal.example.id}" + service_principal_id = azuread_service_principal.example.id description = "My managed password" value = "VT=uSgbTanZhyz@%nL9Hpd+Tfay_MRV#" end_date = "2099-01-01T01:02:03Z" diff --git a/website/docs/r/user.html.markdown b/website/docs/r/user.html.markdown index 8ad228f8e8..43fb6c3532 100644 --- a/website/docs/r/user.html.markdown +++ b/website/docs/r/user.html.markdown @@ -17,7 +17,7 @@ Manages a User within Azure Active Directory. ```hcl resource "azuread_user" "example" { - user_principal_name = "jdo@hashicorp.com" + user_principal_name = "jdoe@hashicorp.com" display_name = "J. Doe" mail_nickname = "jdoe" password = "SecretP@sswd99!" From e93cd9e1a5019fac84eb139d088b8fe5184cf145 Mon Sep 17 00:00:00 2001 From: Tom Bamford Date: Fri, 12 Jun 2020 23:14:03 +0100 Subject: [PATCH 3/3] Update acceptance test configs to use Terraform 0.12 expressions --- azuread/data_group_test.go | 8 +++---- azuread/data_groups_test.go | 4 ++-- azuread/data_service_principal_test.go | 6 ++--- azuread/data_user_test.go | 6 ++--- azuread/data_users_test.go | 6 ++--- .../resource_application_certificate_test.go | 16 +++++++------- azuread/resource_application_password_test.go | 18 +++++++-------- azuread/resource_group_member_test.go | 22 +++++++++---------- ...urce_service_principal_certificate_test.go | 18 +++++++-------- ...esource_service_principal_password_test.go | 18 +++++++-------- azuread/resource_service_principal_test.go | 4 ++-- 11 files changed, 63 insertions(+), 63 deletions(-) diff --git a/azuread/data_group_test.go b/azuread/data_group_test.go index 0bf4933bb9..420fe9c06b 100644 --- a/azuread/data_group_test.go +++ b/azuread/data_group_test.go @@ -99,7 +99,7 @@ func testAccDataSourceAzureADGroup_name(id int) string { %s data "azuread_group" "test" { - name = "${azuread_group.test.name}" + name = azuread_group.test.name } `, testAccAzureADGroup_basic(id)) } @@ -109,7 +109,7 @@ func testAccDataSourceAzureADGroup_objectId(id int) string { %s data "azuread_group" "test" { - object_id = "${azuread_group.test.object_id}" + object_id = azuread_group.test.object_id } `, testAccAzureADGroup_basic(id)) } @@ -119,7 +119,7 @@ func testAccDataSourceAzureADGroup_members(id int, password string) string { %s data "azuread_group" "test" { - object_id = "${azuread_group.test.object_id}" + object_id = azuread_group.test.object_id } `, testAccAzureADGroupWithThreeMembers(id, password)) } @@ -129,7 +129,7 @@ func testAccDataSourceAzureADGroup_owners(id int, password string) string { %s data "azuread_group" "test" { - object_id = "${azuread_group.test.object_id}" + object_id = azuread_group.test.object_id } `, testAccAzureADGroupWithThreeOwners(id, password)) } diff --git a/azuread/data_groups_test.go b/azuread/data_groups_test.go index ce428c7a61..81d1788d1f 100644 --- a/azuread/data_groups_test.go +++ b/azuread/data_groups_test.go @@ -84,7 +84,7 @@ func testAccAzureADGroupsDataSource_byDisplayNames(id int) string { %s data "azuread_groups" "test" { - names = ["${azuread_group.testA.name}", "${azuread_group.testB.name}"] + names = [azuread_group.testA.name, azuread_group.testB.name] } `, testAccAzureADGroup_multiple(id)) } @@ -94,7 +94,7 @@ func testAccAzureADGroupsDataSource_byObjectIds(id int) string { %s data "azuread_groups" "test" { - object_ids = ["${azuread_group.testA.object_id}", "${azuread_group.testB.object_id}"] + object_ids = [azuread_group.testA.object_id, azuread_group.testB.object_id] } `, testAccAzureADGroup_multiple(id)) } diff --git a/azuread/data_service_principal_test.go b/azuread/data_service_principal_test.go index 78296f907c..8afbb71029 100644 --- a/azuread/data_service_principal_test.go +++ b/azuread/data_service_principal_test.go @@ -83,7 +83,7 @@ func testAccAzureADServicePrincipalDataSource_byApplicationId(id string) string %s data "azuread_service_principal" "test" { - application_id = "${azuread_service_principal.test.application_id}" + application_id = azuread_service_principal.test.application_id } `, template) } @@ -94,7 +94,7 @@ func testAccAzureADServicePrincipalDataSource_byDisplayName(id string) string { %s data "azuread_service_principal" "test" { - display_name = "${azuread_service_principal.test.display_name}" + display_name = azuread_service_principal.test.display_name } `, template) } @@ -105,7 +105,7 @@ func testAccAzureADServicePrincipalDataSource_byObjectId(id string) string { %s data "azuread_service_principal" "test" { - object_id = "${azuread_service_principal.test.object_id}" + object_id = azuread_service_principal.test.object_id } `, template) } diff --git a/azuread/data_user_test.go b/azuread/data_user_test.go index 5d665f2677..a3303444af 100644 --- a/azuread/data_user_test.go +++ b/azuread/data_user_test.go @@ -81,7 +81,7 @@ func testAccAzureADUserDataSource_byUserPrincipalName(id int, password string) s %s data "azuread_user" "test" { - user_principal_name = "${azuread_user.test.user_principal_name}" + user_principal_name = azuread_user.test.user_principal_name } `, testAccADUser_basic(id, password)) } @@ -91,7 +91,7 @@ func testAccAzureADUserDataSource_byObjectId(id int, password string) string { %s data "azuread_user" "test" { - object_id = "${azuread_user.test.object_id}" + object_id = azuread_user.test.object_id } `, testAccADUser_basic(id, password)) } @@ -101,7 +101,7 @@ func testAccAzureADUserDataSource_byMailNickname(id int, password string) string %s data "azuread_user" "test" { - mail_nickname = "${azuread_user.test.mail_nickname}" + mail_nickname = azuread_user.test.mail_nickname } `, testAccADUser_basic(id, password)) } diff --git a/azuread/data_users_test.go b/azuread/data_users_test.go index bf891c4c92..aa476f2392 100644 --- a/azuread/data_users_test.go +++ b/azuread/data_users_test.go @@ -95,7 +95,7 @@ func testAccAzureADUsersDataSource_byUserPrincipalNames(id int, password string) %s data "azuread_users" "test" { - user_principal_names = ["${azuread_user.testA.user_principal_name}", "${azuread_user.testB.user_principal_name}"] + user_principal_names = [azuread_user.testA.user_principal_name, azuread_user.testB.user_principal_name] } `, testAccADUser_threeUsersABC(id, password)) } @@ -105,7 +105,7 @@ func testAccAzureADUsersDataSource_byObjectIds(id int, password string) string { %s data "azuread_users" "test" { - object_ids = ["${azuread_user.testA.object_id}", "${azuread_user.testB.object_id}"] + object_ids = [azuread_user.testA.object_id, azuread_user.testB.object_id] } `, testAccADUser_threeUsersABC(id, password)) } @@ -115,7 +115,7 @@ func testAccAzureADUsersDataSource_byMailNicknames(id int, password string) stri %s data "azuread_users" "test" { - mail_nicknames = ["${azuread_user.testA.mail_nickname}", "${azuread_user.testB.mail_nickname}"] + mail_nicknames = [azuread_user.testA.mail_nickname, azuread_user.testB.mail_nickname] } `, testAccADUser_threeUsersABC(id, password)) } diff --git a/azuread/resource_application_certificate_test.go b/azuread/resource_application_certificate_test.go index 81e724bd7a..74c049f7e2 100644 --- a/azuread/resource_application_certificate_test.go +++ b/azuread/resource_application_certificate_test.go @@ -236,7 +236,7 @@ func testAccADObjectCertificateApplication_basic(ri int, keyType, endDate, value %s resource "azuread_application_certificate" "test" { - application_object_id = "${azuread_application.test.id}" + application_object_id = azuread_application.test.id type = "%s" end_date = "%s" value = <