Fixed Read method for OrgAccessToken (#354)

### Summary - Fixed Read method to not use req.GetProperties - Added a default value for OrgToken Admin property - Added logic to retrieve more token values from the service - Since actual token value is no longer retrievable after creation, so retrieving it from GetProperties on refresh still (without breaking import though) ### Testing - Manually tested import - `pulumi import pulumiservice:index:OrgAccessToken importedToken service-provider-test-org/mytoken2/0eb9ac4a-1e2c-4055-812d-214e3954a0e8`
pulumi · Jul 22, 2024 · 5f73fd7 · 5f73fd7
1 parent cbcaf4d
commit 5f73fd7
Show file tree

Hide file tree

Showing 11 changed files with 77 additions and 23 deletions.
diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md
@@ -1,3 +1,7 @@
 ### Improvements
 
+### Bug Fixes
+- Fixed import by refactoring Read method of EnvironmentVersionTag resource [311](https://github.com/pulumi/pulumi-pulumiservice/issues/311)
+- Fixed import by refactoring Read method of OrgAccessToken resource [311](https://github.com/pulumi/pulumi-pulumiservice/issues/311)
+
 ### Miscellaneous
diff --git a/examples/yaml-org-token/Pulumi.yaml b/examples/yaml-org-token/Pulumi.yaml
@@ -14,3 +14,4 @@ resources:
       name: test-${rand.result}
       organizationName: service-provider-test-org
       description: "example org access token"
+      admin: false
diff --git a/provider/cmd/pulumi-resource-pulumiservice/schema.json b/provider/cmd/pulumi-resource-pulumiservice/schema.json
@@ -761,7 +761,8 @@
         },
         "admin": {
           "description": "Optional. True if this is an admin token.",
-          "type": "boolean"
+          "type": "boolean",
+          "default": false
         }
       },
       "requiredInputs": [

diff --git a/provider/pkg/internal/pulumiapi/accesstokens.go b/provider/pkg/internal/pulumiapi/accesstokens.go
@@ -23,8 +23,10 @@ import (
 
 type AccessToken struct {
 	ID          string `json:"id"`
+	Name        string `json:"name"`
 	TokenValue  string `json:"tokenValue"`
 	Description string `json:"description"`
+	Admin       bool   `json:"admin"`
 }
 
 type createTokenResponse struct {
@@ -38,8 +40,10 @@ type createTokenRequest struct {
 
 type accessTokenResponse struct {
 	ID          string `json:"id"`
+	Name        string `json:"name"`
 	Description string `json:"description"`
 	LastUsed    int    `json:"lastUsed"`
+	Admin       bool   `json:"admin"`
 }
 
 type listTokenResponse struct {

diff --git a/provider/pkg/internal/pulumiapi/orgtokens.go b/provider/pkg/internal/pulumiapi/orgtokens.go
@@ -103,7 +103,9 @@ func (c *Client) GetOrgAccessToken(ctx context.Context, tokenId, orgName string)
 		if token.ID == tokenId {
 			return &AccessToken{
 				ID:          token.ID,
+				Name:        token.Name,
 				Description: token.Description,
+				Admin:       token.Admin,
 			}, nil
 		}
 	}

diff --git a/provider/pkg/provider/org_access_token.go b/provider/pkg/provider/org_access_token.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 
 	pbempty "google.golang.org/protobuf/types/known/emptypb"
+	"google.golang.org/protobuf/types/known/structpb"
 
 	"github.com/pulumi/pulumi-pulumiservice/provider/pkg/internal/pulumiapi"
 	"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
@@ -24,6 +25,26 @@ type PulumiServiceOrgAccessTokenInput struct {
 	Admin       bool
 }
 
+func GenerateOrgAccessTokenProperties(input PulumiServiceOrgAccessTokenInput, orgAccessToken pulumiapi.AccessToken) (outputs *structpb.Struct, inputs *structpb.Struct, err error) {
+	inputMap := input.ToPropertyMap()
+
+	outputMap := inputMap.Copy()
+	outputMap["__inputs"] = resource.NewObjectProperty(inputMap)
+	outputMap["value"] = resource.MakeSecret(resource.NewPropertyValue(orgAccessToken.TokenValue))
+
+	inputs, err = plugin.MarshalProperties(inputMap, plugin.MarshalOptions{})
+	if err != nil {
+		return nil, nil, err
+	}
+
+	outputs, err = plugin.MarshalProperties(outputMap, plugin.MarshalOptions{})
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return outputs, inputs, err
+}
+
 func (i *PulumiServiceOrgAccessTokenInput) ToPropertyMap() resource.PropertyMap {
 	pm := resource.PropertyMap{}
 	pm["name"] = resource.NewPropertyValue(i.Name)
@@ -76,39 +97,26 @@ func (ot *PulumiServiceOrgAccessTokenResource) Delete(req *pulumirpc.DeleteReque
 
 func (ot *PulumiServiceOrgAccessTokenResource) Create(req *pulumirpc.CreateRequest) (*pulumirpc.CreateResponse, error) {
 	ctx := context.Background()
-	inputs, err := plugin.UnmarshalProperties(req.GetProperties(), plugin.MarshalOptions{KeepUnknowns: true, SkipNulls: true})
+	inputMap, err := plugin.UnmarshalProperties(req.GetProperties(), plugin.MarshalOptions{KeepUnknowns: true, SkipNulls: true})
 	if err != nil {
 		return nil, err
 	}
 
-	inputsAccessToken := ot.ToPulumiServiceOrgAccessTokenInput(inputs)
+	input := ot.ToPulumiServiceOrgAccessTokenInput(inputMap)
 
-	accessToken, err := ot.createOrgAccessToken(ctx, inputsAccessToken)
+	accessToken, err := ot.createOrgAccessToken(ctx, input)
 	if err != nil {
-		return nil, fmt.Errorf("error creating access token '%s': %s", inputsAccessToken.Name, err.Error())
+		return nil, fmt.Errorf("error creating access token '%s': %s", input.Name, err.Error())
 	}
 
-	outputStore := resource.PropertyMap{}
-	outputStore["__inputs"] = resource.NewObjectProperty(inputs)
-	outputStore["name"] = inputs["name"]
-	outputStore["organizationName"] = inputs["organizationName"]
-	outputStore["description"] = inputs["description"]
-	outputStore["admin"] = inputs["admin"]
-	outputStore["value"] = resource.NewPropertyValue(accessToken.TokenValue)
-
-	outputProperties, err := plugin.MarshalProperties(
-		outputStore,
-		plugin.MarshalOptions{},
-	)
+	outputs, _, err := GenerateOrgAccessTokenProperties(input, *accessToken)
 	if err != nil {
 		return nil, err
 	}
 
-	urn := fmt.Sprintf(inputsAccessToken.OrgName + "/" + inputsAccessToken.Name + "/" + accessToken.ID)
-
 	return &pulumirpc.CreateResponse{
-		Id:         urn,
-		Properties: outputProperties,
+		Id:         fmt.Sprintf("%s/%s/%s", input.OrgName, input.Name, accessToken.ID),
+		Properties: outputs,
 	}, nil
 
 }
@@ -127,6 +135,9 @@ func (ot *PulumiServiceOrgAccessTokenResource) Read(req *pulumirpc.ReadRequest)
 	urn := req.GetId()
 
 	orgName, _, tokenId, err := splitOrgAccessTokenId(urn)
+	if err != nil {
+		return nil, err
+	}
 
 	// the org access token is immutable; if we get nil it got deleted, otherwise all data is the same
 	accessToken, err := ot.client.GetOrgAccessToken(ctx, tokenId, orgName)
@@ -137,9 +148,30 @@ func (ot *PulumiServiceOrgAccessTokenResource) Read(req *pulumirpc.ReadRequest)
 		return &pulumirpc.ReadResponse{}, nil
 	}
 
+	var input = PulumiServiceOrgAccessTokenInput{
+		Name:        accessToken.Name,
+		OrgName:     orgName,
+		Description: accessToken.Description,
+		Admin:       accessToken.Admin,
+	}
+
+	propertyMap, err := plugin.UnmarshalProperties(req.GetProperties(), plugin.MarshalOptions{KeepUnknowns: true, SkipNulls: true, KeepSecrets: true})
+	if err != nil {
+		return nil, err
+	}
+	if propertyMap["value"].HasValue() {
+		accessToken.TokenValue = getSecretOrStringValue(propertyMap["value"])
+	}
+
+	outputs, inputs, err := GenerateOrgAccessTokenProperties(input, *accessToken)
+	if err != nil {
+		return nil, err
+	}
+
 	return &pulumirpc.ReadResponse{
 		Id:         req.GetId(),
-		Properties: req.GetProperties(),
+		Properties: outputs,
+		Inputs:     inputs,
 	}, nil
 }
 

diff --git a/sdk/dotnet/OrgAccessToken.cs b/sdk/dotnet/OrgAccessToken.cs
diff --git a/sdk/go/pulumiservice/orgAccessToken.go b/sdk/go/pulumiservice/orgAccessToken.go
diff --git a/sdk/java/src/main/java/com/pulumi/pulumiservice/OrgAccessTokenArgs.java b/sdk/java/src/main/java/com/pulumi/pulumiservice/OrgAccessTokenArgs.java
diff --git a/sdk/nodejs/orgAccessToken.ts b/sdk/nodejs/orgAccessToken.ts
diff --git a/sdk/python/pulumi_pulumiservice/org_access_token.py b/sdk/python/pulumi_pulumiservice/org_access_token.py