diff --git a/.github/workflows/build-release-import-script.yml b/.github/workflows/build-release-import-script.yml index 68f5fbb0..4b1e23e0 100644 --- a/.github/workflows/build-release-import-script.yml +++ b/.github/workflows/build-release-import-script.yml @@ -80,7 +80,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ steps.get_version.outputs.VERSION }} - release_name: Release Astro Import Script ${{ steps.get_version.outputs.VERSION }} + release_name: Astro Import Script ${{ steps.get_version.outputs.VERSION }} draft: false prerelease: false diff --git a/.github/workflows/testacc.yml b/.github/workflows/testacc.yml index de4cb2f3..d25c9072 100644 --- a/.github/workflows/testacc.yml +++ b/.github/workflows/testacc.yml @@ -94,6 +94,7 @@ jobs: HOSTED_USER_ID: clz3a4ymt004x01on8w5ydq8j HOSTED_DUMMY_USER_ID: clzawipbm00bm01qw98vzzoca HOSTED_DEPLOYMENT_ID: clyn6kxud003x01mtxmccegnh + HOSTED_STANDARD_DEPLOYMENT_ID: cm070pg0r00wd01qgnskk0dir HOSTED_WORKSPACE_ID: clx42sxw501gl01o0gjenthnh HOSTED_API_TOKEN_ID: clxm4836f00ql01me3nigmcr6 TESTARGS: "-failfast" @@ -145,6 +146,7 @@ jobs: HOSTED_USER_ID: clz3a95hw00j301jj5jfmcgwd HOSTED_DUMMY_USER_ID: clzawlsb701vv01ikvsqz5mws HOSTED_DEPLOYMENT_ID: cly6exz4a00zd01k18t5bo1vf + HOSTED_STANDARD_DEPLOYMENT_ID: cm077ee2807g301kpjkqdoc15 HOSTED_WORKSPACE_ID: clx480rvx068u01j9mp7t7fqh HOSTED_API_TOKEN_ID: clxm46ged05b301neuucdqwox TESTARGS: "-failfast" @@ -196,6 +198,7 @@ jobs: HOSTED_USER_ID: clz3a4ymt004x01on8w5ydq8j HOSTED_DUMMY_USER_ID: clzawipbm00bm01qw98vzzoca HOSTED_DEPLOYMENT_ID: clyn6kxud003x01mtxmccegnh + HOSTED_STANDARD_DEPLOYMENT_ID: cm070pg0r00wd01qgnskk0dir HOSTED_WORKSPACE_ID: clx42sxw501gl01o0gjenthnh HOSTED_API_TOKEN_ID: clxm4836f00ql01me3nigmcr6 TESTARGS: "-failfast" diff --git a/README.md b/README.md index 2daf6683..9ca029fc 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ## Requirements -- [Terraform](https://developer.hashicorp.com/terraform/downloads) >= 1.0 +- [Terraform](https://developer.hashicorp.com/terraform/downloads) >= 1.7 - [Go](https://golang.org/doc/install) >= 1.21 ## Building The Provider diff --git a/internal/provider/common/role.go b/internal/provider/common/role.go index 29cbcc2c..8d4dcb87 100644 --- a/internal/provider/common/role.go +++ b/internal/provider/common/role.go @@ -120,6 +120,7 @@ func ValidateWorkspaceDeploymentRoles(ctx context.Context, input ValidateWorkspa deploymentWorkspaceIds := lo.Map(listDeployments.JSON200.Deployments, func(deployment platform.Deployment, _ int) string { return deployment.WorkspaceId }) + deploymentWorkspaceIds = lo.Uniq(deploymentWorkspaceIds) // get list of workspaceIds workspaceIds := lo.Map(input.WorkspaceRoles, func(role iam.WorkspaceRole, _ int) string { @@ -127,7 +128,7 @@ func ValidateWorkspaceDeploymentRoles(ctx context.Context, input ValidateWorkspa }) // check if deploymentWorkspaceIds are in workspaceIds - workspaceIds = lo.Intersect(lo.Uniq(workspaceIds), lo.Uniq(deploymentWorkspaceIds)) + workspaceIds = lo.Intersect(lo.Uniq(workspaceIds), deploymentWorkspaceIds) if len(workspaceIds) != len(deploymentWorkspaceIds) { tflog.Error(ctx, "failed to mutate roles") return diag.Diagnostics{diag.NewErrorDiagnostic( diff --git a/internal/provider/resources/resource_user_roles_test.go b/internal/provider/resources/resource_user_roles_test.go index 3cd9b53e..a8ad5f10 100644 --- a/internal/provider/resources/resource_user_roles_test.go +++ b/internal/provider/resources/resource_user_roles_test.go @@ -21,6 +21,7 @@ import ( func TestAcc_ResourceUserRoles(t *testing.T) { workspaceId := os.Getenv("HOSTED_WORKSPACE_ID") deploymentId := os.Getenv("HOSTED_DEPLOYMENT_ID") + standardDeploymentId := os.Getenv("HOSTED_STANDARD_DEPLOYMENT_ID") userId := os.Getenv("HOSTED_DUMMY_USER_ID") tfVarName := fmt.Sprintf("astro_user_roles.%v", userId) resource.Test(t, resource.TestCase{ @@ -130,6 +131,59 @@ func TestAcc_ResourceUserRoles(t *testing.T) { ), ), }, + // Check that multiple deployment roles under one workspace are correctly set + { + Config: astronomerprovider.ProviderConfig(t, astronomerprovider.HOSTED) + + userRoles(userRolesInput{ + OrganizationRole: string(iam.ORGANIZATIONOWNER), + WorkspaceRoles: []utils.Role{ + { + Role: string(iam.WORKSPACEOWNER), + EntityId: workspaceId, + }, + }, + DeploymentRoles: []utils.Role{ + { + Role: "DEPLOYMENT_ADMIN", + EntityId: deploymentId, + }, + { + Role: "DEPLOYMENT_ADMIN", + EntityId: standardDeploymentId, + }, + }, + }), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(tfVarName, "user_id", userId), + resource.TestCheckResourceAttr(tfVarName, "organization_role", string(iam.ORGANIZATIONOWNER)), + resource.TestCheckResourceAttr(tfVarName, "workspace_roles.#", "1"), + resource.TestCheckResourceAttr(tfVarName, "deployment_roles.#", "2"), + resource.TestCheckResourceAttr(tfVarName, "workspace_roles.0.role", string(iam.WORKSPACEOWNER)), + resource.TestCheckResourceAttr(tfVarName, "deployment_roles.0.role", "DEPLOYMENT_ADMIN"), + resource.TestCheckResourceAttr(tfVarName, "deployment_roles.1.role", "DEPLOYMENT_ADMIN"), + + // Check via API that user has correct roles + testAccCheckUserRolesCorrect(t, + string(iam.ORGANIZATIONOWNER), + []utils.Role{ + { + Role: string(iam.WORKSPACEOWNER), + EntityId: workspaceId, + }, + }, + []utils.Role{ + { + Role: "DEPLOYMENT_ADMIN", + EntityId: deploymentId, + }, + { + Role: "DEPLOYMENT_ADMIN", + EntityId: standardDeploymentId, + }, + }, + ), + ), + }, // Import existing user_roles and check it is correctly imported - https://stackoverflow.com/questions/68824711/how-can-i-test-terraform-import-in-acceptance-tests { ResourceName: tfVarName,