INTMDB-543: LDAP Config and LDAP Verify Resources Fix (#1004)

martinstibbe · web-flow · commit 7d368d814f6f · 2023-01-19T10:54:57.000-06:00
* Update for breaking change in mongodb go library

* go mod tidy

* Update error logging and constant
diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/mongodb/terraform-provider-mongodbatlas
 go 1.18
 
 require (
+	github.com/aws/aws-sdk-go v1.40.56
 	github.com/go-test/deep v1.1.0
 	github.com/gruntwork-io/terratest v0.41.7
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1
@@ -11,7 +12,7 @@ require (
 	github.com/mwielbut/pointy v1.1.0
 	github.com/spf13/cast v1.5.0
 	github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20210625132053-af2d5c0ad54f
-	go.mongodb.org/atlas v0.20.1-0.20221216175724-08be1f503b9a
+	go.mongodb.org/atlas v0.21.0
 	go.mongodb.org/realm v0.1.0
 )
 
@@ -26,7 +27,6 @@ require (
 	github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 // indirect
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
-	github.com/aws/aws-sdk-go v1.40.56 // indirect
 	github.com/beevik/etree v1.1.0 // indirect
 	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
diff --git a/go.sum b/go.sum
@@ -919,12 +919,8 @@ go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/etcd v0.0.0-20200513171258-e048e166ab9c/go.mod h1:xCI7ZzBfRuGgBXyXO6yfWfDmlWd35khcWpUa4L0xI/k=
 go.mongodb.org/atlas v0.12.0/go.mod h1:wVCnHcm/7/IfTjEB6K8K35PLG70yGz8BdkRwX0oK9/M=
-go.mongodb.org/atlas v0.19.1-0.20221216041907-cf0875bb4b4b h1:frOL6IVpql4z1ApvVPZ2DaqkPp//Ez6LLOjB4r868BE=
-go.mongodb.org/atlas v0.19.1-0.20221216041907-cf0875bb4b4b/go.mod h1:XTjsxWgoOSwaZrQUvhTEuwjymxnF0r12RPibZuW1Uts=
-go.mongodb.org/atlas v0.19.1-0.20221216044137-9eeca171e6ce h1:7/vO1GEEQkCFgfBm5fNXh7P0smTuIk6ebC7nlnFKVHI=
-go.mongodb.org/atlas v0.19.1-0.20221216044137-9eeca171e6ce/go.mod h1:XTjsxWgoOSwaZrQUvhTEuwjymxnF0r12RPibZuW1Uts=
-go.mongodb.org/atlas v0.20.1-0.20221216175724-08be1f503b9a h1:bM1g5SMFRebki6zPratsKPXmtPPUxYEZkPLFp3BD0cI=
-go.mongodb.org/atlas v0.20.1-0.20221216175724-08be1f503b9a/go.mod h1:XTjsxWgoOSwaZrQUvhTEuwjymxnF0r12RPibZuW1Uts=
+go.mongodb.org/atlas v0.21.0 h1:7Wi8Yy3hJGAyMvb8vZZjoYaQ89l58GCmIx5ppxtrrqc=
+go.mongodb.org/atlas v0.21.0/go.mod h1:XTjsxWgoOSwaZrQUvhTEuwjymxnF0r12RPibZuW1Uts=
 go.mongodb.org/realm v0.1.0 h1:zJiXyLaZrznQ+Pz947ziSrDKUep39DO4SfA0Fzx8M4M=
 go.mongodb.org/realm v0.1.0/go.mod h1:4Vj6iy+Puo1TDERcoh4XZ+pjtwbOzPpzqy3Cwe8ZmDM=
 go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o=
diff --git a/mongodbatlas/provider.go b/mongodbatlas/provider.go
@@ -35,6 +35,10 @@ var (
 	baseURL               = ""
 )
 
+const (
+	endPointSTSDefault = "https://sts.amazonaws.com"
+)
+
 type SecretData struct {
 	PublicKey  string `json:"public_key"`
 	PrivateKey string `json:"private_key"`
@@ -318,7 +322,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{}
 func configureCredentialsSTS(config *Config, secret, region, awsAccessKeyID, awsSecretAccessKey, awsSessionToken, endpoint string) (Config, error) {
 	ep, err := endpoints.GetSTSRegionalEndpoint("regional")
 	if err != nil {
-		fmt.Printf("GetSTSRegionalEndpoint error: %s", err)
+		log.Printf("GetSTSRegionalEndpoint error: %s", err)
 		return *config, err
 	}
 
@@ -327,7 +331,7 @@ func configureCredentialsSTS(config *Config, secret, region, awsAccessKeyID, aws
 		if service == endpoints.StsServiceID {
 			if endpoint == "" {
 				return endpoints.ResolvedEndpoint{
-					URL:           "https://sts.amazonaws.com",
+					URL:           endPointSTSDefault,
 					SigningRegion: region,
 				}, nil
 			}
@@ -353,17 +357,17 @@ func configureCredentialsSTS(config *Config, secret, region, awsAccessKeyID, aws
 
 	_, err = sess.Config.Credentials.Get()
 	if err != nil {
-		fmt.Printf("Session get credentials error: %s", err)
+		log.Printf("Session get credentials error: %s", err)
 		return *config, err
 	}
 	_, err = creds.Get()
 	if err != nil {
-		fmt.Printf("STS get credentials error: %s", err)
+		log.Printf("STS get credentials error: %s", err)
 		return *config, err
 	}
 	secretString, err := secretsManagerGetSecretValue(sess, &aws.Config{Credentials: creds, Region: aws.String(region)}, secret)
 	if err != nil {
-		fmt.Printf("Get Secrets error: %s", err)
+		log.Printf("Get Secrets error: %s", err)
 		return *config, err
 	}
 
@@ -397,25 +401,24 @@ func secretsManagerGetSecretValue(sess *session.Session, creds *aws.Config, secr
 		if aerr, ok := err.(awserr.Error); ok {
 			switch aerr.Code() {
 			case secretsmanager.ErrCodeResourceNotFoundException:
-				fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error())
+				log.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error())
 			case secretsmanager.ErrCodeInvalidParameterException:
-				fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error())
+				log.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error())
 			case secretsmanager.ErrCodeInvalidRequestException:
-				fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error())
+				log.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error())
 			case secretsmanager.ErrCodeDecryptionFailure:
-				fmt.Println(secretsmanager.ErrCodeDecryptionFailure, aerr.Error())
+				log.Println(secretsmanager.ErrCodeDecryptionFailure, aerr.Error())
 			case secretsmanager.ErrCodeInternalServiceError:
-				fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error())
+				log.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error())
 			default:
-				fmt.Println(aerr.Error())
+				log.Println(aerr.Error())
 			}
 		} else {
-			fmt.Println(err.Error())
+			log.Println(err.Error())
 		}
 		return "", err
 	}
 
-	fmt.Println(result)
 	return *result.SecretString, err
 }
 
diff --git a/mongodbatlas/resource_mongodbatlas_ldap_configuration.go b/mongodbatlas/resource_mongodbatlas_ldap_configuration.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/mwielbut/pointy"
 	matlas "go.mongodb.org/atlas/mongodbatlas"
 )
 
@@ -104,35 +105,35 @@ func resourceMongoDBAtlasLDAPConfigurationCreate(ctx context.Context, d *schema.
 	ldap := &matlas.LDAP{}
 
 	if v, ok := d.GetOk("authentication_enabled"); ok {
-		ldap.AuthenticationEnabled = v.(bool)
+		ldap.AuthenticationEnabled = pointy.Bool(v.(bool))
 	}
 
 	if v, ok := d.GetOk("authorization_enabled"); ok {
-		ldap.AuthorizationEnabled = v.(bool)
+		ldap.AuthorizationEnabled = pointy.Bool(v.(bool))
 	}
 
 	if v, ok := d.GetOk("hostname"); ok {
-		ldap.Hostname = v.(string)
+		ldap.Hostname = pointy.String(v.(string))
 	}
 
 	if v, ok := d.GetOk("port"); ok {
-		ldap.Port = v.(int)
+		ldap.Port = pointy.Int(v.(int))
 	}
 
 	if v, ok := d.GetOk("bind_username"); ok {
-		ldap.BindUsername = v.(string)
+		ldap.BindUsername = pointy.String(v.(string))
 	}
 
 	if v, ok := d.GetOk("bind_password"); ok {
-		ldap.BindPassword = v.(string)
+		ldap.BindPassword = pointy.String(v.(string))
 	}
 
 	if v, ok := d.GetOk("ca_certificate"); ok {
-		ldap.CaCertificate = v.(string)
+		ldap.CaCertificate = pointy.String(v.(string))
 	}
 
 	if v, ok := d.GetOk("authz_query_template"); ok {
-		ldap.AuthzQueryTemplate = v.(string)
+		ldap.AuthzQueryTemplate = pointy.String(v.(string))
 	}
 
 	if v, ok := d.GetOk("user_to_dn_mapping"); ok {
@@ -201,35 +202,35 @@ func resourceMongoDBAtlasLDAPConfigurationUpdate(ctx context.Context, d *schema.
 	ldap := &matlas.LDAP{}
 
 	if d.HasChange("authentication_enabled") {
-		ldap.AuthenticationEnabled = d.Get("").(bool)
+		ldap.AuthenticationEnabled = pointy.Bool(d.Get("").(bool))
 	}
 
 	if d.HasChange("authorization_enabled") {
-		ldap.AuthorizationEnabled = d.Get("authorization_enabled").(bool)
+		ldap.AuthorizationEnabled = pointy.Bool(d.Get("authorization_enabled").(bool))
 	}
 
 	if d.HasChange("hostname") {
-		ldap.Hostname = d.Get("hostname").(string)
+		ldap.Hostname = pointy.String(d.Get("hostname").(string))
 	}
 
 	if d.HasChange("port") {
-		ldap.Port = d.Get("port").(int)
+		ldap.Port = pointy.Int(d.Get("port").(int))
 	}
 
 	if d.HasChange("bind_username") {
-		ldap.BindUsername = d.Get("bind_username").(string)
+		ldap.BindUsername = pointy.String(d.Get("bind_username").(string))
 	}
 
 	if d.HasChange("bind_password") {
-		ldap.BindPassword = d.Get("bind_password").(string)
+		ldap.BindPassword = pointy.String(d.Get("bind_password").(string))
 	}
 
 	if d.HasChange("ca_certificate") {
-		ldap.CaCertificate = d.Get("ca_certificate").(string)
+		ldap.CaCertificate = pointy.String(d.Get("ca_certificate").(string))
 	}
 
 	if d.HasChange("authz_query_template") {
-		ldap.AuthzQueryTemplate = d.Get("authz_query_template").(string)
+		ldap.AuthzQueryTemplate = pointy.String(d.Get("authz_query_template").(string))
 	}
 
 	if d.HasChange("user_to_dn_mapping") {
diff --git a/mongodbatlas/resource_mongodbatlas_ldap_verify.go b/mongodbatlas/resource_mongodbatlas_ldap_verify.go
@@ -10,6 +10,7 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/mwielbut/pointy"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	matlas "go.mongodb.org/atlas/mongodbatlas"
@@ -118,22 +119,22 @@ func resourceMongoDBAtlasLDAPVerifyCreate(ctx context.Context, d *schema.Resourc
 	ldapReq := &matlas.LDAP{}
 
 	if v, ok := d.GetOk("hostname"); ok {
-		ldapReq.Hostname = v.(string)
+		ldapReq.Hostname = pointy.String(v.(string))
 	}
 	if v, ok := d.GetOk("port"); ok {
-		ldapReq.Port = v.(int)
+		ldapReq.Port = pointy.Int(v.(int))
 	}
 	if v, ok := d.GetOk("bind_username"); ok {
-		ldapReq.BindUsername = v.(string)
+		ldapReq.BindUsername = pointy.String(v.(string))
 	}
 	if v, ok := d.GetOk("bind_password"); ok {
-		ldapReq.BindPassword = v.(string)
+		ldapReq.BindPassword = pointy.String(v.(string))
 	}
 	if v, ok := d.GetOk("ca_certificate"); ok {
-		ldapReq.CaCertificate = v.(string)
+		ldapReq.CaCertificate = pointy.String(v.(string))
 	}
 	if v, ok := d.GetOk("authz_query_template"); ok {
-		ldapReq.AuthzQueryTemplate = v.(string)
+		ldapReq.AuthzQueryTemplate = pointy.String(v.(string))
 	}
 
 	ldap, _, err := conn.LDAPConfigurations.Verify(ctx, projectID, ldapReq)

-Original file line number
+Diff line change
 go 1.18
 require (
 +	github.com/aws/aws-sdk-go v1.40.56
 	github.com/go-test/deep v1.1.0
 	github.com/gruntwork-io/terratest v0.41.7
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.1
 	github.com/mwielbut/pointy v1.1.0
 	github.com/spf13/cast v1.5.0
 	github.com/terraform-providers/terraform-provider-aws v1.60.1-0.20210625132053-af2d5c0ad54f
 -	go.mongodb.org/atlas v0.20.1-0.20221216175724-08be1f503b9a
 +	go.mongodb.org/atlas v0.21.0
 	go.mongodb.org/realm v0.1.0
+)
 	github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 // indirect
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
 -	github.com/aws/aws-sdk-go v1.40.56 // indirect
 	github.com/beevik/etree v1.1.0 // indirect
 	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ import (`
`7`	`7`
`8`	`8`	`"github.com/hashicorp/terraform-plugin-sdk/v2/diag"`
`9`	`9`	`"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"`
	`10`	`+ "github.com/mwielbut/pointy"`
`10`	`11`	`matlas "go.mongodb.org/atlas/mongodbatlas"`
`11`	`12`	`)`
`12`	`13`
`@@ -104,35 +105,35 @@ func resourceMongoDBAtlasLDAPConfigurationCreate(ctx context.Context, d *schema.`
`104`	`105`	`ldap := &matlas.LDAP{}`
`105`	`106`
`106`	`107`	`if v, ok := d.GetOk("authentication_enabled"); ok {`
`107`		`- ldap.AuthenticationEnabled = v.(bool)`
	`108`	`+ ldap.AuthenticationEnabled = pointy.Bool(v.(bool))`
`108`	`109`	`}`
`109`	`110`
`110`	`111`	`if v, ok := d.GetOk("authorization_enabled"); ok {`
`111`		`- ldap.AuthorizationEnabled = v.(bool)`
	`112`	`+ ldap.AuthorizationEnabled = pointy.Bool(v.(bool))`
`112`	`113`	`}`
`113`	`114`
`114`	`115`	`if v, ok := d.GetOk("hostname"); ok {`
`115`		`- ldap.Hostname = v.(string)`
	`116`	`+ ldap.Hostname = pointy.String(v.(string))`
`116`	`117`	`}`
`117`	`118`
`118`	`119`	`if v, ok := d.GetOk("port"); ok {`
`119`		`- ldap.Port = v.(int)`
	`120`	`+ ldap.Port = pointy.Int(v.(int))`
`120`	`121`	`}`
`121`	`122`
`122`	`123`	`if v, ok := d.GetOk("bind_username"); ok {`
`123`		`- ldap.BindUsername = v.(string)`
	`124`	`+ ldap.BindUsername = pointy.String(v.(string))`
`124`	`125`	`}`
`125`	`126`
`126`	`127`	`if v, ok := d.GetOk("bind_password"); ok {`
`127`		`- ldap.BindPassword = v.(string)`
	`128`	`+ ldap.BindPassword = pointy.String(v.(string))`
`128`	`129`	`}`
`129`	`130`
`130`	`131`	`if v, ok := d.GetOk("ca_certificate"); ok {`
`131`		`- ldap.CaCertificate = v.(string)`
	`132`	`+ ldap.CaCertificate = pointy.String(v.(string))`
`132`	`133`	`}`
`133`	`134`
`134`	`135`	`if v, ok := d.GetOk("authz_query_template"); ok {`
`135`		`- ldap.AuthzQueryTemplate = v.(string)`
	`136`	`+ ldap.AuthzQueryTemplate = pointy.String(v.(string))`
`136`	`137`	`}`
`137`	`138`
`138`	`139`	`if v, ok := d.GetOk("user_to_dn_mapping"); ok {`
`@@ -201,35 +202,35 @@ func resourceMongoDBAtlasLDAPConfigurationUpdate(ctx context.Context, d *schema.`
`201`	`202`	`ldap := &matlas.LDAP{}`
`202`	`203`
`203`	`204`	`if d.HasChange("authentication_enabled") {`
`204`		`- ldap.AuthenticationEnabled = d.Get("").(bool)`
	`205`	`+ ldap.AuthenticationEnabled = pointy.Bool(d.Get("").(bool))`
`205`	`206`	`}`
`206`	`207`
`207`	`208`	`if d.HasChange("authorization_enabled") {`
`208`		`- ldap.AuthorizationEnabled = d.Get("authorization_enabled").(bool)`
	`209`	`+ ldap.AuthorizationEnabled = pointy.Bool(d.Get("authorization_enabled").(bool))`
`209`	`210`	`}`
`210`	`211`
`211`	`212`	`if d.HasChange("hostname") {`
`212`		`- ldap.Hostname = d.Get("hostname").(string)`
	`213`	`+ ldap.Hostname = pointy.String(d.Get("hostname").(string))`
`213`	`214`	`}`
`214`	`215`
`215`	`216`	`if d.HasChange("port") {`
`216`		`- ldap.Port = d.Get("port").(int)`
	`217`	`+ ldap.Port = pointy.Int(d.Get("port").(int))`
`217`	`218`	`}`
`218`	`219`
`219`	`220`	`if d.HasChange("bind_username") {`
`220`		`- ldap.BindUsername = d.Get("bind_username").(string)`
	`221`	`+ ldap.BindUsername = pointy.String(d.Get("bind_username").(string))`
`221`	`222`	`}`
`222`	`223`
`223`	`224`	`if d.HasChange("bind_password") {`
`224`		`- ldap.BindPassword = d.Get("bind_password").(string)`
	`225`	`+ ldap.BindPassword = pointy.String(d.Get("bind_password").(string))`
`225`	`226`	`}`
`226`	`227`
`227`	`228`	`if d.HasChange("ca_certificate") {`
`228`		`- ldap.CaCertificate = d.Get("ca_certificate").(string)`
	`229`	`+ ldap.CaCertificate = pointy.String(d.Get("ca_certificate").(string))`
`229`	`230`	`}`
`230`	`231`
`231`	`232`	`if d.HasChange("authz_query_template") {`
`232`		`- ldap.AuthzQueryTemplate = d.Get("authz_query_template").(string)`
	`233`	`+ ldap.AuthzQueryTemplate = pointy.String(d.Get("authz_query_template").(string))`
`233`	`234`	`}`
`234`	`235`
`235`	`236`	`if d.HasChange("user_to_dn_mapping") {`
Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,7 @@ import (`
`10`	`10`
`11`	`11`	`"github.com/hashicorp/terraform-plugin-sdk/v2/diag"`
`12`	`12`	`"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"`
	`13`	`+ "github.com/mwielbut/pointy"`
`13`	`14`
`14`	`15`	`"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"`
`15`	`16`	`matlas "go.mongodb.org/atlas/mongodbatlas"`
`@@ -118,22 +119,22 @@ func resourceMongoDBAtlasLDAPVerifyCreate(ctx context.Context, d *schema.Resourc`
`118`	`119`	`ldapReq := &matlas.LDAP{}`
`119`	`120`
`120`	`121`	`if v, ok := d.GetOk("hostname"); ok {`
`121`		`- ldapReq.Hostname = v.(string)`
	`122`	`+ ldapReq.Hostname = pointy.String(v.(string))`
`122`	`123`	`}`
`123`	`124`	`if v, ok := d.GetOk("port"); ok {`
`124`		`- ldapReq.Port = v.(int)`
	`125`	`+ ldapReq.Port = pointy.Int(v.(int))`
`125`	`126`	`}`
`126`	`127`	`if v, ok := d.GetOk("bind_username"); ok {`
`127`		`- ldapReq.BindUsername = v.(string)`
	`128`	`+ ldapReq.BindUsername = pointy.String(v.(string))`
`128`	`129`	`}`
`129`	`130`	`if v, ok := d.GetOk("bind_password"); ok {`
`130`		`- ldapReq.BindPassword = v.(string)`
	`131`	`+ ldapReq.BindPassword = pointy.String(v.(string))`
`131`	`132`	`}`
`132`	`133`	`if v, ok := d.GetOk("ca_certificate"); ok {`
`133`		`- ldapReq.CaCertificate = v.(string)`
	`134`	`+ ldapReq.CaCertificate = pointy.String(v.(string))`
`134`	`135`	`}`
`135`	`136`	`if v, ok := d.GetOk("authz_query_template"); ok {`
`136`		`- ldapReq.AuthzQueryTemplate = v.(string)`
	`137`	`+ ldapReq.AuthzQueryTemplate = pointy.String(v.(string))`
`137`	`138`	`}`
`138`	`139`
`139`	`140`	`ldap, _, err := conn.LDAPConfigurations.Verify(ctx, projectID, ldapReq)`