provider/pagerduty: Validate credentials (#12854)

* Validate credentials

* Add ability to skip validation

* Update provider documentation

* invalidCredentials -> invalidCreds

* Include original error message

* Update description for skip_credentials_validation

* Add config test

* set skip_credentials_validation default to false
This commit is contained in:
Alexander 2017-03-19 18:37:46 +01:00 committed by Paul Stack
parent 4759b51132
commit ca517543f2
5 changed files with 72 additions and 1 deletions

View File

@ -1,6 +1,7 @@
package pagerduty package pagerduty
import ( import (
"fmt"
"log" "log"
"github.com/PagerDuty/go-pagerduty" "github.com/PagerDuty/go-pagerduty"
@ -8,13 +9,40 @@ import (
// Config defines the configuration options for the PagerDuty client // Config defines the configuration options for the PagerDuty client
type Config struct { type Config struct {
// The PagerDuty API V2 token
Token string Token string
// Skip validation of the token against the PagerDuty API
SkipCredsValidation bool
} }
const invalidCreds = `
No valid credentials found for PagerDuty provider.
Please see https://www.terraform.io/docs/providers/pagerduty/index.html
for more information on providing credentials for this provider.
`
// Client returns a new PagerDuty client // Client returns a new PagerDuty client
func (c *Config) Client() (*pagerduty.Client, error) { func (c *Config) Client() (*pagerduty.Client, error) {
// Validate that the PagerDuty token is set
if c.Token == "" {
return nil, fmt.Errorf(invalidCreds)
}
client := pagerduty.NewClient(c.Token) client := pagerduty.NewClient(c.Token)
if !c.SkipCredsValidation {
// Validate the credentials by calling the abilities endpoint,
// if we get a 401 response back we return an error to the user
if _, err := client.ListAbilities(); err != nil {
if isUnauthorized(err) {
return nil, fmt.Errorf(fmt.Sprintf("%s\n%s", err, invalidCreds))
}
return nil, err
}
}
log.Printf("[INFO] PagerDuty client configured") log.Printf("[INFO] PagerDuty client configured")
return client, nil return client, nil

View File

@ -0,0 +1,28 @@
package pagerduty
import (
"testing"
)
// Test config with an empty token
func TestConfigEmptyToken(t *testing.T) {
config := Config{
Token: "",
}
if _, err := config.Client(); err == nil {
t.Fatalf("expected error, but got nil")
}
}
// Test config with invalid token but with SkipCredsValidation
func TestConfigSkipCredsValidation(t *testing.T) {
config := Config{
Token: "foo",
SkipCredsValidation: true,
}
if _, err := config.Client(); err != nil {
t.Fatalf("error: expected the client to not fail: %v", err)
}
}

View File

@ -9,3 +9,7 @@ func isNotFound(err error) bool {
return false return false
} }
func isUnauthorized(err error) bool {
return strings.Contains(err.Error(), "HTTP response code: 401")
}

View File

@ -16,6 +16,12 @@ func Provider() terraform.ResourceProvider {
Required: true, Required: true,
DefaultFunc: schema.EnvDefaultFunc("PAGERDUTY_TOKEN", nil), DefaultFunc: schema.EnvDefaultFunc("PAGERDUTY_TOKEN", nil),
}, },
"skip_credentials_validation": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
}, },
DataSourcesMap: map[string]*schema.Resource{ DataSourcesMap: map[string]*schema.Resource{
@ -40,7 +46,11 @@ func Provider() terraform.ResourceProvider {
} }
func providerConfigure(data *schema.ResourceData) (interface{}, error) { func providerConfigure(data *schema.ResourceData) (interface{}, error) {
config := Config{Token: data.Get("token").(string)} config := Config{
Token: data.Get("token").(string),
SkipCredsValidation: data.Get("skip_credentials_validation").(bool),
}
log.Println("[INFO] Initializing PagerDuty client") log.Println("[INFO] Initializing PagerDuty client")
return config.Client() return config.Client()
} }

View File

@ -39,3 +39,4 @@ resource "pagerduty_user" "earline" {
The following arguments are supported: The following arguments are supported:
* `token` - (Required) The v2 authorization token. See [API Documentation](https://v2.developer.pagerduty.com/docs/authentication) for more information. * `token` - (Required) The v2 authorization token. See [API Documentation](https://v2.developer.pagerduty.com/docs/authentication) for more information.
* `skip_credentials_validation` - (Optional) Skip validation of the token against the PagerDuty API.