resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

backend/azurerm: removing the `arm_` prefix from keys (#19448) 

* backend/azurerm: removing the `arm_` prefix from keys

* removing the deprecated fields test because the deprecation makes it fail
This commit is contained in:
Tom Harvey 2018-11-26 11:19:43 +01:00 committed by GitHub
parent 9ada53547f
commit d580f30e03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 97 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
backend/remote-state/azure/backend.go
View File

@ -57,28 +57,28 @@ func New() backend.Backend {
Description: "The resource group name.",
},
"arm_subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
},
"arm_client_id": {
"client_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Client ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""),
},
"arm_client_secret": {
"client_secret": {
Type: schema.TypeString,
Optional: true,
Description: "The Client Secret.",
DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""),
},
"arm_tenant_id": {
"subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""),
},
"tenant_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Tenant ID.",
@ -99,7 +99,35 @@ func New() backend.Backend {
DefaultFunc: schema.EnvDefaultFunc("ARM_MSI_ENDPOINT", ""),
},
// TODO: rename these fields
// Deprecated fields
"arm_client_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Client ID.",
Deprecated: "`arm_client_id` has been replaced by `client_id`",
},
"arm_client_secret": {
Type: schema.TypeString,
Optional: true,
Description: "The Client Secret.",
Deprecated: "`arm_client_secret` has been replaced by `client_secret`",
},
"arm_subscription_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Subscription ID.",
Deprecated: "`arm_subscription_id` has been replaced by `subscription_id`",
},
"arm_tenant_id": {
Type: schema.TypeString,
Optional: true,
Description: "The Tenant ID.",
Deprecated: "`arm_tenant_id` has been replaced by `tenant_id`",
},
// TODO: support for custom resource manager endpoints
},
}
@ -142,21 +170,26 @@ func (b *Backend) configure(ctx context.Context) error {
// Grab the resource data
data := schema.FromContextBackendConfig(ctx)
b.containerName = data.Get("container_name").(string)
b.keyName = data.Get("key").(string)
// support for previously deprecated fields
clientId := valueFromDeprecatedField(data, "client_id", "arm_client_id")
clientSecret := valueFromDeprecatedField(data, "client_secret", "arm_client_secret")
subscriptionId := valueFromDeprecatedField(data, "subscription_id", "arm_subscription_id")
tenantId := valueFromDeprecatedField(data, "tenant_id", "arm_tenant_id")
config := BackendConfig{
AccessKey: data.Get("access_key").(string),
ClientID: data.Get("arm_client_id").(string),
ClientSecret: data.Get("arm_client_secret").(string),
ClientID: clientId,
ClientSecret: clientSecret,
Environment: data.Get("environment").(string),
MsiEndpoint: data.Get("msi_endpoint").(string),
ResourceGroupName: data.Get("resource_group_name").(string),
SasToken: data.Get("sas_token").(string),
StorageAccountName: data.Get("storage_account_name").(string),
SubscriptionID: data.Get("arm_subscription_id").(string),
TenantID: data.Get("arm_tenant_id").(string),
SubscriptionID: subscriptionId,
TenantID: tenantId,
UseMsi: data.Get("use_msi").(bool),
}
@ -172,3 +205,13 @@ func (b *Backend) configure(ctx context.Context) error {
b.armClient = armClient
return nil
}
func valueFromDeprecatedField(d *schema.ResourceData, key, deprecatedFieldKey string) string {
v := d.Get(key).(string)
if v == "" {
v = d.Get(deprecatedFieldKey).(string)
}
return v
}

28
backend/remote-state/azure/backend_test.go
View File

@ -79,8 +79,8 @@ func TestBackendManagedServiceIdentityBasic(t *testing.T) {
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"use_msi": true,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -134,10 +134,10 @@ func TestBackendServicePrincipalBasic(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -195,10 +195,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"access_key": res.storageAccountAccessKey,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -207,10 +207,10 @@ func TestBackendServicePrincipalLocked(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"access_key": res.storageAccountAccessKey,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

28
backend/remote-state/azure/client_test.go
View File

@ -64,8 +64,8 @@ func TestRemoteClientManagedServiceIdentityBasic(t *testing.T) {
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"use_msi": true,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -129,10 +129,10 @@ func TestRemoteClientServicePrincipalBasic(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -204,10 +204,10 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)
@ -216,10 +216,10 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) {
"container_name": res.storageContainerName,
"key": res.storageKeyName,
"resource_group_name": res.resourceGroup,
"arm_subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"arm_tenant_id": os.Getenv("ARM_TENANT_ID"),
"arm_client_id": os.Getenv("ARM_CLIENT_ID"),
"arm_client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"),
"tenant_id": os.Getenv("ARM_TENANT_ID"),
"client_id": os.Getenv("ARM_CLIENT_ID"),
"client_secret": os.Getenv("ARM_CLIENT_SECRET"),
"environment": os.Getenv("ARM_ENVIRONMENT"),
})).(*Backend)

20
website/docs/backends/types/azurerm.html.md
View File

@ -36,8 +36,8 @@ terraform {
container_name = "tfstate"
key = "prod.terraform.tfstate"
use_msi = true
arm_subscription_id = "00000000-0000-0000-0000-000000000000"
arm_tenant_id = "00000000-0000-0000-0000-000000000000"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
@ -101,8 +101,8 @@ data "terraform_remote_state" "foo" {
container_name = "terraform-state"
key = "prod.terraform.tfstate"
use_msi = true
arm_subscription_id = "00000000-0000-0000-0000-000000000000"
arm_tenant_id = "00000000-0000-0000-0000-000000000000"
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
@ -156,9 +156,9 @@ The following configuration options are supported:
When authenticating using the Managed Service Identity (MSI) - the following fields are also supported:
* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.
* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.
* `msi_endpoint` - (Optional) The path to a custom Managed Service Identity endpoint which is automatically determined if not specified. This can also be sourced from the `ARM_MSI_ENDPOINT` environment variable.
@ -182,10 +182,10 @@ When authenticating using a Service Principal - the following fields are also su
* `resource_group_name` - (Required) The Name of the Resource Group in which the Storage Account exists.
* `arm_client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable.
* `client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable.
* `arm_client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable.
* `client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable.
* `arm_subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
* `arm_tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.
* `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable.