Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix mongodb role that constantly update at each Update #536

Merged
merged 6 commits into from
Jan 31, 2024
Merged

Fix mongodb role that constantly update at each Update #536

merged 6 commits into from
Jan 31, 2024

Conversation

lpatte
Copy link
Contributor

@lpatte lpatte commented Jan 15, 2024
edited
Loading

Description

Fix an Issue Reported to me where some MongoDB role constantly update (ie: clusterMonitor@admin).
The reason was because we trimed "@admin" in the output because on API side we have some "builtin" role that the user can use without add the "@admin" (it is syntactic sugar).
But of course that break all other role with admin as authentication database that not a builtin role.

So to be more consistent, I remove this trim and force user to alway add the authentication database.
Like this it's easier to check update and clearer for the user.

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
    • Role parameter has now a verifcationFunc, so a terraform with a builtin role without authentication Database will send an error and should be updated by adding "@admin".
  • Documentation update

How Has This Been Tested?

I locally build Terraform and test with following roles resources to apply several time:

# Work and do not update at each apply
resource "ovh_cloud_project_database_mongodb_user" "monitoring" {
  service_name = "XXXXXXXXX"
  cluster_id   = "XXXXXXX"
  name         = "monitoring"
  roles        = ["restore@admin", "clusterMonitor@admin", "read@local"]
}

# restore is a builtin but Terraform send a error because resource now force to add authentication Databse
resource "ovh_cloud_project_database_mongodb_user" "monitoring" {
  service_name = "XXXXXXXX"
  cluster_id   = "XXXXXXXX"
  name         = "monitoring"
  roles        = ["restore", "clusterMonitor@admin", "read@local"]
}

BellionBastien
BellionBastien previously approved these changes Jan 15, 2024
View reviewed changes
amstuta
amstuta reviewed Jan 15, 2024
View reviewed changes
ovh/resource_cloud_project_database_mongodb_user.go
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of this error, couldn't you manually add the @admin part to the role when it is not present ? This way we would avoid the breaking change.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think for this one we won't be able to dodge the breaking change.
We should not imply the @admin for the customer as it determine on which database the user have rights. For this reason we would prefer customer to be fully aware of the value it will be set to.

@amstuta
Copy link
Contributor

amstuta commented Jan 26, 2024

seen together, the doc should be updated to inform users that there is a breaking change in the new version

@amstuta
Copy link
Contributor

amstuta commented Jan 26, 2024

@lpatte tests TestAccCloudProjectDatabaseMongodb* must be updated to add the @db part in the roles

@amstuta amstuta merged commit db4646e into master Jan 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BellionBastien BellionBastien BellionBastien left review comments

@Galiley Galiley Galiley approved these changes

@amstuta amstuta amstuta approved these changes

@rbeuque74 rbeuque74 Awaiting requested review from rbeuque74 rbeuque74 is a code owner

@deathiop deathiop Awaiting requested review from deathiop deathiop is a code owner

@a-beudin a-beudin Awaiting requested review from a-beudin

@mxpetit mxpetit Awaiting requested review from mxpetit mxpetit is a code owner

@yomovh yomovh Awaiting requested review from yomovh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@lpatte @amstuta @Galiley @BellionBastien