Fix: truested profiles

IBM-Cloud · Oct 11, 2021 · a526bb3 · a526bb3
1 parent 12e54da
commit a526bb3
Show file tree

Hide file tree

Showing 18 changed files with 206 additions and 129 deletions.
diff --git a/go.sum b/go.sum
diff --git a/ibm/data_source_ibm_iam_trusted_profile.go b/ibm/data_source_ibm_iam_trusted_profile.go
@@ -138,9 +138,6 @@ func dataSourceIBMIamTrustedProfileRead(context context.Context, d *schema.Resou
 
 	d.SetId(*trustedProfile.ID)
 
-	if err = d.Set("id", trustedProfile.ID); err != nil {
-		return diag.FromErr(fmt.Errorf("Error setting id: %s", err))
-	}
 	if err = d.Set("entity_tag", trustedProfile.EntityTag); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting entity_tag: %s", err))
 	}
@@ -172,11 +169,9 @@ func dataSourceIBMIamTrustedProfileRead(context context.Context, d *schema.Resou
 		return diag.FromErr(fmt.Errorf("Error setting ims_user_id: %s", err))
 	}
 
-	if trustedProfile.History != nil {
-		err = d.Set("history", dataSourceTrustedProfileFlattenHistory(trustedProfile.History))
-		if err != nil {
-			return diag.FromErr(fmt.Errorf("Error setting history %s", err))
-		}
+	err = d.Set("history", dataSourceTrustedProfileFlattenHistory(trustedProfile.History))
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("Error setting history %s", err))
 	}
 
 	return nil

diff --git a/ibm/data_source_ibm_iam_trusted_profile_claim_rule.go b/ibm/data_source_ibm_iam_trusted_profile_claim_rule.go
@@ -113,8 +113,7 @@ func dataSourceIBMIamTrustedProfileClaimRuleRead(context context.Context, d *sch
 		log.Printf("[DEBUG] GetClaimRule failed %s\n%s", err, response)
 		return diag.FromErr(fmt.Errorf("GetClaimRule failed %s\n%s", err, response))
 	}
-
-	d.SetId(*profileClaimRule.ID)
+	d.SetId(fmt.Sprintf("%s/%s", *getClaimRuleOptions.ProfileID, *profileClaimRule.ID))
 	if err = d.Set("id", profileClaimRule.ID); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting id: %s", err))
 	}

diff --git a/ibm/data_source_ibm_iam_trusted_profile_link.go b/ibm/data_source_ibm_iam_trusted_profile_link.go
@@ -99,9 +99,6 @@ func dataSourceIBMIamTrustedProfileLinkRead(context context.Context, d *schema.R
 	}
 
 	d.SetId(fmt.Sprintf("%s/%s", *getLinkOptions.ProfileID, *getLinkOptions.LinkID))
-	if err = d.Set("id", profileLink.ID); err != nil {
-		return diag.FromErr(fmt.Errorf("Error setting id: %s", err))
-	}
 	if err = d.Set("entity_tag", profileLink.EntityTag); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting entity_tag: %s", err))
 	}

diff --git a/ibm/data_source_ibm_iam_trusted_profile_link_test.go b/ibm/data_source_ibm_iam_trusted_profile_link_test.go
@@ -12,15 +12,15 @@ import (
 )
 
 func TestAccIBMIamTrustedProfileLinkDataSourceBasic(t *testing.T) {
-	profileLinkProfileID := fmt.Sprintf("tf_profile_id_%d", acctest.RandIntRange(10, 100))
-	profileLinkCrType := fmt.Sprintf("tf_cr_type_%d", acctest.RandIntRange(10, 100))
+	profileLinkProfileName := fmt.Sprintf("tf_profile_%d", acctest.RandIntRange(10, 100))
+	profileLinkCrType := "IKS_SA"
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			resource.TestStep{
-				Config: testAccCheckIBMIamTrustedProfileLinkDataSourceConfigBasic(profileLinkProfileID, profileLinkCrType),
+				Config: testAccCheckIBMIamTrustedProfileLinkDataSourceConfigBasic(profileLinkProfileName, profileLinkCrType),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile_link.iam_trusted_profile_link", "id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile_link.iam_trusted_profile_link", "profile_id"),
@@ -37,16 +37,16 @@ func TestAccIBMIamTrustedProfileLinkDataSourceBasic(t *testing.T) {
 }
 
 func TestAccIBMIamTrustedProfileLinkDataSourceAllArgs(t *testing.T) {
-	profileLinkProfileID := fmt.Sprintf("tf_profile_id_%d", acctest.RandIntRange(10, 100))
-	profileLinkCrType := fmt.Sprintf("tf_cr_type_%d", acctest.RandIntRange(10, 100))
+	profileLinkProfileName := fmt.Sprintf("tf_profile_%d", acctest.RandIntRange(10, 100))
+	profileLinkCrType := "IKS_SA"
 	profileLinkName := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100))
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			resource.TestStep{
-				Config: testAccCheckIBMIamTrustedProfileLinkDataSourceConfig(profileLinkProfileID, profileLinkCrType, profileLinkName),
+				Config: testAccCheckIBMIamTrustedProfileLinkDataSourceConfig(profileLinkProfileName, profileLinkCrType, profileLinkName),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile_link.iam_trusted_profile_link", "id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile_link.iam_trusted_profile_link", "profile_id"),
@@ -63,32 +63,38 @@ func TestAccIBMIamTrustedProfileLinkDataSourceAllArgs(t *testing.T) {
 	})
 }
 
-func testAccCheckIBMIamTrustedProfileLinkDataSourceConfigBasic(profileLinkProfileID string, profileLinkCrType string) string {
+func testAccCheckIBMIamTrustedProfileLinkDataSourceConfigBasic(profileLinkProfileName string, profileLinkCrType string) string {
 	return fmt.Sprintf(`
+		resource "ibm_iam_trusted_profile" "iam_trusted_profile" {
+			name = "%s"
+		}
 		resource "ibm_iam_trusted_profile_link" "iam_trusted_profile_link" {
-			profile_id = "%s"
+			profile_id = ibm_iam_trusted_profile.iam_trusted_profile.id
 			cr_type = "%s"
 			link {
-				crn = "crn"
+				crn = "crn:v1:bluemix:public:containers-kubernetes:us-south:a/4448261269a14562b839e0a3019ed980:c2047t5d0hfu7oe0emm0::"
 				namespace = "namespace"
 				name = "name"
 			}
 		}
 
 		data "ibm_iam_trusted_profile_link" "iam_trusted_profile_link" {
 			profile_id = ibm_iam_trusted_profile_link.iam_trusted_profile_link.profile_id
-			link_id = "link-id"
+			link_id = ibm_iam_trusted_profile_link.iam_trusted_profile_link.link_id
 		}
-	`, profileLinkProfileID, profileLinkCrType)
+	`, profileLinkProfileName, profileLinkCrType)
 }
 
-func testAccCheckIBMIamTrustedProfileLinkDataSourceConfig(profileLinkProfileID string, profileLinkCrType string, profileLinkName string) string {
+func testAccCheckIBMIamTrustedProfileLinkDataSourceConfig(profileLinkProfileName string, profileLinkCrType string, profileLinkName string) string {
 	return fmt.Sprintf(`
+		resource "ibm_iam_trusted_profile" "iam_trusted_profile" {
+			name = "%s"
+		}
 		resource "ibm_iam_trusted_profile_link" "iam_trusted_profile_link" {
-			profile_id = "%s"
+			profile_id = ibm_iam_trusted_profile.iam_trusted_profile.id
 			cr_type = "%s"
 			link {
-				crn = "crn"
+				crn = "crn:v1:bluemix:public:containers-kubernetes:us-south:a/4448261269a14562b839e0a3019ed980:c2047t5d0hfu7oe0emm0::"
 				namespace = "namespace"
 				name = "name"
 			}
@@ -97,7 +103,7 @@ func testAccCheckIBMIamTrustedProfileLinkDataSourceConfig(profileLinkProfileID s
 
 		data "ibm_iam_trusted_profile_link" "iam_trusted_profile_link" {
 			profile_id = ibm_iam_trusted_profile_link.iam_trusted_profile_link.profile_id
-			link_id = "link-id"
+			link_id = ibm_iam_trusted_profile_link.iam_trusted_profile_link.link_id
 		}
-	`, profileLinkProfileID, profileLinkCrType, profileLinkName)
+	`, profileLinkProfileName, profileLinkCrType, profileLinkName)
 }
diff --git a/ibm/data_source_ibm_iam_trusted_profile_test.go b/ibm/data_source_ibm_iam_trusted_profile_test.go
@@ -13,14 +13,13 @@ import (
 
 func TestAccIBMIamTrustedProfileDataSourceBasic(t *testing.T) {
 	trustedProfileName := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100))
-	trustedProfileAccountID := fmt.Sprintf("tf_account_id_%d", acctest.RandIntRange(10, 100))
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			resource.TestStep{
-				Config: testAccCheckIBMIamTrustedProfileDataSourceConfigBasic(trustedProfileName, trustedProfileAccountID),
+				Config: testAccCheckIBMIamTrustedProfileDataSourceConfigBasic(trustedProfileName),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "profile_id"),
@@ -38,15 +37,14 @@ func TestAccIBMIamTrustedProfileDataSourceBasic(t *testing.T) {
 
 func TestAccIBMIamTrustedProfileDataSourceAllArgs(t *testing.T) {
 	trustedProfileName := fmt.Sprintf("tf_name_%d", acctest.RandIntRange(10, 100))
-	trustedProfileAccountID := fmt.Sprintf("tf_account_id_%d", acctest.RandIntRange(10, 100))
 	trustedProfileDescription := fmt.Sprintf("tf_description_%d", acctest.RandIntRange(10, 100))
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			resource.TestStep{
-				Config: testAccCheckIBMIamTrustedProfileDataSourceConfig(trustedProfileName, trustedProfileAccountID, trustedProfileDescription),
+				Config: testAccCheckIBMIamTrustedProfileDataSourceConfig(trustedProfileName, trustedProfileDescription),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "profile_id"),
@@ -62,40 +60,33 @@ func TestAccIBMIamTrustedProfileDataSourceAllArgs(t *testing.T) {
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "ims_account_id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "ims_user_id"),
 					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.#"),
-					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.0.timestamp"),
-					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.0.iam_id"),
-					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.0.iam_id_account"),
-					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.0.action"),
-					resource.TestCheckResourceAttrSet("data.ibm_iam_trusted_profile.iam_trusted_profile", "history.0.message"),
 				),
 			},
 		},
 	})
 }
 
-func testAccCheckIBMIamTrustedProfileDataSourceConfigBasic(trustedProfileName string, trustedProfileAccountID string) string {
+func testAccCheckIBMIamTrustedProfileDataSourceConfigBasic(trustedProfileName string) string {
 	return fmt.Sprintf(`
 		resource "ibm_iam_trusted_profile" "iam_trusted_profile" {
 			name = "%s"
-			account_id = "%s"
 		}
 
 		data "ibm_iam_trusted_profile" "iam_trusted_profile" {
-			profile_id = "profile-id"
+			profile_id = ibm_iam_trusted_profile.iam_trusted_profile.id
 		}
-	`, trustedProfileName, trustedProfileAccountID)
+	`, trustedProfileName)
 }
 
-func testAccCheckIBMIamTrustedProfileDataSourceConfig(trustedProfileName string, trustedProfileAccountID string, trustedProfileDescription string) string {
+func testAccCheckIBMIamTrustedProfileDataSourceConfig(trustedProfileName string, trustedProfileDescription string) string {
 	return fmt.Sprintf(`
 		resource "ibm_iam_trusted_profile" "iam_trusted_profile" {
 			name = "%s"
-			account_id = "%s"
 			description = "%s"
 		}
 
 		data "ibm_iam_trusted_profile" "iam_trusted_profile" {
-			profile_id = "profile-id"
+			profile_id = ibm_iam_trusted_profile.iam_trusted_profile.id
 		}
-	`, trustedProfileName, trustedProfileAccountID, trustedProfileDescription)
+	`, trustedProfileName, trustedProfileDescription)
 }
diff --git a/ibm/resource_ibm_iam_trusted_profile.go b/ibm/resource_ibm_iam_trusted_profile.go
@@ -213,9 +213,9 @@ func resourceIBMIamTrustedProfileRead(context context.Context, d *schema.Resourc
 			historyItemMap := resourceIBMIamTrustedProfileEnityHistoryRecordToMap(historyItem)
 			history = append(history, historyItemMap)
 		}
-		if err = d.Set("history", history); err != nil {
-			return diag.FromErr(fmt.Errorf("Error setting history: %s", err))
-		}
+	}
+	if err = d.Set("history", history); err != nil {
+		return diag.FromErr(fmt.Errorf("Error setting history: %s", err))
 	}
 
 	return nil

diff --git a/ibm/resource_ibm_iam_trusted_profile_claim_rule.go b/ibm/resource_ibm_iam_trusted_profile_claim_rule.go
@@ -117,8 +117,8 @@ func resourceIBMIamTrustedProfileClaimRuleCreate(context context.Context, d *sch
 	}
 
 	createClaimRuleOptions := &iamidentityv1.CreateClaimRuleOptions{}
-
-	createClaimRuleOptions.SetProfileID(d.Get("profile_id").(string))
+	profile := d.Get("profile_id").(string)
+	createClaimRuleOptions.SetProfileID(profile)
 	createClaimRuleOptions.SetType(d.Get("type").(string))
 	var conditions []iamidentityv1.ProfileClaimRuleConditions
 	for _, e := range d.Get("conditions").([]interface{}) {
@@ -147,7 +147,7 @@ func resourceIBMIamTrustedProfileClaimRuleCreate(context context.Context, d *sch
 		return diag.FromErr(fmt.Errorf("CreateClaimRule failed %s\n%s", err, response))
 	}
 
-	d.SetId(*profileClaimRule.ID)
+	d.SetId(fmt.Sprintf("%s/%s", profile, *profileClaimRule.ID))
 
 	return resourceIBMIamTrustedProfileClaimRuleRead(context, d, meta)
 }
@@ -207,11 +207,14 @@ func resourceIBMIamTrustedProfileClaimRuleRead(context context.Context, d *schem
 	if err != nil {
 		return diag.FromErr(err)
 	}
-
+	parts, err := idParts(d.Id())
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("Invalid ID %s", err))
+	}
 	getClaimRuleOptions := &iamidentityv1.GetClaimRuleOptions{}
 
-	getClaimRuleOptions.SetRuleID(d.Id())
-	getClaimRuleOptions.SetProfileID(d.Get("profile_id").(string))
+	getClaimRuleOptions.SetRuleID(parts[1])
+	getClaimRuleOptions.SetProfileID(parts[0])
 
 	profileClaimRule, response, err := iamIdentityClient.GetClaimRule(getClaimRuleOptions)
 	if err != nil {
@@ -320,12 +323,15 @@ func resourceIBMIamTrustedProfileClaimRuleUpdate(context context.Context, d *sch
 	if err != nil {
 		return diag.FromErr(err)
 	}
-
+	parts, err := idParts(d.Id())
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("Invalid ID %s", err))
+	}
 	updateClaimRuleOptions := &iamidentityv1.UpdateClaimRuleOptions{}
 
 	updateClaimRuleOptions.SetIfMatch("*")
-	updateClaimRuleOptions.SetRuleID(d.Get("rule_id").(string))
-	updateClaimRuleOptions.SetProfileID(d.Get("profile_id").(string))
+	updateClaimRuleOptions.SetRuleID(parts[1])
+	updateClaimRuleOptions.SetProfileID(parts[0])
 	updateClaimRuleOptions.SetType(d.Get("type").(string))
 	var conditions []iamidentityv1.ProfileClaimRuleConditions
 	for _, e := range d.Get("conditions").([]interface{}) {
@@ -362,11 +368,15 @@ func resourceIBMIamTrustedProfileClaimRuleDelete(context context.Context, d *sch
 	if err != nil {
 		return diag.FromErr(err)
 	}
+	parts, err := idParts(d.Id())
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("Invalid ID %s", err))
+	}
 
 	deleteClaimRuleOptions := &iamidentityv1.DeleteClaimRuleOptions{}
 
-	deleteClaimRuleOptions.SetProfileID(d.Get("profile_id").(string))
-	deleteClaimRuleOptions.SetRuleID(d.Id())
+	deleteClaimRuleOptions.SetProfileID(parts[0])
+	deleteClaimRuleOptions.SetRuleID(parts[1])
 
 	response, err := iamIdentityClient.DeleteClaimRule(deleteClaimRuleOptions)
 	if err != nil {