Skip to content

Port TLS Provider to terraform-plugin-framework #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 16 commits into from
Jun 24, 2022
Merged

Port TLS Provider to terraform-plugin-framework #215

merged 16 commits into from
Jun 24, 2022

Conversation

@detro
Copy link
Contributor

@detro detro commented May 19, 2022
edited
Loading

Closes #196
Closes #87
Closes #185
Closes #174

This is a full port of the terraform-tls-provider to the new, and almost v1.x, terraform-plugin-framework.

As it is a breaking change (version of TF <0.15 become not compatible with this provider), I'm taking this opportunity to include other breaking changes that had been waiting for a while. Some of which (like #87), are long overdue and made necessary by the new framework, not supporting certain things (StateFunc in Schema definition).

The CHANGELOG contains all the details.

NOTES:

BREAKING CHANGES:

  • Terraform >=0.15 is now required to use this provider.

  • resource/tls_cert_request: Attribute key_algorithm is now computed, as it's inferred from private_key_pem (#174, #215).

  • resource/tls_self_signed_cert: Attribute key_algorithm is now computed, as it's inferred from private_key_pem (#174, #215).

  • resource/tls_self_signed_cert: Setting an unsupported value in allowed_uses attribute, will now return an error instead of just a warning (#185, #215).

  • resource/tls_locally_signed_cert: Attribute private_key_pem is stored (and returned) as-is (in accordance with guidelines) (#87, #215).

  • resource/tls_locally_signed_cert: Attribute ca_key_algorithm is now computed, as it's inferred from ca_private_key_pem (#174, #215).

  • resource/tls_locally_signed_cert: Setting an unsupported value in allowed_uses attribute, will now return an error instead of just a warning (#185, #215).

  • resource/tls_locally_signed_cert: Attributes cert_request_pem, ca_private_key_pem, ca_cert_pem, private_key_pem are stored (and returned) as-is (in accordance with guidelines) (#87, #215).

  • provider: HTTP proxy configuration is now a (nested) Attribute (proxy = {...), not a Block (proxy { ...) (#215).

@detro detro requested a review from a team as a code owner May 19, 2022 17:55
@detro detro marked this pull request as draft May 19, 2022 17:55
bendbennett
bendbennett reviewed May 20, 2022
View reviewed changes
Copy link
Contributor

@bendbennett bendbennett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking great!

bendbennett
bendbennett reviewed May 20, 2022
View reviewed changes
bendbennett
bendbennett reviewed May 25, 2022
View reviewed changes
bendbennett
bendbennett reviewed May 25, 2022
View reviewed changes
bendbennett
bendbennett reviewed May 25, 2022
View reviewed changes
bendbennett
bendbennett reviewed May 25, 2022
View reviewed changes
bendbennett
bendbennett reviewed May 25, 2022
View reviewed changes
Copy link
Contributor

@bendbennett bendbennett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking really good. I'm definitely going to re-use some of your ideas.

@detro detro force-pushed the detro/4.x-port_to_fw branch from ad491e9 to 615f8f6 Compare June 9, 2022 16:09
@detro detro force-pushed the detro/4.x-port_to_fw branch from 615f8f6 to 1e4cfe5 Compare June 17, 2022 17:20
@detro detro marked this pull request as ready for review June 17, 2022 17:22
@detro detro changed the title [WIP] Port TLS Provider to terraform-plugin-framework Port TLS Provider to terraform-plugin-framework Jun 17, 2022
@detro detro changed the title Port TLS Provider to terraform-plugin-framework [WIP] Port TLS Provider to terraform-plugin-framework Jun 17, 2022
@detro detro requested review from a team and bendbennett June 17, 2022 17:27
bendbennett
bendbennett approved these changes Jun 20, 2022
View reviewed changes
Copy link
Contributor

@bendbennett bendbennett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Looks great.

@detro detro force-pushed the detro/4.x-port_to_fw branch from 016e408 to e37b8d7 Compare June 20, 2022 15:44
@detro detro changed the title [WIP] Port TLS Provider to terraform-plugin-framework Port TLS Provider to terraform-plugin-framework Jun 20, 2022
@detro detro added this to the v4.0.0-preview milestone Jun 20, 2022
Ivan De Marino added 4 commits June 20, 2022 17:46
Ensure that tls_certificate.verify_chain behaviour is equivalent to…
5882c19 
… a `Default: true`.
Remove CI testing against 0.15
ae50cb9
Setting CHANGELOG for v4.0.0-rc.1
94e767e 
This will be a "release candidate" release, that will not be picked by automatic upgrades.
Adding upgrade tests from v3.4.0
b10b82c
bflad
bflad approved these changes Jun 22, 2022
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this looks really good, nice work migrating this non-trivial provider! 🚀

@detro detro merged commit 9781d20 into main Jun 24, 2022
@detro detro deleted the detro/4.x-port_to_fw branch June 24, 2022 16:29
@dpkirchner
Copy link

dpkirchner commented Oct 31, 2022

If we upgrade to the latest tls provider (4.0.4), and we bump in to issue #87, will applying cause all of our certificates to be replaced or will the update be a no-op? I'm using a fork of the tls provider to workaround #87 but I'm looking in to moving back to the main branch, however I can't have the plan replace the certificates spuriously.

@austinvalle austinvalle mentioned this pull request Jun 6, 2023
Merged
@github-actions
Copy link

github-actions bot commented May 26, 2024

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@bflad bflad bflad approved these changes

@bendbennett bendbennett bendbennett approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

breaking-change dependencies provider size/XL

Projects

None yet

Milestone

v4.0.0

4 participants

@detro @dpkirchner @bflad @bendbennett