Skip to content

Commit

Permalink
imprv(pki): Remove ValidateFunc, check for 1.14.1. Simplify StateCont…
Browse files Browse the repository at this point in the history 
…ext. Return error message if response is nil, nil
  • Loading branch information
@Viper61
Viper61 committed Nov 24, 2024
1 parent fdc9ddb commit ce620fc
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 28 deletions.
26 changes: 2 additions & 24 deletions vault/resource_pki_secret_backend_config_acme.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,9 @@ import (

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"

"github.com/hashicorp/terraform-provider-vault/internal/consts"
"github.com/hashicorp/terraform-provider-vault/internal/provider"
"github.com/hashicorp/terraform-provider-vault/util"
)

var (
Expand All @@ -39,19 +37,7 @@ func pkiSecretBackendConfigACMEResource() *schema.Resource {
UpdateContext: pkiSecretBackendConfigACMEUpdate,
DeleteContext: pkiSecretBackendConfigACMEDelete,
Importer: &schema.ResourceImporter{
StateContext: func(_ context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
id := d.Id()
if id == "" {
return nil, fmt.Errorf("no path set for import, id=%q", id)
}

parts := strings.Split(util.NormalizeMountPath(id), "/")
if err := d.Set("backend", parts[0]); err != nil {
return nil, err
}

return []*schema.ResourceData{d}, nil
},
StateContext: schema.ImportStatePassthroughContext,
},

Schema: map[string]*schema.Schema{
Expand All @@ -75,8 +61,6 @@ func pkiSecretBackendConfigACMEResource() *schema.Resource {
Optional: true,
Computed: true,
Description: "Specifies the policy to be used for non-role-qualified ACME requests.",
ValidateFunc: validation.StringMatch(
regexp.MustCompile(`^(forbid|sign-verbatim|role:.+|external-policy(?:\:.+)?)$`), ""),
},
consts.FieldAllowedRoles: {
Type: schema.TypeList,
Expand Down Expand Up @@ -106,16 +90,12 @@ func pkiSecretBackendConfigACMEResource() *schema.Resource {
Optional: true,
Computed: true,
Description: "Specifies the policy to use for external account binding behaviour.",
ValidateFunc: validation.StringInSlice(
[]string{"not-required", "new-account-required", "always-required"}, false),
},
consts.FieldDnsResolver: {
Type: schema.TypeString,
Optional: true,
Description: "DNS resolver to use for domain resolution on this mount. " +
"Must be in the format <host>:<port>, with both parts mandatory.",
ValidateFunc: validation.StringMatch(
regexp.MustCompile(`^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}:[0-9]{1,5})?$`), ""),
},
},
}
Expand Down Expand Up @@ -195,9 +175,7 @@ func pkiSecretBackendConfigACMERead(ctx context.Context, d *schema.ResourceData,
}

if resp == nil {
d.SetId("")

return nil
return diag.Errorf("got nil response from Vault from path: %q", path)
}

// set backend and issuerRef
Expand Down
4 changes: 0 additions & 4 deletions vault/resource_pki_secret_backend_config_acme_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,6 @@ func TestPkiSecretBackendConfigACME_basic(t *testing.T) {
{
Config: testPkiSecretBackendConfigACME(backend, "role:test", "*", "*", "always-required", "",
true, true),
SkipFunc: func() (bool, error) {
meta := testProvider.Meta().(*provider.ProviderMeta)
return !provider.IsAPISupported(meta, provider.VaultVersion1141), nil
},
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(resourceName, consts.FieldBackend, backend),
resource.TestCheckResourceAttr(resourceName, consts.FieldEnabled, "true"),
Expand Down

0 comments on commit ce620fc

Please sign in to comment.