Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Standardize error handling and refactor old resources #521

Merged
merged 22 commits into from
Apr 5, 2024
Merged

Standardize error handling and refactor old resources #521

merged 22 commits into from
Apr 5, 2024

Conversation

wcmjunior
Copy link
Contributor

@wcmjunior wcmjunior commented Mar 30, 2024
edited
Loading

Description of the change

  1. Refactor the following resources and data sources to use the latest core abstractions and improve error handling to avoid the state from getting out of sync when a resource is removed from the control plane:
  • cyral_datalabel
  • cyral_repository
  • cyral_repository_access_gateway
  • cyral_repository_access_rules
  • cyral_repository_binding
  • cyral_repository_conf_analysis
  • cyral_repository_conf_auth
  • cyral_repository_network_access_policy
  • cyral_sidecar
  • cyral_sidecar_credentials
  • cyral_sidecar_listener
  1. Generalize the error handling in the core package to reuse the code for resources not found and also add new features to handle different errors based on the API description (the later due to some of our APIs not returning proper status codes).

Type of change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklists

Development

  • Lint rules pass locally
  • The code changed/added as part of this pull request has been covered with tests
  • All tests related to the changed code pass in development

Code review

  • This pull request has a descriptive title and information useful to a reviewer. There may be a screenshot or screencast attached
  • Jira issue referenced in commit message and/or PR title

Testing

Acceptance tests output:

go test github.com/cyralinc/terraform-provider-cyral/... -v -race -timeout 20m
?       github.com/cyralinc/terraform-provider-cyral    [no test files]
?       github.com/cyralinc/terraform-provider-cyral/cyral/core [no test files]
?       github.com/cyralinc/terraform-provider-cyral/cyral/core/types/operationtype     [no test files]
?       github.com/cyralinc/terraform-provider-cyral/cyral/core/types/resourcetype      [no test files]
=== RUN   TestNewClient_WhenTLSSkipVerifyIsEnabled_ThenInsecureSkipVerifyIsTrue
--- PASS: TestNewClient_WhenTLSSkipVerifyIsEnabled_ThenInsecureSkipVerifyIsTrue (0.00s)
=== RUN   TestNewClient_WhenTLSSkipVerifyIsDisabled_ThenInsecureSkipVerifyIsFalse
--- PASS: TestNewClient_WhenTLSSkipVerifyIsDisabled_ThenInsecureSkipVerifyIsFalse (0.00s)
=== RUN   TestNewClient_WhenClientIDIsEmpty_ThenThrowError
--- PASS: TestNewClient_WhenClientIDIsEmpty_ThenThrowError (0.00s)
=== RUN   TestNewClient_WhenClientSecretIsEmpty_ThenThrowError
--- PASS: TestNewClient_WhenClientSecretIsEmpty_ThenThrowError (0.00s)
=== RUN   TestNewClient_WhenControlPlaneIsEmpty_ThenThrowError
--- PASS: TestNewClient_WhenControlPlaneIsEmpty_ThenThrowError (0.00s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/client       (cached)
?       github.com/cyralinc/terraform-provider-cyral/cyral/internal/datalabel/classificationrule        [no test files]
?       github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/confextension   [no test files]
=== RUN   TestAccDatalabelDataSource
=== PAUSE TestAccDatalabelDataSource
=== RUN   TestAccDatalabelResource
--- PASS: TestAccDatalabelResource (5.32s)
=== CONT  TestAccDatalabelDataSource
--- PASS: TestAccDatalabelDataSource (25.54s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/datalabel   32.711s
=== RUN   TestAccSidecarInstanceIDsDataSource
=== PAUSE TestAccSidecarInstanceIDsDataSource
=== RUN   TestIntegrationsData_GetValue_Default
--- PASS: TestIntegrationsData_GetValue_Default (0.00s)
=== RUN   TestIntegrationsData_GetValue_Splunk
--- PASS: TestIntegrationsData_GetValue_Splunk (0.00s)
=== RUN   TestAccDatadogIntegrationResource
=== PAUSE TestAccDatadogIntegrationResource
=== RUN   TestAccELKIntegrationResource
=== PAUSE TestAccELKIntegrationResource
=== RUN   TestAccIdPIntegrationResource
=== PAUSE TestAccIdPIntegrationResource
=== RUN   TestAccLogstashIntegrationResource
=== PAUSE TestAccLogstashIntegrationResource
=== RUN   TestAccLookerIntegrationResource
=== PAUSE TestAccLookerIntegrationResource
=== RUN   TestAccSplunkIntegrationResource
=== PAUSE TestAccSplunkIntegrationResource
=== RUN   TestAccSumoLogicIntegrationResource
=== PAUSE TestAccSumoLogicIntegrationResource
=== CONT  TestAccDatadogIntegrationResource
=== CONT  TestAccIdPIntegrationResource
=== CONT  TestAccSplunkIntegrationResource
=== CONT  TestAccLogstashIntegrationResource
=== CONT  TestAccELKIntegrationResource
=== CONT  TestAccSumoLogicIntegrationResource
=== CONT  TestAccLookerIntegrationResource
=== CONT  TestAccSidecarInstanceIDsDataSource
--- PASS: TestAccSumoLogicIntegrationResource (12.87s)
--- PASS: TestAccLookerIntegrationResource (14.73s)
--- PASS: TestAccELKIntegrationResource (14.85s)
--- PASS: TestAccDatadogIntegrationResource (16.01s)
--- PASS: TestAccSplunkIntegrationResource (16.97s)
--- PASS: TestAccLogstashIntegrationResource (23.51s)
--- PASS: TestAccSidecarInstanceIDsDataSource (25.51s)
--- PASS: TestAccIdPIntegrationResource (78.09s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/deprecated  79.537s
=== RUN   TestIntegrationAWSIAMAuthN
=== PAUSE TestIntegrationAWSIAMAuthN
=== CONT  TestIntegrationAWSIAMAuthN
--- PASS: TestIntegrationAWSIAMAuthN (22.71s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/awsiam  24.901s
=== RUN   TestAccDuoMFAIntegrationResource
=== PAUSE TestAccDuoMFAIntegrationResource
=== CONT  TestAccDuoMFAIntegrationResource
--- PASS: TestAccDuoMFAIntegrationResource (10.04s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/confextension/mfaduo    12.632s
=== RUN   TestAccPagerDutyIntegrationResource
=== PAUSE TestAccPagerDutyIntegrationResource
=== CONT  TestAccPagerDutyIntegrationResource
--- PASS: TestAccPagerDutyIntegrationResource (12.78s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/confextension/pagerduty 16.153s
=== RUN   TestAccHCVaultIntegrationResource
=== PAUSE TestAccHCVaultIntegrationResource
=== CONT  TestAccHCVaultIntegrationResource
--- PASS: TestAccHCVaultIntegrationResource (11.67s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/hcvault 15.454s
=== RUN   TestAccIntegrationIdPSAMLDataSource
=== PAUSE TestAccIntegrationIdPSAMLDataSource
=== RUN   TestAccIntegrationIdPSAMLDraftResource
=== PAUSE TestAccIntegrationIdPSAMLDraftResource
=== RUN   TestAccIntegrationIdPSAMLResource
=== PAUSE TestAccIntegrationIdPSAMLResource
=== CONT  TestAccIntegrationIdPSAMLResource
=== CONT  TestAccIntegrationIdPSAMLDraftResource
=== CONT  TestAccIntegrationIdPSAMLDataSource
--- PASS: TestAccIntegrationIdPSAMLDraftResource (16.09s)
--- PASS: TestAccIntegrationIdPSAMLDataSource (56.83s)
--- PASS: TestAccIntegrationIdPSAMLResource (57.64s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/idpsaml 60.635s
=== RUN   TestAccLoggingIntegrationDataSource
=== PAUSE TestAccLoggingIntegrationDataSource
=== RUN   TestAccLogsIntegrationResourceCloudWatch
=== PAUSE TestAccLogsIntegrationResourceCloudWatch
=== RUN   TestAccLogsIntegrationResourceDataDog
=== PAUSE TestAccLogsIntegrationResourceDataDog
=== RUN   TestAccLogsIntegrationResourceElk
=== PAUSE TestAccLogsIntegrationResourceElk
=== RUN   TestAccLogsIntegrationResourceElkEmptyEsCredentials
=== PAUSE TestAccLogsIntegrationResourceElkEmptyEsCredentials
=== RUN   TestAccLogsIntegrationResourceSplunk
=== PAUSE TestAccLogsIntegrationResourceSplunk
=== RUN   TestAccLogsIntegrationResourceSumologic
=== PAUSE TestAccLogsIntegrationResourceSumologic
=== RUN   TestAccLogsIntegrationResourceFluentbit
=== PAUSE TestAccLogsIntegrationResourceFluentbit
=== CONT  TestAccLoggingIntegrationDataSource
=== CONT  TestAccLogsIntegrationResourceElk
=== CONT  TestAccLogsIntegrationResourceElkEmptyEsCredentials
=== CONT  TestAccLogsIntegrationResourceSplunk
=== CONT  TestAccLogsIntegrationResourceSumologic
=== CONT  TestAccLogsIntegrationResourceDataDog
=== CONT  TestAccLogsIntegrationResourceFluentbit
=== CONT  TestAccLogsIntegrationResourceCloudWatch
--- PASS: TestAccLogsIntegrationResourceFluentbit (14.99s)
--- PASS: TestAccLogsIntegrationResourceElk (15.94s)
--- PASS: TestAccLogsIntegrationResourceDataDog (16.03s)
--- PASS: TestAccLogsIntegrationResourceCloudWatch (16.19s)
--- PASS: TestAccLogsIntegrationResourceSplunk (16.21s)
--- PASS: TestAccLogsIntegrationResourceSumologic (16.21s)
--- PASS: TestAccLogsIntegrationResourceElkEmptyEsCredentials (17.18s)
--- PASS: TestAccLoggingIntegrationDataSource (19.04s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/logging 22.516s
=== RUN   TestAccSlackAlertsIntegrationResource
=== PAUSE TestAccSlackAlertsIntegrationResource
=== CONT  TestAccSlackAlertsIntegrationResource
--- PASS: TestAccSlackAlertsIntegrationResource (12.20s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/slack   16.080s
=== RUN   TestAccMsTeamsIntegrationResource
=== PAUSE TestAccMsTeamsIntegrationResource
=== CONT  TestAccMsTeamsIntegrationResource
--- PASS: TestAccMsTeamsIntegrationResource (9.03s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/integration/teams   10.466s
=== RUN   TestAccPermissionDataSource
=== PAUSE TestAccPermissionDataSource
=== CONT  TestAccPermissionDataSource
--- PASS: TestAccPermissionDataSource (4.90s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/permission  6.338s
=== RUN   TestAccPolicyResource
=== PAUSE TestAccPolicyResource
=== CONT  TestAccPolicyResource
--- PASS: TestAccPolicyResource (8.62s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy      10.036s
=== RUN   TestAccPolicyRuleResource
=== PAUSE TestAccPolicyRuleResource
=== RUN   TestPolicyRuleResourceUpgradeV0
--- PASS: TestPolicyRuleResourceUpgradeV0 (0.00s)
=== CONT  TestAccPolicyRuleResource
--- PASS: TestAccPolicyRuleResource (21.76s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/policy/rule 23.186s
=== RUN   TestAccRegoPolicyInstanceResource
=== PAUSE TestAccRegoPolicyInstanceResource
=== CONT  TestAccRegoPolicyInstanceResource
--- PASS: TestAccRegoPolicyInstanceResource (8.08s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/regopolicy  9.505s
=== RUN   TestAccRepositoryDataSource
=== PAUSE TestAccRepositoryDataSource
=== RUN   TestAccRepositoryResource
=== PAUSE TestAccRepositoryResource
=== CONT  TestAccRepositoryDataSource
=== CONT  TestAccRepositoryResource
--- PASS: TestAccRepositoryDataSource (18.04s)
--- PASS: TestAccRepositoryResource (24.99s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository  26.409s
=== RUN   TestAccRepositoryAccessGatewayResource
=== PAUSE TestAccRepositoryAccessGatewayResource
=== CONT  TestAccRepositoryAccessGatewayResource
--- PASS: TestAccRepositoryAccessGatewayResource (29.37s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/accessgateway    30.795s
=== RUN   TestAccRepositoryAccessRulesResource
=== PAUSE TestAccRepositoryAccessRulesResource
=== CONT  TestAccRepositoryAccessRulesResource
--- PASS: TestAccRepositoryAccessRulesResource (19.11s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/accessrules      20.820s
=== RUN   TestAccRepositoryBindingResource
=== PAUSE TestAccRepositoryBindingResource
=== CONT  TestAccRepositoryBindingResource
--- PASS: TestAccRepositoryBindingResource (17.11s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/binding  18.550s
=== RUN   TestAccRepositoryConfAnalysisResource
=== PAUSE TestAccRepositoryConfAnalysisResource
=== RUN   TestRepositoryConfAnalysisResourceUpgradeV0
--- PASS: TestRepositoryConfAnalysisResourceUpgradeV0 (0.00s)
=== CONT  TestAccRepositoryConfAnalysisResource
--- PASS: TestAccRepositoryConfAnalysisResource (11.62s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/confanalysis     13.047s
=== RUN   TestAccRepositoryConfAuthResource
=== PAUSE TestAccRepositoryConfAuthResource
=== RUN   TestRepositoryConfAuthResourceUpgradeV0
--- PASS: TestRepositoryConfAuthResourceUpgradeV0 (0.00s)
=== CONT  TestAccRepositoryConfAuthResource
--- PASS: TestAccRepositoryConfAuthResource (21.14s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/confauth 22.596s
=== RUN   TestAccRepositoryDatamapResource
=== PAUSE TestAccRepositoryDatamapResource
=== CONT  TestAccRepositoryDatamapResource
--- PASS: TestAccRepositoryDatamapResource (24.13s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/datamap  25.566s
=== RUN   TestAccRepositoryNetworkAccessPolicyResource
=== PAUSE TestAccRepositoryNetworkAccessPolicyResource
=== CONT  TestAccRepositoryNetworkAccessPolicyResource
--- PASS: TestAccRepositoryNetworkAccessPolicyResource (22.19s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/network  23.616s
=== RUN   TestAccRepositoryUserAccountResource
=== PAUSE TestAccRepositoryUserAccountResource
=== CONT  TestAccRepositoryUserAccountResource
--- PASS: TestAccRepositoryUserAccountResource (47.23s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/repository/useraccount      48.814s
=== RUN   TestAccRoleDataSource
=== PAUSE TestAccRoleDataSource
=== RUN   TestAccRoleSSOGroupsResource
=== PAUSE TestAccRoleSSOGroupsResource
=== RUN   TestRoleSSOGroupsResourceUpgradeV0
--- PASS: TestRoleSSOGroupsResourceUpgradeV0 (0.00s)
=== RUN   TestAccRoleResource
=== PAUSE TestAccRoleResource
=== CONT  TestAccRoleDataSource
=== CONT  TestAccRoleSSOGroupsResource
=== CONT  TestAccRoleResource
--- PASS: TestAccRoleDataSource (19.98s)
--- PASS: TestAccRoleSSOGroupsResource (28.70s)
--- PASS: TestAccRoleResource (34.52s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/role        36.353s
=== RUN   TestAccSAMLCertificateDataSource
=== PAUSE TestAccSAMLCertificateDataSource
=== CONT  TestAccSAMLCertificateDataSource
--- PASS: TestAccSAMLCertificateDataSource (5.37s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/samlcertificate     6.785s
=== RUN   TestAccSAMLConfigurationDataSource
=== PAUSE TestAccSAMLConfigurationDataSource
=== CONT  TestAccSAMLConfigurationDataSource
--- PASS: TestAccSAMLConfigurationDataSource (13.12s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/samlconfiguration   14.537s
=== RUN   TestAccServiceAccountResource
=== PAUSE TestAccServiceAccountResource
=== CONT  TestAccServiceAccountResource
--- PASS: TestAccServiceAccountResource (26.64s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/serviceaccount      28.293s
=== RUN   TestAccSidecarBoundPortsDataSource
=== PAUSE TestAccSidecarBoundPortsDataSource
=== RUN   TestAccSidecarIDDataSource
=== PAUSE TestAccSidecarIDDataSource
=== RUN   TestAccSidecarResource
=== PAUSE TestAccSidecarResource
=== CONT  TestAccSidecarBoundPortsDataSource
=== CONT  TestAccSidecarResource
=== CONT  TestAccSidecarIDDataSource
--- PASS: TestAccSidecarIDDataSource (9.65s)
--- PASS: TestAccSidecarBoundPortsDataSource (18.73s)
--- PASS: TestAccSidecarResource (28.95s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sidecar     30.388s
=== RUN   TestAccSidecarCredentialsResource
=== PAUSE TestAccSidecarCredentialsResource
=== CONT  TestAccSidecarCredentialsResource
--- PASS: TestAccSidecarCredentialsResource (9.98s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sidecar/credentials 11.401s
=== RUN   TestAccSidecarHealthDataSource
=== PAUSE TestAccSidecarHealthDataSource
=== CONT  TestAccSidecarHealthDataSource
--- PASS: TestAccSidecarHealthDataSource (7.87s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sidecar/health      9.292s
=== RUN   TestAccSidecarInstanceStatsDataSource
=== PAUSE TestAccSidecarInstanceStatsDataSource
=== RUN   TestAccSidecarInstanceDataSource
=== PAUSE TestAccSidecarInstanceDataSource
=== CONT  TestAccSidecarInstanceStatsDataSource
=== CONT  TestAccSidecarInstanceDataSource
--- PASS: TestAccSidecarInstanceStatsDataSource (6.86s)
--- PASS: TestAccSidecarInstanceDataSource (9.69s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sidecar/instance    11.129s
=== RUN   TestAccSidecarListenerDataSource
=== PAUSE TestAccSidecarListenerDataSource
=== RUN   TestSidecarListenerResource
=== PAUSE TestSidecarListenerResource
=== CONT  TestAccSidecarListenerDataSource
=== CONT  TestSidecarListenerResource
--- PASS: TestAccSidecarListenerDataSource (10.56s)
--- PASS: TestSidecarListenerResource (36.84s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sidecar/listener    38.272s
testing: warning: no tests to run
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/sweep       (cached) [no tests to run]
=== RUN   TestAccSystemInfoDataSource
=== PAUSE TestAccSystemInfoDataSource
=== CONT  TestAccSystemInfoDataSource
--- PASS: TestAccSystemInfoDataSource (4.62s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/systeminfo  6.043s
=== RUN   TestAccAccessTokenSettingsResource
=== PAUSE TestAccAccessTokenSettingsResource
=== CONT  TestAccAccessTokenSettingsResource
--- PASS: TestAccAccessTokenSettingsResource (13.65s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/internal/tokensettings       15.085s
=== RUN   TestAccProvider
--- PASS: TestAccProvider (0.00s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/provider     1.320s
=== RUN   TestElementsMatch
--- PASS: TestElementsMatch (0.00s)
PASS
ok      github.com/cyralinc/terraform-provider-cyral/cyral/utils        (cached)

In order to verify the changes in each resource, I performed manual tests for each one of them in the .tf file that follows. The procedure was:

  1. Run terraform apply to create all resources;
  2. Delete a given resource through the API;
  3. Run terraform apply again and make sure it will suggest the creation of the resource again. The command must run without errors.
  4. Delete the same resource again through the API;
  5. Run terraform destroy -target=<resource-reference> and make sure Terraform will inform that the resource may already been removed. The command must run without errors.
  6. Run terraform destroy and start again from 1 with another resource.
terraform {
  required_providers {
    cyral = {
      source = "local/terraform/cyral"
    }
  }
}

provider "cyral" {
}

resource "cyral_integration_logging" "this" {
  name = "my-cloudwatch"
  cloudwatch {
    region = "us-east-1"
    group  = "some-name"
    stream = "cyral-sidecar"
  }
}

resource "cyral_sidecar" "this" {
    name = "tf-test"
    deployment_method = "terraform"
    labels = ["label1", "label2"]
    user_endpoint = ""
    bypass_mode = "failover"
    activity_log_integration_id = cyral_integration_logging.this.id
}

resource "cyral_sidecar_credentials" "this" {
  sidecar_id = cyral_sidecar.this.id
}

resource "cyral_sidecar_listener" "this" {
  sidecar_id = cyral_sidecar.this.id
  repo_types = ["mongodb"]
  network_address {
    port = 27017
  }
}

resource "cyral_repository" "this" {
    type = "mongodb"
    name = "multi_node_mongo_repo"
    labels = [ "multi-node", "us-east-2" ]

    repo_node {
        name = "node-1"
        host = "mongodb-node1.mycompany.com"
        port = 27017
    }

    repo_node {
        name = "node-2"
        host = "mongodb-node2.mycompany.com"
        port = 27017
    }

    repo_node {
        name = "node-3"
        dynamic = true
    }

    mongodb_settings {
      replica_set_name = "some-replica-set"
      server_type = "replicaset"
    }
}

resource "cyral_repository_user_account" "this" {
  name = "my-sidecar_rds_access_role"
  repository_id = cyral_repository.this.id
  auth_scheme {
    aws_iam {
      role_arn = "arn:something"
    }
  }
}

resource "cyral_repository_access_rules" "this" {
  repository_id = cyral_repository.this.id
  user_account_id = cyral_repository_user_account.this.user_account_id
  rule {
    identity {
      type = "email"
      name = "[email protected]"
    }
  }
}

resource "cyral_repository_conf_analysis" "this" {
  repository_id = cyral_repository.this.id
  redact = "all"
  alert_on_violation = true
  disable_pre_configured_alerts = false
  block_on_violation = true
  disable_filter_analysis = false
  enable_dataset_rewrites = true
  enable_data_masking = true
  comment_annotation_groups = [ "identity" ]
  log_groups = [ "everything" ]
}

resource "cyral_repository_conf_auth" "this" {
    repository_id = cyral_repository.this.id
    allow_native_auth = false
    client_tls = "disable"
    identity_provider = ""
    repo_tls = "disable"
}

resource "cyral_repository_binding" "this" {
  sidecar_id = cyral_sidecar.this.id
  repository_id = cyral_repository.this.id
  enabled = true
  listener_binding {
    listener_id = cyral_sidecar_listener.this.listener_id
    node_index = 0
  }
}

resource "cyral_repository_access_gateway" "this" {
  repository_id  = cyral_repository.this.id
  sidecar_id  = cyral_sidecar.this.id
  binding_id = cyral_repository_binding.this.binding_id
}

resource "cyral_datalabel" "this" {
  name        = "qq-nome"
  description = "Customer name"
  tags        = ["PII", "SENSITIVE"]
  classification_rule {
    rule_type = "REGO"
    rule_code = "some-rego-code"
    rule_status = "ENABLED"
  }
}

@wcmjunior wcmjunior requested a review from VictorGFM March 30, 2024 07:47
@wcmjunior wcmjunior force-pushed the chore/refactor-old-resources branch from 454d998 to bd6f07e Compare April 1, 2024 06:02
@wcmjunior wcmjunior force-pushed the chore/refactor-old-resources branch from bd6f07e to ab89d44 Compare April 1, 2024 06:40
@wcmjunior
Copy link
Contributor Author

@VictorGFM , please start reviewing when you have a chance. I will not perform more structural changes and I don't think I will refactor more resources as I was targeting those that are heavily used. I will post the result of my tests later, but so far everything runs perfectly.

@wcmjunior
Copy link
Contributor Author

wcmjunior commented Apr 3, 2024
edited
Loading

@jrich523 , the code analysis is failing for some test IPs we add to the code. Please lmk how to ignore this check for those cases (if possible) to get a clean run.

@wcmjunior wcmjunior changed the title Refactor old resources Standardize error handling and refactor old resources Apr 3, 2024
@wcmjunior wcmjunior marked this pull request as ready for review April 4, 2024 06:45
VictorGFM
VictorGFM approved these changes Apr 4, 2024
View reviewed changes
Copy link
Contributor

@VictorGFM VictorGFM left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good, thanks for working on this! I just have some minor comments below, please consider addressing them before merging the PR

cyral/core/default_context_handler.go Outdated Show resolved Hide resolved
cyral/internal/repository/accessrules/schema_loader.go Outdated Show resolved Hide resolved
cyral/internal/repository/network/schema_loader.go Outdated Show resolved Hide resolved
cyral/internal/sidecar/listener/datasource_test.go Outdated Show resolved Hide resolved
cyral/internal/sidecar/listener/schema_loader.go Outdated Show resolved Hide resolved
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Apr 5, 2024

Quality Gate Passed Quality Gate passed

Issues
13 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
1.0% Duplication on New Code

See analysis details on SonarCloud

@wcmjunior wcmjunior merged commit bfc82a5 into main Apr 5, 2024
2 checks passed
@wcmjunior wcmjunior deleted the chore/refactor-old-resources branch April 5, 2024 05:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VictorGFM VictorGFM VictorGFM approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wcmjunior @VictorGFM