provider/pagerduty: Validate credentials (#12854)
* Validate credentials * Add ability to skip validation * Update provider documentation * invalidCredentials -> invalidCreds * Include original error message * Update description for skip_credentials_validation * Add config test * set skip_credentials_validation default to false
This commit is contained in:
parent
4759b51132
commit
ca517543f2
|
@ -1,6 +1,7 @@
|
|||
package pagerduty
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/PagerDuty/go-pagerduty"
|
||||
|
@ -8,13 +9,40 @@ import (
|
|||
|
||||
// Config defines the configuration options for the PagerDuty client
|
||||
type Config struct {
|
||||
// The PagerDuty API V2 token
|
||||
Token string
|
||||
|
||||
// Skip validation of the token against the PagerDuty API
|
||||
SkipCredsValidation bool
|
||||
}
|
||||
|
||||
const invalidCreds = `
|
||||
|
||||
No valid credentials found for PagerDuty provider.
|
||||
Please see https://www.terraform.io/docs/providers/pagerduty/index.html
|
||||
for more information on providing credentials for this provider.
|
||||
`
|
||||
|
||||
// Client returns a new PagerDuty client
|
||||
func (c *Config) Client() (*pagerduty.Client, error) {
|
||||
// Validate that the PagerDuty token is set
|
||||
if c.Token == "" {
|
||||
return nil, fmt.Errorf(invalidCreds)
|
||||
}
|
||||
|
||||
client := pagerduty.NewClient(c.Token)
|
||||
|
||||
if !c.SkipCredsValidation {
|
||||
// Validate the credentials by calling the abilities endpoint,
|
||||
// if we get a 401 response back we return an error to the user
|
||||
if _, err := client.ListAbilities(); err != nil {
|
||||
if isUnauthorized(err) {
|
||||
return nil, fmt.Errorf(fmt.Sprintf("%s\n%s", err, invalidCreds))
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
log.Printf("[INFO] PagerDuty client configured")
|
||||
|
||||
return client, nil
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
package pagerduty
|
||||
|
||||
import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
// Test config with an empty token
|
||||
func TestConfigEmptyToken(t *testing.T) {
|
||||
config := Config{
|
||||
Token: "",
|
||||
}
|
||||
|
||||
if _, err := config.Client(); err == nil {
|
||||
t.Fatalf("expected error, but got nil")
|
||||
}
|
||||
}
|
||||
|
||||
// Test config with invalid token but with SkipCredsValidation
|
||||
func TestConfigSkipCredsValidation(t *testing.T) {
|
||||
config := Config{
|
||||
Token: "foo",
|
||||
SkipCredsValidation: true,
|
||||
}
|
||||
|
||||
if _, err := config.Client(); err != nil {
|
||||
t.Fatalf("error: expected the client to not fail: %v", err)
|
||||
}
|
||||
}
|
|
@ -9,3 +9,7 @@ func isNotFound(err error) bool {
|
|||
|
||||
return false
|
||||
}
|
||||
|
||||
func isUnauthorized(err error) bool {
|
||||
return strings.Contains(err.Error(), "HTTP response code: 401")
|
||||
}
|
||||
|
|
|
@ -16,6 +16,12 @@ func Provider() terraform.ResourceProvider {
|
|||
Required: true,
|
||||
DefaultFunc: schema.EnvDefaultFunc("PAGERDUTY_TOKEN", nil),
|
||||
},
|
||||
|
||||
"skip_credentials_validation": {
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
Default: false,
|
||||
},
|
||||
},
|
||||
|
||||
DataSourcesMap: map[string]*schema.Resource{
|
||||
|
@ -40,7 +46,11 @@ func Provider() terraform.ResourceProvider {
|
|||
}
|
||||
|
||||
func providerConfigure(data *schema.ResourceData) (interface{}, error) {
|
||||
config := Config{Token: data.Get("token").(string)}
|
||||
config := Config{
|
||||
Token: data.Get("token").(string),
|
||||
SkipCredsValidation: data.Get("skip_credentials_validation").(bool),
|
||||
}
|
||||
|
||||
log.Println("[INFO] Initializing PagerDuty client")
|
||||
return config.Client()
|
||||
}
|
||||
|
|
|
@ -39,3 +39,4 @@ resource "pagerduty_user" "earline" {
|
|||
The following arguments are supported:
|
||||
|
||||
* `token` - (Required) The v2 authorization token. See [API Documentation](https://v2.developer.pagerduty.com/docs/authentication) for more information.
|
||||
* `skip_credentials_validation` - (Optional) Skip validation of the token against the PagerDuty API.
|
||||
|
|
Loading…
Reference in New Issue