Remove ValidateConfig from resource team and resource user roles (#190)

astronomer · Jan 13, 2025 · c948967 · c948967
1 parent 7ddd4cd
commit c948967
Show file tree

Hide file tree

Showing 5 changed files with 54 additions and 133 deletions.
diff --git a/internal/provider/common/role.go b/internal/provider/common/role.go
@@ -190,3 +190,44 @@ func GetDuplicateDeploymentIds(deploymentRoles []iam.DeploymentRole) []string {
 
 	return duplicates
 }
+
+func ValidateRoles(
+	workspaceRoles []iam.WorkspaceRole,
+	deploymentRoles []iam.DeploymentRole,
+) diag.Diagnostics {
+	for _, role := range workspaceRoles {
+		if !ValidateRoleMatchesEntityType(string(role.Role), string(iam.WORKSPACE)) {
+			return diag.Diagnostics{diag.NewErrorDiagnostic(
+				fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(role.Role), string(iam.WORKSPACE)),
+				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.WORKSPACE)),
+			)}
+		}
+	}
+
+	duplicateWorkspaceIds := GetDuplicateWorkspaceIds(workspaceRoles)
+	if len(duplicateWorkspaceIds) > 0 {
+		return diag.Diagnostics{diag.NewErrorDiagnostic(
+			"Invalid Configuration: Cannot have multiple roles with the same workspace id",
+			fmt.Sprintf("Please provide a unique workspace id for each role. The following workspace ids are duplicated: %v", duplicateWorkspaceIds),
+		)}
+	}
+
+	for _, role := range deploymentRoles {
+		if !ValidateRoleMatchesEntityType(role.Role, string(iam.DEPLOYMENT)) {
+			return diag.Diagnostics{diag.NewErrorDiagnostic(
+				fmt.Sprintf("Role '%s' is not valid for role type '%s'", role.Role, string(iam.DEPLOYMENT)),
+				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.DEPLOYMENT)),
+			)}
+		}
+	}
+
+	duplicateDeploymentIds := GetDuplicateDeploymentIds(deploymentRoles)
+	if len(duplicateDeploymentIds) > 0 {
+		return diag.Diagnostics{diag.NewErrorDiagnostic(
+			"Invalid Configuration: Cannot have multiple roles with the same deployment id",
+			fmt.Sprintf("Please provide unique deployment id for each role. The following deployment ids are duplicated: %v", duplicateDeploymentIds),
+		)}
+	}
+
+	return nil
+}
diff --git a/internal/provider/resources/resource_team.go b/internal/provider/resources/resource_team.go
@@ -25,7 +25,6 @@ import (
 var _ resource.Resource = &TeamResource{}
 var _ resource.ResourceWithImportState = &TeamResource{}
 var _ resource.ResourceWithConfigure = &TeamResource{}
-var _ resource.ResourceWithValidateConfig = &TeamResource{}
 
 func NewTeamResource() resource.Resource {
 	return &TeamResource{}
@@ -95,6 +94,11 @@ func (r *TeamResource) MutateRoles(
 	}
 
 	// Validate the roles
+	diags = common.ValidateRoles(workspaceRoles, deploymentRoles)
+	if diags.HasError() {
+		return diags
+	}
+
 	diags = common.ValidateWorkspaceDeploymentRoles(ctx, common.ValidateWorkspaceDeploymentRolesInput{
 		PlatformClient:  r.PlatformClient,
 		OrganizationId:  r.OrganizationId,
@@ -376,6 +380,7 @@ func (r *TeamResource) Update(
 			resp.Diagnostics.Append(diags...)
 			return
 		}
+
 	}
 
 	// Get Team and use this as data since it will have the correct roles
@@ -451,71 +456,6 @@ func (r *TeamResource) ImportState(
 	resource.ImportStatePassthroughID(ctx, path.Root("id"), req, resp)
 }
 
-func (r *TeamResource) ValidateConfig(
-	ctx context.Context,
-	req resource.ValidateConfigRequest,
-	resp *resource.ValidateConfigResponse,
-) {
-	var data models.TeamResource
-
-	resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
-	if resp.Diagnostics.HasError() {
-		return
-	}
-
-	// Validate workspace roles
-	workspaceRoles, diags := common.RequestWorkspaceRoles(ctx, data.WorkspaceRoles)
-	if diags.HasError() {
-		resp.Diagnostics.Append(diags...)
-		return
-	}
-
-	for _, role := range workspaceRoles {
-		if !common.ValidateRoleMatchesEntityType(string(role.Role), string(iam.WORKSPACE)) {
-			resp.Diagnostics.AddError(
-				fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(role.Role), string(iam.WORKSPACE)),
-				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.WORKSPACE)),
-			)
-			return
-		}
-	}
-
-	duplicateWorkspaceIds := common.GetDuplicateWorkspaceIds(workspaceRoles)
-	if len(duplicateWorkspaceIds) > 0 {
-		resp.Diagnostics.AddError(
-			"Invalid Configuration: Cannot have multiple roles with the same workspace id",
-			fmt.Sprintf("Please provide a unique workspace id for each role. The following workspace ids are duplicated: %v", duplicateWorkspaceIds),
-		)
-		return
-	}
-
-	// Validate deployment roles
-	deploymentRoles, diags := common.RequestDeploymentRoles(ctx, data.DeploymentRoles)
-	if diags.HasError() {
-		resp.Diagnostics.Append(diags...)
-		return
-	}
-
-	for _, role := range deploymentRoles {
-		if !common.ValidateRoleMatchesEntityType(role.Role, string(iam.DEPLOYMENT)) {
-			resp.Diagnostics.AddError(
-				fmt.Sprintf("Role '%s' is not valid for role type '%s'", role.Role, string(iam.DEPLOYMENT)),
-				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.DEPLOYMENT)),
-			)
-			return
-		}
-	}
-
-	duplicateDeploymentIds := common.GetDuplicateDeploymentIds(deploymentRoles)
-	if len(duplicateDeploymentIds) > 0 {
-		resp.Diagnostics.AddError(
-			"Invalid Configuration: Cannot have multiple roles with the same deployment id",
-			fmt.Sprintf("Please provide unique deployment id for each role. The following deployment ids are duplicated: %v", duplicateDeploymentIds),
-		)
-		return
-	}
-}
-
 func (r *TeamResource) CheckOrganizationIsScim(ctx context.Context) diag.Diagnostics {
 	// Validate if org isScimEnabled and return error if it is
 	org, err := r.PlatformClient.GetOrganizationWithResponse(ctx, r.OrganizationId, nil)

diff --git a/internal/provider/resources/resource_team_test.go b/internal/provider/resources/resource_team_test.go
@@ -74,7 +74,7 @@ func TestAcc_ResourceTeam(t *testing.T) {
 						},
 					},
 				}),
-				ExpectError: regexp.MustCompile(fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(iam.ORGANIZATIONOWNER), string(iam.WORKSPACE))),
+				ExpectError: regexp.MustCompile(".*Invalid Attribute Value Match.*"),
 			},
 			// Test failure: check for missing corresponding workspace role if deployment role is present
 			{

diff --git a/internal/provider/resources/resource_user_roles.go b/internal/provider/resources/resource_user_roles.go
@@ -96,6 +96,11 @@ func (r *UserRolesResource) MutateRoles(
 	}
 
 	// Validate the roles
+	diags = common.ValidateRoles(workspaceRoles, deploymentRoles)
+	if diags.HasError() {
+		return diags
+	}
+
 	diags = common.ValidateWorkspaceDeploymentRoles(ctx, common.ValidateWorkspaceDeploymentRolesInput{
 		PlatformClient:  r.platformClient,
 		OrganizationId:  r.organizationId,
@@ -311,68 +316,3 @@ func (r *UserRolesResource) ImportState(
 ) {
 	resource.ImportStatePassthroughID(ctx, path.Root("user_id"), req, resp)
 }
-
-func (r *UserRolesResource) ValidateConfig(
-	ctx context.Context,
-	req resource.ValidateConfigRequest,
-	resp *resource.ValidateConfigResponse,
-) {
-	var data models.UserRoles
-
-	resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
-	if resp.Diagnostics.HasError() {
-		return
-	}
-
-	// Validate workspace roles
-	workspaceRoles, diags := common.RequestWorkspaceRoles(ctx, data.WorkspaceRoles)
-	if diags.HasError() {
-		resp.Diagnostics.Append(diags...)
-		return
-	}
-
-	for _, role := range workspaceRoles {
-		if !common.ValidateRoleMatchesEntityType(string(role.Role), string(iam.WORKSPACE)) {
-			resp.Diagnostics.AddError(
-				fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(role.Role), string(iam.WORKSPACE)),
-				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.WORKSPACE)),
-			)
-			return
-		}
-	}
-
-	duplicateWorkspaceIds := common.GetDuplicateWorkspaceIds(workspaceRoles)
-	if len(duplicateWorkspaceIds) > 0 {
-		resp.Diagnostics.AddError(
-			"Invalid Configuration: Cannot have multiple roles with the same workspace id",
-			fmt.Sprintf("Please provide a unique workspace id for each role. The following workspace ids are duplicated: %v", duplicateWorkspaceIds),
-		)
-		return
-	}
-
-	// Validate deployment roles
-	deploymentRoles, diags := common.RequestDeploymentRoles(ctx, data.DeploymentRoles)
-	if diags.HasError() {
-		resp.Diagnostics.Append(diags...)
-		return
-	}
-
-	for _, role := range deploymentRoles {
-		if !common.ValidateRoleMatchesEntityType(role.Role, string(iam.DEPLOYMENT)) {
-			resp.Diagnostics.AddError(
-				fmt.Sprintf("Role '%s' is not valid for role type '%s'", role.Role, string(iam.DEPLOYMENT)),
-				fmt.Sprintf("Please provide a valid role for the type '%s'", string(iam.DEPLOYMENT)),
-			)
-			return
-		}
-	}
-
-	duplicateDeploymentIds := common.GetDuplicateDeploymentIds(deploymentRoles)
-	if len(duplicateDeploymentIds) > 0 {
-		resp.Diagnostics.AddError(
-			"Invalid Configuration: Cannot have multiple roles with the same deployment id",
-			fmt.Sprintf("Please provide unique deployment id for each role. The following deployment ids are duplicated: %v", duplicateDeploymentIds),
-		)
-		return
-	}
-}
diff --git a/internal/provider/resources/resource_user_roles_test.go b/internal/provider/resources/resource_user_roles_test.go
@@ -40,7 +40,7 @@ func TestAcc_ResourceUserRoles(t *testing.T) {
 							},
 						},
 					}),
-				ExpectError: regexp.MustCompile(fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(iam.ORGANIZATIONOWNER), string(iam.WORKSPACE))),
+				ExpectError: regexp.MustCompile(".*Invalid Attribute Value Match.*"),
 			},
 			// Test failure: check for missing corresponding workspace role if deployment role is present
 			{
-Original file line number
+Diff line change
@@ Expand Up / @@ -74,7 +74,7 @@ func TestAcc_ResourceTeam(t *testing.T) { @@
     						},
     					},
     				}),
-    				ExpectError: regexp.MustCompile(fmt.Sprintf("Role '%s' is not valid for role type '%s'", string(iam.ORGANIZATIONOWNER), string(iam.WORKSPACE))),
+    				ExpectError: regexp.MustCompile(".*Invalid Attribute Value Match.*"),
     			},
     			// Test failure: check for missing corresponding workspace role if deployment role is present
     			{
@@ Expand Down @@