From e10590ae41f92cc7dc9afaecf1a0d35ff82d5025 Mon Sep 17 00:00:00 2001 From: Alex Hung Date: Wed, 29 May 2024 15:21:25 -0700 Subject: [PATCH 1/3] Add check for status code 404 And display warning message due to Persistency Threshold Update documentation URL for Persistency Threshold --- docs/resources/scoped_token.md | 4 ++-- .../security/resource_artifactory_scoped_token.go | 14 +++++++++++--- .../resource_artifactory_scoped_token_test.go | 4 ++-- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/docs/resources/scoped_token.md b/docs/resources/scoped_token.md index d6dc5103..d142da3a 100644 --- a/docs/resources/scoped_token.md +++ b/docs/resources/scoped_token.md @@ -11,7 +11,7 @@ Provides an Artifactory Scoped Token resource. This can be used to create and ma !>Scoped Tokens will be stored in the raw state as plain-text. [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html). -~>Token would not be saved by Artifactory if `expires_in` is less than the persistency threshold value (default to 10800 seconds) set in Access configuration. See [Persistency Threshold](https://jfrog.com/help/r/jfrog-platform-administration-documentation/using-the-revocable-and-persistency-thresholds) for details. +~>Token would not be saved by Artifactory if `expires_in` is less than the persistency threshold value (default to 10800 seconds) set in Access configuration. See [Persistency Threshold](https://jfrog.com/help/r/jfrog-platform-administration-documentation/persistency-threshold) for details. ## Example Usages @@ -75,7 +75,7 @@ resource "artifactory_scoped_token" "audience" { - `audiences` (Set of String) A list of the other instances or services that should accept this token identified by their Service-IDs. Limited to total 255 characters. Default to '*@*' if not set. Service ID must begin with valid JFrog service type. Options: jfrt, jfxr, jfpip, jfds, jfmc, jfac, jfevt, jfmd, jfcon, or *. For instructions to retrieve the Artifactory Service ID see this [documentation](https://jfrog.com/help/r/jfrog-rest-apis/get-service-id) - `description` (String) Free text token description. Useful for filtering and managing tokens. Limited to 1024 characters. -- `expires_in` (Number) The amount of time, in seconds, it would take for the token to expire. An admin shall be able to set whether expiry is mandatory, what is the default expiry, and what is the maximum expiry allowed. Must be non-negative. Default value is based on configuration in 'access.config.yaml'. See [API documentation](https://jfrog.com/help/r/jfrog-rest-apis/create-token) for details. Access Token would not be saved by Artifactory if this is less than the persistence threshold value (default to 10800 seconds) set in Access configuration. See [official documentation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/using-the-revocable-and-persistency-thresholds) for details. +- `expires_in` (Number) The amount of time, in seconds, it would take for the token to expire. An admin shall be able to set whether expiry is mandatory, what is the default expiry, and what is the maximum expiry allowed. Must be non-negative. Default value is based on configuration in 'access.config.yaml'. See [API documentation](https://jfrog.com/help/r/jfrog-rest-apis/create-token) for details. Access Token would not be saved by Artifactory if this is less than the persistence threshold value (default to 10800 seconds) set in Access configuration. See [official documentation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/persistency-threshold) for details. - `grant_type` (String) The grant type used to authenticate the request. In this case, the only value supported is `client_credentials` which is also the default value if this parameter is not specified. - `include_reference_token` (Boolean) Also create a reference token which can be used like an API key. - `refreshable` (Boolean) Is this token refreshable? Default is `false`. diff --git a/pkg/artifactory/resource/security/resource_artifactory_scoped_token.go b/pkg/artifactory/resource/security/resource_artifactory_scoped_token.go index 605e93de..9151fa72 100644 --- a/pkg/artifactory/resource/security/resource_artifactory_scoped_token.go +++ b/pkg/artifactory/resource/security/resource_artifactory_scoped_token.go @@ -202,7 +202,7 @@ func (r *ScopedTokenResource) Schema(ctx context.Context, req resource.SchemaReq }, }, "expires_in": schema.Int64Attribute{ - MarkdownDescription: "The amount of time, in seconds, it would take for the token to expire. An admin shall be able to set whether expiry is mandatory, what is the default expiry, and what is the maximum expiry allowed. Must be non-negative. Default value is based on configuration in 'access.config.yaml'. See [API documentation](https://jfrog.com/help/r/jfrog-rest-apis/revoke-token-by-id) for details. Access Token would not be saved by Artifactory if this is less than the persistence threshold value (default to 10800 seconds) set in Access configuration. See [official documentation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/using-the-revocable-and-persistency-thresholds) for details.", + MarkdownDescription: "The amount of time, in seconds, it would take for the token to expire. An admin shall be able to set whether expiry is mandatory, what is the default expiry, and what is the maximum expiry allowed. Must be non-negative. Default value is based on configuration in 'access.config.yaml'. See [API documentation](https://jfrog.com/help/r/jfrog-rest-apis/revoke-token-by-id) for details. Access Token would not be saved by Artifactory if this is less than the persistence threshold value (default to 10800 seconds) set in Access configuration. See [official documentation](https://jfrog.com/help/r/jfrog-platform-administration-documentation/persistency-threshold) for details.", Optional: true, Computed: true, PlanModifiers: []planmodifier.Int64{ @@ -412,8 +412,16 @@ func (r *ScopedTokenResource) Create(ctx context.Context, req resource.CreateReq } if response.IsError() { - utilfw.UnableToCreateResourceError(resp, artifactoryError.String()) - return + if response.StatusCode() == http.StatusNotFound { + resp.Diagnostics.AddWarning( + fmt.Sprintf("Scoped token with ID %s is not found", id.ValueString()), + "Token would not be saved by Artifactory if 'expires_in' is less than the persistence threshold value (default to 10800 seconds) set in Access configuration. "+ + "See https://jfrog.com/help/r/jfrog-platform-administration-documentation/persistency-threshold for details.", + ) + } else { + utilfw.UnableToCreateResourceError(resp, artifactoryError.String()) + return + } } // Assign the attribute values for the resource in the state diff --git a/pkg/artifactory/resource/security/resource_artifactory_scoped_token_test.go b/pkg/artifactory/resource/security/resource_artifactory_scoped_token_test.go index 342a853c..58682433 100644 --- a/pkg/artifactory/resource/security/resource_artifactory_scoped_token_test.go +++ b/pkg/artifactory/resource/security/resource_artifactory_scoped_token_test.go @@ -853,8 +853,8 @@ func TestAccScopedToken_WithExpiresInLessThanPersistencyThreshold(t *testing.T) ProtoV6ProviderFactories: acctest.ProtoV6ProviderFactories, Steps: []resource.TestStep{ { - Config: accessTokenConfig, - ExpectError: regexp.MustCompile("Unable to Create Resource"), + Config: accessTokenConfig, + ExpectNonEmptyPlan: true, }, }, }) From d53691d07aafabb237874c5102f046f50859f12e Mon Sep 17 00:00:00 2001 From: Alex Hung Date: Thu, 30 May 2024 08:59:58 -0700 Subject: [PATCH 2/3] Update CHANGELOG --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b550fe1..b9b55e9a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## 10.8.2 (May 31, 2024) + +BUG FIXES: + +* resource/artifactory_scoped_token: Add check for status code 404 after resource creation and display warning message due to Persistency Threshold. Issue: [#977](https://github.com/jfrog/terraform-provider-artifactory/issues/977) PR: [#981](https://github.com/jfrog/terraform-provider-artifactory/pull/981) + ## 10.8.1 (May 24, 2024) BUG FIXES: From 7de5ceb72f6ffbaddbe3a6ada16f8dfe0bf99c39 Mon Sep 17 00:00:00 2001 From: Alex Hung Date: Thu, 30 May 2024 09:39:03 -0700 Subject: [PATCH 3/3] Update CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e24ca0a..96076d08 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ BUG FIXES: * resource/artifactory_keypair: Remove `private_key` value from warning and error messages. Issue: [#977](https://github.com/jfrog/terraform-provider-artifactory/issues/977) PR: [#979](https://github.com/jfrog/terraform-provider-artifactory/pull/979) -* resource/artifactory_scoped_token: Add check for status code 404 after resource creation and display warning message due to Persistency Threshold. Issue: [#977](https://github.com/jfrog/terraform-provider-artifactory/issues/977) PR: [#981](https://github.com/jfrog/terraform-provider-artifactory/pull/981) +* resource/artifactory_scoped_token: Add check for status code 404 after resource creation and display warning message due to Persistency Threshold. Issue: [#980](https://github.com/jfrog/terraform-provider-artifactory/issues/980) PR: [#981](https://github.com/jfrog/terraform-provider-artifactory/pull/981) ## 10.8.1 (May 24, 2024)