Added support for iam_role_arn in databricks_instance_profile

[Jorge-Rodriguez]

This PR adds support to manage an instance profile's IAM role ARN when it does not match the instance profile name. This feature is needed when managing instance profiles for use with Databricks SQL serverless.

See Databricks REST API documentation for instance profiles

Fixes #1911
Fixes #1710

[Jorge-Rodriguez]

Please note that this is my first stab at writing anything in go, so feel free to consider this PR just as a PoC for the intended support feature if there is anything fundamentally wrong otherwise.

[Jorge-Rodriguez]

ping @alexott

[alexott]

Also, add documentation

[codecov-commenter]

Codecov Report

Merging #1943 (7a725cb) into master (79c6338) will increase coverage by 0.09%.
The diff coverage is 100.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1943      +/-   ##
==========================================
+ Coverage   90.19%   90.29%   +0.09%     
==========================================
  Files         146      146              
  Lines       11843    11888      +45     
==========================================
+ Hits        10682    10734      +52     
+ Misses        748      742       -6     
+ Partials      413      412       -1     

Impacted Files	Coverage Δ
aws/resource_group_instance_profile.go	100.00% <100.00%> (ø)
aws/resource_instance_profile.go	71.09% <100.00%> (+12.60%)	⬆️
aws/resource_user_instance_profile.go	100.00% <100.00%> (ø)
sql/api/query.go	75.40% <0.00%> (ø)
clusters/clusters_api.go	85.71% <0.00%> (ø)
sql/resource_sql_query.go	95.80% <0.00%> (+0.02%)	⬆️
exporter/importables.go	90.22% <0.00%> (+0.03%)	⬆️
libraries/libraries_api.go	94.90% <0.00%> (+0.03%)	⬆️
storage/aws_s3_mount.go	87.65% <0.00%> (+0.15%)	⬆️
sql/resource_sql_dashboard.go	88.67% <0.00%> (+0.44%)	⬆️
... and 3 more

[alexott]

lgtm. Let check with the PR runner

[Jorge-Rodriguez]

lgtm. Let check with the PR runner

There seems to be a typo

[alexott]

the diff coverage is only 53.33%.

Can you add test cases for ValidInstanceProfile function for following pieces that aren't covered:

• if !ok {
• if len(arnSections) != 6 {

and in ValidIamRole

• if !ok {
• if len(arnSections) != 6 {
• if !strings.HasPrefix(arnSections[5], "role") {

And really, the ValidInstanceProfile and ValidIamRole are only different in the line

if !strings.HasPrefix(arnSections[5], "role")

But really you can create a function that will receive role or instance-profile as an argument and return result...

[Jorge-Rodriguez]

Sure. That'll handle the DRY issue as well

[alexott]

One thing that is different between instance profile & role validation is that we're allowing empty role, while instance profile shouldn't allow it

[Jorge-Rodriguez]

One thing that is different between instance profile & role validation is that we're allowing empty role, while instance profile shouldn't allow it

Oh, I got confused by the fact that InstanceProfileArn is marked as omitempty

In other matters, I don't seem to be able to write a test for if !ok {, I can't think of a configuration value that wouldn't get marshalled into a string without throwing a panic before even starting the test.

[alexott]

Hmmm, interesting - omitempty is wrong here - doc says that this field is required so omitempty should be removed

[alexott]

lgtm

@nfx - please look & merge