Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow auth_token change without destroy and recreate #16203

Merged
merged 11 commits into from
Nov 24, 2021
Merged

Allow auth_token change without destroy and recreate #16203

merged 11 commits into from
Nov 24, 2021

Conversation

ac-hibbert
Copy link

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #15561

Release note for CHANGELOG:

Allow auth_token to be changed without destroy and recreate

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_updateAuthToken'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSElasticacheReplicationGroup_updateAuthToken -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_updateAuthToken
=== PAUSE TestAccAWSElasticacheReplicationGroup_updateAuthToken
=== CONT  TestAccAWSElasticacheReplicationGroup_updateAuthToken
--- PASS: TestAccAWSElasticacheReplicationGroup_updateAuthToken (766.82s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	771.292s
...

Andy Hibbert added 4 commits November 14, 2020 20:09
allow_auth_token_change: Allow auth_token to be changes
fde9449 
Change-Id: I01e0ec3f102d109e848514bd3aa332ecbfbb1338
allow_auth_token_change: Changes and test
f51a051 
Change-Id: If8f0c5041bba89e616fc9904092b2b192b6b66ff
allow_auth_token_change: Update redis version to support auth token m…
19b8d66 
…odification

Change-Id: I249ecc32e2fe64b9cb1138acb2478836a6187719
allow_auth_token_change: Update the auth_token on it's own and set ap…
ffb41ab 
…ply_immediately to true

Change-Id: Id3c046b8b416621f91a1ebfbf606ec01fec50d12
@ac-hibbert ac-hibbert requested a review from a team as a code owner November 14, 2020 23:41
@ghost ghost added size/S Managed by automation to categorize the size of a PR. service/elasticache Issues and PRs that pertain to the elasticache service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Nov 14, 2020
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Nov 14, 2020
@ac-hibbert ac-hibbert changed the title F allow auth token change Allow auth_token change without destroy and recreate Nov 14, 2020
Base automatically changed from master to main January 23, 2021 00:59
@seanpascual seanpascual mentioned this pull request Apr 6, 2021
Closed
@christoph-h christoph-h mentioned this pull request May 18, 2021
Closed
@wanismvp
Copy link

wanismvp commented Jun 9, 2021

when can this be merged?

erandacr
erandacr reviewed Jun 28, 2021
View reviewed changes
aws/resource_aws_elasticache_replication_group.go Outdated
@@ -809,6 +809,20 @@ func resourceAwsElasticacheReplicationGroupUpdate(d *schema.ResourceData, meta i
}
}

if d.HasChange("auth_token") {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does this mean if auth_token is provided, it will always try to rotate it?
As I think if a user manually rotates the token, ie

  1. execute ROTATE AUTH with newToken
  2. execute SET AUTH with newToken
    and updates the newToken in terraform, terraform plan should not show any changes right?
    Please correct me if I am missing anything, thanks

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No. It will only update if there is a change to auth_token.

@breathingdust breathingdust added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Sep 16, 2021
@zhelding
Copy link
Contributor

Pull request #21306 has significantly refactored the AWS Provider codebase. As a result, most PRs opened prior to the refactor now have merge conflicts that must be resolved before proceeding.

Specifically, PR #21306 relocated the code for all AWS resources and data sources from a single aws directory to a large number of separate directories in internal/service, each corresponding to a particular AWS service. This separation of code has also allowed for us to simplify the names of underlying functions -- while still avoiding namespace collisions.

We recognize that many pull requests have been open for some time without yet being addressed by our maintainers. Therefore, we want to make it clear that resolving these conflicts in no way affects the prioritization of a particular pull request. Once a pull request has been prioritized for review, the necessary changes will be made by a maintainer -- either directly or in collaboration with the pull request author.

For a more complete description of this refactor, including examples of how old filepaths and function names correspond to their new counterparts: please refer to issue #20000.

For a quick guide on how to amend your pull request to resolve the merge conflicts resulting from this refactor and bring it in line with our new code patterns: please refer to our Service Package Refactor Pull Request Guide.

@YakDriver YakDriver self-assigned this Nov 24, 2021
@github-actions github-actions bot added pre-service-packages Includes pre-Service Packages aspects. size/XL Managed by automation to categorize the size of a PR. and removed size/S Managed by automation to categorize the size of a PR. labels Nov 24, 2021
@github-actions github-actions bot removed pre-service-packages Includes pre-Service Packages aspects. size/XL Managed by automation to categorize the size of a PR. labels Nov 24, 2021
@github-actions github-actions bot added pre-service-packages Includes pre-Service Packages aspects. size/M Managed by automation to categorize the size of a PR. labels Nov 24, 2021
@github-actions github-actions bot added size/S Managed by automation to categorize the size of a PR. and removed pre-service-packages Includes pre-Service Packages aspects. size/M Managed by automation to categorize the size of a PR. labels Nov 24, 2021
YakDriver
YakDriver approved these changes Nov 24, 2021
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great! 🎉

@ac-hibbert It looks like while updating to the new package structure, everything you committed was lost, even though obviously it was not. Git lost track of who was doing what. This is unusual and I apologize.

Output from acceptance tests (us-west-2):

--- PASS: TestAccElasticacheReplicationGroup_updateAuthToken (1602.93s)
--- PASS: TestAccElastiCacheReplicationGroup_clusteringAndCacheNodesCausesError (0.87s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterMode_nonClusteredParameterGroup (787.82s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterMode_singleNode (1055.43s)
--- PASS: TestAccElastiCacheReplicationGroup_disappears (886.78s)
--- PASS: TestAccElastiCacheReplicationGroup_enableAtRestEncryption (1304.12s)
--- PASS: TestAccElastiCacheReplicationGroup_enableAuthTokenTransitEncryption (1537.10s)
--- PASS: TestAccElastiCacheReplicationGroup_enableSnapshotting (1041.93s)
--- PASS: TestAccElastiCacheReplicationGroup_finalSnapshot (884.37s)
--- PASS: TestAccElastiCacheReplicationGroup_GlobalReplicationGroupID_disappears (2307.52s)
--- PASS: TestAccElastiCacheReplicationGroup_GlobalReplicationGroupIDClusterModeValidation_numNodeGroupsOnSecondary (1093.34s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClusters_basic (2314.94s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClusters_multiAZEnabled (1576.72s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersFailover_autoFailoverDisabled (1347.29s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersFailover_autoFailoverEnabled (1657.59s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersMemberClusterDisappears_addMemberCluster (1697.13s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersMemberClusterDisappears_noChange (2126.89s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersMemberClusterDisappearsRemoveMemberCluster_atTargetSize (1455.72s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClustersMemberClusterDisappearsRemoveMemberCluster_scaleDown (2191.62s)
--- PASS: TestAccElastiCacheReplicationGroup_tags (1398.18s)
--- PASS: TestAccElastiCacheReplicationGroup_updateMaintenanceWindow (999.30s)
--- PASS: TestAccElastiCacheReplicationGroup_updateParameterGroup (911.49s)
--- PASS: TestAccElastiCacheReplicationGroup_useCMKKMSKeyID (1669.85s)
--- PASS: TestAccElastiCacheReplicationGroup_Validation_globalReplicationGroupIdAndNodeType (733.56s)
--- PASS: TestAccElastiCacheReplicationGroup_Validation_noNodeType (9.95s)
--- PASS: TestAccElastiCacheReplicationGroup_ValidationMultiAz_noAutomaticFailover (1.83s)
--- PASS: TestAccElastiCacheReplicationGroup_vpc (716.06s)
--- PASS: TestAccElastiCacheReplicationGroupDataSource_basic (1148.47s)
--- PASS: TestAccElastiCacheReplicationGroupDataSource_nonExistent (2.24s)
--- PASS: TestAccElastiCacheReplicationGroup_GlobalReplicationGroupID_disappears (2307.52s)
--- PASS: TestAccElastiCacheReplicationGroup_NumberCacheClusters_basic (2314.94s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterMode_basic (974.75s)
--- PASS: TestAccElastiCacheReplicationGroup_multiAzInVPC (866.13s)
--- PASS: TestAccElastiCacheReplicationGroup_redisClusterInVPC2 (1064.76s)
--- PASS: TestAccElastiCacheReplicationGroup_GlobalReplicationGroupID_basic (3032.47s)
--- PASS: TestAccElastiCacheReplicationGroup_updateDescription (1711.94s)
--- PASS: TestAccElastiCacheReplicationGroup_basic (1024.37s)
--- PASS: TestAccElastiCacheReplicationGroupDataSource_clusterMode (1139.30s)
--- PASS: TestAccElastiCacheReplicationGroup_updateNodeSize (2359.04s)
--- PASS: TestAccElastiCacheReplicationGroup_GlobalReplicationGroupID_full (3453.69s)
--- PASS: TestAccElastiCacheReplicationGroup_uppercase (1312.92s)
--- PASS: TestAccElastiCacheReplicationGroupDataSource_multiAZ (1409.68s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterMode_updateReplicasPerNodeGroup (2443.13s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterModeUpdateNumNodeGroups_scaleDown (2525.23s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterModeUpdateNumNodeGroupsAndReplicasPerNodeGroup_scaleUp (2692.99s)
--- PASS: TestAccElastiCacheReplicationGroup_multiAzNotInVPC (2115.21s)
--- PASS: TestAccElastiCacheReplicationGroup_EngineVersion_update (3490.90s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterModeUpdateNumNodeGroupsAndReplicasPerNodeGroup_scaleDown (2953.20s)
--- PASS: TestAccElastiCacheReplicationGroup_ClusterModeUpdateNumNodeGroups_scaleUp (3067.93s)

@YakDriver YakDriver merged commit c2981c6 into hashicorp:main Nov 24, 2021
@github-actions github-actions bot added this to the v3.67.0 milestone Nov 24, 2021
@github-actions
Copy link

github-actions bot commented Dec 1, 2021

This functionality has been released in v3.67.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@maur1th maur1th mentioned this pull request Dec 9, 2021
Closed
@github-actions
Copy link

github-actions bot commented Jun 7, 2022

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 7, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@erandacr erandacr erandacr left review comments

@YakDriver YakDriver YakDriver approved these changes

Assignees

@YakDriver YakDriver

Labels
enhancement Requests to existing resources that expand the functionality or scope. service/elasticache Issues and PRs that pertain to the elasticache service. size/S Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v3.67.0
Development

Successfully merging this pull request may close these issues.

Ability to update elasticache redis auth_token without destroy and recreate
6 participants
@ac-hibbert @wanismvp @zhelding @erandacr @YakDriver @breathingdust