Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azuread_conditional_access_policy: improve handling of the session_controls block #1382

Merged
merged 2 commits into from
May 16, 2024

Conversation

manicminer
Copy link
Contributor

@manicminer manicminer commented May 16, 2024

Warning

Depends on manicminer/hamilton#282

  • Make sign_in_frequency_authentication_type and sign_in_frequency_internal both Optional + Computed and remove their default values.
  • Handle the setting of these default values in the expandConditionalAccessSessionControls() function.
  • Expand test coverage to all reasonable permutatons of the properties in this block to ensure no trailing diff or incorrect setting of values in the request.

Closes: #1235
Closes: #1347

CHANGELOG

ENHANCEMENTS

  • dependencies: updating to v0.68.0 of github.com/manicminer/hamilton
  • azuread_conditional_access_policy - improve handling of the session_controls block

BUG FIXES

  • azuread_conditional_access_policy - fix a bug that could cause a persistent diff when setting certain properties in the session_controls block

Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚚

…ontrols` block

- Make `sign_in_frequency_authentication_type` and
  `sign_in_frequency_internal` both Optional + Computed and remove their
  default values.
- Handle the setting of these default values in the
  `expandConditionalAccessSessionControls()` function.
- Expand test coverage to all reasonable permutatons of the properties
  in this block to ensure no trailing diff or incorrect setting of
  values in the request.
@manicminer manicminer force-pushed the bugfix/conditional-access-session-controls branch from dc82167 to 4f874d3 Compare May 16, 2024 19:18
@manicminer
Copy link
Contributor Author

Test results (failure unrelated)

Screenshot 2024-05-16 at 20 31 32

@manicminer manicminer merged commit ef80e06 into main May 16, 2024
24 checks passed
@manicminer manicminer deleted the bugfix/conditional-access-session-controls branch May 16, 2024 19:31
manicminer added a commit that referenced this pull request May 16, 2024
dduportal pushed a commit to jenkins-infra/azure that referenced this pull request May 20, 2024
<Actions>
<action
id="6d17e7acdb2f3311576150379e22805f2f9b4aa72ff00ec136aceee45cae4b98">
        <h3>Bump Terraform `azuread` provider version</h3>
<details
id="1d9343c012f5434ac9fe8a98135bae3667b399259be16d9b14302ea3bd424a24">
            <summary>Update Terraform lock file</summary>
<p>changes detected:&#xA;&#x9;&#34;hashicorp/azuread&#34; updated from
&#34;2.49.1&#34; to &#34;2.50.0&#34; in file
&#34;.terraform.lock.hcl&#34;</p>
            <details>
                <summary>2.50.0</summary>
<pre>Changelog retrieved
from:&#xA;&#x9;https://github.com/hashicorp/terraform-provider-azuread/releases/tag/v2.50.0&#xA;ENHANCEMENTS:&#xA;&#xA;*
dependencies: updating to `v0.68.0` of `github.com/manicminer/hamilton`
([#1382](hashicorp/terraform-provider-azuread#1382
`data.azuread_application` - support looking up applications with the
`identifier_uri` property [GH 1303]&#xA;*
`azuread_conditional_access_policy` - improve handling of the
`session_controls` block
([#1382](https://github.com/hashicorp/terraform-provider-azuread/issues/1382))&#xA;&#xA;BUG
FIXES:&#xA;&#xA;* `data.azuread_service_principal` - treat the
`display_name` property case-insensitively
([#1381](hashicorp/terraform-provider-azuread#1381
`azuread_conditional_access_policy` - fix a bug that could cause a
persistent diff when setting certain properties in the
`session_controls` block
([#1382](hashicorp/terraform-provider-azuread#1382
`azuread_user` - don&#39;t overwrite the existing password in state,
when a password change fails
([#1308](https://github.com/hashicorp/terraform-provider-azuread/issues/1308))&#xA;&#xA;&#xA;</pre>
            </details>
        </details>
<a
href="https://infra.ci.jenkins.io/job/updatecli/job/azure/job/main/188/">Jenkins
pipeline link</a>
    </action>
</Actions>

---

<table>
  <tr>
    <td width="77">
<img src="https://www.updatecli.io/images/updatecli.png" alt="Updatecli
logo" width="50" height="50">
    </td>
    <td>
      <p>
Created automatically by <a
href="https://www.updatecli.io/">Updatecli</a>
      </p>
      <details><summary>Options:</summary>
        <br />
<p>Most of Updatecli configuration is done via <a
href="https://www.updatecli.io/docs/prologue/quick-start/">its
manifest(s)</a>.</p>
        <ul>
<li>If you close this pull request, Updatecli will automatically reopen
it, the next time it runs.</li>
<li>If you close this pull request and delete the base branch, Updatecli
will automatically recreate it, erasing all previous commits made.</li>
        </ul>
        <p>
Feel free to report any issues at <a
href="https://github.com/updatecli/updatecli/issues">github.com/updatecli/updatecli</a>.<br
/>
If you find this tool useful, do not hesitate to star <a
href="https://github.com/updatecli/updatecli/stargazers">our GitHub
repository</a> as a sign of appreciation, and/or to tell us directly on
our <a
href="https://matrix.to/#/#Updatecli_community:gitter.im">chat</a>!
        </p>
      </details>
    </td>
  </tr>
</table>

Co-authored-by: Jenkins Infra Bot (updatecli) <60776566+jenkins-infra-bot@users.noreply.github.com>
BrendanThompson pushed a commit to BrendanThompson/terraform-provider-azuread that referenced this pull request Jun 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants