-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
azurerm_trusted_signing_account
- new resource support
#27720
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this PR!
I've taken a look through and left some comments inline, but this is mostly looking good to me 👍
internal/services/codesigning/trusted_signing_account_resource.go
Outdated
Show resolved
Hide resolved
test result after update
|
LGTM now, thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziyeqf please fix up the comments left in-line
go.mod
Outdated
github.com/hashicorp/go-azure-sdk/resource-manager v0.20241017.1093842 | ||
github.com/hashicorp/go-azure-sdk/sdk v0.20241017.1093842 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updating the go-azure-sdk
should be done in a separate PR otherwise we end up causing conflicts like has happened here.
|
||
var model TruestedSigningAccountModel | ||
if err := meta.Decode(&model); err != nil { | ||
return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These errors should be wrapped
return err | |
return fmt.Errorf("decoding: %+v", err) |
req := codesigningaccounts.CodeSigningAccount{} | ||
req.Name = &model.Name | ||
req.Location = model.Location | ||
req.Properties = pointer.To(codesigningaccounts.CodeSigningAccountProperties{}) | ||
req.Properties.Sku = pointer.To(codesigningaccounts.AccountSku{ | ||
Name: codesigningaccounts.SkuName(model.SkuName), | ||
}) | ||
req.Tags = &model.Tags |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update this to
req := codesigningaccounts.CodeSigningAccount{} | |
req.Name = &model.Name | |
req.Location = model.Location | |
req.Properties = pointer.To(codesigningaccounts.CodeSigningAccountProperties{}) | |
req.Properties.Sku = pointer.To(codesigningaccounts.AccountSku{ | |
Name: codesigningaccounts.SkuName(model.SkuName), | |
}) | |
req.Tags = &model.Tags | |
req := codesigningaccounts.CodeSigningAccount{ | |
Name: &model.Name | |
Location: location.Normalize(model.Location) | |
Tags: &model.Tags | |
Properties: &codesigningaccounts.CodeSigningAccountProperties{ | |
Sku: &codesigningaccounts.AccountSku{ | |
Name: codesigningaccounts.SkuName(model.SkuName), | |
} | |
} | |
} |
client := meta.Client.CodeSigning.Client.CodeSigningAccounts | ||
result, err := client.Get(ctx, *id) | ||
if err != nil { | ||
return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return err | |
return fmt.Errorf("retrieving %s: %+v", id, err) |
if result.Model == nil { | ||
return fmt.Errorf("retrieving %s got nil model", id) | ||
} | ||
var output TruestedSigningAccountModel | ||
output.Name = id.CodeSigningAccountName | ||
output.ResourceGroupName = id.ResourceGroupName | ||
|
||
if result.Model == nil { | ||
return fmt.Errorf("Get response nil Model") | ||
} | ||
model := result.Model | ||
output.Location = model.Location | ||
output.Tags = pointer.From(model.Tags) | ||
if ptrProp := model.Properties; ptrProp != nil { | ||
itemProp := *ptrProp | ||
output.AccountUri = pointer.From(itemProp.AccountUri) | ||
if ptrSku := itemProp.Sku; ptrSku != nil { | ||
itemSku := *ptrSku | ||
output.SkuName = string(itemSku.Name) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't error if the model is nil in the read, yet we're doing it twice here. This is also inconsistent with our contributor guidelines and the rest of the provider. Please refactor this
if result.Model == nil { | |
return fmt.Errorf("retrieving %s got nil model", id) | |
} | |
var output TruestedSigningAccountModel | |
output.Name = id.CodeSigningAccountName | |
output.ResourceGroupName = id.ResourceGroupName | |
if result.Model == nil { | |
return fmt.Errorf("Get response nil Model") | |
} | |
model := result.Model | |
output.Location = model.Location | |
output.Tags = pointer.From(model.Tags) | |
if ptrProp := model.Properties; ptrProp != nil { | |
itemProp := *ptrProp | |
output.AccountUri = pointer.From(itemProp.AccountUri) | |
if ptrSku := itemProp.Sku; ptrSku != nil { | |
itemSku := *ptrSku | |
output.SkuName = string(itemSku.Name) | |
} | |
} | |
var output TruestedSigningAccountModel | |
output.Name = id.CodeSigningAccountName | |
output.ResourceGroupName = id.ResourceGroupName | |
if model := result.Model; model != nil { | |
output.Location = location.Normalize(model.Location) | |
output.Tags = pointer.From(model.Tags) | |
if props := model.Properties; props != nil { | |
output.AccountUri = pointer.From(props.AccountUri) | |
if sku := props.Sku; sku != nil { | |
output.SkuName = string(sku.Name) | |
} | |
} | |
} |
} | ||
resp, err := client.CodeSigning.Client.CodeSigningAccounts.Get(ctx, *id) | ||
if err != nil { | ||
return nil, fmt.Errorf("retrieving TrustedSigningAccount %s: %+v", id, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return nil, fmt.Errorf("retrieving TrustedSigningAccount %s: %+v", id, err) | |
return nil, fmt.Errorf("retrieving %s: %+v", id, err) |
if err != nil { | ||
return nil, fmt.Errorf("retrieving TrustedSigningAccount %s: %+v", id, err) | ||
} | ||
return utils.Bool(resp.Model != nil), nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return utils.Bool(resp.Model != nil), nil | |
return pointer.To(resp.Model != nil), nil |
var _ sdk.TypedServiceRegistration = Registration{} | ||
|
||
func (r Registration) AssociatedGitHubLabel() string { | ||
return "service/codesigning" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should probably just call this
return "service/codesigning" | |
return "service/trustedsigning" |
|
||
The following arguments are supported: | ||
|
||
* `name` - (Required) The name which should be used for this Trusted Signing. Changing this forces a new Trusted Signing Account to be created. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update all instances of Trusted Signing
to Trusted Signing Account
* `name` - (Required) The name which should be used for this Trusted Signing. Changing this forces a new Trusted Signing Account to be created. | |
* `name` - (Required) The name which should be used for this Trusted Signing Account. Changing this forces a new Trusted Signing Account to be created. |
|
||
* `id` - The ID of the Trusted Signing. | ||
|
||
* `account_uri` - The URI of the trusted signing account which is used during signing files. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please be consistent with the casing throughout the documentation
* `account_uri` - The URI of the trusted signing account which is used during signing files. | |
* `account_uri` - The URI of the Trusted Signing Account which is used during signing files. |
I'm not sure why the CI failed for a change on and here is the new test result:
|
|
||
req := codesigningaccounts.CodeSigningAccount{ | ||
Name: &model.Name, | ||
Location: model.Location, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Forgot to normalize this one as well, we normalize when building the payload as well as before setting into state
Location: model.Location, | |
Location: location.Normalize(model.Location), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @ziyeqf LGTM 🍀
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Community Note
Description
Add new resource
azurerm_trusted_signing_account
per the document: https://learn.microsoft.com/en-us/azure/trusted-signing/concept-trusted-signing-resources-rolesThe resource provider is named "Microsoft.Codesigning", however the name on Microsoft document is "Trusted signing", so I named this resource to `azurerm_trusted_signing_account"
PR Checklist
For example: “
resource_name_here
- description of change e.g. adding propertynew_property_name_here
”Changes to existing Resource / Data Source
Testing
Change Log
Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.
azurerm_trusted_signing_account
- new resource support [GH-00000]This is a (please select all that apply):
Related Issue(s)
Fixes #26388
Note
If this PR changes meaningfully during the course of review please update the title and description as required.