provider/pagerduty: Validate credentials #12854

heimweh · 2017-03-18T21:16:30Z

This PR adds token validation to the PagerDuty provider.

Previously if the token was missing (empty string) or invalid,
an error message like this was displayed to the user:

* data.pagerduty_user.me: Response did not contain formatted error: Could not decode JSON response: EOF. HTTP response code: 401. Raw response: &{Status:401 Unauthorized StatusCode:401 Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[Connection:[keep-alive] X-Request-Id:[444f0bcbd1fc02a3ab93e8833c9e3c4c] Server:[nginx] Content-Type:[text/html; charset=utf-8] Status:[401 Unauthorized] X-Ua-Compatible:[IE=Edge,chrome=1] Cache-Control:[no-cache] Date:[Tue, 14 Mar 2017 22:01:56 GMT]] Body:0xc4201ce340 ContentLength:-1 TransferEncoding:[chunked] Close:false Uncompressed:false Trailer:map[] Request:0xc4200de300 TLS:0xc4200aa370}

To make the error a bit more user-friendly we instead display this error message if the token is missing or invalid:

No token

$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

Error refreshing state: 1 error(s) occurred:

* provider.pagerduty:

No valid credentials found for PagerDuty provider.
Please see https://www.terraform.io/docs/providers/pagerduty/index.html
for more information on providing credentials for this provider.

Invalid token

$ terraform plan                                                                                                                                                          Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

Error refreshing state: 1 error(s) occurred:

* provider.pagerduty: Response did not contain formatted error: Could not decode JSON response: EOF. HTTP response code: 401. Raw response: &{Status:401 Unauthorized StatusCode:401 Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[Connection:[keep-alive] Status:[401 Unauthorized] X-Ua-Compatible:[IE=Edge,chrome=1] Server:[nginx] Date:[Sun, 19 Mar 2017 13:14:46 GMT] X-Request-Id:[b3342ecc6a5a067dd1c048b4e7f62728] Content-Type:[text/html; charset=utf-8] Cache-Control:[no-cache]] Body:0xc420406080 ContentLength:-1 TransferEncoding:[chunked] Close:false Uncompressed:false Trailer:map[] Request:0xc4201fa600 TLS:0xc4201e53f0}


No valid credentials found for PagerDuty provider.
Please see https://www.terraform.io/docs/providers/pagerduty/index.html
for more information on providing credentials for this provider.

stack72 · 2017-03-18T21:29:27Z

builtin/providers/pagerduty/config.go

 	client := pagerduty.NewClient(c.Token)

+	// Validate the credentials by calling the abilities endpoint,
+	// if we get a 401 response back we return an error to the user
+	if _, err := client.ListAbilities(); err != nil {


Will all account types be able to access the Abilities endpoint?

All plans (except for the Lite plan which doesn't allow API access) should be able to call the Abilities endpoint.

I've tested this on a Basic and a Standard plan and I assume the Enterprise plan should work as well considering it has everything a Standard plan has.

I guess one thing we could do is adding something like SkipValidate which would allow the user to skip the validation? :)

Added a ignore_credentials_validation field (similar to the one in the AWS provider) so the user can skip the validation against the PagerDuty API :)

stack72 · 2017-03-19T12:17:26Z

builtin/providers/pagerduty/provider.go

+
+			"skip_credentials_validation": {
+				Type:     schema.TypeBool,
+				Optional: true,


Do you think we need to define a default here? We are using d.Get - what if the value isn't found?

Good catch :) I'll push a fix for that

skip_credentials_validation should now default to false

LGTM! thanks :)

stack72 · 2017-03-19T17:37:45Z

LGTM!

% make testacc TEST=./builtin/providers/pagerduty                                                   ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/19 17:31:11 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/pagerduty -v  -timeout 120m
=== RUN   TestConfigEmptyToken
--- PASS: TestConfigEmptyToken (0.00s)
=== RUN   TestConfigSkipCredsValidation
2017/03/19 17:31:17 [INFO] PagerDuty client configured
--- PASS: TestConfigSkipCredsValidation (0.00s)
=== RUN   TestAccDataSourcePagerDutyEscalationPolicy_Basic
--- PASS: TestAccDataSourcePagerDutyEscalationPolicy_Basic (12.92s)
=== RUN   TestAccDataSourcePagerDutySchedule_Basic
--- PASS: TestAccDataSourcePagerDutySchedule_Basic (11.02s)
=== RUN   TestAccDataSourcePagerDutyUser_Basic
--- PASS: TestAccDataSourcePagerDutyUser_Basic (8.34s)
=== RUN   TestAccDataSourcePagerDutyVendor_Basic
--- PASS: TestAccDataSourcePagerDutyVendor_Basic (4.32s)
=== RUN   TestAccPagerDutyEscalationPolicy_import
--- PASS: TestAccPagerDutyEscalationPolicy_import (10.47s)
=== RUN   TestAccPagerDutySchedule_import
--- PASS: TestAccPagerDutySchedule_import (10.17s)
=== RUN   TestAccPagerDutyServiceIntegration_import
--- PASS: TestAccPagerDutyServiceIntegration_import (15.98s)
=== RUN   TestAccPagerDutyService_import
--- PASS: TestAccPagerDutyService_import (11.54s)
=== RUN   TestAccPagerDutyServiceWithIncidentUrgency_import
--- PASS: TestAccPagerDutyServiceWithIncidentUrgency_import (13.01s)
=== RUN   TestAccPagerDutyTeam_import
--- PASS: TestAccPagerDutyTeam_import (6.02s)
=== RUN   TestAccPagerDutyUser_import
--- PASS: TestAccPagerDutyUser_import (6.94s)
=== RUN   TestProvider
--- PASS: TestProvider (0.00s)
=== RUN   TestProviderImpl
--- PASS: TestProviderImpl (0.00s)
=== RUN   TestAccPagerDutyAddon_Basic
--- PASS: TestAccPagerDutyAddon_Basic (9.34s)
=== RUN   TestAccPagerDutyEscalationPolicy_Basic
--- PASS: TestAccPagerDutyEscalationPolicy_Basic (13.56s)
=== RUN   TestAccPagerDutyEscalationPolicyWithTeams_Basic
--- PASS: TestAccPagerDutyEscalationPolicyWithTeams_Basic (15.85s)
=== RUN   TestAccPagerDutySchedule_Basic
--- PASS: TestAccPagerDutySchedule_Basic (13.41s)
=== RUN   TestAccPagerDutySchedule_BasicWeek
--- PASS: TestAccPagerDutySchedule_BasicWeek (14.60s)
=== RUN   TestAccPagerDutySchedule_Multi
--- PASS: TestAccPagerDutySchedule_Multi (10.26s)
=== RUN   TestAccPagerDutyServiceIntegration_Basic
--- PASS: TestAccPagerDutyServiceIntegration_Basic (24.65s)
=== RUN   TestAccPagerDutyServiceIntegrationGeneric_Basic
--- PASS: TestAccPagerDutyServiceIntegrationGeneric_Basic (23.90s)
=== RUN   TestAccPagerDutyService_Basic
--- PASS: TestAccPagerDutyService_Basic (18.19s)
=== RUN   TestAccPagerDutyService_BasicWithIncidentUrgencyRules
--- PASS: TestAccPagerDutyService_BasicWithIncidentUrgencyRules (19.16s)
=== RUN   TestAccPagerDutyService_FromBasicToCustomIncidentUrgencyRules
--- PASS: TestAccPagerDutyService_FromBasicToCustomIncidentUrgencyRules (18.63s)
=== RUN   TestAccPagerDutyTeam_Basic
--- PASS: TestAccPagerDutyTeam_Basic (9.29s)
=== RUN   TestAccPagerDutyUser_Basic
--- PASS: TestAccPagerDutyUser_Basic (10.17s)
=== RUN   TestAccPagerDutyUserWithTeams_Basic
--- PASS: TestAccPagerDutyUserWithTeams_Basic (22.47s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/pagerduty	334.231s

* Validate credentials * Add ability to skip validation * Update provider documentation * invalidCredentials -> invalidCreds * Include original error message * Update description for skip_credentials_validation * Add config test * set skip_credentials_validation default to false

ghost · 2020-04-15T02:10:48Z

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

Validate credentials

4098153

stack72 reviewed Mar 18, 2017

View reviewed changes

stack72 added enhancement provider/pagerduty labels Mar 18, 2017

heimweh added 6 commits March 19, 2017 11:29

Add ability to skip validation

3da6fb4

Update provider documentation

f5299b4

invalidCredentials -> invalidCreds

72df2ae

Include original error message

9841901

Update description for skip_credentials_validation

14e4f9b

Add config test

d3d7592

stack72 reviewed Mar 19, 2017

View reviewed changes

set skip_credentials_validation default to false

3dbdbc6

stack72 merged commit ca51754 into hashicorp:master Mar 19, 2017

heimweh deleted the pg-validate-creds branch March 20, 2017 16:49

ghost locked and limited conversation to collaborators Apr 15, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

provider/pagerduty: Validate credentials #12854

provider/pagerduty: Validate credentials #12854

heimweh commented Mar 18, 2017 •

edited

Loading

stack72 Mar 18, 2017

heimweh Mar 19, 2017

heimweh Mar 19, 2017

stack72 Mar 19, 2017

heimweh Mar 19, 2017

heimweh Mar 19, 2017

stack72 Mar 19, 2017

stack72 commented Mar 19, 2017

ghost commented Apr 15, 2020

provider/pagerduty: Validate credentials #12854

provider/pagerduty: Validate credentials #12854

Conversation

heimweh commented Mar 18, 2017 • edited Loading

stack72 Mar 18, 2017

Choose a reason for hiding this comment

heimweh Mar 19, 2017

Choose a reason for hiding this comment

heimweh Mar 19, 2017

Choose a reason for hiding this comment

stack72 Mar 19, 2017

Choose a reason for hiding this comment

heimweh Mar 19, 2017

Choose a reason for hiding this comment

heimweh Mar 19, 2017

Choose a reason for hiding this comment

stack72 Mar 19, 2017

Choose a reason for hiding this comment

stack72 commented Mar 19, 2017

ghost commented Apr 15, 2020

heimweh commented Mar 18, 2017 •

edited

Loading