Closed linouk23 closed 1 month ago
This PR resolves https://github.com/confluentinc/terraform-provider-confluent/issues/418.
In short, the issue is isSchemaRegistryApiKey() was only expecting for srcm/v3 API version instead of any of srcm/v2 or srcm/v3.
isSchemaRegistryApiKey()
srcm/v3
srcm/v2
The API Keys Mgmt API doesn't require api_version in the request and it does return resource.api_version=srcm/v2 by default:
api_version
resource.api_version=srcm/v2
➜ ✗ curl --request POST \ --url https://api.confluent.cloud/iam/v2/api-keys \ --header 'Authorization: Basic ...' \ --header 'content-type: application/json' \ --data '{"spec":{"display_name":"test2","owner":{"id":"sa-6zzw98"},"resource":{"id":"lsrc-kkg0rg","kind":"SchemaRegistry"}}}' { "api_version": "iam/v2", "id": "OZSKBWUZFIF6QHUM", "kind": "ApiKey", "metadata": { "created_at": "2024-08-23T14:15:30.4238Z", "resource_name": "crn://api.confluent.cloud/organization=cc2d2db8-b889-4d72-8948-9d7cb37c6a9c/service-account=sa-6zzw98/api-key=OZSKBWUZFIF6QHUM", "self": "https://api.confluent.cloud/iam/v2/api-keys/OZSKBWUZFIF6QHUM", "updated_at": "2024-08-23T14:15:30.4238Z" }, "spec": { "description": "", "display_name": "test2", "owner": { "api_version": "iam/v2", "id": "sa-6zzw98", "kind": "ServiceAccount", "related": "https://api.confluent.cloud/iam/v2/service-accounts/sa-6zzw98", "resource_name": "crn://api.confluent.cloud/organization=cc2d2db8-b889-4d72-8948-9d7cb37c6a9c/service-account=sa-6zzw98" }, "resource": { "api_version": "srcm/v2", <------------ "environment": "env-0j5orp", "id": "lsrc-kkg0rg", "kind": "SchemaRegistry", "related": "https://api.confluent.cloud/srcm/v2/schema-registries/lsrc-kkg0rg", "resource_name": "crn://api.confluent.cloud/organization=cc2d2db8-b889-4d72-8948-9d7cb37c6a9c/schema-registry=lsrc-kkg0rg" }, "secret": "<REDACTED>" } }
FWIW we can expect customers to hardcode the value for api_version from previous TF Provider versions as well so
DiffSurpressFunc
What
This PR resolves https://github.com/confluentinc/terraform-provider-confluent/issues/418.
Note
In short, the issue is
isSchemaRegistryApiKey()was only expecting forsrcm/v3API version instead of any ofsrcm/v2orsrcm/v3.The API Keys Mgmt API doesn't require
api_versionin the request and it does returnresource.api_version=srcm/v2by default:FWIW we can expect customers to hardcode the value for
api_versionfrom previous TF Provider versions as well sosrcm/v2andsrcm/v3.srcm/v3in TF state andDiffSurpressFuncwill help us to resolve a potential TF drift: https://github.com/confluentinc/terraform-provider-confluent/blob/master/internal/provider/resource_api_key.go#L417-L423 (srcm/v2/srcm/v3in TF config butsrcm/v2/srcm/v3in TF state).