search

crossplane-contrib / provider-upjet-azuread

AzureAD Provider for Crossplane.
https://marketplace.upbound.io/providers/upbound/provider-azuread/
Apache License 2.0
6 stars 19 forks source link

Add Support for Observe Only Resources #47

Closed turkenf closed 1 year ago

turkenf commented 1 year ago

Description of your changes

This PR adds support for Observe Only resources. It also bumps up to v0.16.1. Related PR: https://github.com/upbound/provider-aws/pull/672

I have:

How has this code been tested

I have created an application resource without enabling management-policies. Then I edited the resource and added managementPolicy: ObserveOnly to spec. I get the following message and situation:

    message: managementPolicy is set to a non-default value but the feature is not
    enabled.
NAME                                                  READY   SYNCED   EXTERNAL-NAME                          AGE
application.applications.azuread.upbound.io/example   True    False    96558175-82d0-4a9d-8596-ddb2a049b738   15m

Then I activated the management-policies by making changes in the Makefile. I created a new application resource in AAD console and I successfully imported it using the following manifest:

apiVersion: applications.azuread.upbound.io/v1beta1
kind: Application
metadata:
  annotations:
    crossplane.io/external-name: 36b8a7c7-5f9e-43e7-8d07-552b049b8d85
  name: example
spec:
  managementPolicy: ObserveOnly
  forProvider:
    displayName: exampletest

I can see the managed resource is ready & synced:

NAME                                                  READY   SYNCED   EXTERNAL-NAME                          AGE
application.applications.azuread.upbound.io/example   True    True     36b8a7c7-5f9e-43e7-8d07-552b049b8d85   44s

status.atProvider is up to date with the actual status of the resource:

status:
  atProvider:
    api:
    - mappedClaimsEnabled: false
      requestedAccessTokenVersion: 2
    applicationId: 9cf7ca76-2521-4106-8368-5d63fb00af45
    description: ""
    deviceOnlyAuthEnabled: false
    disabledByMicrosoft: <nil>
    displayName: exampletest
    fallbackPublicClientEnabled: false
    featureTags:
    - customSingleSignOn: false
      enterprise: false
      gallery: false
      hide: false
    id: 36b8a7c7-5f9e-43e7-8d07-552b049b8d85
    logoImage: ""
    logoUrl: ""
    marketingUrl: ""
    notes: ""
    oauth2PostResponseRequired: false
    objectId: 36b8a7c7-5f9e-43e7-8d07-552b049b8d85
    owners:
    - 70e0f1d0-9d4b-4ef9-aef1-5242c6784d40
    preventDuplicateNames: false
    privacyStatementUrl: ""
    publicClient:
    - {}
    publisherDomain: devopsupbound.onmicrosoft.com
    requiredResourceAccess:
    - resourceAccess:
      - id: e1fe6dd8-ba31-4d61-89e7-88639da4683d
        type: Scope
      resourceAppId: 00000003-0000-0000-c000-000000000000
    signInAudience: AzureADandPersonalMicrosoftAccount
    singlePageApplication:
    - {}
    supportUrl: ""
    templateId: ""
    termsOfServiceUrl: ""
    web:
    - homepageUrl: ""
      implicitGrant:
      - accessTokenIssuanceEnabled: false
        idTokenIssuanceEnabled: false
      logoutUrl: ""
  conditions:
  - lastTransitionTime: "2023-04-20T10:30:44Z"
    reason: Available
    status: "True"
    type: Ready
  - lastTransitionTime: "2023-04-20T10:30:44Z"
    reason: ReconcileSuccess
    status: "True"
    type: Synced