documentation to import harbor_config_auth is missing

[nafaa-tayachi]

I cannot find the documentation to import harbor_config_auth even though it's mentioned in this issue #360 that it was implemented.

Could you please point me to the documentation or add one if it doesn't exist?

Thanks in advance!

[flbla]

hi @nafaa-tayachi, something like this should work : terraform import harbor_config_auth.my_conf /configurations

indeed there is no documentation, I will update it

[nafaa-tayachi]

thanks for the quick reply @flbla !

I wasn't able to import it using the command you shared .. does it require some kind of suffix at the end /configurations/${name/id/whatever}

if yes what should it be?

[flbla]

no, there is no name/id, because there is only one endpoint for configurations can you copy the error you get? I'll try to take a look at it this week

[nafaa-tayachi]

sure, this is the error with debug mode on:

harbor_config_auth.oidc: Import prepared!
  Prepared harbor_config_auth for import
harbor_config_auth.oidc: Refreshing state... [id=/configurations]
2024-05-21T16:38:39.457+0200 [ERROR] provider.terraform-provider-harbor_v3.10.10: Response contains error diagnostic: diagnostic_detail="" tf_resource_type=harbor_config_auth @caller=github.com/hashicorp/terraform-plugin-go@v0.22.0/tfprotov5/internal/diag/diagnostics.go:58 @module=sdk.proto diagnostic_summary="unexpected end of JSON input" tf_req_id=fdfab4ef-64be-cc2d-d0ea-48f95f113f00 tf_rpc=ReadResource diagnostic_severity=ERROR tf_proto_version=5.4 tf_provider_addr=provider timestamp="2024-05-21T16:38:39.457+0200"
2024-05-21T16:38:39.458+0200 [ERROR] vertex "import harbor_config_auth.oidc result" error: unexpected end of JSON input
2024-05-21T16:38:39.458+0200 [ERROR] vertex "harbor_config_auth.oidc (import id \"/configurations\")" error: unexpected end of JSON input
2024-05-21T16:38:39.458+0200 [ERROR] vertex "harbor_config_auth.oidc (expand)" error: unexpected end of JSON input
╷
│ Error: unexpected end of JSON input
│
│
╵

[flbla]

I tried to reproduce but was not able to :

resource "harbor_config_auth" "db" {
  auth_mode          = "db_auth"
}

If I 1rst try to plan it :

  # harbor_config_auth.db will be created
  + resource "harbor_config_auth" "db" {
      + auth_mode             = "db_auth"
      + id                    = (known after apply)
      + ldap_group_membership = "memberof"
      + ldap_group_scope      = "subtree"
      + ldap_scope            = "subtree"
      + ldap_verify_cert      = false
      + primary_auth_mode     = false
    }

Then I do the import command :

terraform import harbor_config_auth.db /configurations
harbor_config_auth.db: Importing from ID "/configurations"...
harbor_config_auth.db: Import prepared!
  Prepared harbor_config_auth for import
harbor_config_auth.db: Refreshing state... [id=/configurations]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

Try to plan again :

  # harbor_config_auth.db will be updated in-place
  ~ resource "harbor_config_auth" "db" {
        id                    = "/configurations"
      + ldap_group_membership = "memberof"
      + ldap_group_scope      = "subtree"
      + ldap_scope            = "subtree"
      + ldap_verify_cert      = false
        # (2 unchanged attributes hidden)
    }

Looks good (except the update on ldap, as I'm doing a DB auth it should not display, I'll try to check why)

Does the user you configured on the harbor terraform provider is an admin user ?

[nafaa-tayachi]

Hi @flbla , I am using a robot account, what kind of permissions does robot account needs to manage the auth configuration?

[flbla]

hi @nafaa-tayachi, I think it's not possible to manage the auth configuration with a robot account can you add your use case here : https://github.com/goharbor/harbor/issues/20076 ?

[nafaa-tayachi]

I just posted my case there. I was able to import the resource using an admin user. thanks @flbla!