search

jfrog / terraform-provider-platform

Terraform provider to manage JFrog Platform
https://jfrog.com
Apache License 2.0
1 stars 1 forks source link

`platform_myjfrog_private_connection` resource required #87

Open dhrapson opened 1 month ago

dhrapson commented 1 month ago

Is your feature request related to a problem? Please describe. We have multiple AWS accounts from which we want to pull images from Artifactory using Private Endpoints. It is frustrating that I have to manually add the VPC endpoint for each one manually via the MyJFrog UI as a Private Connection. In some cases the account contents will be periodically disposed to encourage good practice for using IaC. Not being able to recreate these Private Connections via Terraform means we cannot fully tear down the VPC endpoints, and hence not the VPC either, which risks the leaving around of remnants from previous periods.

Describe the solution you'd like A new resource called platform_myjfrog_ip_private_connection with a single attribute vpc_endpoint

Describe alternatives you've considered A workaround of a HTTP-based terraform provider or local-exec that executes curl could work if I knew what API to invoke, however I wasn't able to find that in the JFrog REST API docs.

Additional context None

alexhung commented 1 month ago

@dhrapson Thanks for the suggestion. You're correct that currently there's no REST API to set the private connection for AWS. I'll create an internal feature request ticket with the MyJFrog team. I encourage you to also mention this to your JFrog contact.

dlorych commented 2 weeks ago

Hi,

I'm experiencing the same issue. After investigating the issue, it looks that the problem is with the provider left in the not initialized state. As part of its initialization, an Artifactory version is checked and if it could not be resolved, e.g. because of modified myjfrog_ip_allowlist resource, a warning is being logged and initialization is interrupted leaving the provider in invalid state. See this code.

    version, err := util.GetArtifactoryVersion(platformClient)
    if err != nil {
        resp.Diagnostics.AddWarning(
            "Error getting Artifactory version",
            fmt.Sprintf("The provider functionality might be affected by the absence of Artifactory version in the context. %v", err),
        )
        return
    }

In my terraform project, I'm using only myjfrog_ip_allowlist resource and I'm not accessing any platform or any artifactory API - in such case, in my opinion, the provider should be initialized correctly with myjfrog client, but possibly without platform client. Alternatively, myjfrog functionality should be moved into its own provider.

alexhung commented 2 weeks ago

@dlorych Thanks for the report! That's definitely a bug. I've added this to our schedule to be fixed.

alexhung commented 2 weeks ago

Provider issues are fixed in #97