Open dhrapson opened 1 month ago
@dhrapson Thanks for the suggestion. You're correct that currently there's no REST API to set the private connection for AWS. I'll create an internal feature request ticket with the MyJFrog team. I encourage you to also mention this to your JFrog contact.
Hi,
I'm experiencing the same issue. After investigating the issue, it looks that the problem is with the provider left in the not initialized state.
As part of its initialization, an Artifactory version is checked and if it could not be resolved, e.g. because of modified myjfrog_ip_allowlist
resource, a warning is being logged and initialization is interrupted leaving the provider in invalid state. See this code.
version, err := util.GetArtifactoryVersion(platformClient)
if err != nil {
resp.Diagnostics.AddWarning(
"Error getting Artifactory version",
fmt.Sprintf("The provider functionality might be affected by the absence of Artifactory version in the context. %v", err),
)
return
}
In my terraform project, I'm using only myjfrog_ip_allowlist
resource and I'm not accessing any platform or any artifactory API - in such case, in my opinion, the provider should be initialized correctly with myjfrog client, but possibly without platform client.
Alternatively, myjfrog functionality should be moved into its own provider.
@dlorych Thanks for the report! That's definitely a bug. I've added this to our schedule to be fixed.
Provider issues are fixed in #97
Is your feature request related to a problem? Please describe. We have multiple AWS accounts from which we want to pull images from Artifactory using Private Endpoints. It is frustrating that I have to manually add the VPC endpoint for each one manually via the MyJFrog UI as a Private Connection. In some cases the account contents will be periodically disposed to encourage good practice for using IaC. Not being able to recreate these Private Connections via Terraform means we cannot fully tear down the VPC endpoints, and hence not the VPC either, which risks the leaving around of remnants from previous periods.
Describe the solution you'd like A new resource called
platform_myjfrog_ip_private_connection
with a single attributevpc_endpoint
Describe alternatives you've considered A workaround of a HTTP-based terraform provider or
local-exec
that executescurl
could work if I knew what API to invoke, however I wasn't able to find that in the JFrog REST API docs.Additional context None