data.azuredevops_users.human.descriptor: unsupported attribute

[ncook-hxgn]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and Azure DevOps Provider) Version

Terraform v1.6.5
on linux_amd64
+ provider registry.terraform.io/hashicorp/azuread v2.46.0
+ provider registry.terraform.io/hashicorp/azurerm v3.83.0
+ provider registry.terraform.io/hashicorp/external v2.3.2
+ provider registry.terraform.io/microsoft/azuredevops v0.10.0

Affected Resource(s)

• azuredevops_users

Terraform Configuration Files

// get an azure user for the pat holder
data "azuread_user" "admin" {
  user_principal_name = var.ado_user
}

// declare an azure devops project to host iac azure devops resources
resource "azuredevops_project" "project" {
  name               = "${var.organisation}-infra"
  description        = "Managed By Terraform"
  visibility         = "private"
  version_control    = "Git"
  work_item_template = "Agile" # Basic ?
  features = {
    "boards"        = "disabled"
    "repositories"  = "enabled"
    "pipelines"     = "enabled"
    "testplans"     = "disabled"
    "artifacts"     = "enabled"
  }
}

// get an azure devops user for the pat holder
// Load single user by using it's principal name
data "azuredevops_users" "human" {
  principal_name = data.azuread_user.admin.mail
}

// grant admin on project to human
resource "azuredevops_group_membership" "human-admins" {
  group = data.azuredevops_group.project-admins.descriptor
  members = [
    data.azuredevops_users.human.descriptor
  ]
}

Debug Output

Terraform plan is happy. Terraform apply fails:

│ Error: Unsupported attribute
│
│   on organisation.tf line 49, in resource "azuredevops_group_membership" "human-admins":
│   49:     data.azuredevops_users.human.descriptor
│
│ This object has no argument, nested block, or exported attribute named "descriptor".

Panic Output

Expected Behavior

attribute is documented as supported: https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/data-sources/users#descriptor

Actual Behavior

Steps to Reproduce

1. terraform apply a. var.ado_user is an email address for a valid azure devops organisation user b. var.organisation is the organisation name

Important Factoids

None

References

• 0000

[xuzhang3]

@ncook-hxgn data.azuredevops_users returns a user collection, you cannot get the user descriptor directly for azuredevops_users. You can get the user descriptor by tolist(data.azuredevops_users.admin.users)[0].descriptor

[philippfrenzel]

Hi @xuzhang3, when I try to get the descriptor as you described, I get the following error message: The given key does not identify an element in this collection value: the │ collection has no elements. But I can see that the data is actually returning the id: module.ado_management.data.azuredevops_users.dfwb_draft_users: Read complete after 1s [id=users#2jm......]

[xuzhang3]

@philippfrenzel this is a bug, will be fixed in the next version.