search

microsoft / terraform-provider-power-platform

Power Platform Terraform Provider
https://registry.terraform.io/providers/microsoft/power-platform/latest/docs
MIT License
35 stars 14 forks source link

checking if useoidc env var is set #335

Closed polatengin closed 5 months ago

polatengin commented 5 months ago

To be able to remove hard-coded use_oidc = {true, false} config from provider section, provider should be able to determine if a specific environment variable is set.

Before;

provider "powerplatform" {
  use_oidc = true
}

After _(with POWER_PLATFORM_USE_OIDC environment variable is set)_;

provider "powerplatform" {
}

closes #329

polatengin commented 5 months ago

Why does the environment config trump the provider config? This is more of a "food for thought" question, as I've also added variable handling that uses this priority order, so not worth changing, but I wonder if we've gotten it backwards throughout the provider. I'm probably just not thinking of an obvious reason to do things in that priority order. Anywho, LGTM.

it's more like, the options that you can use to configure the plan/apply in the way you like.

so, instead of having how you authenticate hard-coded, you might want to configure it in the pipeline, based on the pipeline parameters, etc.

quick note; this change doesn't give priority to environment config, we still check if the config exists in the provider section, if yes, we use it, if no, we check the environment variables.

ianjensenisme commented 5 months ago

Why does the environment config trump the provider config? This is more of a "food for thought" question, as I've also added variable handling that uses this priority order, so not worth changing, but I wonder if we've gotten it backwards throughout the provider. I'm probably just not thinking of an obvious reason to do things in that priority order. Anywho, LGTM.

it's more like, the options that you can use to configure the plan/apply in the way you like.

so, instead of having how you authenticate hard-coded, you might want to configure it in the pipeline, based on the pipeline parameters, etc.

quick note; this change doesn't give priority to environment config, we still check if the config exists in the provider section, if yes, we use it, if no, we check the environment variables.

Ah, yep, I stared at it too long and lost the plot: we check if the config value is blank and only then would we use the environment variable, that makes more sense to me. I do basically the same thing with envOidcRequestUrl and envOidcRequestToken . Thanks for following up.

eduardodfmex commented 5 months ago

LGTM.