search

onelogin / terraform-provider-onelogin

GNU General Public License v3.0
27 stars 19 forks source link

onelogin_role/s not able to create role #90

Closed jakekiernan closed 1 year ago

jakekiernan commented 1 year ago

have tried to create a role using the terraform resource onelogin_roles but the terraform run consistently fails on that resource with the following message: 

[onelogin_saml_apps.my](http://onelogin_saml_apps.my/)_saml_app: Creating...
[onelogin_saml_apps.my](http://onelogin_saml_apps.my/)_saml_app: Creation complete after 2s [id=1914900]
[onelogin_roles.my](http://onelogin_roles.my/)_role: Creating...
╷
│ Error: error: context: [ol http service], error_message: [unable to connect]
│
│   with [onelogin_roles.my](http://onelogin_roles.my/)_role,
│   on main.tf line 50, in resource "onelogin_roles" "my_role":
│   50: resource onelogin_roles my_role {

No issues are flagged on validate or plan but when running apply the failure occurs. Here is our most basic role resource code: 

resource "onelogin_roles" "test_admin" {
  name   = "test admin role"
  apps   = [onelogin_saml_apps.saml_advanced.id]
  users  = []
  admins = []
}

The creation of the saml app works and the role looks to be intermittently created and displayed in the OL web app, but the error breaks terraform and the rest of the run is blocked.

Jmfwolf commented 1 year ago

We are in the process of standardizing our SDKs by using OpenAPI specifications. I have an OpenAPI generated terraform-provider-onelogin in prerelease if you would like t try it out. https://github.com/onelogin/terraform-provider-onelogin/tree/openapi

jakekiernan commented 1 year ago

this terraform-provider-onelogin is in beta?

Jmfwolf commented 1 year ago

It was beta, but we have released to the main branch now

jakekiernan commented 1 year ago

I am unable to initialize the provider.

I have used this curl command to generate a bearer token with my API creds:

curl 'https://<subdomain>.onelogin.com/auth/oauth2/v2/token' \ -X POST \ -H "Authorization: client_id:<client_id>, client_secret:<client_secret>" \ -H "Content-Type: application/json" \ -d '{ "grant_type":"client_credentials" }'

my main.tf looks like this:

`terraform { required_providers { onelogin = { source = "onelogin.com/onelogin/onelogin" version = ">= 2.0.1" } } }

provider "onelogin" { bearer_auth = "BEAR_TOKEN" }`

I have installed the onelogin terraform plugin as specified in the Provider Installation.

When I try to run the following command from the instructions, I get the following error:

export OTF_VAR_onelogin_PLUGIN_CONFIGURATION_FILE="https://raw.githubusercontent.com/onelogin/terraform-provider-onelogin/openapi/swag-api.yml" && terraform init && terraform plan

Error: Invalid provider registry host │ │ The host "onelogin.com" given in in provider source address "onelogin.com/onelogin/onelogin" does not offer a Terraform provider registry.

Are there additional arguments that the provider needs, and if so where would I get them?

Jmfwolf commented 1 year ago

I edited the README to the appropriate source = "onelogin/onelogin

A new gpg key needs to be added to the repo in order to release the new version of the plugin, but it should be installed to your machine from the script.

Once the new key is added and the source is changed, the issue should be resolved. I will keep you updated

Jmfwolf commented 1 year ago

forked and signed version: https://registry.terraform.io/providers/Jmfwolf/onelogin/latest

This should help minimize your issues until the onelogin Key is added