Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_storage_share - Fix a bug that using storage_account_id accidentally leaks to the wrong branch for creation #28063

Closed
wants to merge 1 commit into from
Closed

azurerm_storage_share - Fix a bug that using storage_account_id accidentally leaks to the wrong branch for creation #28063

wants to merge 1 commit into from
+118 −81

Conversation

magodo
Copy link
Collaborator

@magodo magodo commented Nov 19, 2024
edited
Loading

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

With the introduction of storage_account_id on the azurerm_storage_share in #27733, there is one bug in the creation code, that if users specify the new storage_account_id property (with storage_account_name omitted, as they are in conflict), the logic leaks to the v5 part, which is causing issues like #28032.

This PR fixes that part by:

  • Removing the storage_account_name check, but infer the account name from the id if storage_account_id is used
  • Mark the storage_account_[id|name] as Computed, per the breaking change guideline
  • Removing the confusing/likely redundent check: && !strings.HasPrefix(d.Id(), "/subscriptions/")

Additionally, I've reverted the changes on the acctest config, for the acl timestamp format, for the compatibility purpose. Note that the format is different between data plane and mgmt plane APIs. Meanwhile, I've modified the flattenStorageShareACLs to convert the timestamp format back to the data plane version.

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Changes to existing Resource / Data Source

  • I have added an explanation of what my changes do and why I'd like you to include them (This may be covered by linking to an issue above, but may benefit from additional explanation).
  • I have written new tests for my resource or datasource changes & updated any relevent documentation.
  • I have successfully run tests with my changes locally. If not, please provide details on testing challenges that prevented you running the tests.
  • (For changes that include a state migration only). I have manually tested the migration path between relevant versions of the provider.

Testing

  • My submission includes Test coverage as described in the Contribution Guide and the tests pass. (if this is not possible for any reason, please include details of why you did or could not add test coverage)
Without v5 toggle 
$ TF_ACC=1 go test -v -timeout=20h -run=TestAccStorageShare_ ./internal/services/storage
=== RUN   TestAccStorageShare_basicDeprecated
=== PAUSE TestAccStorageShare_basicDeprecated
=== RUN   TestAccStorageShare_basic
=== PAUSE TestAccStorageShare_basic
=== RUN   TestAccStorageShare_complete
=== PAUSE TestAccStorageShare_complete
=== RUN   TestAccStorageShare_requiresImportDeprecated
=== PAUSE TestAccStorageShare_requiresImportDeprecated
=== RUN   TestAccStorageShare_requiresImport
=== PAUSE TestAccStorageShare_requiresImport
=== RUN   TestAccStorageShare_disappearsDeprecated
=== PAUSE TestAccStorageShare_disappearsDeprecated
=== RUN   TestAccStorageShare_deleteAndRecreateDeprecated
=== PAUSE TestAccStorageShare_deleteAndRecreateDeprecated
=== RUN   TestAccStorageShare_metaDataDeprecated
=== PAUSE TestAccStorageShare_metaDataDeprecated
=== RUN   TestAccStorageShare_metaData
=== PAUSE TestAccStorageShare_metaData
=== RUN   TestAccStorageShare_aclDeprecated
=== PAUSE TestAccStorageShare_aclDeprecated
=== RUN   TestAccStorageShare_acl
=== PAUSE TestAccStorageShare_acl
=== RUN   TestAccStorageShare_aclGhostedRecallDeprecated
=== PAUSE TestAccStorageShare_aclGhostedRecallDeprecated
=== RUN   TestAccStorageShare_aclGhostedRecall
=== PAUSE TestAccStorageShare_aclGhostedRecall
=== RUN   TestAccStorageShare_updateQuotaDeprecated
=== PAUSE TestAccStorageShare_updateQuotaDeprecated
=== RUN   TestAccStorageShare_updateQuota
=== PAUSE TestAccStorageShare_updateQuota
=== RUN   TestAccStorageShare_largeQuotaDeprecated
=== PAUSE TestAccStorageShare_largeQuotaDeprecated
=== RUN   TestAccStorageShare_largeQuota
=== PAUSE TestAccStorageShare_largeQuota
=== RUN   TestAccStorageShare_accessTierStandardDeprecated
=== PAUSE TestAccStorageShare_accessTierStandardDeprecated
=== RUN   TestAccStorageShare_accessTierStandard
=== PAUSE TestAccStorageShare_accessTierStandard
=== RUN   TestAccStorageShare_accessTierPremiumDeprecated
=== PAUSE TestAccStorageShare_accessTierPremiumDeprecated
=== RUN   TestAccStorageShare_accessTierPremium
=== PAUSE TestAccStorageShare_accessTierPremium
=== RUN   TestAccStorageShare_nfsProtocolDeprecated
=== PAUSE TestAccStorageShare_nfsProtocolDeprecated
=== RUN   TestAccStorageShare_nfsProtocol
=== PAUSE TestAccStorageShare_nfsProtocol
=== RUN   TestAccStorageShare_protocolUpdateDeprecated
=== PAUSE TestAccStorageShare_protocolUpdateDeprecated
=== RUN   TestAccStorageShare_protocolUpdate
=== PAUSE TestAccStorageShare_protocolUpdate
=== CONT  TestAccStorageShare_basicDeprecated
=== CONT  TestAccStorageShare_protocolUpdateDeprecated
=== CONT  TestAccStorageShare_aclGhostedRecall
=== CONT  TestAccStorageShare_acl
=== CONT  TestAccStorageShare_metaData
=== CONT  TestAccStorageShare_aclDeprecated
=== CONT  TestAccStorageShare_accessTierStandardDeprecated
=== CONT  TestAccStorageShare_deleteAndRecreateDeprecated
=== CONT  TestAccStorageShare_disappearsDeprecated
=== CONT  TestAccStorageShare_requiresImport
=== CONT  TestAccStorageShare_requiresImportDeprecated
=== CONT  TestAccStorageShare_complete
=== CONT  TestAccStorageShare_basic
=== CONT  TestAccStorageShare_metaDataDeprecated
=== CONT  TestAccStorageShare_updateQuota
=== CONT  TestAccStorageShare_protocolUpdate
--- PASS: TestAccStorageShare_disappearsDeprecated (145.53s)
=== CONT  TestAccStorageShare_largeQuota
--- PASS: TestAccStorageShare_requiresImport (217.11s)
=== CONT  TestAccStorageShare_largeQuotaDeprecated
--- PASS: TestAccStorageShare_requiresImportDeprecated (218.71s)
=== CONT  TestAccStorageShare_updateQuotaDeprecated
--- PASS: TestAccStorageShare_updateQuota (240.98s)
=== CONT  TestAccStorageShare_accessTierPremium
--- PASS: TestAccStorageShare_basicDeprecated (242.37s)
=== CONT  TestAccStorageShare_nfsProtocol
--- PASS: TestAccStorageShare_basic (244.21s)
=== CONT  TestAccStorageShare_nfsProtocolDeprecated
--- PASS: TestAccStorageShare_protocolUpdate (245.54s)
=== CONT  TestAccStorageShare_accessTierPremiumDeprecated
--- PASS: TestAccStorageShare_protocolUpdateDeprecated (246.55s)
=== CONT  TestAccStorageShare_accessTierStandard
--- PASS: TestAccStorageShare_aclGhostedRecall (247.91s)
=== CONT  TestAccStorageShare_aclGhostedRecallDeprecated
--- PASS: TestAccStorageShare_complete (255.45s)
--- PASS: TestAccStorageShare_metaDataDeprecated (276.71s)
--- PASS: TestAccStorageShare_largeQuota (156.07s)
--- PASS: TestAccStorageShare_metaData (305.02s)
--- PASS: TestAccStorageShare_aclDeprecated (306.36s)
--- PASS: TestAccStorageShare_accessTierStandardDeprecated (317.48s)
--- PASS: TestAccStorageShare_deleteAndRecreateDeprecated (322.63s)
--- PASS: TestAccStorageShare_accessTierPremium (122.25s)
--- PASS: TestAccStorageShare_nfsProtocol (122.26s)
--- PASS: TestAccStorageShare_nfsProtocolDeprecated (122.13s)
--- PASS: TestAccStorageShare_accessTierPremiumDeprecated (122.42s)
--- PASS: TestAccStorageShare_largeQuotaDeprecated (152.35s)
--- PASS: TestAccStorageShare_updateQuotaDeprecated (163.19s)
--- PASS: TestAccStorageShare_acl (404.99s)
--- PASS: TestAccStorageShare_aclGhostedRecallDeprecated (163.45s)
--- PASS: TestAccStorageShare_accessTierStandard (237.37s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/storage       483.953s
With v5 toggle 
$ ARM_FIVEPOINTZERO_BETA=true TF_ACC=1 go test -v -timeout=20h -run=TestAccStorageShare_ ./internal/services/storage
=== RUN   TestAccStorageShare_basicDeprecated
    storage_share_resource_test.go:26: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_basicDeprecated (0.00s)
=== RUN   TestAccStorageShare_basic
=== PAUSE TestAccStorageShare_basic
=== RUN   TestAccStorageShare_complete
=== PAUSE TestAccStorageShare_complete
=== RUN   TestAccStorageShare_requiresImportDeprecated
    storage_share_resource_test.go:75: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_requiresImportDeprecated (0.00s)
=== RUN   TestAccStorageShare_requiresImport
=== PAUSE TestAccStorageShare_requiresImport
=== RUN   TestAccStorageShare_disappearsDeprecated
    storage_share_resource_test.go:109: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_disappearsDeprecated (0.00s)
=== RUN   TestAccStorageShare_deleteAndRecreateDeprecated
    storage_share_resource_test.go:124: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_deleteAndRecreateDeprecated (0.00s)
=== RUN   TestAccStorageShare_metaDataDeprecated
    storage_share_resource_test.go:153: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_metaDataDeprecated (0.00s)
=== RUN   TestAccStorageShare_metaData
=== PAUSE TestAccStorageShare_metaData
=== RUN   TestAccStorageShare_aclDeprecated
    storage_share_resource_test.go:201: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_aclDeprecated (0.00s)
=== RUN   TestAccStorageShare_acl
=== PAUSE TestAccStorageShare_acl
=== RUN   TestAccStorageShare_aclGhostedRecallDeprecated
    storage_share_resource_test.go:263: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_aclGhostedRecallDeprecated (0.00s)
=== RUN   TestAccStorageShare_aclGhostedRecall
=== PAUSE TestAccStorageShare_aclGhostedRecall
=== RUN   TestAccStorageShare_updateQuotaDeprecated
    storage_share_resource_test.go:297: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_updateQuotaDeprecated (0.00s)
=== RUN   TestAccStorageShare_updateQuota
=== PAUSE TestAccStorageShare_updateQuota
=== RUN   TestAccStorageShare_largeQuotaDeprecated
    storage_share_resource_test.go:343: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_largeQuotaDeprecated (0.00s)
=== RUN   TestAccStorageShare_largeQuota
=== PAUSE TestAccStorageShare_largeQuota
=== RUN   TestAccStorageShare_accessTierStandardDeprecated
    storage_share_resource_test.go:391: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_accessTierStandardDeprecated (0.00s)
=== RUN   TestAccStorageShare_accessTierStandard
=== PAUSE TestAccStorageShare_accessTierStandard
=== RUN   TestAccStorageShare_accessTierPremiumDeprecated
    storage_share_resource_test.go:439: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_accessTierPremiumDeprecated (0.00s)
=== RUN   TestAccStorageShare_accessTierPremium
=== PAUSE TestAccStorageShare_accessTierPremium
=== RUN   TestAccStorageShare_nfsProtocolDeprecated
    storage_share_resource_test.go:473: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_nfsProtocolDeprecated (0.00s)
=== RUN   TestAccStorageShare_nfsProtocol
=== PAUSE TestAccStorageShare_nfsProtocol
=== RUN   TestAccStorageShare_protocolUpdateDeprecated
    storage_share_resource_test.go:508: skipping as not valid in 5.0
--- SKIP: TestAccStorageShare_protocolUpdateDeprecated (0.00s)
=== RUN   TestAccStorageShare_protocolUpdate
=== PAUSE TestAccStorageShare_protocolUpdate
=== CONT  TestAccStorageShare_accessTierStandard
=== CONT  TestAccStorageShare_basic
=== CONT  TestAccStorageShare_largeQuota
=== CONT  TestAccStorageShare_nfsProtocol
=== CONT  TestAccStorageShare_accessTierPremium
=== CONT  TestAccStorageShare_metaData
=== CONT  TestAccStorageShare_aclGhostedRecall
=== CONT  TestAccStorageShare_requiresImport
=== CONT  TestAccStorageShare_complete
=== CONT  TestAccStorageShare_protocolUpdate
=== CONT  TestAccStorageShare_acl
=== CONT  TestAccStorageShare_updateQuota
--- PASS: TestAccStorageShare_requiresImport (104.31s)
--- PASS: TestAccStorageShare_basic (105.14s)
--- PASS: TestAccStorageShare_aclGhostedRecall (105.25s)
--- PASS: TestAccStorageShare_nfsProtocol (105.77s)
--- PASS: TestAccStorageShare_accessTierPremium (105.82s)
--- PASS: TestAccStorageShare_complete (106.34s)
--- PASS: TestAccStorageShare_updateQuota (109.27s)
--- PASS: TestAccStorageShare_metaData (130.78s)
--- PASS: TestAccStorageShare_accessTierStandard (133.63s)
--- PASS: TestAccStorageShare_largeQuota (134.36s)
--- PASS: TestAccStorageShare_protocolUpdate (233.51s)
--- PASS: TestAccStorageShare_acl (260.46s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/storage       260.500s

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

  • azurerm_storage_share - Fix a bug that using storage_account_id accidentally leaks to the wrong branch for creation [GH-00000]

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Fixes #28032

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

@magodo
azurerm_storage_share - Fix a bug that using storage_account_id a…
4db7855 
…ccidentally leaks to the wrong branch for creation
@magodo magodo requested review from katbyte and a team as code owners November 19, 2024 06:13
@github-actions github-actions bot added the bug label Nov 19, 2024
@magodo magodo requested a review from jackofallops November 19, 2024 06:13
@jackofallops jackofallops self-assigned this Nov 19, 2024
jackofallops
jackofallops requested changes Nov 20, 2024
View reviewed changes
Copy link
Member

@jackofallops jackofallops left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @magodo - Thanks for this PR. Unfortunately it breaks the intended purpose of having introduced the storage_account_id property, which is to discontinue use of the Data Plane API entirely when it is specified, as this is required for users that have no Terraform access to Data Plane endpoints for various reasons. Can you restore those code paths and take another look at resolving the referenced bug leaving that functionality intact?

Thanks

internal/services/storage/storage_share_resource.go
@@ -160,6 +160,7 @@ func resourceStorageShare() *pluginsdk.Resource {
r.Schema["storage_account_name"] = &pluginsdk.Schema{
Type: pluginsdk.TypeString,
Optional: true,
Computed: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not be setting this value if storage_account_id is set

Suggested change
Computed: true,

internal/services/storage/storage_share_resource.go
@@ -171,6 +172,7 @@ func resourceStorageShare() *pluginsdk.Resource {
r.Schema["storage_account_id"] = &pluginsdk.Schema{
Type: pluginsdk.TypeString,
Optional: true,
Computed: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not be setting this value if storage_account_id is set.

Suggested change
Computed: true,

internal/services/storage/storage_share_resource.go
Comment on lines -199 to -203
if accountName := d.Get("storage_account_name").(string); accountName != "" {
shareName := d.Get("name").(string)
quota := d.Get("quota").(int)
metaDataRaw := d.Get("metadata").(map[string]interface{})
metaData := ExpandMetaData(metaDataRaw)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing this means that we will use the Data Plane client even in the cases that storage_account_id is specified in place of storage_account_name, which we specifically need to avoid for this change to separate the the two APIs. If storage_account_id is specified, we must use exclusively the Resource Manager API.

internal/services/storage/storage_share_resource.go
Comment on lines -326 to +336
if !features.FivePointOhBeta() && !strings.HasPrefix(d.Id(), "/subscriptions/") {
if !features.FivePointOhBeta() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above, this must be evaluated to ensure that cases where the ID is the resource manager ID, we exclusively use the Resource Manager API.

@magodo magodo force-pushed the storage_share_fix_bug_after_intro_sa_id branch from e4b9826 to 4db7855 Compare November 21, 2024 03:44
@magodo magodo closed this Nov 21, 2024
@github-actions github-actions bot added size/L and removed size/M labels Nov 21, 2024
@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 22, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jackofallops jackofallops jackofallops requested changes

@katbyte katbyte Awaiting requested review from katbyte

Assignees

@jackofallops jackofallops

Labels
bug service/storage size/L
Projects
None yet
Milestone
No milestone
2 participants
@magodo @jackofallops