From 82f75eab23b94ee998d5b7c47ba7764e718e07d9 Mon Sep 17 00:00:00 2001
From: Christian Muirhead <christian.muirhead@microsoft.com>
Date: Wed, 16 Dec 2020 10:17:55 +1300
Subject: [PATCH] Clarify documentation for sample MySQLAdministrator (#1334)

* Clarify that Sid should be client ID for managed identities

* Add more detail to logging for errors connecting to MySQL

Co-authored-by: Bevan Arps <bevan.arps@microsoft.com>
---
 api/v1alpha1/mysqlserveradministrator_types.go              | 5 ++++-
 config/samples/azure_v1alpha1_mysqlserveradministrator.yaml | 4 ++--
 pkg/resourcemanager/mysql/mysqlhelper.go                    | 4 ++--
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/api/v1alpha1/mysqlserveradministrator_types.go b/api/v1alpha1/mysqlserveradministrator_types.go
index d8f7b3495c2..c02406a86ed 100644
--- a/api/v1alpha1/mysqlserveradministrator_types.go
+++ b/api/v1alpha1/mysqlserveradministrator_types.go
@@ -49,7 +49,10 @@ type MySQLServerAdministratorSpec struct {
 	// +kubebuilder:validation:Required
 	Login string `json:"login"`
 
-	//Sid: The server administrator Sid (Secure ID). If creating an AAD user, this is the OID of the entity in AAD.
+	//Sid: The server administrator Sid (Secure ID). If creating for
+	//an AAD user or group, this is the OID of the entity in AAD. For
+	//a managed identity this should be the Client ID (or app id) of
+	//the identity.
 	// +kubebuilder:validation:Required
 	Sid string `json:"sid"`
 
diff --git a/config/samples/azure_v1alpha1_mysqlserveradministrator.yaml b/config/samples/azure_v1alpha1_mysqlserveradministrator.yaml
index d70b94fb698..580ffce9e8c 100644
--- a/config/samples/azure_v1alpha1_mysqlserveradministrator.yaml
+++ b/config/samples/azure_v1alpha1_mysqlserveradministrator.yaml
@@ -9,7 +9,7 @@ spec:
   # This must be the name of the AAD entity. In the case of a managed identity use the name of the managed identity.
   # For example: "myuser@microsoft.com" might be the login if specifying an AAD user. "my-mi" might be the name of a managed identity.
   login: my-mi
-  # The sid is the OID of the AAD entity
+  # The sid should be the client id (sometimes called app id) for a managed identity.
+  # For a "normal" (non-managed identity) user or group, this is the OID of the user or group.
   sid: 00000000-0000-0000-0000-000000000000
   tenantId: 00000000-0000-0000-0000-000000000000
-
diff --git a/pkg/resourcemanager/mysql/mysqlhelper.go b/pkg/resourcemanager/mysql/mysqlhelper.go
index 372d35b9db0..548fd7263ba 100644
--- a/pkg/resourcemanager/mysql/mysqlhelper.go
+++ b/pkg/resourcemanager/mysql/mysqlhelper.go
@@ -45,7 +45,7 @@ func ConnectToSqlDB(ctx context.Context, driverName string, fullServer string, d
 
 	err = db.PingContext(ctx)
 	if err != nil {
-		return db, fmt.Errorf("error ping the mysql db:  %v", err)
+		return db, fmt.Errorf("error pinging the mysql db (%s:%d/%s): %v", fullServer, port, database, err)
 	}
 
 	return db, err
@@ -84,7 +84,7 @@ func ConnectToSQLDBAsCurrentUser(
 
 	err = db.PingContext(ctx)
 	if err != nil {
-		return db, fmt.Errorf("error ping the mysql db:  %v", err)
+		return db, fmt.Errorf("error pinging the mysql db (%s:%d/%s) as %s: %v", fullServer, port, database, user, err)
 	}
 
 	return db, err