terraform-provider-azuredevops icon indicating copy to clipboard operation
terraform-provider-azuredevops copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Add Personal Access Token Resource/Data Source to create/update/revok…

Open cparkins opened this issue 6 months ago • 6 comments

Add the ability to create/update/revoke/get Personal Access Tokens using the 7.1-preview API. Currently this requires a custom build of azure-devops-go-api that adds these features.

In testing there is currently an issue Authenticating against the Azure DevOps API which is difficult to understand. I believe this issue is related to the fact that these endpoints require an OAuth 2.0 token:

https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/service-principal-managed-identity?toc=%2Fazure%2Fdevops%2Forganizations%2Fsecurity%2Ftoc.json&view=azure-devops#get-a-microsoft-entra-id-token

Here is an example of the error seen when debug logging is enabled:

azuredevops_personal_access_token.pat: Creating...
2024-08-21T17:03:00.896-0600 [INFO]  Starting apply for azuredevops_personal_access_token.pat
2024-08-21T17:03:00.897-0600 [DEBUG] azuredevops_personal_access_token.pat: applying the planned Create change
2024-08-21T17:03:00.897-0600 [INFO]  provider.terraform-provider-azuredevops_v0.0.1: 2024/08/21 17:03:00 [DEBUG] setting computed for "scope" from ComputedKeys: timestamp=2024-08-21T17:03:00.897-0600
2024-08-21T17:03:00.897-0600 [INFO]  provider.terraform-provider-azuredevops_v0.0.1: 2024/08/21 17:03:00 [DEBUG] setting computed for "target_accounts" from ComputedKeys: timestamp=2024-08-21T17:03:00.897-0600
2024-08-21T17:03:01.968-0600 [ERROR] provider.terraform-provider-azuredevops_v0.0.1: Response contains error diagnostic: tf_proto_version=5.3 tf_provider_addr=registry.terraform.io/microsoft/azuredevops diagnostic_severity=ERROR diagnostic_summary=" creating pat token in Azure DevOps: API resource location 55967393-20ef-45c6-a96c-b5d5d5986a9a is not registered on https://vssps.dev.azure.com/***REDACTED***" tf_resource_type=azuredevops_personal_access_token @caller=/Users/cparkins/code/terraform-provider-azuredevops/vendor/github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/diag/diagnostics.go:55 diagnostic_detail= tf_rpc=ApplyResourceChange @module=sdk.proto tf_req_id=4e9562d5-dd4d-c121-f24f-141b2f69d312 timestamp=2024-08-21T17:03:01.968-0600
2024-08-21T17:03:01.974-0600 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-08-21T17:03:01.974-0600 [ERROR] vertex "azuredevops_personal_access_token.pat" error:  creating pat token in Azure DevOps: API resource location 55967393-20ef-45c6-a96c-b5d5d5986a9a is not registered on https://vssps.dev.azure.com/***REDACTED***.
╷
│ Error:  creating pat token in Azure DevOps: API resource location 55967393-20ef-45c6-a96c-b5d5d5986a9a is not registered on https://vssps.dev.azure.com/***REDACTED***.
│
│   with azuredevops_personal_access_token.pat,
│   on main.tf line 20, in resource "azuredevops_personal_access_token" "pat":
│   20: resource "azuredevops_personal_access_token" "pat" {
│
╵
2024-08-21T17:03:01.980-0600 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-08-21T17:03:01.981-0600 [DEBUG] provider: plugin process exited: path=.terraform/providers/terraform.local/local/azuredevops/0.0.1/darwin_arm64/terraform-provider-azuredevops_v0.0.1 pid=21160
2024-08-21T17:03:01.981-0600 [DEBUG] provider: plugin exited

Until these issues are resolved this code is unusable. I submitted the PR to see if I could recruit some help in getting this fully tested (I have been able to get these endpoints working without Terraform).

All Submissions:

  • [X] Have you added an explanation of what your changes do and why you'd like us to include them?
  • [X] I have updated the documentation accordingly.
  • [X] I have added tests to cover my changes.
  • [X] All new and existing tests passed.
  • [X] My code follows the code style of this project.
  • [X] I ran lint checks locally prior to submission.
  • [X] Have you checked to ensure there aren't other open PRs for the same update/change?

What about the current behavior has changed?

A new Resource and Data Source are added to represent Personal Access Tokens.

Issue Number:

Does this introduce a change to go.mod, go.sum or vendor/?

  • [X] Yes
  • [ ] No

This change requires the addition of the v7/tokens module.

Does this introduce a breaking change?

  • [ ] Yes
  • [X] No

Any relevant logs, error output, etc?

See above.

Other information

There is currently an issue with the Authentication methods that the Provider uses that requires some additional work to get this fully functional.

cparkins avatar Aug 22 '24 00:08 cparkins