From 6e35658010103b5df98662ef389860cb4f9db5f2 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 30 Dec 2024 16:52:59 +1100 Subject: [PATCH 01/18] Tom's state --- go.mod | 16 +- go.sum | 17 + .../azure/{arm_client.go => api_client.go} | 124 ++----- .../backend/remote-state/azure/backend.go | 307 +++++++++++------- .../remote-state/azure/backend_state.go | 10 +- internal/backend/remote-state/azure/go.mod | 14 +- internal/backend/remote-state/azure/go.sum | 33 ++ .../backend/remote-state/azure/helpers.go | 145 +++++++++ .../remote-state/azure/helpers_test.go | 16 +- 9 files changed, 448 insertions(+), 234 deletions(-) rename internal/backend/remote-state/azure/{arm_client.go => api_client.go} (51%) create mode 100644 internal/backend/remote-state/azure/helpers.go diff --git a/go.mod b/go.mod index 9e4dafd19256..1fbc61812683 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/go-test/deep v1.0.3 github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 - github.com/google/uuid v1.3.1 + github.com/google/uuid v1.4.0 github.com/hashicorp/cli v1.1.6 github.com/hashicorp/copywrite v0.16.3 github.com/hashicorp/go-checkpoint v0.5.0 @@ -72,7 +72,7 @@ require ( go.opentelemetry.io/otel/trace v1.24.0 golang.org/x/crypto v0.21.0 golang.org/x/mod v0.16.0 - golang.org/x/net v0.22.0 + golang.org/x/net v0.23.0 golang.org/x/oauth2 v0.18.0 golang.org/x/sys v0.19.0 golang.org/x/term v0.18.0 @@ -94,8 +94,8 @@ require ( github.com/AlecAivazis/survey/v2 v2.3.6 // indirect github.com/Azure/azure-sdk-for-go v59.2.0+incompatible // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.27 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect + github.com/Azure/go-autorest/autorest v0.11.29 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect @@ -168,7 +168,7 @@ require ( github.com/go-openapi/swag v0.19.14 // indirect github.com/gofrs/uuid v4.0.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.4.2 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect @@ -182,7 +182,9 @@ require ( github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.45 // indirect github.com/hashicorp/consul/api v1.13.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-azure-helpers v0.43.0 // indirect + github.com/hashicorp/go-azure-helpers v0.67.0 // indirect + github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 // indirect + github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 // indirect github.com/hashicorp/go-immutable-radix v1.0.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect @@ -239,7 +241,7 @@ require ( github.com/tencentyun/cos-go-sdk-v5 v0.7.42 // indirect github.com/thanhpk/randstr v1.0.4 // indirect github.com/thlib/go-timezone-local v0.0.0-20210907160436-ef149e42d28e // indirect - github.com/tombuildsstuff/giovanni v0.15.1 // indirect + github.com/tombuildsstuff/giovanni v0.27.0 // indirect github.com/ulikunitz/xz v0.5.10 // indirect github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect diff --git a/go.sum b/go.sum index 841efe419747..26b04007a960 100644 --- a/go.sum +++ b/go.sum @@ -203,12 +203,15 @@ github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqe github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= +github.com/Azure/go-autorest/autorest/adal v0.9.23/go.mod h1:5pcMqFkdPhviJdlEy3kC/v1ZLnQl0MH6XA5YCcMhy4c= github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 h1:iuooz5cZL6VRcO7DVSFYxRcouqn6bFVE/e77Wts50Zk= @@ -503,6 +506,7 @@ github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzw github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= @@ -603,6 +607,7 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= @@ -643,6 +648,12 @@ github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/go-azure-helpers v0.12.0/go.mod h1:Zc3v4DNeX6PDdy7NljlYpnrdac1++qNW0I4U+ofGwpg= github.com/hashicorp/go-azure-helpers v0.43.0 h1:larj4ZgwO3hKzA9xIOTXRW4NBpI6F3K8wpig8eikNOw= github.com/hashicorp/go-azure-helpers v0.43.0/go.mod h1:ofh+59GPB8g/lWI08711STfrIPSPOlXQkuMc8rovpBk= +github.com/hashicorp/go-azure-helpers v0.66.2/go.mod h1:kJxXrFtJKJdOEqvad8pllAe7dhP4DbN8J6sqFZe47+4= +github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= +github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 h1:jvdGTdPZhl5PBAQO2VdTewQlQiZ2NW68wJztVEYMDGc= +github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320/go.mod h1:Ts5vRL3KPw8iLit+4WSi1hOWlRCx++wJrCkMGj69xBY= github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= @@ -994,6 +1005,7 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.563/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y= @@ -1014,6 +1026,8 @@ github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tombuildsstuff/giovanni v0.15.1 h1:CVRaLOJ7C/eercCrKIsarfJ4SZoGMdBL9Q2deFDUXco= github.com/tombuildsstuff/giovanni v0.15.1/go.mod h1:0TZugJPEtqzPlMpuJHYfXY6Dq2uLPrXf98D2XQSxNbA= +github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= +github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= @@ -1101,8 +1115,10 @@ golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= @@ -1210,6 +1226,7 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= diff --git a/internal/backend/remote-state/azure/arm_client.go b/internal/backend/remote-state/azure/api_client.go similarity index 51% rename from internal/backend/remote-state/azure/arm_client.go rename to internal/backend/remote-state/azure/api_client.go index 511dcdedfeae..7b1604fe122b 100644 --- a/internal/backend/remote-state/azure/arm_client.go +++ b/internal/backend/remote-state/azure/api_client.go @@ -8,25 +8,24 @@ import ( "fmt" "log" "os" - "time" + "strings" - "github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/resources/mgmt/resources" - armStorage "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-01-01/storage" "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/hashicorp/go-azure-helpers/authentication" - "github.com/hashicorp/go-azure-helpers/sender" + "github.com/hashicorp/go-azure-sdk/resource-manager/resources/2024-03-01/resourcegroups" + "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" + "github.com/hashicorp/go-azure-sdk/sdk/auth" + "github.com/hashicorp/go-azure-sdk/sdk/client" + "github.com/hashicorp/go-azure-sdk/sdk/environments" "github.com/hashicorp/terraform/internal/httpclient" "github.com/hashicorp/terraform/version" - "github.com/manicminer/hamilton/environments" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/containers" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" ) -type ArmClient struct { +type Client struct { // These Clients are only initialized if an Access Key isn't provided - groupsClient *resources.GroupsClient - storageAccountsClient *armStorage.AccountsClient + resourceGroupsClient *resourcegroups.ResourceGroupsClient + storageAccountsClient *storageaccounts.StorageAccountsClient containersClient *containers.Client blobsClient *blobs.Client @@ -34,20 +33,20 @@ type ArmClient struct { azureAdStorageAuth *autorest.Authorizer accessKey string - environment azure.Environment + environment environments.Environment resourceGroupName string storageAccountName string sasToken string } -func buildArmClient(ctx context.Context, config BackendConfig) (*ArmClient, error) { - env, err := authentication.AzureEnvironmentByNameFromEndpoint(ctx, config.MetadataHost, config.Environment) +func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { + resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.ResourceManager) if err != nil { - return nil, err + return nil, fmt.Errorf("unable to build authorizer for Resource Manager API: %+v", err) } - client := ArmClient{ - environment: *env, + client := Client{ + environment: config.AuthConfig.Environment, resourceGroupName: config.ResourceGroupName, storageAccountName: config.StorageAccountName, } @@ -64,82 +63,22 @@ func buildArmClient(ctx context.Context, config BackendConfig) (*ArmClient, erro return &client, nil } - builder := authentication.Builder{ - ClientID: config.ClientID, - SubscriptionID: config.SubscriptionID, - TenantID: config.TenantID, - CustomResourceManagerEndpoint: config.CustomResourceManagerEndpoint, - MetadataHost: config.MetadataHost, - Environment: config.Environment, - ClientSecretDocsLink: "https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_client_secret", - - // Service Principal (Client Certificate) - ClientCertPassword: config.ClientCertificatePassword, - ClientCertPath: config.ClientCertificatePath, - - // Service Principal (Client Secret) - ClientSecret: config.ClientSecret, - - // Managed Service Identity - MsiEndpoint: config.MsiEndpoint, - - // OIDC - IDToken: config.OIDCToken, - IDTokenFilePath: config.OIDCTokenFilePath, - IDTokenRequestURL: config.OIDCRequestURL, - IDTokenRequestToken: config.OIDCRequestToken, - - // Feature Toggles - SupportsAzureCliToken: true, - SupportsClientCertAuth: true, - SupportsClientSecretAuth: true, - SupportsManagedServiceIdentity: config.UseMsi, - SupportsOIDCAuth: config.UseOIDC, - UseMicrosoftGraph: true, - } - armConfig, err := builder.Build() - if err != nil { - return nil, fmt.Errorf("Error building ARM Config: %+v", err) - } - - oauthConfig, err := armConfig.BuildOAuthConfig(env.ActiveDirectoryEndpoint) - if err != nil { - return nil, err - } - - hamiltonEnv, err := environments.EnvironmentFromString(config.Environment) + client.resourceGroupsClient, err = resourcegroups.NewResourceGroupsClientWithBaseURI(config.AuthConfig.Environment.ResourceManager) if err != nil { - return nil, err + return nil, fmt.Errorf("building Resource Groups client: %+v", err) } + client.configureClient(client.resourceGroupsClient.Client, resourceManagerAuth) - sender := sender.BuildSender("backend/remote-state/azure") - log.Printf("[DEBUG] Obtaining an MSAL / Microsoft Graph token for Resource Manager..") - auth, err := armConfig.GetMSALToken(ctx, hamiltonEnv.ResourceManager, sender, oauthConfig, env.TokenAudience) + client.storageAccountsClient, err = storageaccounts.NewStorageAccountsClientWithBaseURI(config.AuthConfig.Environment.ResourceManager) if err != nil { - return nil, err + return nil, fmt.Errorf("building Storage Accounts client: %+v", err) } - - if config.UseAzureADAuthentication { - log.Printf("[DEBUG] Obtaining an MSAL / Microsoft Graph token for Storage..") - storageAuth, err := armConfig.GetMSALToken(ctx, hamiltonEnv.Storage, sender, oauthConfig, env.ResourceIdentifiers.Storage) - if err != nil { - return nil, err - } - client.azureAdStorageAuth = &storageAuth - } - - accountsClient := armStorage.NewAccountsClientWithBaseURI(env.ResourceManagerEndpoint, armConfig.SubscriptionID) - client.configureClient(&accountsClient.Client, auth) - client.storageAccountsClient = &accountsClient - - groupsClient := resources.NewGroupsClientWithBaseURI(env.ResourceManagerEndpoint, armConfig.SubscriptionID) - client.configureClient(&groupsClient.Client, auth) - client.groupsClient = &groupsClient + client.configureClient(client.storageAccountsClient.Client, resourceManagerAuth) return &client, nil } -func (c ArmClient) getBlobClient(ctx context.Context) (*blobs.Client, error) { +func (c *Client) getBlobClient(ctx context.Context) (*blobs.Client, error) { if c.sasToken != "" { log.Printf("[DEBUG] Building the Blob Client from a SAS Token") storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken) @@ -184,7 +123,7 @@ func (c ArmClient) getBlobClient(ctx context.Context) (*blobs.Client, error) { return &blobsClient, nil } -func (c ArmClient) getContainersClient(ctx context.Context) (*containers.Client, error) { +func (c *Client) getContainersClient(ctx context.Context) (*containers.Client, error) { if c.sasToken != "" { log.Printf("[DEBUG] Building the Container Client from a SAS Token") storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken) @@ -229,16 +168,13 @@ func (c ArmClient) getContainersClient(ctx context.Context) (*containers.Client, return &containersClient, nil } -func (c *ArmClient) configureClient(client *autorest.Client, auth autorest.Authorizer) { - client.UserAgent = buildUserAgent() - client.Authorizer = auth - client.Sender = buildSender() - client.SkipResourceProviderRegistration = false - client.PollingDuration = 60 * time.Minute +func (c *Client) configureClient(client client.BaseClient, authorizer auth.Authorizer) { + client.SetAuthorizer(authorizer) + client.SetUserAgent(buildUserAgent(client.GetUserAgent())) } -func buildUserAgent() string { - userAgent := httpclient.TerraformUserAgent(version.Version) +func buildUserAgent(userAgent string) string { + userAgent = strings.TrimSpace(fmt.Sprintf("%s %s", userAgent, httpclient.TerraformUserAgent(version.Version))) // append the CloudShell version to the user agent if it exists if azureAgent := os.Getenv("AZURE_HTTP_USER_AGENT"); azureAgent != "" { diff --git a/internal/backend/remote-state/azure/backend.go b/internal/backend/remote-state/azure/backend.go index c3a1ebbf1ef9..c7bdf61e4ca1 100644 --- a/internal/backend/remote-state/azure/backend.go +++ b/internal/backend/remote-state/azure/backend.go @@ -7,6 +7,8 @@ import ( "context" "fmt" + "github.com/hashicorp/go-azure-sdk/sdk/auth" + "github.com/hashicorp/go-azure-sdk/sdk/environments" "github.com/hashicorp/terraform/internal/backend" "github.com/hashicorp/terraform/internal/legacy/helper/schema" ) @@ -15,6 +17,19 @@ import ( func New() backend.Backend { s := &schema.Backend{ Schema: map[string]*schema.Schema{ + "subscription_id": { + Type: schema.TypeString, + Optional: true, // TODO: make this Required in a future version + Description: "The Subscription ID where the Storage Account is located.", + DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""), + }, + + "resource_group_name": { + Type: schema.TypeString, + Optional: true, + Description: "The Resource Group where the Storage Account is located.", + }, + "storage_account_name": { Type: schema.TypeString, Required: true, @@ -24,157 +39,173 @@ func New() backend.Backend { "container_name": { Type: schema.TypeString, Required: true, - Description: "The container name.", + Description: "The container name to use in the Storage Account.", }, "key": { Type: schema.TypeString, Required: true, - Description: "The blob key.", + Description: "The blob key to use in the Storage Container.", }, - "metadata_host": { - Type: schema.TypeString, - Required: true, - DefaultFunc: schema.EnvDefaultFunc("ARM_METADATA_HOST", ""), - Description: "The Metadata URL which will be used to obtain the Cloud Environment.", + "snapshot": { + Type: schema.TypeBool, + Optional: true, + Description: "Whether to enable automatic blob snapshotting.", + DefaultFunc: schema.EnvDefaultFunc("ARM_SNAPSHOT", false), }, "environment": { Type: schema.TypeString, Optional: true, - Description: "The Azure cloud environment.", + Description: "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not used and should not be specified when `metadata_host` is specified.", DefaultFunc: schema.EnvDefaultFunc("ARM_ENVIRONMENT", "public"), }, + "metadata_host": { + Type: schema.TypeString, + Required: true, + DefaultFunc: schema.MultiEnvDefaultFunc([]string{"ARM_METADATA_HOSTNAME", "ARM_METADATA_HOST"}, ""), // TODO: remove support for `METADATA_HOST` in a future version + Description: "The Hostname which should be used for the Azure Metadata Service.", + }, + "access_key": { Type: schema.TypeString, Optional: true, - Description: "The access key.", + Description: "The access key to use when authenticating using a Storage Access Key.", DefaultFunc: schema.EnvDefaultFunc("ARM_ACCESS_KEY", ""), }, "sas_token": { Type: schema.TypeString, Optional: true, - Description: "A SAS Token used to interact with the Blob Storage Account.", + Description: "The SAS Token to use when authenticating using a SAS Token.", DefaultFunc: schema.EnvDefaultFunc("ARM_SAS_TOKEN", ""), }, - "snapshot": { - Type: schema.TypeBool, - Optional: true, - Description: "Enable/Disable automatic blob snapshotting", - DefaultFunc: schema.EnvDefaultFunc("ARM_SNAPSHOT", false), - }, - - "resource_group_name": { + "tenant_id": { Type: schema.TypeString, Optional: true, - Description: "The resource group name.", + Description: "The Tenant ID to use when authenticating using Azure Active Directory.", + DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""), }, "client_id": { Type: schema.TypeString, Optional: true, - Description: "The Client ID.", + Description: "The Client ID to use when authenticating using Azure Active Directory.", DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""), }, "endpoint": { - Type: schema.TypeString, - Optional: true, - Description: "A custom Endpoint used to access the Azure Resource Manager API's.", - DefaultFunc: schema.EnvDefaultFunc("ARM_ENDPOINT", ""), + Type: schema.TypeString, + Optional: true, + Deprecated: "`endpoint` is deprecated and no longer used, it will be removed in a future version of Terraform", }, - "subscription_id": { + // Client Certificate specific fields + "client_certificate": { Type: schema.TypeString, Optional: true, - Description: "The Subscription ID.", - DefaultFunc: schema.EnvDefaultFunc("ARM_SUBSCRIPTION_ID", ""), + DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_CERTIFICATE", ""), + Description: "Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate", }, - "tenant_id": { + "client_certificate_path": { Type: schema.TypeString, Optional: true, - Description: "The Tenant ID.", - DefaultFunc: schema.EnvDefaultFunc("ARM_TENANT_ID", ""), + Description: "The path to the Client Certificate associated with the Service Principal for use when authenticating as a Service Principal using a Client Certificate.", + DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_CERTIFICATE_PATH", ""), }, - // Service Principal (Client Certificate) specific "client_certificate_password": { Type: schema.TypeString, Optional: true, - Description: "The password associated with the Client Certificate specified in `client_certificate_path`", + Description: "The password associated with the Client Certificate. For use when authenticating as a Service Principal using a Client Certificate", DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_CERTIFICATE_PASSWORD", ""), }, - "client_certificate_path": { - Type: schema.TypeString, - Optional: true, - Description: "The path to the PFX file used as the Client Certificate when authenticating as a Service Principal", - DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_CERTIFICATE_PATH", ""), - }, - // Service Principal (Client Secret) specific + // Client Secret specific fields "client_secret": { Type: schema.TypeString, Optional: true, - Description: "The Client Secret.", + Description: "The Client Secret which should be used. For use When authenticating as a Service Principal using a Client Secret.", DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""), }, - // Managed Service Identity specific - "use_msi": { + // OIDC specific fields + "use_oidc": { Type: schema.TypeBool, Optional: true, - Description: "Should Managed Service Identity be used?", - DefaultFunc: schema.EnvDefaultFunc("ARM_USE_MSI", false), + DefaultFunc: schema.EnvDefaultFunc("ARM_USE_OIDC", false), + Description: "Allow OpenID Connect to be used for authentication", }, - "msi_endpoint": { + + "oidc_request_token": { Type: schema.TypeString, Optional: true, - Description: "The Managed Service Identity Endpoint.", - DefaultFunc: schema.EnvDefaultFunc("ARM_MSI_ENDPOINT", ""), + DefaultFunc: schema.MultiEnvDefaultFunc([]string{"ARM_OIDC_REQUEST_TOKEN", "ACTIONS_ID_TOKEN_REQUEST_TOKEN"}, ""), + Description: "The bearer token for the request to the OIDC provider. For use when authenticating as a Service Principal using OpenID Connect.", }, - // OIDC auth specific fields - "use_oidc": { - Type: schema.TypeBool, + "oidc_request_url": { + Type: schema.TypeString, Optional: true, - DefaultFunc: schema.EnvDefaultFunc("ARM_USE_OIDC", false), - Description: "Allow OIDC to be used for authentication", + DefaultFunc: schema.MultiEnvDefaultFunc([]string{"ARM_OIDC_REQUEST_URL", "ACTIONS_ID_TOKEN_REQUEST_URL"}, ""), + Description: "The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Principal using OpenID Connect.", }, + "oidc_token": { Type: schema.TypeString, Optional: true, DefaultFunc: schema.EnvDefaultFunc("ARM_OIDC_TOKEN", ""), - Description: "A generic JWT token that can be used for OIDC authentication. Should not be used in conjunction with `oidc_request_token`.", + Description: "The OIDC ID token for use when authenticating as a Service Principal using OpenID Connect.", }, + "oidc_token_file_path": { Type: schema.TypeString, Optional: true, DefaultFunc: schema.EnvDefaultFunc("ARM_OIDC_TOKEN_FILE_PATH", ""), - Description: "Path to file containing a generic JWT token that can be used for OIDC authentication. Should not be used in conjunction with `oidc_request_token`.", + Description: "The path to a file containing an OIDC ID token for use when authenticating as a Service Principal using OpenID Connect.", }, - "oidc_request_url": { - Type: schema.TypeString, + + // Managed Identity specific fields + "use_msi": { + Type: schema.TypeBool, Optional: true, - DefaultFunc: schema.MultiEnvDefaultFunc([]string{"ARM_OIDC_REQUEST_URL", "ACTIONS_ID_TOKEN_REQUEST_URL"}, ""), - Description: "The URL of the OIDC provider from which to request an ID token. Needs to be used in conjunction with `oidc_request_token`. This is meant to be used for Github Actions.", + Description: "Allow Managed Identity to be used for Authentication.", + DefaultFunc: schema.EnvDefaultFunc("ARM_USE_MSI", false), }, - "oidc_request_token": { + + "msi_endpoint": { Type: schema.TypeString, Optional: true, - DefaultFunc: schema.MultiEnvDefaultFunc([]string{"ARM_OIDC_REQUEST_TOKEN", "ACTIONS_ID_TOKEN_REQUEST_TOKEN"}, ""), - Description: "The bearer token to use for the request to the OIDC providers `oidc_request_url` URL to fetch an ID token. Needs to be used in conjunction with `oidc_request_url`. This is meant to be used for Github Actions.", + Description: "The path to a custom endpoint for Managed Identity - in most circumstances this should be detected automatically.", + DefaultFunc: schema.EnvDefaultFunc("ARM_MSI_ENDPOINT", ""), + }, + + // Azure CLI specific fields + "use_cli": { + Type: schema.TypeBool, + Optional: true, + Default: true, + DefaultFunc: schema.EnvDefaultFunc("ARM_USE_CLI", true), + Description: "Allow Azure CLI to be used for Authentication.", + }, + + // Azure AKS Workload Identity fields + "use_aks_workload_identity": { + Type: schema.TypeBool, + Optional: true, + DefaultFunc: schema.EnvDefaultFunc("ARM_USE_AKS_WORKLOAD_IDENTITY", false), + Description: "Allow Azure AKS Workload Identity to be used for Authentication.", }, // Feature Flags "use_azuread_auth": { Type: schema.TypeBool, Optional: true, - Description: "Should Terraform use AzureAD Authentication to access the Blob?", + Description: "Whether to use Azure Active Directory authentication to access the Storage Data Plane APIs.", DefaultFunc: schema.EnvDefaultFunc("ARM_USE_AZUREAD", false), }, }, @@ -189,7 +220,7 @@ type Backend struct { *schema.Backend // The fields below are set from configure - armClient *ArmClient + apiClient *Client containerName string keyName string accountName string @@ -197,33 +228,17 @@ type Backend struct { } type BackendConfig struct { - // Required - StorageAccountName string - - // Optional - AccessKey string - ClientID string - ClientCertificatePassword string - ClientCertificatePath string - ClientSecret string - CustomResourceManagerEndpoint string - MetadataHost string - Environment string - MsiEndpoint string - OIDCToken string - OIDCTokenFilePath string - OIDCRequestURL string - OIDCRequestToken string - ResourceGroupName string - SasToken string - SubscriptionID string - TenantID string - UseMsi bool - UseOIDC bool - UseAzureADAuthentication bool + AccessKey string + AuthConfig *auth.Credentials + ResourceGroupName string + SasToken string + StorageAccountName string + SubscriptionID string // TODO needed? + UseAzureADAuthentication bool } func (b *Backend) configure(ctx context.Context) error { + // TODO what is this? if b.containerName != "" { return nil } @@ -235,40 +250,104 @@ func (b *Backend) configure(ctx context.Context) error { b.keyName = data.Get("key").(string) b.snapshot = data.Get("snapshot").(bool) - config := BackendConfig{ - AccessKey: data.Get("access_key").(string), - ClientID: data.Get("client_id").(string), - ClientCertificatePassword: data.Get("client_certificate_password").(string), - ClientCertificatePath: data.Get("client_certificate_path").(string), - ClientSecret: data.Get("client_secret").(string), - CustomResourceManagerEndpoint: data.Get("endpoint").(string), - MetadataHost: data.Get("metadata_host").(string), - Environment: data.Get("environment").(string), - MsiEndpoint: data.Get("msi_endpoint").(string), - OIDCToken: data.Get("oidc_token").(string), - OIDCTokenFilePath: data.Get("oidc_token_file_path").(string), - OIDCRequestURL: data.Get("oidc_request_url").(string), - OIDCRequestToken: data.Get("oidc_request_token").(string), - ResourceGroupName: data.Get("resource_group_name").(string), - SasToken: data.Get("sas_token").(string), - StorageAccountName: data.Get("storage_account_name").(string), - SubscriptionID: data.Get("subscription_id").(string), - TenantID: data.Get("tenant_id").(string), - UseMsi: data.Get("use_msi").(bool), - UseOIDC: data.Get("use_oidc").(bool), - UseAzureADAuthentication: data.Get("use_azuread_auth").(bool), + var clientCertificateData []byte + if encodedCert := data.Get("client_certificate").(string); encodedCert != "" { + var err error + clientCertificateData, err = decodeCertificate(encodedCert) + if err != nil { + return err + } + } + + oidcToken, err := getOidcToken(data) + if err != nil { + return err + } + + clientSecret, err := getClientSecret(data) + if err != nil { + return err + } + + clientId, err := getClientId(data) + if err != nil { + return err + } + + tenantId, err := getTenantId(data) + if err != nil { + return err + } + + var ( + env *environments.Environment + + envName = data.Get("environment").(string) + metadataHost = data.Get("metadata_host").(string) + ) + + if metadataHost != "" { + logEntry("[DEBUG] Configuring cloud environment from Metadata Service at %q", metadataHost) + if env, err = environments.FromEndpoint(ctx, fmt.Sprintf("https://%s", metadataHost)); err != nil { + return err + } + } else { + logEntry("[DEBUG] Configuring built-in cloud environment by name: %q", envName) + if env, err = environments.FromName(envName); err != nil { + return err + } + } + + var ( + enableAzureCli = data.Get("use_cli").(bool) + enableManagedIdentity = data.Get("use_msi").(bool) + enableOidc = data.Get("use_oidc").(bool) || data.Get("use_aks_workload_identity").(bool) + ) + + authConfig := &auth.Credentials{ + Environment: *env, + ClientID: *clientId, + TenantID: *tenantId, + + ClientCertificateData: clientCertificateData, + ClientCertificatePath: data.Get("client_certificate_path").(string), + ClientCertificatePassword: data.Get("client_certificate_password").(string), + ClientSecret: *clientSecret, + + OIDCAssertionToken: *oidcToken, + GitHubOIDCTokenRequestURL: data.Get("oidc_request_url").(string), + GitHubOIDCTokenRequestToken: data.Get("oidc_request_token").(string), + + CustomManagedIdentityEndpoint: data.Get("msi_endpoint").(string), + + EnableAuthenticatingUsingClientCertificate: true, + EnableAuthenticatingUsingClientSecret: true, + EnableAuthenticatingUsingAzureCLI: enableAzureCli, + EnableAuthenticatingUsingManagedIdentity: enableManagedIdentity, + EnableAuthenticationUsingOIDC: enableOidc, + EnableAuthenticationUsingGitHubOIDC: enableOidc, + } + + backendConfig := BackendConfig{ + AccessKey: data.Get("access_key").(string), + AuthConfig: authConfig, + ResourceGroupName: data.Get("resource_group_name").(string), + SasToken: data.Get("sas_token").(string), + StorageAccountName: data.Get("storage_account_name").(string), + SubscriptionID: data.Get("subscription_id").(string), + UseAzureADAuthentication: data.Get("use_azuread_auth").(bool), } - armClient, err := buildArmClient(context.TODO(), config) + client, err := buildClient(ctx, backendConfig) if err != nil { return err } - thingsNeededToLookupAccessKeySpecified := config.AccessKey == "" && config.SasToken == "" && config.ResourceGroupName == "" - if thingsNeededToLookupAccessKeySpecified && !config.UseAzureADAuthentication { - return fmt.Errorf("Either an Access Key / SAS Token or the Resource Group for the Storage Account must be specified - or Azure AD Authentication must be enabled") + propertiesNeededToLookupAccessKeySpecified := backendConfig.AccessKey == "" && backendConfig.SasToken == "" && backendConfig.ResourceGroupName == "" + if propertiesNeededToLookupAccessKeySpecified && !backendConfig.UseAzureADAuthentication { + return fmt.Errorf("either an Access Key / SAS Token or the Resource Group for the Storage Account must be specified - or Azure AD Authentication must be enabled") } - b.armClient = armClient + b.apiClient = client return nil } diff --git a/internal/backend/remote-state/azure/backend_state.go b/internal/backend/remote-state/azure/backend_state.go index 4be5102953d1..23e7cffb9fc2 100644 --- a/internal/backend/remote-state/azure/backend_state.go +++ b/internal/backend/remote-state/azure/backend_state.go @@ -30,11 +30,11 @@ func (b *Backend) Workspaces() ([]string, error) { } ctx := context.TODO() - client, err := b.armClient.getContainersClient(ctx) + client, err := b.apiClient.getContainersClient(ctx) if err != nil { return nil, err } - resp, err := client.ListBlobs(ctx, b.armClient.storageAccountName, b.containerName, params) + resp, err := client.ListBlobs(ctx, b.apiClient.storageAccountName, b.containerName, params) if err != nil { return nil, err } @@ -67,12 +67,12 @@ func (b *Backend) DeleteWorkspace(name string, _ bool) error { } ctx := context.TODO() - client, err := b.armClient.getBlobClient(ctx) + client, err := b.apiClient.getBlobClient(ctx) if err != nil { return err } - if resp, err := client.Delete(ctx, b.armClient.storageAccountName, b.containerName, b.path(name), blobs.DeleteInput{}); err != nil { + if resp, err := client.Delete(ctx, b.apiClient.storageAccountName, b.containerName, b.path(name), blobs.DeleteInput{}); err != nil { if resp.Response.StatusCode != 404 { return err } @@ -83,7 +83,7 @@ func (b *Backend) DeleteWorkspace(name string, _ bool) error { func (b *Backend) StateMgr(name string) (statemgr.Full, error) { ctx := context.TODO() - blobClient, err := b.armClient.getBlobClient(ctx) + blobClient, err := b.apiClient.getBlobClient(ctx) if err != nil { return nil, err } diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index 5062259855aa..c3b65722694c 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -4,18 +4,18 @@ go 1.22.0 require ( github.com/Azure/azure-sdk-for-go v59.2.0+incompatible - github.com/Azure/go-autorest/autorest v0.11.27 - github.com/hashicorp/go-azure-helpers v0.43.0 + github.com/Azure/go-autorest/autorest v0.11.29 + github.com/hashicorp/go-azure-helpers v0.67.0 github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/terraform v0.0.0-00010101000000-000000000000 github.com/hashicorp/terraform/internal/legacy v0.0.0-00010101000000-000000000000 github.com/manicminer/hamilton v0.44.0 - github.com/tombuildsstuff/giovanni v0.15.1 + github.com/tombuildsstuff/giovanni v0.27.0 ) require ( github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect @@ -28,10 +28,12 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/fatih/color v1.16.0 // indirect - github.com/golang-jwt/jwt/v4 v4.4.2 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 // indirect + github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect @@ -55,7 +57,7 @@ require ( github.com/zclconf/go-cty v1.14.4 // indirect golang.org/x/crypto v0.21.0 // indirect golang.org/x/mod v0.16.0 // indirect - golang.org/x/net v0.22.0 // indirect + golang.org/x/net v0.23.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sys v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index 3e5ed94b07f0..a8e14d07ca3b 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -57,12 +57,15 @@ github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqe github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= +github.com/Azure/go-autorest/autorest/adal v0.9.23/go.mod h1:5pcMqFkdPhviJdlEy3kC/v1ZLnQl0MH6XA5YCcMhy4c= github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 h1:iuooz5cZL6VRcO7DVSFYxRcouqn6bFVE/e77Wts50Zk= @@ -133,6 +136,7 @@ github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzw github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -211,6 +215,12 @@ github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/go-azure-helpers v0.12.0/go.mod h1:Zc3v4DNeX6PDdy7NljlYpnrdac1++qNW0I4U+ofGwpg= github.com/hashicorp/go-azure-helpers v0.43.0 h1:larj4ZgwO3hKzA9xIOTXRW4NBpI6F3K8wpig8eikNOw= github.com/hashicorp/go-azure-helpers v0.43.0/go.mod h1:ofh+59GPB8g/lWI08711STfrIPSPOlXQkuMc8rovpBk= +github.com/hashicorp/go-azure-helpers v0.66.2/go.mod h1:kJxXrFtJKJdOEqvad8pllAe7dhP4DbN8J6sqFZe47+4= +github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= +github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 h1:jvdGTdPZhl5PBAQO2VdTewQlQiZ2NW68wJztVEYMDGc= +github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320/go.mod h1:Ts5vRL3KPw8iLit+4WSi1hOWlRCx++wJrCkMGj69xBY= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= @@ -301,22 +311,30 @@ github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAm github.com/spf13/afero v1.9.3 h1:41FoI0fD7OR7mGcKE/aOiLkGreyf8ifIOQmJANWogMk= github.com/spf13/afero v1.9.3/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tombuildsstuff/giovanni v0.15.1 h1:CVRaLOJ7C/eercCrKIsarfJ4SZoGMdBL9Q2deFDUXco= github.com/tombuildsstuff/giovanni v0.15.1/go.mod h1:0TZugJPEtqzPlMpuJHYfXY6Dq2uLPrXf98D2XQSxNbA= +github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= +github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/zclconf/go-cty v1.14.4 h1:uXXczd9QDGsgu0i/QFR/hzI5NYCHLf6NQw/atrbnhq8= github.com/zclconf/go-cty v1.14.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240417160409-8c45e122ae1a h1:/o/Emn22dZIQ7AhyA0aLOKo528WG/WRAM5tqzIoQIOs= @@ -340,6 +358,8 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -375,6 +395,7 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -409,8 +430,11 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -433,6 +457,7 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -474,11 +499,16 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -486,6 +516,8 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -538,6 +570,7 @@ golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/internal/backend/remote-state/azure/helpers.go b/internal/backend/remote-state/azure/helpers.go new file mode 100644 index 000000000000..7a4360736001 --- /dev/null +++ b/internal/backend/remote-state/azure/helpers.go @@ -0,0 +1,145 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package azure + +import ( + "encoding/base64" + "fmt" + "log" + "os" + "strings" + + "github.com/hashicorp/terraform/internal/legacy/helper/schema" +) + +// logEntry avoids log entries showing up in test output +func logEntry(f string, v ...interface{}) { + if os.Getenv("TF_LOG") == "" { + return + } + + if os.Getenv("TF_ACC") != "" { + return + } + + log.Printf(f, v...) +} + +func decodeCertificate(clientCertificate string) ([]byte, error) { + var pfx []byte + if clientCertificate != "" { + out := make([]byte, base64.StdEncoding.DecodedLen(len(clientCertificate))) + n, err := base64.StdEncoding.Decode(out, []byte(clientCertificate)) + if err != nil { + return pfx, fmt.Errorf("could not decode client certificate data: %v", err) + } + pfx = out[:n] + } + return pfx, nil +} + +func getOidcToken(d *schema.ResourceData) (*string, error) { + idToken := strings.TrimSpace(d.Get("oidc_token").(string)) + + if path := d.Get("oidc_token_file_path").(string); path != "" { + fileTokenRaw, err := os.ReadFile(path) + + if err != nil { + return nil, fmt.Errorf("reading OIDC Token from file %q: %v", path, err) + } + + fileToken := strings.TrimSpace(string(fileTokenRaw)) + + if idToken != "" && idToken != fileToken { + return nil, fmt.Errorf("mismatch between supplied OIDC token and supplied OIDC token file contents - please either remove one or ensure they match") + } + + idToken = fileToken + } + + if d.Get("use_aks_workload_identity").(bool) && os.Getenv("AZURE_FEDERATED_TOKEN_FILE") != "" { + path := os.Getenv("AZURE_FEDERATED_TOKEN_FILE") + fileTokenRaw, err := os.ReadFile(os.Getenv("AZURE_FEDERATED_TOKEN_FILE")) + + if err != nil { + return nil, fmt.Errorf("reading OIDC Token from file %q provided by AKS Workload Identity: %v", path, err) + } + + fileToken := strings.TrimSpace(string(fileTokenRaw)) + + if idToken != "" && idToken != fileToken { + return nil, fmt.Errorf("mismatch between supplied OIDC token and OIDC token file contents provided by AKS Workload Identity - please either remove one, ensure they match, or disable use_aks_workload_identity") + } + + idToken = fileToken + } + + return &idToken, nil +} + +func getClientId(d *schema.ResourceData) (*string, error) { + clientId := strings.TrimSpace(d.Get("client_id").(string)) + + if path := d.Get("client_id_file_path").(string); path != "" { + fileClientIdRaw, err := os.ReadFile(path) + + if err != nil { + return nil, fmt.Errorf("reading Client ID from file %q: %v", path, err) + } + + fileClientId := strings.TrimSpace(string(fileClientIdRaw)) + + if clientId != "" && clientId != fileClientId { + return nil, fmt.Errorf("mismatch between supplied Client ID and supplied Client ID file contents - please either remove one or ensure they match") + } + + clientId = fileClientId + } + + if d.Get("use_aks_workload_identity").(bool) && os.Getenv("AZURE_CLIENT_ID") != "" { + aksClientId := os.Getenv("AZURE_CLIENT_ID") + if clientId != "" && clientId != aksClientId { + return nil, fmt.Errorf("mismatch between supplied Client ID and that provided by AKS Workload Identity - please remove, ensure they match, or disable use_aks_workload_identity") + } + clientId = aksClientId + } + + return &clientId, nil +} + +func getClientSecret(d *schema.ResourceData) (*string, error) { + clientSecret := strings.TrimSpace(d.Get("client_secret").(string)) + + if path := d.Get("client_secret_file_path").(string); path != "" { + fileSecretRaw, err := os.ReadFile(path) + + if err != nil { + return nil, fmt.Errorf("reading Client Secret from file %q: %v", path, err) + } + + fileSecret := strings.TrimSpace(string(fileSecretRaw)) + + if clientSecret != "" && clientSecret != fileSecret { + return nil, fmt.Errorf("mismatch between supplied Client Secret and supplied Client Secret file contents - please either remove one or ensure they match") + } + + clientSecret = fileSecret + } + + return &clientSecret, nil +} + +func getTenantId(d *schema.ResourceData) (*string, error) { + tenantId := strings.TrimSpace(d.Get("tenant_id").(string)) + + if d.Get("use_aks_workload_identity").(bool) && os.Getenv("AZURE_TENANT_ID") != "" { + aksTenantId := os.Getenv("AZURE_TENANT_ID") + if tenantId != "" && tenantId != aksTenantId { + return nil, fmt.Errorf("mismatch between supplied Tenant ID and that provided by AKS Workload Identity - please remove, ensure they match, or disable use_aks_workload_identity") + } + tenantId = aksTenantId + } + + return &tenantId, nil +} diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 8d879e270f62..c3452e01bcb2 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -52,7 +52,7 @@ func testAccAzureBackendRunningInGitHubActions(t *testing.T) { } } -func buildTestClient(t *testing.T, res resourceNames) *ArmClient { +func buildTestClient(t *testing.T, res resourceNames) *Client { subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") tenantID := os.Getenv("ARM_TENANT_ID") clientID := os.Getenv("ARM_CLIENT_ID") @@ -86,7 +86,7 @@ func buildTestClient(t *testing.T, res resourceNames) *ArmClient { // Endpoint is optional (only for Stack) endpoint := os.Getenv("ARM_ENDPOINT") - armClient, err := buildArmClient(context.TODO(), BackendConfig{ + armClient, err := buildClient(context.TODO(), BackendConfig{ SubscriptionID: subscriptionID, TenantID: tenantID, ClientID: clientID, @@ -99,7 +99,7 @@ func buildTestClient(t *testing.T, res resourceNames) *ArmClient { UseAzureADAuthentication: res.useAzureADAuth, }) if err != nil { - t.Fatalf("Failed to build ArmClient: %+v", err) + t.Fatalf("Failed to build Client: %+v", err) } return armClient @@ -153,9 +153,9 @@ func testResourceNames(rString string, keyName string) resourceNames { } } -func (c *ArmClient) buildTestResources(ctx context.Context, names *resourceNames) error { +func (c *Client) buildTestResources(ctx context.Context, names *resourceNames) error { log.Printf("Creating Resource Group %q", names.resourceGroup) - _, err := c.groupsClient.CreateOrUpdate(ctx, names.resourceGroup, resources.Group{Location: &names.location}) + _, err := c.resourceGroupsClient.CreateOrUpdate(ctx, names.resourceGroup, resources.Group{Location: &names.location}) if err != nil { return fmt.Errorf("failed to create test resource group: %s", err) } @@ -215,15 +215,15 @@ func (c *ArmClient) buildTestResources(ctx context.Context, names *resourceNames return nil } -func (c ArmClient) destroyTestResources(ctx context.Context, resources resourceNames) error { +func (c *Client) destroyTestResources(ctx context.Context, resources resourceNames) error { log.Printf("[DEBUG] Deleting Resource Group %q..", resources.resourceGroup) - future, err := c.groupsClient.Delete(ctx, resources.resourceGroup) + future, err := c.resourceGroupsClient.Delete(ctx, resources.resourceGroup) if err != nil { return fmt.Errorf("Error deleting Resource Group: %+v", err) } log.Printf("[DEBUG] Waiting for deletion of Resource Group %q..", resources.resourceGroup) - err = future.WaitForCompletionRef(ctx, c.groupsClient.Client) + err = future.WaitForCompletionRef(ctx, c.resourceGroupsClient.Client) if err != nil { return fmt.Errorf("Error waiting for the deletion of Resource Group: %+v", err) } From 60f6c1b388feedea450293e97f45c58fdd5e2725 Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 30 Dec 2024 16:59:53 +1100 Subject: [PATCH 02/18] Pass `go mod tidy` by updating giovanni storage api version from 2018-11-09 to 2023-11-03 --- go.mod | 17 +-- go.sum | 90 ++++--------- .../remote-state/azure/backend_state.go | 4 +- internal/backend/remote-state/azure/client.go | 2 +- .../backend/remote-state/azure/client_test.go | 2 +- internal/backend/remote-state/azure/go.mod | 25 ++-- internal/backend/remote-state/azure/go.sum | 123 +++++------------- .../remote-state/azure/helpers_test.go | 2 +- 8 files changed, 84 insertions(+), 181 deletions(-) diff --git a/go.mod b/go.mod index edad693e109e..691444814344 100644 --- a/go.mod +++ b/go.mod @@ -80,7 +80,7 @@ require ( golang.org/x/tools v0.25.0 golang.org/x/tools/cmd/cover v0.1.0-deprecated google.golang.org/grpc v1.59.0 - google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0 + google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0 google.golang.org/protobuf v1.34.2 honnef.co/go/tools v0.5.1 ) @@ -91,14 +91,10 @@ require ( cloud.google.com/go/iam v1.1.1 // indirect cloud.google.com/go/storage v1.30.1 // indirect github.com/AlecAivazis/survey/v2 v2.3.7 // indirect - github.com/Azure/azure-sdk-for-go v59.2.0+incompatible // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest v0.11.29 // indirect github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect - github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect - github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect - github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect @@ -154,7 +150,6 @@ require ( github.com/cli/shurcooL-graphql v0.0.4 // indirect github.com/cloudflare/circl v1.4.0 // indirect github.com/creack/pty v1.1.17 // indirect - github.com/dimchansky/utfbom v1.1.1 // indirect github.com/dylanmei/iso8601 v0.1.0 // indirect github.com/emicklei/go-restful/v3 v3.8.0 // indirect github.com/fatih/color v1.17.0 // indirect @@ -186,13 +181,17 @@ require ( github.com/hashicorp/go-azure-helpers v0.67.0 // indirect github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 // indirect github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 // indirect + github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-immutable-radix v1.0.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/golang-lru v0.5.1 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect github.com/hashicorp/serf v0.9.6 // indirect + github.com/hashicorp/terraform-plugin-go v0.14.3 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 // indirect github.com/hashicorp/yamux v0.1.1 // indirect github.com/henvic/httpretty v0.1.3 // indirect github.com/huandu/xstrings v1.3.3 // indirect @@ -210,8 +209,6 @@ require ( github.com/lib/pq v1.10.3 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect github.com/mailru/easyjson v0.7.6 // indirect - github.com/manicminer/hamilton v0.44.0 // indirect - github.com/manicminer/hamilton-autorest v0.2.0 // indirect github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-runewidth v0.0.16 // indirect @@ -244,7 +241,10 @@ require ( github.com/thlib/go-timezone-local v0.0.3 // indirect github.com/tombuildsstuff/giovanni v0.27.0 // indirect github.com/ulikunitz/xz v0.5.10 // indirect + github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect + github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/vmihailenco/tagparser v0.1.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect go.mongodb.org/mongo-driver v1.16.1 // indirect go.opencensus.io v0.24.0 // indirect @@ -276,6 +276,7 @@ require ( sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.2.0 // indirect + software.sslmate.com/src/go-pkcs12 v0.4.0 // indirect ) // Some of the packages in this codebase are split into separate Go modules diff --git a/go.sum b/go.sum index f140c51a1c54..c918807d2161 100644 --- a/go.sum +++ b/go.sum @@ -190,42 +190,24 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ= github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= -github.com/Azure/azure-sdk-for-go v45.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v47.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v59.2.0+incompatible h1:mbxiZy1K820hQ+dI+YIO/+a0wQDYqOu18BAGe4lXjVk= github.com/Azure/azure-sdk-for-go v59.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.3/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= -github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= -github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= -github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= -github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= +github.com/Azure/go-autorest/autorest/adal v0.9.23 h1:Yepx8CvFxwNKpH6ja7RZ+sKX+DWYNldbLiALMC3BTz8= github.com/Azure/go-autorest/autorest/adal v0.9.23/go.mod h1:5pcMqFkdPhviJdlEy3kC/v1ZLnQl0MH6XA5YCcMhy4c= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 h1:iuooz5cZL6VRcO7DVSFYxRcouqn6bFVE/e77Wts50Zk= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.4/go.mod h1:yAQ2b6eP/CmLPnmLvxtT1ALIY3OR1oFcCqVBi8vHiTc= github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= @@ -282,6 +264,7 @@ github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4t github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= github.com/apparentlymart/go-shquot v0.0.1 h1:MGV8lwxF4zw75lN7e0MGs7o6AFYn7L6AZaExUpLh0Mo= github.com/apparentlymart/go-shquot v0.0.1/go.mod h1:lw58XsE5IgUXZ9h0cxnypdx31p9mPFIVEQ9P3c7MlrU= +github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/apparentlymart/go-userdirs v0.0.0-20200915174352-b0c018a67c13 h1:JtuelWqyixKApmXm3qghhZ7O96P6NKpyrlSIe8Rwnhw= @@ -420,10 +403,6 @@ github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= -github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dylanmei/iso8601 v0.1.0 h1:812NGQDBcqquTfH5Yeo7lwR0nzx/cKdsmf3qMjPURUI= @@ -450,7 +429,6 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= @@ -500,17 +478,9 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -<<<<<<< HEAD -github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= -github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -======= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= ->>>>>>> upstream/main github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= @@ -528,6 +498,7 @@ github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -610,14 +581,8 @@ github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkj github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -<<<<<<< HEAD -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -======= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= ->>>>>>> upstream/main github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= @@ -655,10 +620,7 @@ github.com/hashicorp/copywrite v0.19.0/go.mod h1:6wvQH+ICDoD2bpjO1RJ6fi+h3aY5NeL github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.12.0/go.mod h1:Zc3v4DNeX6PDdy7NljlYpnrdac1++qNW0I4U+ofGwpg= -github.com/hashicorp/go-azure-helpers v0.43.0 h1:larj4ZgwO3hKzA9xIOTXRW4NBpI6F3K8wpig8eikNOw= -github.com/hashicorp/go-azure-helpers v0.43.0/go.mod h1:ofh+59GPB8g/lWI08711STfrIPSPOlXQkuMc8rovpBk= -github.com/hashicorp/go-azure-helpers v0.66.2/go.mod h1:kJxXrFtJKJdOEqvad8pllAe7dhP4DbN8J6sqFZe47+4= +github.com/hashicorp/go-azure-helpers v0.67.0 h1:0RY6mY3W3Ym2I+jExLtyLx96fh6p5n9vidqisAKGUSE= github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= @@ -670,11 +632,12 @@ github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= github.com/hashicorp/go-getter v1.7.5 h1:dT58k9hQ/vbxNMwoI5+xFYAJuv6152UNvdHokfI5wE4= github.com/hashicorp/go-getter v1.7.5/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= github.com/hashicorp/go-hclog v0.8.0/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= @@ -691,7 +654,6 @@ github.com/hashicorp/go-plugin v1.0.1/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn github.com/hashicorp/go-plugin v1.6.0 h1:wgd4KxHJTVGGqWBq4QPB1i5BZNEx9BR8+OFmHDmTk8A= github.com/hashicorp/go-plugin v1.6.0/go.mod h1:lBS5MtSSBZk0SHc66KACcjjlU6WzEVP/8pwz68aMkCI= github.com/hashicorp/go-retryablehttp v0.5.4/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-rootcerts v1.0.1/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= @@ -709,12 +671,10 @@ github.com/hashicorp/go-tfe v1.70.0 h1:R5a9Z+jdVz6eRWtSLsl1nw+5Qe/swunZcJgeKK5NQ github.com/hashicorp/go-tfe v1.70.0/go.mod h1:2rOcdTxXwbWm0W7dCKjC3Ec8KQ+HhW165GiurXNshc4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= @@ -727,14 +687,19 @@ github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3q github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= github.com/hashicorp/jsonapi v1.3.1 h1:GtPvnmcWgYwCuDGvYT5VZBHcUyFdq9lSyCzDjn1DdPo= github.com/hashicorp/jsonapi v1.3.1/go.mod h1:kWfdn49yCjQvbpnvY1dxxAuAFzISwrrMDQOcu6NsFoM= +github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.3.0 h1:8+567mCcFDnS5ADl7lrpxPMWiFCElyUEeW0gtj34fMA= github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/serf v0.9.6 h1:uuEX1kLR6aoda1TBttmJQKDLZE1Ob7KN0NPdE7EtCDc= github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= +github.com/hashicorp/terraform-plugin-go v0.14.3 h1:nlnJ1GXKdMwsC8g1Nh05tK2wsC3+3BL/DBBxFEki+j0= +github.com/hashicorp/terraform-plugin-go v0.14.3/go.mod h1:7ees7DMZ263q8wQ6E4RdIdR6nHHJtrdt4ogX5lPkX1A= github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 h1:G9WAfb8LHeCxu7Ae8nc1agZlQOSCUWsb610iAogBhCs= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1/go.mod h1:xcOSYlRVdPLmDUoqPhO9fiO/YCN/l6MGYeTzGt5jgkQ= github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI= github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM= github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= @@ -809,8 +774,9 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/lib/pq v1.10.3 h1:v9QZf2Sn6AmjXtQeFpdoq/eaNtYP6IN+7lcrygsIAtg= github.com/lib/pq v1.10.3/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= @@ -819,11 +785,6 @@ github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/manicminer/hamilton v0.43.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.44.0 h1:mLb4Vxbt2dsAvOpaB7xd/5D8LaTTX6ACwVP4TmW8qwE= -github.com/manicminer/hamilton v0.44.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton-autorest v0.2.0 h1:dDL+t2DrQza0EfNYINYCvXISeNwVqzgVAQh+CH/19ZU= -github.com/manicminer/hamilton-autorest v0.2.0/go.mod h1:NselDpNTImEmOc/fa41kPg6YhDt/6S95ejWbTGZ6tlg= github.com/masterzen/simplexml v0.0.0-20160608183007-4572e39b1ab9/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786 h1:2ZKn+w/BJeL43sCxI2jhPLRv73oVVOjEKZjKkflyqxg= github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= @@ -1028,14 +989,19 @@ github.com/thanhpk/randstr v1.0.6 h1:psAOktJFD4vV9NEVb3qkhRSMvYh4ORRaj1+w/hn4B+o github.com/thanhpk/randstr v1.0.6/go.mod h1:M/H2P1eNLZzlDwAzpkkkUvoyNNMbzRGhESZuEQk3r0U= github.com/thlib/go-timezone-local v0.0.3 h1:ie5XtZWG5lQ4+1MtC5KZ/FeWlOKzW2nPoUnXYUbV/1s= github.com/thlib/go-timezone-local v0.0.3/go.mod h1:/Tnicc6m/lsJE0irFMA0LfIwTBo4QP7A8IfyIv4zZKI= -github.com/tombuildsstuff/giovanni v0.15.1 h1:CVRaLOJ7C/eercCrKIsarfJ4SZoGMdBL9Q2deFDUXco= -github.com/tombuildsstuff/giovanni v0.15.1/go.mod h1:0TZugJPEtqzPlMpuJHYfXY6Dq2uLPrXf98D2XQSxNbA= github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= +github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= +github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= +github.com/vmihailenco/tagparser v0.1.1 h1:quXMXlA39OCbd2wAdTsGDlK9RkOk6Wuw+x37wVyIuWY= +github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= @@ -1108,11 +1074,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -1221,14 +1184,8 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -<<<<<<< HEAD -golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -======= golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= ->>>>>>> upstream/main golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1678,8 +1635,9 @@ google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCD google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0 h1:M1YKkFIboKNieVO5DLUEVzQfGwJD30Nv2jfUgzb5UcE= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0 h1:TLkBREm4nIsEcexnCjgQd5GQWaHcqMzwQV0TX9pq8S0= +google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0/go.mod h1:DNq5QpG7LJqD2AamLZ7zvKE0DEpVl2BSEVjFycAAjRY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1760,3 +1718,5 @@ sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kF sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= +software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k= +software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= diff --git a/internal/backend/remote-state/azure/backend_state.go b/internal/backend/remote-state/azure/backend_state.go index 23e7cffb9fc2..0c29615f9f78 100644 --- a/internal/backend/remote-state/azure/backend_state.go +++ b/internal/backend/remote-state/azure/backend_state.go @@ -13,8 +13,8 @@ import ( "github.com/hashicorp/terraform/internal/states" "github.com/hashicorp/terraform/internal/states/remote" "github.com/hashicorp/terraform/internal/states/statemgr" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/containers" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" ) const ( diff --git a/internal/backend/remote-state/azure/client.go b/internal/backend/remote-state/azure/client.go index 59a936d6e5b4..af5e8cfad2d9 100644 --- a/internal/backend/remote-state/azure/client.go +++ b/internal/backend/remote-state/azure/client.go @@ -13,7 +13,7 @@ import ( "net/http" "github.com/hashicorp/go-uuid" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" "github.com/hashicorp/terraform/internal/states/remote" "github.com/hashicorp/terraform/internal/states/statemgr" diff --git a/internal/backend/remote-state/azure/client_test.go b/internal/backend/remote-state/azure/client_test.go index 849c4e7e689b..172d1feecec9 100644 --- a/internal/backend/remote-state/azure/client_test.go +++ b/internal/backend/remote-state/azure/client_test.go @@ -8,7 +8,7 @@ import ( "os" "testing" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" "github.com/hashicorp/terraform/internal/backend" "github.com/hashicorp/terraform/internal/states/remote" diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index 2b3da55fab5c..a369aa2930ff 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -6,17 +6,17 @@ require ( github.com/Azure/azure-sdk-for-go v59.2.0+incompatible github.com/Azure/go-autorest/autorest v0.11.29 github.com/hashicorp/go-azure-helpers v0.67.0 + github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 + github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/terraform v0.0.0-00010101000000-000000000000 github.com/hashicorp/terraform/internal/legacy v0.0.0-00010101000000-000000000000 - github.com/manicminer/hamilton v0.44.0 github.com/tombuildsstuff/giovanni v0.27.0 ) require ( github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect - github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect @@ -26,34 +26,36 @@ require ( github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/apparentlymart/go-versions v1.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/dimchansky/utfbom v1.1.1 // indirect - github.com/fatih/color v1.16.0 // indirect github.com/fatih/color v1.17.0 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang-jwt/jwt/v4 v4.5.1 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 // indirect - github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/go-slug v0.16.0 // indirect github.com/hashicorp/go-version v1.7.0 // indirect github.com/hashicorp/hcl/v2 v2.23.0 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect + github.com/hashicorp/terraform-plugin-go v0.14.3 // indirect + github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 // indirect github.com/hashicorp/terraform-registry-address v0.2.3 // indirect github.com/hashicorp/terraform-svchost v0.1.1 // indirect - github.com/manicminer/hamilton-autorest v0.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/spf13/afero v1.9.5 // indirect - github.com/stretchr/testify v1.8.4 // indirect + github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect + github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect + github.com/vmihailenco/tagparser v0.1.1 // indirect github.com/zclconf/go-cty v1.15.1 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/mod v0.21.0 // indirect @@ -63,6 +65,9 @@ require ( golang.org/x/sys v0.28.0 // indirect golang.org/x/text v0.21.0 // indirect golang.org/x/tools v0.25.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/protobuf v1.34.2 // indirect + software.sslmate.com/src/go-pkcs12 v0.4.0 // indirect ) replace github.com/hashicorp/terraform/internal/backend/remote-state/azure => ../azure diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index f9b05ff7b011..692feda9092e 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -44,42 +44,24 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f cloud.google.com/go/storage v1.30.1 h1:uOdMxAs8HExqBlnLtnQyP0YkvbiDpdGShGKtx6U/oNM= cloud.google.com/go/storage v1.30.1/go.mod h1:NfxhC0UJE1aXSx7CIIbCf7y9HKT7BiccwkR7+P7gN8E= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v45.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v47.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v59.2.0+incompatible h1:mbxiZy1K820hQ+dI+YIO/+a0wQDYqOu18BAGe4lXjVk= github.com/Azure/azure-sdk-for-go v59.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.3/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.10/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= -github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= -github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= -github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= github.com/Azure/go-autorest/autorest v0.11.29/go.mod h1:ZtEzC4Jy2JDrZLxvWs8LrBWEBycl1hbT1eknI8MtfAs= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= -github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= +github.com/Azure/go-autorest/autorest/adal v0.9.23 h1:Yepx8CvFxwNKpH6ja7RZ+sKX+DWYNldbLiALMC3BTz8= github.com/Azure/go-autorest/autorest/adal v0.9.23/go.mod h1:5pcMqFkdPhviJdlEy3kC/v1ZLnQl0MH6XA5YCcMhy4c= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.4 h1:iuooz5cZL6VRcO7DVSFYxRcouqn6bFVE/e77Wts50Zk= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.4/go.mod h1:yAQ2b6eP/CmLPnmLvxtT1ALIY3OR1oFcCqVBi8vHiTc= github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= @@ -88,6 +70,7 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY= github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/apparentlymart/go-versions v1.0.2 h1:n5Gg9YvSLK8Zzpy743J7abh2jt7z7ammOQ0oTd/5oA4= @@ -107,10 +90,6 @@ github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnht github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= -github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -120,7 +99,6 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -128,15 +106,9 @@ github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3a github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -<<<<<<< HEAD -github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= -github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -======= github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= ->>>>>>> upstream/main github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -150,6 +122,7 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -198,7 +171,6 @@ github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLe github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.4 h1:1kZ/sQM3srePvKs3tXAvQzo66XfcReoqFpIpIccE7Oc= github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -212,43 +184,44 @@ github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.12.0/go.mod h1:Zc3v4DNeX6PDdy7NljlYpnrdac1++qNW0I4U+ofGwpg= -github.com/hashicorp/go-azure-helpers v0.43.0 h1:larj4ZgwO3hKzA9xIOTXRW4NBpI6F3K8wpig8eikNOw= -github.com/hashicorp/go-azure-helpers v0.43.0/go.mod h1:ofh+59GPB8g/lWI08711STfrIPSPOlXQkuMc8rovpBk= -github.com/hashicorp/go-azure-helpers v0.66.2/go.mod h1:kJxXrFtJKJdOEqvad8pllAe7dhP4DbN8J6sqFZe47+4= +github.com/hashicorp/go-azure-helpers v0.67.0 h1:0RY6mY3W3Ym2I+jExLtyLx96fh6p5n9vidqisAKGUSE= github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 h1:jvdGTdPZhl5PBAQO2VdTewQlQiZ2NW68wJztVEYMDGc= github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320/go.mod h1:Ts5vRL3KPw8iLit+4WSi1hOWlRCx++wJrCkMGj69xBY= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= +github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= github.com/hashicorp/go-getter v1.7.5 h1:dT58k9hQ/vbxNMwoI5+xFYAJuv6152UNvdHokfI5wE4= github.com/hashicorp/go-getter v1.7.5/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= -github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= github.com/hashicorp/go-slug v0.16.0 h1:S/ko9fms1gf6305ktJNUKGxFmscZ+yWvAtsas0SYUyA= github.com/hashicorp/go-slug v0.16.0/go.mod h1:THWVTAXwJEinbsp4/bBRcmbaO5EYNLTqxbG4tZ3gCYQ= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos= github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= +github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= +github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/terraform-plugin-go v0.14.3 h1:nlnJ1GXKdMwsC8g1Nh05tK2wsC3+3BL/DBBxFEki+j0= +github.com/hashicorp/terraform-plugin-go v0.14.3/go.mod h1:7ees7DMZ263q8wQ6E4RdIdR6nHHJtrdt4ogX5lPkX1A= +github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= +github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1 h1:G9WAfb8LHeCxu7Ae8nc1agZlQOSCUWsb610iAogBhCs= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.26.1/go.mod h1:xcOSYlRVdPLmDUoqPhO9fiO/YCN/l6MGYeTzGt5jgkQ= github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI= github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM= github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= @@ -263,16 +236,14 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B9Sx9c= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= -github.com/manicminer/hamilton v0.43.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton v0.44.0 h1:mLb4Vxbt2dsAvOpaB7xd/5D8LaTTX6ACwVP4TmW8qwE= -github.com/manicminer/hamilton v0.44.0/go.mod h1:lbVyngC+/nCWuDp8UhC6Bw+bh7jcP/E+YwqzHTmzemk= -github.com/manicminer/hamilton-autorest v0.2.0 h1:dDL+t2DrQza0EfNYINYCvXISeNwVqzgVAQh+CH/19ZU= -github.com/manicminer/hamilton-autorest v0.2.0/go.mod h1:NselDpNTImEmOc/fa41kPg6YhDt/6S95ejWbTGZ6tlg= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -305,7 +276,6 @@ github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= @@ -316,28 +286,26 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/tombuildsstuff/giovanni v0.15.1 h1:CVRaLOJ7C/eercCrKIsarfJ4SZoGMdBL9Q2deFDUXco= -github.com/tombuildsstuff/giovanni v0.15.1/go.mod h1:0TZugJPEtqzPlMpuJHYfXY6Dq2uLPrXf98D2XQSxNbA= github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= +github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= +github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= +github.com/vmihailenco/tagparser v0.1.1 h1:quXMXlA39OCbd2wAdTsGDlK9RkOk6Wuw+x37wVyIuWY= +github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -<<<<<<< HEAD github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.14.4 h1:uXXczd9QDGsgu0i/QFR/hzI5NYCHLf6NQw/atrbnhq8= -github.com/zclconf/go-cty v1.14.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= -github.com/zclconf/go-cty-debug v0.0.0-20240417160409-8c45e122ae1a h1:/o/Emn22dZIQ7AhyA0aLOKo528WG/WRAM5tqzIoQIOs= -github.com/zclconf/go-cty-debug v0.0.0-20240417160409-8c45e122ae1a/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= -======= github.com/zclconf/go-cty v1.15.1 h1:RgQYm4j2EvoBRXOPxhUvxPzRrGDo1eCOhHXuGfrj5S0= github.com/zclconf/go-cty v1.15.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= ->>>>>>> upstream/main go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -351,20 +319,12 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -<<<<<<< HEAD golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -======= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= ->>>>>>> upstream/main golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -398,14 +358,9 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -<<<<<<< HEAD golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= -golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -======= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= ->>>>>>> upstream/main golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -438,16 +393,10 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -<<<<<<< HEAD golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -======= golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= ->>>>>>> upstream/main golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -457,7 +406,6 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -470,14 +418,9 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -<<<<<<< HEAD golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -======= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= ->>>>>>> upstream/main golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -535,14 +478,10 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -<<<<<<< HEAD +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -======= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= ->>>>>>> upstream/main golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -593,14 +532,9 @@ golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -<<<<<<< HEAD golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= -golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= -======= golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE= golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg= ->>>>>>> upstream/main golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -712,6 +646,7 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -728,3 +663,5 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k= +software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index c3452e01bcb2..6abc33a97f40 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -17,7 +17,7 @@ import ( armStorage "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-01-01/storage" "github.com/Azure/go-autorest/autorest" sasStorage "github.com/hashicorp/go-azure-helpers/storage" - "github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/containers" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" ) const ( From 95ce780efc2b6b7bec36e4ea7754192f36cf83fc Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 30 Dec 2024 18:02:04 +1100 Subject: [PATCH 03/18] Doc: Add the newly added fields --- website/docs/language/backend/azurerm.mdx | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/website/docs/language/backend/azurerm.mdx b/website/docs/language/backend/azurerm.mdx index 6b91937ddb94..adc52261a6ce 100644 --- a/website/docs/language/backend/azurerm.mdx +++ b/website/docs/language/backend/azurerm.mdx @@ -514,16 +514,14 @@ The following configuration options are supported: * `key` - (Required) The name of the Blob used to retrieve/store Terraform's State file inside the Storage Container. -* `environment` - (Optional) The Azure Environment which should be used. This can also be sourced from the `ARM_ENVIRONMENT` environment variable. Possible values are `public`, `china`, `german`, `stack` and `usgovernment`. Defaults to `public`. - -* `endpoint` - (Optional) The Custom Endpoint for Azure Resource Manager. This can also be sourced from the `ARM_ENDPOINT` environment variable. - -~> **NOTE:** An `endpoint` should only be configured when using Azure Stack. +* `environment` - (Optional) The Azure Environment which should be used. This can also be sourced from the `ARM_ENVIRONMENT` environment variable. Possible values are `public`, `china` and `usgovernment`. Defaults to `public`. * `metadata_host` - (Optional) The Hostname of the Azure Metadata Service (for example `management.azure.com`), used to obtain the Cloud Environment when using a Custom Azure Environment. This can also be sourced from the `ARM_METADATA_HOSTNAME` Environment Variable. * `snapshot` - (Optional) Should the Blob used to store the Terraform Statefile be snapshotted before use? Defaults to `false`. This value can also be sourced from the `ARM_SNAPSHOT` environment variable. +* `use_cli` - (Optional) Should Azure CLI be used for authentication? Defaults to `false`. This value can also be sourced from the `ARM_USE_CLI` environment variable. + *** When authenticating using a Managed Identity (MSI) - the following fields are also supported: @@ -552,6 +550,8 @@ When authenticating using a Service Principal with OpenID Connect (OIDC / Worklo * `use_oidc` - (Optional) Should OIDC authentication be used? This can also be sourced from the `ARM_USE_OIDC` environment variable. +* `use_aks_workload_identity` (Optional) Should Azure AKS Workload Identity be used for Authentication? This can also be sourced from the `ARM_USE_AKS_WORKLOAD_IDENTITY` environment variable. + *** When authenticating using a SAS Token associated with the Storage Account - the following fields are also supported: @@ -584,6 +584,8 @@ When authenticating using a Service Principal with a Client Certificate - the fo * `client_certificate_path` - (Optional) The path to the PFX file used as the Client Certificate when authenticating as a Service Principal. This can also be sourced from the `ARM_CLIENT_CERTIFICATE_PATH` environment variable. +* `client_certificate` - (Optional) Base64 encoded PKCS#12 certificate bundle to use when authenticating as a Service Principal using a Client Certificate. This can also be sourced from the `ARM_CLIENT_CERTIFICATE` environment variable. + * `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. * `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. From b4c2bf5461e38106e1afefe4e2e6c8c04e409b50 Mon Sep 17 00:00:00 2001 From: magodo Date: Tue, 31 Dec 2024 15:32:57 +1100 Subject: [PATCH 04/18] Behavior code implemented and locally tested (sas/access key/aad/NA) --- .../backend/remote-state/azure/api_client.go | 248 +++++++++++++----- .../backend/remote-state/azure/backend.go | 42 ++- .../remote-state/azure/backend_state.go | 17 +- internal/backend/remote-state/azure/client.go | 66 +++-- .../backend/remote-state/azure/helpers.go | 2 + .../azure/storage_client_helpers.go | 165 ++++++++++++ website/docs/language/backend/azurerm.mdx | 6 + 7 files changed, 430 insertions(+), 116 deletions(-) create mode 100644 internal/backend/remote-state/azure/storage_client_helpers.go diff --git a/internal/backend/remote-state/azure/api_client.go b/internal/backend/remote-state/azure/api_client.go index 7b1604fe122b..9d55d2129eba 100644 --- a/internal/backend/remote-state/azure/api_client.go +++ b/internal/backend/remote-state/azure/api_client.go @@ -7,10 +7,11 @@ import ( "context" "fmt" "log" + "net/http" "os" "strings" - "github.com/Azure/go-autorest/autorest" + "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" "github.com/hashicorp/go-azure-sdk/resource-manager/resources/2024-03-01/resourcegroups" "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" "github.com/hashicorp/go-azure-sdk/sdk/auth" @@ -26,28 +27,25 @@ type Client struct { // These Clients are only initialized if an Access Key isn't provided resourceGroupsClient *resourcegroups.ResourceGroupsClient storageAccountsClient *storageaccounts.StorageAccountsClient - containersClient *containers.Client - blobsClient *blobs.Client - // azureAdStorageAuth is only here if we're using AzureAD Authentication but is an Authorizer for Storage - azureAdStorageAuth *autorest.Authorizer + // Caching + containersClient *containers.Client + blobsClient *blobs.Client - accessKey string environment environments.Environment - resourceGroupName string storageAccountName string - sasToken string + + accountDetail *AccountDetails + + accessKey string + sasToken string + // azureAdStorageAuth is only here if we're using AzureAD Authentication but is an Authorizer for Storage + azureAdStorageAuth auth.Authorizer } func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { - resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.ResourceManager) - if err != nil { - return nil, fmt.Errorf("unable to build authorizer for Resource Manager API: %+v", err) - } - client := Client{ environment: config.AuthConfig.Environment, - resourceGroupName: config.ResourceGroupName, storageAccountName: config.StorageAccountName, } @@ -59,10 +57,19 @@ func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { // likewise with a SAS token if config.SasToken != "" { - client.sasToken = config.SasToken + sasToken := config.SasToken + if strings.TrimSpace(sasToken) == "" { + return nil, fmt.Errorf("sasToken cannot be empty") + } + client.sasToken = strings.TrimPrefix(sasToken, "?") + return &client, nil } + resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.ResourceManager) + if err != nil { + return nil, fmt.Errorf("unable to build authorizer for Resource Manager API: %+v", err) + } client.resourceGroupsClient, err = resourcegroups.NewResourceGroupsClientWithBaseURI(config.AuthConfig.Environment.ResourceManager) if err != nil { return nil, fmt.Errorf("building Resource Groups client: %+v", err) @@ -75,97 +82,200 @@ func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { } client.configureClient(client.storageAccountsClient.Client, resourceManagerAuth) + client.azureAdStorageAuth, err = auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.Storage) + if err != nil { + return nil, fmt.Errorf("unable to build authorizer for Storage API: %+v", err) + } + + // Populating the storage account detail + said := commonids.NewStorageAccountID(config.SubscriptionID, config.ResourceGroupName, client.storageAccountName) + resp, err := client.storageAccountsClient.GetProperties(ctx, said, storageaccounts.DefaultGetPropertiesOperationOptions()) + if err != nil { + return nil, fmt.Errorf("getting %s: %+v", said, err) + } + if resp.Model == nil { + return nil, fmt.Errorf("unexpected null model of %s", said) + } + client.accountDetail, err = populateAccountDetails(said, *resp.Model) + if err != nil { + return nil, fmt.Errorf("populating details for %s: %+v", said, err) + } + return &client, nil } -func (c *Client) getBlobClient(ctx context.Context) (*blobs.Client, error) { +func (c *Client) getBlobClient(ctx context.Context) (bc *blobs.Client, err error) { + if c.blobsClient != nil { + return c.blobsClient, nil + } + + defer func() { + if err == nil { + c.blobsClient = bc + } + }() + if c.sasToken != "" { log.Printf("[DEBUG] Building the Blob Client from a SAS Token") - storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken) + baseURL, err := naiveStorageAccountBlobBaseURL(c.environment, c.storageAccountName) if err != nil { - return nil, fmt.Errorf("Error building Authorizer: %+v", err) + return nil, fmt.Errorf("build storage account blob base URL: %v", err) } - - blobsClient := blobs.NewWithEnvironment(c.environment) - c.configureClient(&blobsClient.Client, storageAuth) - return &blobsClient, nil - } - - if c.azureAdStorageAuth != nil { - blobsClient := blobs.NewWithEnvironment(c.environment) - c.configureClient(&blobsClient.Client, *c.azureAdStorageAuth) - return &blobsClient, nil + blobsClient, err := blobs.NewWithBaseUri(baseURL) + if err != nil { + return nil, fmt.Errorf("new blob client: %v", err) + } + c.configureClient(blobsClient.Client, nil) + blobsClient.Client.AppendRequestMiddleware(func(r *http.Request) (*http.Request, error) { + if r.URL.RawQuery == "" { + r.URL.RawQuery = c.sasToken + } else if !strings.Contains(r.URL.RawQuery, c.sasToken) { + r.URL.RawQuery = fmt.Sprintf("%s&%s", r.URL.RawQuery, c.sasToken) + } + return r, nil + }) + return blobsClient, nil } - accessKey := c.accessKey - if accessKey == "" { - log.Printf("[DEBUG] Building the Blob Client from an Access Token (using user credentials)") - keys, err := c.storageAccountsClient.ListKeys(ctx, c.resourceGroupName, c.storageAccountName, "") + if c.accessKey != "" { + log.Printf("[DEBUG] Building the Blob Client from an Access Key") + baseURL, err := naiveStorageAccountBlobBaseURL(c.environment, c.storageAccountName) + if err != nil { + return nil, fmt.Errorf("build storage account blob base URL: %v", err) + } + blobsClient, err := blobs.NewWithBaseUri(baseURL) if err != nil { - return nil, fmt.Errorf("Error retrieving keys for Storage Account %q: %s", c.storageAccountName, err) + return nil, fmt.Errorf("new blob client: %v", err) } + c.configureClient(blobsClient.Client, nil) - if keys.Keys == nil { - return nil, fmt.Errorf("Nil key returned for storage account %q", c.storageAccountName) + authorizer, err := auth.NewSharedKeyAuthorizer(c.storageAccountName, c.accessKey, auth.SharedKey) + if err != nil { + return nil, fmt.Errorf("new shared key authorizer: %v", err) } + c.configureClient(blobsClient.Client, authorizer) + + return blobsClient, nil + } + + // Neither shared access key nor sas token specified, then we have the storage account details populated. + // This detail can be used to get the "most" correct blob endpoint comparing to the naive construction. + baseUri, err := c.accountDetail.DataPlaneEndpoint(EndpointTypeBlob) + if err != nil { + return nil, err + } + blobsClient, err := blobs.NewWithBaseUri(*baseUri) + if err != nil { + return nil, fmt.Errorf("new blob client: %v", err) + } + + if c.azureAdStorageAuth != nil { + log.Printf("[DEBUG] Building the Blob Client from AAD auth") + c.configureClient(blobsClient.Client, c.azureAdStorageAuth) + return blobsClient, nil + } - accessKeys := *keys.Keys - accessKey = *accessKeys[0].Value + log.Printf("[DEBUG] Building the Blob Client from an Access Token (using user credentials)") + key, err := c.accountDetail.AccountKey(ctx, c.storageAccountsClient) + if err != nil { + return nil, fmt.Errorf("Error retrieving key for Storage Account %q: %s", c.storageAccountName, err) } + accessKey := *key - storageAuth, err := autorest.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, autorest.SharedKey) + authorizer, err := auth.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, auth.SharedKey) if err != nil { - return nil, fmt.Errorf("Error building Authorizer: %+v", err) + return nil, fmt.Errorf("new shared key authorizer: %v", err) } + c.configureClient(blobsClient.Client, authorizer) - blobsClient := blobs.NewWithEnvironment(c.environment) - c.configureClient(&blobsClient.Client, storageAuth) - return &blobsClient, nil + return blobsClient, nil } -func (c *Client) getContainersClient(ctx context.Context) (*containers.Client, error) { +func (c *Client) getContainersClient(ctx context.Context) (cc *containers.Client, err error) { + if c.containersClient != nil { + return c.containersClient, nil + } + + defer func() { + if err == nil { + c.containersClient = cc + } + }() + if c.sasToken != "" { log.Printf("[DEBUG] Building the Container Client from a SAS Token") - storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken) + baseURL, err := naiveStorageAccountBlobBaseURL(c.environment, c.storageAccountName) if err != nil { - return nil, fmt.Errorf("Error building Authorizer: %+v", err) + return nil, fmt.Errorf("build storage account blob base URL: %v", err) } - - containersClient := containers.NewWithEnvironment(c.environment) - c.configureClient(&containersClient.Client, storageAuth) - return &containersClient, nil - } - - if c.azureAdStorageAuth != nil { - containersClient := containers.NewWithEnvironment(c.environment) - c.configureClient(&containersClient.Client, *c.azureAdStorageAuth) - return &containersClient, nil + containersClient, err := containers.NewWithBaseUri(baseURL) + if err != nil { + return nil, fmt.Errorf("new container client: %v", err) + } + c.configureClient(containersClient.Client, nil) + containersClient.Client.AppendRequestMiddleware(func(r *http.Request) (*http.Request, error) { + if r.URL.RawQuery == "" { + r.URL.RawQuery = c.sasToken + } else if !strings.Contains(r.URL.RawQuery, c.sasToken) { + r.URL.RawQuery = fmt.Sprintf("%s&%s", r.URL.RawQuery, c.sasToken) + } + return r, nil + }) + return containersClient, nil } - accessKey := c.accessKey - if accessKey == "" { - log.Printf("[DEBUG] Building the Container Client from an Access Token (using user credentials)") - keys, err := c.storageAccountsClient.ListKeys(ctx, c.resourceGroupName, c.storageAccountName, "") + if c.accessKey != "" { + log.Printf("[DEBUG] Building the Container Client from an Access Key") + baseURL, err := naiveStorageAccountBlobBaseURL(c.environment, c.storageAccountName) if err != nil { - return nil, fmt.Errorf("Error retrieving keys for Storage Account %q: %s", c.storageAccountName, err) + return nil, fmt.Errorf("build storage account blob base URL: %v", err) } + containersClient, err := containers.NewWithBaseUri(baseURL) + if err != nil { + return nil, fmt.Errorf("new container client: %v", err) + } + c.configureClient(containersClient.Client, nil) - if keys.Keys == nil { - return nil, fmt.Errorf("Nil key returned for storage account %q", c.storageAccountName) + authorizer, err := auth.NewSharedKeyAuthorizer(c.storageAccountName, c.accessKey, auth.SharedKey) + if err != nil { + return nil, fmt.Errorf("new shared key authorizer: %v", err) } + c.configureClient(containersClient.Client, authorizer) + + return containersClient, nil + } - accessKeys := *keys.Keys - accessKey = *accessKeys[0].Value + // Neither shared access key nor sas token specified, then we have the storage account details populated. + // This detail can be used to get the "most" correct blob endpoint comparing to the naive construction. + baseUri, err := c.accountDetail.DataPlaneEndpoint(EndpointTypeBlob) + if err != nil { + return nil, err + } + containersClient, err := containers.NewWithBaseUri(*baseUri) + if err != nil { + return nil, fmt.Errorf("new container client: %v", err) + } + + if c.azureAdStorageAuth != nil { + log.Printf("[DEBUG] Building the Container Client from AAD auth") + c.configureClient(containersClient.Client, c.azureAdStorageAuth) + return containersClient, nil + } + + log.Printf("[DEBUG] Building the Container Client from an Access Token (using user credentials)") + key, err := c.accountDetail.AccountKey(ctx, c.storageAccountsClient) + if err != nil { + return nil, fmt.Errorf("Error retrieving key for Storage Account %q: %s", c.storageAccountName, err) } + accessKey := *key - storageAuth, err := autorest.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, autorest.SharedKey) + authorizer, err := auth.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, auth.SharedKey) if err != nil { - return nil, fmt.Errorf("Error building Authorizer: %+v", err) + return nil, fmt.Errorf("new shared key authorizer: %v", err) } + c.configureClient(containersClient.Client, authorizer) - containersClient := containers.NewWithEnvironment(c.environment) - c.configureClient(&containersClient.Client, storageAuth) - return &containersClient, nil + return containersClient, nil } func (c *Client) configureClient(client client.BaseClient, authorizer auth.Authorizer) { diff --git a/internal/backend/remote-state/azure/backend.go b/internal/backend/remote-state/azure/backend.go index c7bdf61e4ca1..0d600c19bff1 100644 --- a/internal/backend/remote-state/azure/backend.go +++ b/internal/backend/remote-state/azure/backend.go @@ -97,6 +97,13 @@ func New() backend.Backend { DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID", ""), }, + "client_id_file_path": { + Type: schema.TypeString, + Optional: true, + Description: "The path to a file containing the Client ID which should be used.", + DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_ID_FILE_PATH", nil), + }, + "endpoint": { Type: schema.TypeString, Optional: true, @@ -133,6 +140,13 @@ func New() backend.Backend { DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET", ""), }, + "client_secret_file_path": { + Type: schema.TypeString, + Optional: true, + Description: "The path to a file containing the Client Secret which should be used. For use When authenticating as a Service Principal using a Client Secret.", + DefaultFunc: schema.EnvDefaultFunc("ARM_CLIENT_SECRET_FILE_PATH", nil), + }, + // OIDC specific fields "use_oidc": { Type: schema.TypeBool, @@ -228,19 +242,19 @@ type Backend struct { } type BackendConfig struct { - AccessKey string AuthConfig *auth.Credentials + SubscriptionID string ResourceGroupName string - SasToken string StorageAccountName string - SubscriptionID string // TODO needed? + AccessKey string + SasToken string UseAzureADAuthentication bool } func (b *Backend) configure(ctx context.Context) error { - // TODO what is this? - if b.containerName != "" { - return nil + // This is to make the go-azure-sdk/sdk/client Client happy. + if _, ok := ctx.Deadline(); !ok { + ctx, _ = context.WithTimeout(ctx, veryLongTimeout) } // Grab the resource data @@ -329,25 +343,25 @@ func (b *Backend) configure(ctx context.Context) error { } backendConfig := BackendConfig{ - AccessKey: data.Get("access_key").(string), AuthConfig: authConfig, + SubscriptionID: data.Get("subscription_id").(string), ResourceGroupName: data.Get("resource_group_name").(string), - SasToken: data.Get("sas_token").(string), StorageAccountName: data.Get("storage_account_name").(string), - SubscriptionID: data.Get("subscription_id").(string), + AccessKey: data.Get("access_key").(string), + SasToken: data.Get("sas_token").(string), UseAzureADAuthentication: data.Get("use_azuread_auth").(bool), } - client, err := buildClient(ctx, backendConfig) - if err != nil { - return err - } - propertiesNeededToLookupAccessKeySpecified := backendConfig.AccessKey == "" && backendConfig.SasToken == "" && backendConfig.ResourceGroupName == "" if propertiesNeededToLookupAccessKeySpecified && !backendConfig.UseAzureADAuthentication { return fmt.Errorf("either an Access Key / SAS Token or the Resource Group for the Storage Account must be specified - or Azure AD Authentication must be enabled") } + client, err := buildClient(ctx, backendConfig) + if err != nil { + return err + } + b.apiClient = client return nil } diff --git a/internal/backend/remote-state/azure/backend_state.go b/internal/backend/remote-state/azure/backend_state.go index 0c29615f9f78..c4b4ea53aacb 100644 --- a/internal/backend/remote-state/azure/backend_state.go +++ b/internal/backend/remote-state/azure/backend_state.go @@ -4,7 +4,6 @@ package azure import ( - "context" "fmt" "sort" "strings" @@ -29,14 +28,14 @@ func (b *Backend) Workspaces() ([]string, error) { Prefix: &prefix, } - ctx := context.TODO() + ctx := newCtx() client, err := b.apiClient.getContainersClient(ctx) if err != nil { - return nil, err + return nil, fmt.Errorf("gettign container client: %v", err) } - resp, err := client.ListBlobs(ctx, b.apiClient.storageAccountName, b.containerName, params) + resp, err := client.ListBlobs(ctx, b.containerName, params) if err != nil { - return nil, err + return nil, fmt.Errorf("listing blobs: %v", err) } envs := map[string]struct{}{} @@ -66,14 +65,14 @@ func (b *Backend) DeleteWorkspace(name string, _ bool) error { return fmt.Errorf("can't delete default state") } - ctx := context.TODO() + ctx := newCtx() client, err := b.apiClient.getBlobClient(ctx) if err != nil { return err } - if resp, err := client.Delete(ctx, b.apiClient.storageAccountName, b.containerName, b.path(name), blobs.DeleteInput{}); err != nil { - if resp.Response.StatusCode != 404 { + if resp, err := client.Delete(ctx, b.containerName, b.path(name), blobs.DeleteInput{}); err != nil { + if !responseWasNotFound(resp.HttpResponse) { return err } } @@ -82,7 +81,7 @@ func (b *Backend) DeleteWorkspace(name string, _ bool) error { } func (b *Backend) StateMgr(name string) (statemgr.Full, error) { - ctx := context.TODO() + ctx := newCtx() blobClient, err := b.apiClient.getBlobClient(ctx) if err != nil { return nil, err diff --git a/internal/backend/remote-state/azure/client.go b/internal/backend/remote-state/azure/client.go index af5e8cfad2d9..a5567440a6d6 100644 --- a/internal/backend/remote-state/azure/client.go +++ b/internal/backend/remote-state/azure/client.go @@ -11,6 +11,7 @@ import ( "fmt" "log" "net/http" + "time" "github.com/hashicorp/go-uuid" "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" @@ -25,6 +26,15 @@ const ( lockInfoMetaKey = "terraformlockid" ) +const veryLongTimeout = 9999 * time.Hour + +// newCtx creates a context with a (meaningless) deadline. +// This is only to make the go-azure-sdk/sdk/client Client happy. +func newCtx() context.Context { + ctx, _ := context.WithTimeout(context.TODO(), veryLongTimeout) + return ctx +} + type RemoteClient struct { giovanniBlobClient blobs.Client accountName string @@ -40,17 +50,21 @@ func (c *RemoteClient) Get() (*remote.Payload, error) { options.LeaseID = &c.leaseID } - ctx := context.TODO() - blob, err := c.giovanniBlobClient.Get(ctx, c.accountName, c.containerName, c.keyName, options) + ctx := newCtx() + blob, err := c.giovanniBlobClient.Get(ctx, c.containerName, c.keyName, options) if err != nil { - if blob.Response.IsHTTPStatus(http.StatusNotFound) { + if responseWasNotFound(blob.HttpResponse) { return nil, nil } return nil, err } + if blob.Contents == nil { + return nil, nil + } + payload := &remote.Payload{ - Data: blob.Contents, + Data: *blob.Contents, } // If there was no data, then return nil @@ -74,22 +88,22 @@ func (c *RemoteClient) Put(data []byte) error { putOptions.LeaseID = &c.leaseID } - ctx := context.TODO() + ctx := newCtx() if c.snapshot { snapshotInput := blobs.SnapshotInput{LeaseID: options.LeaseID} log.Printf("[DEBUG] Snapshotting existing Blob %q (Container %q / Account %q)", c.keyName, c.containerName, c.accountName) - if _, err := c.giovanniBlobClient.Snapshot(ctx, c.accountName, c.containerName, c.keyName, snapshotInput); err != nil { + if _, err := c.giovanniBlobClient.Snapshot(ctx, c.containerName, c.keyName, snapshotInput); err != nil { return fmt.Errorf("error snapshotting Blob %q (Container %q / Account %q): %+v", c.keyName, c.containerName, c.accountName, err) } log.Print("[DEBUG] Created blob snapshot") } - blob, err := c.giovanniBlobClient.GetProperties(ctx, c.accountName, c.containerName, c.keyName, getOptions) + blob, err := c.giovanniBlobClient.GetProperties(ctx, c.containerName, c.keyName, getOptions) if err != nil { - if blob.StatusCode != 404 { + if !responseWasNotFound(blob.HttpResponse) { return err } } @@ -98,7 +112,7 @@ func (c *RemoteClient) Put(data []byte) error { putOptions.Content = &data putOptions.ContentType = &contentType putOptions.MetaData = blob.MetaData - _, err = c.giovanniBlobClient.PutBlockBlob(ctx, c.accountName, c.containerName, c.keyName, putOptions) + _, err = c.giovanniBlobClient.PutBlockBlob(ctx, c.containerName, c.keyName, putOptions) return err } @@ -110,10 +124,10 @@ func (c *RemoteClient) Delete() error { options.LeaseID = &c.leaseID } - ctx := context.TODO() - resp, err := c.giovanniBlobClient.Delete(ctx, c.accountName, c.containerName, c.keyName, options) + ctx := newCtx() + resp, err := c.giovanniBlobClient.Delete(ctx, c.containerName, c.keyName, options) if err != nil { - if !resp.IsHTTPStatus(http.StatusNotFound) { + if !responseWasNotFound(resp.HttpResponse) { return err } } @@ -149,13 +163,13 @@ func (c *RemoteClient) Lock(info *statemgr.LockInfo) (string, error) { ProposedLeaseID: &info.ID, LeaseDuration: -1, } - ctx := context.TODO() + ctx := newCtx() // obtain properties to see if the blob lease is already in use. If the blob doesn't exist, create it - properties, err := c.giovanniBlobClient.GetProperties(ctx, c.accountName, c.containerName, c.keyName, blobs.GetPropertiesInput{}) + properties, err := c.giovanniBlobClient.GetProperties(ctx, c.containerName, c.keyName, blobs.GetPropertiesInput{}) if err != nil { // error if we had issues getting the blob - if !properties.Response.IsHTTPStatus(http.StatusNotFound) { + if !responseWasNotFound(properties.HttpResponse) { return "", getLockInfoErr(err) } // if we don't find the blob, we need to build it @@ -165,7 +179,7 @@ func (c *RemoteClient) Lock(info *statemgr.LockInfo) (string, error) { ContentType: &contentType, } - _, err = c.giovanniBlobClient.PutBlockBlob(ctx, c.accountName, c.containerName, c.keyName, putGOptions) + _, err = c.giovanniBlobClient.PutBlockBlob(ctx, c.containerName, c.keyName, putGOptions) if err != nil { return "", getLockInfoErr(err) } @@ -176,7 +190,7 @@ func (c *RemoteClient) Lock(info *statemgr.LockInfo) (string, error) { return "", getLockInfoErr(fmt.Errorf("state blob is already locked")) } - leaseID, err := c.giovanniBlobClient.AcquireLease(ctx, c.accountName, c.containerName, c.keyName, leaseOptions) + leaseID, err := c.giovanniBlobClient.AcquireLease(ctx, c.containerName, c.keyName, leaseOptions) if err != nil { return "", getLockInfoErr(err) } @@ -197,8 +211,8 @@ func (c *RemoteClient) getLockInfo() (*statemgr.LockInfo, error) { options.LeaseID = &c.leaseID } - ctx := context.TODO() - blob, err := c.giovanniBlobClient.GetProperties(ctx, c.accountName, c.containerName, c.keyName, options) + ctx := newCtx() + blob, err := c.giovanniBlobClient.GetProperties(ctx, c.containerName, c.keyName, options) if err != nil { return nil, err } @@ -224,8 +238,8 @@ func (c *RemoteClient) getLockInfo() (*statemgr.LockInfo, error) { // writes info to blob meta data, deletes metadata entry if info is nil func (c *RemoteClient) writeLockInfo(info *statemgr.LockInfo) error { - ctx := context.TODO() - blob, err := c.giovanniBlobClient.GetProperties(ctx, c.accountName, c.containerName, c.keyName, blobs.GetPropertiesInput{LeaseID: &c.leaseID}) + ctx := newCtx() + blob, err := c.giovanniBlobClient.GetProperties(ctx, c.containerName, c.keyName, blobs.GetPropertiesInput{LeaseID: &c.leaseID}) if err != nil { return err } @@ -245,7 +259,7 @@ func (c *RemoteClient) writeLockInfo(info *statemgr.LockInfo) error { MetaData: blob.MetaData, } - _, err = c.giovanniBlobClient.SetMetaData(ctx, c.accountName, c.containerName, c.keyName, opts) + _, err = c.giovanniBlobClient.SetMetaData(ctx, c.containerName, c.keyName, opts) return err } @@ -270,8 +284,8 @@ func (c *RemoteClient) Unlock(id string) error { return lockErr } - ctx := context.TODO() - _, err = c.giovanniBlobClient.ReleaseLease(ctx, c.accountName, c.containerName, c.keyName, id) + ctx := newCtx() + _, err = c.giovanniBlobClient.ReleaseLease(ctx, c.containerName, c.keyName, blobs.ReleaseLeaseInput{LeaseID: id}) if err != nil { lockErr.Err = err return lockErr @@ -281,3 +295,7 @@ func (c *RemoteClient) Unlock(id string) error { return nil } + +func responseWasNotFound(resp *http.Response) bool { + return resp != nil && resp.StatusCode == http.StatusNotFound +} diff --git a/internal/backend/remote-state/azure/helpers.go b/internal/backend/remote-state/azure/helpers.go index 7a4360736001..9ecce81c7e6c 100644 --- a/internal/backend/remote-state/azure/helpers.go +++ b/internal/backend/remote-state/azure/helpers.go @@ -1,6 +1,8 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 +// This file is copied from terraform-provider-azurerm: internal/provider/helpers.go + package azure import ( diff --git a/internal/backend/remote-state/azure/storage_client_helpers.go b/internal/backend/remote-state/azure/storage_client_helpers.go new file mode 100644 index 000000000000..827178a509d9 --- /dev/null +++ b/internal/backend/remote-state/azure/storage_client_helpers.go @@ -0,0 +1,165 @@ +package azure + +import ( + "context" + "fmt" + "strings" + + "github.com/hashicorp/go-azure-helpers/lang/pointer" + "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" + "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" + "github.com/hashicorp/go-azure-sdk/sdk/environments" +) + +// This file is referencing the terraform-provider-azurerm: internal/services/storage/client/helpers.go + +type EndpointType string + +const ( + EndpointTypeBlob = "blob" + EndpointTypeDfs = "dfs" + EndpointTypeFile = "file" + EndpointTypeQueue = "queue" + EndpointTypeTable = "table" +) + +type AccountDetails struct { + Kind storageaccounts.Kind + IsHnsEnabled bool + StorageAccountId commonids.StorageAccountId + + accountKey *string + + // primaryBlobEndpoint is the Primary Blob Endpoint for the Data Plane API for this Storage Account + // e.g. `https://{account}.blob.core.windows.net` + primaryBlobEndpoint *string + + // primaryDfsEndpoint is the Primary Dfs Endpoint for the Data Plane API for this Storage Account + // e.g. `https://sale.dfs.core.windows.net` + primaryDfsEndpoint *string + + // primaryFileEndpoint is the Primary File Endpoint for the Data Plane API for this Storage Account + // e.g. `https://{account}.file.core.windows.net` + primaryFileEndpoint *string + + // primaryQueueEndpoint is the Primary Queue Endpoint for the Data Plane API for this Storage Account + // e.g. `https://{account}.queue.core.windows.net` + primaryQueueEndpoint *string + + // primaryTableEndpoint is the Primary Table Endpoint for the Data Plane API for this Storage Account + // e.g. `https://{account}.table.core.windows.net` + primaryTableEndpoint *string +} + +func (ad *AccountDetails) AccountKey(ctx context.Context, client *storageaccounts.StorageAccountsClient) (*string, error) { + if ad.accountKey != nil { + return ad.accountKey, nil + } + + opts := storageaccounts.DefaultListKeysOperationOptions() + opts.Expand = pointer.To(storageaccounts.ListKeyExpandKerb) + listKeysResp, err := client.ListKeys(ctx, ad.StorageAccountId, opts) + if err != nil { + return nil, fmt.Errorf("listing Keys for %s: %+v", ad.StorageAccountId, err) + } + + if model := listKeysResp.Model; model != nil && model.Keys != nil { + for _, key := range *model.Keys { + if key.Permissions == nil || key.Value == nil { + continue + } + + if *key.Permissions == storageaccounts.KeyPermissionFull { + ad.accountKey = key.Value + break + } + } + } + + if ad.accountKey == nil { + return nil, fmt.Errorf("unable to determine the Write Key for %s", ad.StorageAccountId) + } + + return ad.accountKey, nil +} + +func (ad *AccountDetails) DataPlaneEndpoint(endpointType EndpointType) (*string, error) { + var baseUri *string + switch endpointType { + case EndpointTypeBlob: + baseUri = ad.primaryBlobEndpoint + + case EndpointTypeDfs: + baseUri = ad.primaryDfsEndpoint + + case EndpointTypeFile: + baseUri = ad.primaryFileEndpoint + + case EndpointTypeQueue: + baseUri = ad.primaryQueueEndpoint + + case EndpointTypeTable: + baseUri = ad.primaryTableEndpoint + + default: + return nil, fmt.Errorf("internal-error: unrecognised endpoint type %q when building storage client", endpointType) + } + + if baseUri == nil { + return nil, fmt.Errorf("determining %s endpoint for %s: missing primary endpoint", endpointType, ad.StorageAccountId) + } + return baseUri, nil +} + +func populateAccountDetails(accountId commonids.StorageAccountId, account storageaccounts.StorageAccount) (*AccountDetails, error) { + out := AccountDetails{ + Kind: pointer.From(account.Kind), + StorageAccountId: accountId, + } + + if account.Properties == nil { + return nil, fmt.Errorf("populating details for %s: `model.Properties` was nil", accountId) + } + if account.Properties.PrimaryEndpoints == nil { + return nil, fmt.Errorf("populating details for %s: `model.Properties.PrimaryEndpoints` was nil", accountId) + } + + props := *account.Properties + out.IsHnsEnabled = pointer.From(props.IsHnsEnabled) + + endpoints := *props.PrimaryEndpoints + if endpoints.Blob != nil { + endpoint := strings.TrimSuffix(*endpoints.Blob, "/") + out.primaryBlobEndpoint = pointer.To(endpoint) + } + if endpoints.Dfs != nil { + endpoint := strings.TrimSuffix(*endpoints.Dfs, "/") + out.primaryDfsEndpoint = pointer.To(endpoint) + } + if endpoints.File != nil { + endpoint := strings.TrimSuffix(*endpoints.File, "/") + out.primaryFileEndpoint = pointer.To(endpoint) + } + if endpoints.Queue != nil { + endpoint := strings.TrimSuffix(*endpoints.Queue, "/") + out.primaryQueueEndpoint = pointer.To(endpoint) + } + if endpoints.Table != nil { + endpoint := strings.TrimSuffix(*endpoints.Table, "/") + out.primaryTableEndpoint = pointer.To(endpoint) + } + + return &out, nil +} + +// naiveStorageAccountBlobBaseURL naively construct the storage account blob endpoint URL instead of +// learning from the storage account response. +// This is only used for the cases that either access key or SAS token is explicitly specified, which +// won't make any call to the ARM, but reach ahead to the data plane API directly. +func naiveStorageAccountBlobBaseURL(e environments.Environment, accountName string) (string, error) { + pDomainSuffix, ok := e.Storage.DomainSuffix() + if !ok { + return "", fmt.Errorf("no storage domain suffix defined for environment: %s", e.Name) + } + return fmt.Sprintf("https://%s.blob.%s", accountName, *pDomainSuffix), nil +} diff --git a/website/docs/language/backend/azurerm.mdx b/website/docs/language/backend/azurerm.mdx index adc52261a6ce..9ac71293f532 100644 --- a/website/docs/language/backend/azurerm.mdx +++ b/website/docs/language/backend/azurerm.mdx @@ -580,6 +580,8 @@ When authenticating using a Service Principal with a Client Certificate - the fo * `client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable. +* `client_id_file_path` (Optional) The path to a file containing the Client ID which should be used. This can also be sourced from the `ARM_CLIENT_ID_FILE_PATH` Environment Variable. + * `client_certificate_password` - (Optional) The password associated with the Client Certificate specified in `client_certificate_path`. This can also be sourced from the `ARM_CLIENT_CERTIFICATE_PASSWORD` environment variable. * `client_certificate_path` - (Optional) The path to the PFX file used as the Client Certificate when authenticating as a Service Principal. This can also be sourced from the `ARM_CLIENT_CERTIFICATE_PATH` environment variable. @@ -598,8 +600,12 @@ When authenticating using a Service Principal with a Client Secret - the followi * `client_id` - (Optional) The Client ID of the Service Principal. This can also be sourced from the `ARM_CLIENT_ID` environment variable. +* `client_id_file_path` (Optional) The path to a file containing the Client ID which should be used. This can also be sourced from the `ARM_CLIENT_ID_FILE_PATH` Environment Variable. + * `client_secret` - (Optional) The Client Secret of the Service Principal. This can also be sourced from the `ARM_CLIENT_SECRET` environment variable. +* `client_secret_file_path` - (Optional) The path to a file containing the Client Secret which should be used. This can also be sourced from the `ARM_CLIENT_SECRET_FILE_PATH` Environment Variable. + * `subscription_id` - (Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the `ARM_SUBSCRIPTION_ID` environment variable. * `tenant_id` - (Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the `ARM_TENANT_ID` environment variable. From c2f9c6265d20240d6b8fdce36519fe2a1c8f0c6c Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 17:17:35 +1100 Subject: [PATCH 05/18] Test rework --- .../backend/remote-state/azure/api_client.go | 7 - .../remote-state/azure/backend_test.go | 341 +++++++++--------- .../backend/remote-state/azure/client_test.go | 249 +++++++------ .../remote-state/azure/helpers_test.go | 292 +++++++++------ 4 files changed, 473 insertions(+), 416 deletions(-) diff --git a/internal/backend/remote-state/azure/api_client.go b/internal/backend/remote-state/azure/api_client.go index 9d55d2129eba..d74d274f272b 100644 --- a/internal/backend/remote-state/azure/api_client.go +++ b/internal/backend/remote-state/azure/api_client.go @@ -12,7 +12,6 @@ import ( "strings" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" - "github.com/hashicorp/go-azure-sdk/resource-manager/resources/2024-03-01/resourcegroups" "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" "github.com/hashicorp/go-azure-sdk/sdk/auth" "github.com/hashicorp/go-azure-sdk/sdk/client" @@ -25,7 +24,6 @@ import ( type Client struct { // These Clients are only initialized if an Access Key isn't provided - resourceGroupsClient *resourcegroups.ResourceGroupsClient storageAccountsClient *storageaccounts.StorageAccountsClient // Caching @@ -70,11 +68,6 @@ func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { if err != nil { return nil, fmt.Errorf("unable to build authorizer for Resource Manager API: %+v", err) } - client.resourceGroupsClient, err = resourcegroups.NewResourceGroupsClientWithBaseURI(config.AuthConfig.Environment.ResourceManager) - if err != nil { - return nil, fmt.Errorf("building Resource Groups client: %+v", err) - } - client.configureClient(client.resourceGroupsClient.Client, resourceManagerAuth) client.storageAccountsClient, err = storageaccounts.NewStorageAccountsClientWithBaseURI(config.AuthConfig.Environment.ResourceManager) if err != nil { diff --git a/internal/backend/remote-state/azure/backend_test.go b/internal/backend/remote-state/azure/backend_test.go index a25ca362031d..1e5f593ddf30 100644 --- a/internal/backend/remote-state/azure/backend_test.go +++ b/internal/backend/remote-state/azure/backend_test.go @@ -4,7 +4,6 @@ package azure import ( - "context" "os" "testing" @@ -16,6 +15,8 @@ func TestBackend_impl(t *testing.T) { } func TestBackendConfig(t *testing.T) { + t.Parallel() + // This test just instantiates the client. Shouldn't make any actual // requests nor incur any costs. @@ -42,146 +43,159 @@ func TestBackendConfig(t *testing.T) { } func TestAccBackendAccessKeyBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { - armClient.destroyTestResources(ctx, res) + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendSASTokenBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) - sasToken, err := buildSasToken(res.storageAccountName, res.storageAccountAccessKey) + sasToken, err := buildSasToken(m.names.storageAccountName, m.storageAccessKey) if err != nil { t.Fatalf("Error building SAS Token: %+v", err) } + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, "sas_token": *sasToken, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendOIDCBasic(t *testing.T) { - testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) + t.Parallel() + + testAccAzureBackendRunningInGitHubActions(t) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, "use_oidc": true, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "tenant_id": m.tenantId, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendAzureADAuthBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - res.useAzureADAuth = true - armClient := buildTestClient(t, res) - - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { - armClient.destroyTestResources(ctx, res) + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, "use_azuread_auth": true, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendManagedServiceIdentityBasic(t *testing.T) { + t.Parallel() + testAccAzureBackendRunningInAzure(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, "use_msi": true, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "tenant_id": m.tenantId, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendServicePrincipalClientCertificateBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) clientCertPassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") @@ -190,128 +204,95 @@ func TestAccBackendServicePrincipalClientCertificateBasic(t *testing.T) { t.Skip("Skipping since `ARM_CLIENT_CERTIFICATE_PATH` is not specified!") } - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, "client_certificate_password": clientCertPassword, "client_certificate_path": clientCertPath, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendServicePrincipalClientSecretBasic(t *testing.T) { - testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) + t.Parallel() - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) - if err != nil { - t.Fatalf("Error creating Test Resources: %q", err) - } - - b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), - })).(*Backend) - - backend.TestBackendStates(t, b) -} - -func TestAccBackendServicePrincipalClientSecretCustomEndpoint(t *testing.T) { testAccAzureBackend(t) - // this is only applicable for Azure Stack. - endpoint := os.Getenv("ARM_ENDPOINT") - if endpoint == "" { - t.Skip("Skipping as ARM_ENDPOINT isn't configured") - } - - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": endpoint, + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStates(t, b) } func TestAccBackendAccessKeyLocked(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + + clearEnv() b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStateLocks(t, b1, b2) @@ -322,42 +303,44 @@ func TestAccBackendAccessKeyLocked(t *testing.T) { } func TestAccBackendServicePrincipalLocked(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + + clearEnv() b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) backend.TestBackendStateLocks(t, b1, b2) diff --git a/internal/backend/remote-state/azure/client_test.go b/internal/backend/remote-state/azure/client_test.go index 172d1feecec9..91622c56afc3 100644 --- a/internal/backend/remote-state/azure/client_test.go +++ b/internal/backend/remote-state/azure/client_test.go @@ -4,41 +4,38 @@ package azure import ( - "context" - "os" "testing" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" - "github.com/hashicorp/terraform/internal/backend" "github.com/hashicorp/terraform/internal/states/remote" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" ) -func TestRemoteClient_impl(t *testing.T) { - var _ remote.Client = new(RemoteClient) - var _ remote.ClientLocker = new(RemoteClient) -} +var _ remote.Client = new(RemoteClient) +var _ remote.ClientLocker = new(RemoteClient) func TestRemoteClientAccessKeyBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) state, err := b.StateMgr(backend.DefaultStateName) @@ -50,28 +47,30 @@ func TestRemoteClientAccessKeyBasic(t *testing.T) { } func TestRemoteClientManagedServiceIdentityBasic(t *testing.T) { + t.Parallel() + testAccAzureBackendRunningInAzure(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, "use_msi": true, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "tenant_id": m.tenantId, + "environment": m.env.Name, })).(*Backend) state, err := b.StateMgr(backend.DefaultStateName) @@ -83,30 +82,32 @@ func TestRemoteClientManagedServiceIdentityBasic(t *testing.T) { } func TestRemoteClientSasTokenBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) - sasToken, err := buildSasToken(res.storageAccountName, res.storageAccountAccessKey) + sasToken, err := buildSasToken(m.names.storageAccountName, m.storageAccessKey) if err != nil { t.Fatalf("Error building SAS Token: %+v", err) } + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, "sas_token": *sasToken, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "environment": m.env.Name, })).(*Backend) state, err := b.StateMgr(backend.DefaultStateName) @@ -118,29 +119,31 @@ func TestRemoteClientSasTokenBasic(t *testing.T) { } func TestRemoteClientServicePrincipalBasic(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + clearEnv() b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) state, err := b.StateMgr(backend.DefaultStateName) @@ -152,34 +155,36 @@ func TestRemoteClientServicePrincipalBasic(t *testing.T) { } func TestRemoteClientAccessKeyLocks(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + + clearEnv() b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "access_key": res.storageAccountAccessKey, - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "access_key": m.storageAccessKey, + "environment": m.env.Name, })).(*Backend) s1, err := b1.StateMgr(backend.DefaultStateName) @@ -196,42 +201,44 @@ func TestRemoteClientAccessKeyLocks(t *testing.T) { } func TestRemoteClientServicePrincipalLocks(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) + + clearEnv() b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ - "storage_account_name": res.storageAccountName, - "container_name": res.storageContainerName, - "key": res.storageKeyName, - "resource_group_name": res.resourceGroup, - "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), - "tenant_id": os.Getenv("ARM_TENANT_ID"), - "client_id": os.Getenv("ARM_CLIENT_ID"), - "client_secret": os.Getenv("ARM_CLIENT_SECRET"), - "environment": os.Getenv("ARM_ENVIRONMENT"), - "endpoint": os.Getenv("ARM_ENDPOINT"), + "subscription_id": m.subscriptionId, + "resource_group_name": m.names.resourceGroup, + "storage_account_name": m.names.storageAccountName, + "container_name": m.names.storageContainerName, + "key": m.names.storageKeyName, + "tenant_id": m.tenantId, + "client_id": m.clientId, + "client_secret": m.clientSecret, + "environment": m.env.Name, })).(*Backend) s1, err := b1.StateMgr(backend.DefaultStateName) @@ -248,32 +255,34 @@ func TestRemoteClientServicePrincipalLocks(t *testing.T) { } func TestPutMaintainsMetaData(t *testing.T) { + t.Parallel() + testAccAzureBackend(t) - rs := randString(4) - res := testResourceNames(rs, "testState") - armClient := buildTestClient(t, res) - ctx := context.TODO() - err := armClient.buildTestResources(ctx, &res) - defer armClient.destroyTestResources(ctx, res) + ctx := newCtx() + m := BuildTestMeta(t, ctx) + + err := m.buildTestResources(ctx) if err != nil { + m.destroyTestResources(ctx) t.Fatalf("Error creating Test Resources: %q", err) } + defer m.destroyTestResources(ctx) headerName := "acceptancetest" expectedValue := "f3b56bad-33ad-4b93-a600-7a66e9cbd1eb" - client, err := armClient.getBlobClient(ctx) + client, err := m.getBlobClient(ctx) if err != nil { t.Fatalf("Error building Blob Client: %+v", err) } - _, err = client.PutBlockBlob(ctx, res.storageAccountName, res.storageContainerName, res.storageKeyName, blobs.PutBlockBlobInput{}) + _, err = client.PutBlockBlob(ctx, m.names.storageContainerName, m.names.storageKeyName, blobs.PutBlockBlobInput{}) if err != nil { t.Fatalf("Error Creating Block Blob: %+v", err) } - blobReference, err := client.GetProperties(ctx, res.storageAccountName, res.storageContainerName, res.storageKeyName, blobs.GetPropertiesInput{}) + blobReference, err := client.GetProperties(ctx, m.names.storageContainerName, m.names.storageKeyName, blobs.GetPropertiesInput{}) if err != nil { t.Fatalf("Error loading MetaData: %+v", err) } @@ -282,16 +291,16 @@ func TestPutMaintainsMetaData(t *testing.T) { opts := blobs.SetMetaDataInput{ MetaData: blobReference.MetaData, } - _, err = client.SetMetaData(ctx, res.storageAccountName, res.storageContainerName, res.storageKeyName, opts) + _, err = client.SetMetaData(ctx, m.names.storageContainerName, m.names.storageKeyName, opts) if err != nil { t.Fatalf("Error setting MetaData: %+v", err) } // update the metadata using the Backend remoteClient := RemoteClient{ - keyName: res.storageKeyName, - containerName: res.storageContainerName, - accountName: res.storageAccountName, + keyName: m.names.storageKeyName, + containerName: m.names.storageContainerName, + accountName: m.names.storageAccountName, giovanniBlobClient: *client, } @@ -303,7 +312,7 @@ func TestPutMaintainsMetaData(t *testing.T) { } // Verify it still exists - blobReference, err = client.GetProperties(ctx, res.storageAccountName, res.storageContainerName, res.storageKeyName, blobs.GetPropertiesInput{}) + blobReference, err = client.GetProperties(ctx, m.names.storageContainerName, m.names.storageKeyName, blobs.GetPropertiesInput{}) if err != nil { t.Fatalf("Error loading MetaData: %+v", err) } diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 6abc33a97f40..1cfde8f348f2 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -13,10 +13,14 @@ import ( "testing" "time" - "github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/resources/mgmt/resources" - armStorage "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-01-01/storage" - "github.com/Azure/go-autorest/autorest" + "github.com/hashicorp/go-azure-helpers/lang/pointer" + "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids" sasStorage "github.com/hashicorp/go-azure-helpers/storage" + "github.com/hashicorp/go-azure-sdk/resource-manager/resources/2024-03-01/resourcegroups" + "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" + "github.com/hashicorp/go-azure-sdk/sdk/auth" + "github.com/hashicorp/go-azure-sdk/sdk/environments" + "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" ) @@ -52,57 +56,19 @@ func testAccAzureBackendRunningInGitHubActions(t *testing.T) { } } -func buildTestClient(t *testing.T, res resourceNames) *Client { - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - tenantID := os.Getenv("ARM_TENANT_ID") - clientID := os.Getenv("ARM_CLIENT_ID") - clientSecret := os.Getenv("ARM_CLIENT_SECRET") - msiEnabled := strings.EqualFold(os.Getenv("ARM_USE_MSI"), "true") - environment := os.Getenv("ARM_ENVIRONMENT") - - hasCredentials := (clientID != "" && clientSecret != "") || msiEnabled - if !hasCredentials { - t.Fatal("Azure credentials missing or incomplete") - } - - if subscriptionID == "" { - t.Fatalf("Missing ARM_SUBSCRIPTION_ID") - } - - if tenantID == "" { - t.Fatalf("Missing ARM_TENANT_ID") - } - - if environment == "" { - t.Fatalf("Missing ARM_ENVIRONMENT") - } - - // location isn't used in this method, but is in the other test methods - location := os.Getenv("ARM_LOCATION") - if location == "" { - t.Fatalf("Missing ARM_LOCATION") - } - - // Endpoint is optional (only for Stack) - endpoint := os.Getenv("ARM_ENDPOINT") - - armClient, err := buildClient(context.TODO(), BackendConfig{ - SubscriptionID: subscriptionID, - TenantID: tenantID, - ClientID: clientID, - ClientSecret: clientSecret, - CustomResourceManagerEndpoint: endpoint, - Environment: environment, - ResourceGroupName: res.resourceGroup, - StorageAccountName: res.storageAccountName, - UseMsi: msiEnabled, - UseAzureADAuthentication: res.useAzureADAuth, - }) - if err != nil { - t.Fatalf("Failed to build Client: %+v", err) +// clearEnv cleans up the azure related environment variables. +// This is to ensure the configuration only comes from HCL, which avoids +// env vars for test setup interfere the behavior. +func clearEnv() { + for _, evexp := range os.Environ() { + k, _, ok := strings.Cut(evexp, "=") + if !ok { + continue + } + if strings.HasPrefix(k, "ARM_") { + os.Unsetenv(k) + } } - - return armClient } func buildSasToken(accountName, accessKey string) (*string, error) { @@ -116,6 +82,7 @@ func buildSasToken(accountName, accessKey string) (*string, error) { signedProtocol := "https,http" signedIp := "" signedVersion := sasSignedVersion + signedEncryptionScope := "" utcNow := time.Now().UTC() @@ -124,7 +91,7 @@ func buildSasToken(accountName, accessKey string) (*string, error) { endDate := utcNow.Add(time.Hour * 24).Format(time.RFC3339) sasToken, err := sasStorage.ComputeAccountSASToken(accountName, accessKey, permissions, services, resourceTypes, - startDate, endDate, signedProtocol, signedIp, signedVersion) + startDate, endDate, signedProtocol, signedIp, signedVersion, signedEncryptionScope) if err != nil { return nil, fmt.Errorf("Error computing SAS Token: %+v", err) } @@ -133,102 +100,207 @@ func buildSasToken(accountName, accessKey string) (*string, error) { } type resourceNames struct { - resourceGroup string - location string - storageAccountName string - storageContainerName string - storageKeyName string - storageAccountAccessKey string - useAzureADAuth bool + resourceGroup string + storageAccountName string + storageContainerName string + storageKeyName string } func testResourceNames(rString string, keyName string) resourceNames { return resourceNames{ resourceGroup: fmt.Sprintf("acctestRG-backend-%s-%s", strings.Replace(time.Now().Local().Format("060102150405.00"), ".", "", 1), rString), - location: os.Getenv("ARM_LOCATION"), storageAccountName: fmt.Sprintf("acctestsa%s", rString), storageContainerName: "acctestcont", storageKeyName: keyName, - useAzureADAuth: false, } } -func (c *Client) buildTestResources(ctx context.Context, names *resourceNames) error { - log.Printf("Creating Resource Group %q", names.resourceGroup) - _, err := c.resourceGroupsClient.CreateOrUpdate(ctx, names.resourceGroup, resources.Group{Location: &names.location}) +type TestMeta struct { + names resourceNames + + clientId string + clientSecret string + + tenantId string + subscriptionId string + location string + env environments.Environment + + // This is populated during test resource deploying + storageAccessKey string + + // This is populated during test resoruce deploying + blobBaseUri string + + resourceGroupsClient *resourcegroups.ResourceGroupsClient + storageAccountsClient *storageaccounts.StorageAccountsClient +} + +func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { + names := testResourceNames(randString(10), "testState") + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + if subscriptionID == "" { + t.Fatalf("Missing ARM_SUBSCRIPTION_ID") + } + + tenantID := os.Getenv("ARM_TENANT_ID") + if tenantID == "" { + t.Fatalf("Missing ARM_TENANT_ID") + } + + location := os.Getenv("ARM_TEST_LOCATION") + if location == "" { + t.Fatalf("Missing ARM_TEST_LOCATION") + } + + clientID := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + msiEnabled := strings.EqualFold(os.Getenv("ARM_USE_MSI"), "true") + hasCredentials := (clientID != "" && clientSecret != "") || msiEnabled + if !hasCredentials { + t.Fatal("Azure credentials missing or incomplete") + } + + environment := "public" + if v := os.Getenv("ARM_ENVIRONMENT"); v != "" { + environment = v + } + env, err := environments.FromName(environment) if err != nil { - return fmt.Errorf("failed to create test resource group: %s", err) + t.Fatalf("Failed to build environment for %s: %v", environment, err) } - log.Printf("Creating Storage Account %q in Resource Group %q", names.storageAccountName, names.resourceGroup) - storageProps := armStorage.AccountCreateParameters{ - Sku: &armStorage.Sku{ - Name: armStorage.StandardLRS, - Tier: armStorage.Standard, - }, - Location: &names.location, + authConfig := &auth.Credentials{ + Environment: *env, + ClientID: clientID, + TenantID: tenantID, + ClientSecret: clientSecret, + EnableAuthenticatingUsingClientSecret: true, + EnableAuthenticatingUsingManagedIdentity: msiEnabled, } - if names.useAzureADAuth { - allowSharedKeyAccess := false - storageProps.AccountPropertiesCreateParameters = &armStorage.AccountPropertiesCreateParameters{ - AllowSharedKeyAccess: &allowSharedKeyAccess, - } + + resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *authConfig, env.ResourceManager) + if err != nil { + t.Fatalf("unable to build authorizer for Resource Manager API: %+v", err) } - future, err := c.storageAccountsClient.Create(ctx, names.resourceGroup, names.storageAccountName, storageProps) + + resourceGroupsClient, err := resourcegroups.NewResourceGroupsClientWithBaseURI(env.ResourceManager) if err != nil { - return fmt.Errorf("failed to create test storage account: %s", err) + t.Fatalf("building Resource Groups client: %+v", err) } + resourceGroupsClient.Client.SetAuthorizer(resourceManagerAuth) - err = future.WaitForCompletionRef(ctx, c.storageAccountsClient.Client) + storageAccountsClient, err := storageaccounts.NewStorageAccountsClientWithBaseURI(env.ResourceManager) if err != nil { - return fmt.Errorf("failed waiting for the creation of storage account: %s", err) + t.Fatalf("building Storage Accounts client: %+v", err) } + storageAccountsClient.Client.SetAuthorizer(resourceManagerAuth) - containersClient := containers.NewWithEnvironment(c.environment) - if names.useAzureADAuth { - containersClient.Client.Authorizer = *c.azureAdStorageAuth - } else { - log.Printf("fetching access key for storage account") - resp, err := c.storageAccountsClient.ListKeys(ctx, names.resourceGroup, names.storageAccountName, "") - if err != nil { - return fmt.Errorf("failed to list storage account keys %s:", err) - } + return &TestMeta{ + names: names, - keys := *resp.Keys - accessKey := *keys[0].Value - names.storageAccountAccessKey = accessKey + clientId: clientID, + clientSecret: clientSecret, - storageAuth, err := autorest.NewSharedKeyAuthorizer(names.storageAccountName, accessKey, autorest.SharedKey) - if err != nil { - return fmt.Errorf("Error building Authorizer: %+v", err) - } + tenantId: tenantID, + subscriptionId: subscriptionID, + location: location, + env: *env, + + resourceGroupsClient: resourceGroupsClient, + storageAccountsClient: storageAccountsClient, + } +} + +func (c *TestMeta) buildTestResources(ctx context.Context) error { + log.Printf("Creating Resource Group %q", c.names.resourceGroup) + rgid := commonids.NewResourceGroupID(c.subscriptionId, c.names.resourceGroup) + if _, err := c.resourceGroupsClient.CreateOrUpdate(ctx, rgid, resourcegroups.ResourceGroup{Location: c.location}); err != nil { + return fmt.Errorf("failed to create test resource group: %s", err) + } + + log.Printf("Creating Storage Account %q in Resource Group %q", c.names.storageAccountName, c.names.resourceGroup) + storageProps := storageaccounts.StorageAccountCreateParameters{ + Kind: storageaccounts.KindStorageVTwo, + Sku: storageaccounts.Sku{ + Name: storageaccounts.SkuNameStandardLRS, + Tier: pointer.To(storageaccounts.SkuTierStandard), + }, + Location: c.location, + } - containersClient.Client.Authorizer = storageAuth + said := commonids.NewStorageAccountID(c.subscriptionId, c.names.resourceGroup, c.names.storageAccountName) + if err := c.storageAccountsClient.CreateThenPoll(ctx, said, storageProps); err != nil { + return fmt.Errorf("failed to create test storage account: %s", err) } - log.Printf("Creating Container %q in Storage Account %q (Resource Group %q)", names.storageContainerName, names.storageAccountName, names.resourceGroup) - _, err = containersClient.Create(ctx, names.storageAccountName, names.storageContainerName, containers.CreateInput{}) + // Populate the storage account access key + resp, err := c.storageAccountsClient.GetProperties(ctx, said, storageaccounts.DefaultGetPropertiesOperationOptions()) if err != nil { + return fmt.Errorf("getting %s: %+v", said, err) + } + if resp.Model == nil { + return fmt.Errorf("unexpected null model of %s", said) + } + accountDetail, err := populateAccountDetails(said, *resp.Model) + if err != nil { + return fmt.Errorf("populating details for %s: %+v", said, err) + } + + accountKey, err := accountDetail.AccountKey(ctx, c.storageAccountsClient) + if err != nil { + return fmt.Errorf("listing access key for %s: %+v", said, err) + } + c.storageAccessKey = *accountKey + + blobBaseUri, err := accountDetail.DataPlaneEndpoint(EndpointTypeBlob) + if err != nil { + return err + } + c.blobBaseUri = *blobBaseUri + + containersClient, err := containers.NewWithBaseUri(*blobBaseUri) + if err != nil { + return fmt.Errorf("failed to new container client: %v", err) + } + + authorizer, err := auth.NewSharedKeyAuthorizer(c.names.storageAccountName, *accountKey, auth.SharedKey) + if err != nil { + return fmt.Errorf("new shared key authorizer: %v", err) + } + containersClient.Client.Authorizer = authorizer + + log.Printf("Creating Container %q in Storage Account %q (Resource Group %q)", c.names.storageContainerName, c.names.storageAccountName, c.names.resourceGroup) + if _, err = containersClient.Create(ctx, c.names.storageContainerName, containers.CreateInput{}); err != nil { return fmt.Errorf("failed to create storage container: %s", err) } return nil } -func (c *Client) destroyTestResources(ctx context.Context, resources resourceNames) error { - log.Printf("[DEBUG] Deleting Resource Group %q..", resources.resourceGroup) - future, err := c.resourceGroupsClient.Delete(ctx, resources.resourceGroup) - if err != nil { +func (c *TestMeta) destroyTestResources(ctx context.Context) error { + log.Printf("[DEBUG] Deleting Resource Group %q..", c.names.resourceGroup) + rgid := commonids.NewResourceGroupID(c.subscriptionId, c.names.resourceGroup) + if err := c.resourceGroupsClient.DeleteThenPoll(ctx, rgid, resourcegroups.DefaultDeleteOperationOptions()); err != nil { return fmt.Errorf("Error deleting Resource Group: %+v", err) } + return nil +} - log.Printf("[DEBUG] Waiting for deletion of Resource Group %q..", resources.resourceGroup) - err = future.WaitForCompletionRef(ctx, c.resourceGroupsClient.Client) +func (c *TestMeta) getBlobClient(ctx context.Context) (bc *blobs.Client, err error) { + blobsClient, err := blobs.NewWithBaseUri(c.blobBaseUri) if err != nil { - return fmt.Errorf("Error waiting for the deletion of Resource Group: %+v", err) + return nil, fmt.Errorf("new blob client: %v", err) } - return nil + authorizer, err := auth.NewSharedKeyAuthorizer(c.names.storageAccountName, c.storageAccessKey, auth.SharedKey) + if err != nil { + return nil, fmt.Errorf("new shared key authorizer: %v", err) + } + blobsClient.Client.SetAuthorizer(authorizer) + + return blobsClient, nil } // randString generates a random alphanumeric string of the length specified From f1ad6f0488b4fc5a2eebf680b3b2717ddb8f7594 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 20:10:13 +1100 Subject: [PATCH 06/18] Allow more auth methods to deploy resources --- .../remote-state/azure/helpers_test.go | 37 ++++++++++++++----- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 1cfde8f348f2..8dce7d8e531d 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -155,12 +155,24 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { } clientID := os.Getenv("ARM_CLIENT_ID") + if clientID == "" { + t.Fatalf("Missing ARM_CLIENT_ID") + } + + // For deploying test resources, we support the followings: + // - Client secret: For most of the tests + // - Client certificate: For client certificate related tests + // - MSI: For MSI related tests + // - OIDC: For OIDC related tests clientSecret := os.Getenv("ARM_CLIENT_SECRET") + clientSecretEnabled := clientSecret != "" + + clientCertificatePath := os.Getenv("ARM_CLIENT_CERTIFICATE_PATH") + clientCertificatePassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") + clientCertificateEnabled := clientCertificatePath != "" + msiEnabled := strings.EqualFold(os.Getenv("ARM_USE_MSI"), "true") - hasCredentials := (clientID != "" && clientSecret != "") || msiEnabled - if !hasCredentials { - t.Fatal("Azure credentials missing or incomplete") - } + oidcEnabled := strings.EqualFold(os.Getenv("ARM_USE_OIDC"), "true") environment := "public" if v := os.Getenv("ARM_ENVIRONMENT"); v != "" { @@ -172,12 +184,17 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { } authConfig := &auth.Credentials{ - Environment: *env, - ClientID: clientID, - TenantID: tenantID, - ClientSecret: clientSecret, - EnableAuthenticatingUsingClientSecret: true, - EnableAuthenticatingUsingManagedIdentity: msiEnabled, + Environment: *env, + ClientID: clientID, + TenantID: tenantID, + ClientSecret: clientSecret, + ClientCertificatePath: clientCertificatePath, + ClientCertificatePassword: clientCertificatePassword, + + EnableAuthenticatingUsingClientSecret: clientSecretEnabled, + EnableAuthenticatingUsingClientCertificate: clientCertificateEnabled, + EnableAuthenticatingUsingManagedIdentity: msiEnabled, + EnableAuthenticationUsingOIDC: oidcEnabled, } resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *authConfig, env.ResourceManager) From 39c89fc1977b5b659fdf375baaf0e610693dc13d Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 20:28:23 +1100 Subject: [PATCH 07/18] Fix --- .../backend/remote-state/azure/helpers_test.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 8dce7d8e531d..41f57b38b2d6 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -38,20 +38,24 @@ func testAccAzureBackend(t *testing.T) { } } +const ENV_RUNNING_IN_AZURE = "TF_RUNNING_IN_AZURE" + // these kind of tests can only run when within Azure (e.g. MSI) func testAccAzureBackendRunningInAzure(t *testing.T) { testAccAzureBackend(t) - if os.Getenv("TF_RUNNING_IN_AZURE") == "" { + if os.Getenv(ENV_RUNNING_IN_AZURE) == "" { t.Skip("Skipping test since not running in Azure") } } +const ENV_RUNNING_IN_GITHUB_ACTIONS = "TF_RUNNING_IN_GITHUB_ACTIONS" + // these kind of tests can only run when within GitHub Actions (e.g. OIDC) func testAccAzureBackendRunningInGitHubActions(t *testing.T) { testAccAzureBackend(t) - if os.Getenv("TF_RUNNING_IN_GITHUB_ACTIONS") == "" { + if os.Getenv(ENV_RUNNING_IN_GITHUB_ACTIONS) == "" { t.Skip("Skipping test since not running in GitHub Actions") } } @@ -171,9 +175,6 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { clientCertificatePassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") clientCertificateEnabled := clientCertificatePath != "" - msiEnabled := strings.EqualFold(os.Getenv("ARM_USE_MSI"), "true") - oidcEnabled := strings.EqualFold(os.Getenv("ARM_USE_OIDC"), "true") - environment := "public" if v := os.Getenv("ARM_ENVIRONMENT"); v != "" { environment = v @@ -193,8 +194,8 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { EnableAuthenticatingUsingClientSecret: clientSecretEnabled, EnableAuthenticatingUsingClientCertificate: clientCertificateEnabled, - EnableAuthenticatingUsingManagedIdentity: msiEnabled, - EnableAuthenticationUsingOIDC: oidcEnabled, + EnableAuthenticatingUsingManagedIdentity: true, + EnableAuthenticationUsingOIDC: true, } resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *authConfig, env.ResourceManager) From 804d79d5bdcc5b3a7abe46de04f8ac7959a10468 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 20:28:50 +1100 Subject: [PATCH 08/18] Fix2 --- internal/backend/remote-state/azure/helpers_test.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 41f57b38b2d6..eb42c678ba6c 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -38,24 +38,20 @@ func testAccAzureBackend(t *testing.T) { } } -const ENV_RUNNING_IN_AZURE = "TF_RUNNING_IN_AZURE" - // these kind of tests can only run when within Azure (e.g. MSI) func testAccAzureBackendRunningInAzure(t *testing.T) { testAccAzureBackend(t) - if os.Getenv(ENV_RUNNING_IN_AZURE) == "" { + if os.Getenv("TF_RUNNING_IN_AZURE") == "" { t.Skip("Skipping test since not running in Azure") } } -const ENV_RUNNING_IN_GITHUB_ACTIONS = "TF_RUNNING_IN_GITHUB_ACTIONS" - // these kind of tests can only run when within GitHub Actions (e.g. OIDC) func testAccAzureBackendRunningInGitHubActions(t *testing.T) { testAccAzureBackend(t) - if os.Getenv(ENV_RUNNING_IN_GITHUB_ACTIONS) == "" { + if os.Getenv("TF_RUNNING_IN_GITHUB_ACTIONS") == "" { t.Skip("Skipping test since not running in GitHub Actions") } } From efd37a2def0b6252d50e9b74128bedbccfba6539 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 20:38:56 +1100 Subject: [PATCH 09/18] Fix3 --- internal/backend/remote-state/azure/helpers_test.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index eb42c678ba6c..fe676fb39314 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -155,9 +155,6 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { } clientID := os.Getenv("ARM_CLIENT_ID") - if clientID == "" { - t.Fatalf("Missing ARM_CLIENT_ID") - } // For deploying test resources, we support the followings: // - Client secret: For most of the tests From 2df3cca101802cbe0221f30bdb4cdb89393a9963 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 20:55:24 +1100 Subject: [PATCH 10/18] Fix a bug that use_aad_auth is not checked --- .../backend/remote-state/azure/api_client.go | 13 ++++++---- .../remote-state/azure/helpers_test.go | 26 +++++++------------ 2 files changed, 18 insertions(+), 21 deletions(-) diff --git a/internal/backend/remote-state/azure/api_client.go b/internal/backend/remote-state/azure/api_client.go index d74d274f272b..cc9d59040b49 100644 --- a/internal/backend/remote-state/azure/api_client.go +++ b/internal/backend/remote-state/azure/api_client.go @@ -64,6 +64,14 @@ func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { return &client, nil } + if config.UseAzureADAuthentication { + var err error + client.azureAdStorageAuth, err = auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.Storage) + if err != nil { + return nil, fmt.Errorf("unable to build authorizer for Storage API: %+v", err) + } + } + resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.ResourceManager) if err != nil { return nil, fmt.Errorf("unable to build authorizer for Resource Manager API: %+v", err) @@ -75,11 +83,6 @@ func buildClient(ctx context.Context, config BackendConfig) (*Client, error) { } client.configureClient(client.storageAccountsClient.Client, resourceManagerAuth) - client.azureAdStorageAuth, err = auth.NewAuthorizerFromCredentials(ctx, *config.AuthConfig, config.AuthConfig.Environment.Storage) - if err != nil { - return nil, fmt.Errorf("unable to build authorizer for Storage API: %+v", err) - } - // Populating the storage account detail said := commonids.NewStorageAccountID(config.SubscriptionID, config.ResourceGroupName, client.storageAccountName) resp, err := client.storageAccountsClient.GetProperties(ctx, said, storageaccounts.DefaultGetPropertiesOperationOptions()) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index fe676fb39314..77a04a30d589 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -155,18 +155,7 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { } clientID := os.Getenv("ARM_CLIENT_ID") - - // For deploying test resources, we support the followings: - // - Client secret: For most of the tests - // - Client certificate: For client certificate related tests - // - MSI: For MSI related tests - // - OIDC: For OIDC related tests clientSecret := os.Getenv("ARM_CLIENT_SECRET") - clientSecretEnabled := clientSecret != "" - - clientCertificatePath := os.Getenv("ARM_CLIENT_CERTIFICATE_PATH") - clientCertificatePassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") - clientCertificateEnabled := clientCertificatePath != "" environment := "public" if v := os.Getenv("ARM_ENVIRONMENT"); v != "" { @@ -177,16 +166,21 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { t.Fatalf("Failed to build environment for %s: %v", environment, err) } + // For deploying test resources, we support the followings: + // - Client secret: For most of the tests + // - Client certificate: For client certificate related tests + // - MSI: For MSI related tests + // - OIDC: For OIDC related tests authConfig := &auth.Credentials{ Environment: *env, - ClientID: clientID, TenantID: tenantID, + ClientID: clientID, ClientSecret: clientSecret, - ClientCertificatePath: clientCertificatePath, - ClientCertificatePassword: clientCertificatePassword, + ClientCertificatePath: os.Getenv("ARM_CLIENT_CERTIFICATE_PATH"), + ClientCertificatePassword: os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD"), - EnableAuthenticatingUsingClientSecret: clientSecretEnabled, - EnableAuthenticatingUsingClientCertificate: clientCertificateEnabled, + EnableAuthenticatingUsingClientSecret: true, + EnableAuthenticatingUsingClientCertificate: true, EnableAuthenticatingUsingManagedIdentity: true, EnableAuthenticationUsingOIDC: true, } From a9c117db00c1c70143c0c966a2b7f88625a19ff1 Mon Sep 17 00:00:00 2001 From: magodo Date: Thu, 2 Jan 2025 21:27:11 +1100 Subject: [PATCH 11/18] Mention test runner has to ensure big enough parallelism --- internal/backend/remote-state/azure/helpers_test.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 77a04a30d589..65e5b975442b 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -59,6 +59,12 @@ func testAccAzureBackendRunningInGitHubActions(t *testing.T) { // clearEnv cleans up the azure related environment variables. // This is to ensure the configuration only comes from HCL, which avoids // env vars for test setup interfere the behavior. +// +// NOTE: Since `go test` runs all test cases in a single process, clearing +// environment has a whole process impact to other test cases. While this +// impact can be eliminated given all the tests are implemented in a similar +// pattern that those env vars will be consumed at the very begining. The test +// runner has to ensure to set a **big enough parallelism**. func clearEnv() { for _, evexp := range os.Environ() { k, _, ok := strings.Cut(evexp, "=") From 62936fd370c886a82a37d3e89dca6dc256669ebf Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 16:58:29 +1100 Subject: [PATCH 12/18] test client specify github oidc request token/url --- .../backend/remote-state/azure/helpers_test.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 65e5b975442b..19e686898300 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -178,12 +178,14 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { // - MSI: For MSI related tests // - OIDC: For OIDC related tests authConfig := &auth.Credentials{ - Environment: *env, - TenantID: tenantID, - ClientID: clientID, - ClientSecret: clientSecret, - ClientCertificatePath: os.Getenv("ARM_CLIENT_CERTIFICATE_PATH"), - ClientCertificatePassword: os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD"), + Environment: *env, + TenantID: tenantID, + ClientID: clientID, + ClientSecret: clientSecret, + ClientCertificatePath: os.Getenv("ARM_CLIENT_CERTIFICATE_PATH"), + ClientCertificatePassword: os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD"), + GitHubOIDCTokenRequestURL: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"), + GitHubOIDCTokenRequestToken: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_TOKEN"), EnableAuthenticatingUsingClientSecret: true, EnableAuthenticatingUsingClientCertificate: true, From 1e00df879d059d68b58b881c42a68b48c25715bf Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 17:04:50 +1100 Subject: [PATCH 13/18] enable github oidc --- internal/backend/remote-state/azure/helpers_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index 19e686898300..d89b59ddda86 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -190,7 +190,7 @@ func BuildTestMeta(t *testing.T, ctx context.Context) *TestMeta { EnableAuthenticatingUsingClientSecret: true, EnableAuthenticatingUsingClientCertificate: true, EnableAuthenticatingUsingManagedIdentity: true, - EnableAuthenticationUsingOIDC: true, + EnableAuthenticationUsingGitHubOIDC: true, } resourceManagerAuth, err := auth.NewAuthorizerFromCredentials(ctx, *authConfig, env.ResourceManager) From bac1bb8457d15aea960e761015e2bd98bbfb7a4e Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 17:12:17 +1100 Subject: [PATCH 14/18] Fix --- internal/backend/remote-state/azure/backend_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/backend/remote-state/azure/backend_test.go b/internal/backend/remote-state/azure/backend_test.go index 1e5f593ddf30..8abb1e15ed6d 100644 --- a/internal/backend/remote-state/azure/backend_test.go +++ b/internal/backend/remote-state/azure/backend_test.go @@ -101,7 +101,7 @@ func TestAccBackendSASTokenBasic(t *testing.T) { backend.TestBackendStates(t, b) } -func TestAccBackendOIDCBasic(t *testing.T) { +func TestAccBackendGithubOIDCBasic(t *testing.T) { t.Parallel() testAccAzureBackendRunningInGitHubActions(t) @@ -125,6 +125,7 @@ func TestAccBackendOIDCBasic(t *testing.T) { "key": m.names.storageKeyName, "use_oidc": true, "tenant_id": m.tenantId, + "client_id": m.clientId, "environment": m.env.Name, })).(*Backend) From 18d7f9146f67a3d29a717456a2b29cdbe606df77 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 17:26:28 +1100 Subject: [PATCH 15/18] remove sender.go --- internal/backend/remote-state/azure/sender.go | 67 ------------------- 1 file changed, 67 deletions(-) delete mode 100644 internal/backend/remote-state/azure/sender.go diff --git a/internal/backend/remote-state/azure/sender.go b/internal/backend/remote-state/azure/sender.go deleted file mode 100644 index f73a0dbdc533..000000000000 --- a/internal/backend/remote-state/azure/sender.go +++ /dev/null @@ -1,67 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package azure - -import ( - "log" - "net/http" - "net/http/httputil" - - "github.com/Azure/go-autorest/autorest" - "github.com/hashicorp/terraform/internal/logging" -) - -func buildSender() autorest.Sender { - return autorest.DecorateSender(&http.Client{ - Transport: &http.Transport{ - Proxy: http.ProxyFromEnvironment, - }, - }, withRequestLogging()) -} - -func withRequestLogging() autorest.SendDecorator { - return func(s autorest.Sender) autorest.Sender { - return autorest.SenderFunc(func(r *http.Request) (*http.Response, error) { - // only log if logging's enabled - logLevel := logging.CurrentLogLevel() - if logLevel == "" { - return s.Do(r) - } - - // strip the authorization header prior to printing - authHeaderName := "Authorization" - auth := r.Header.Get(authHeaderName) - if auth != "" { - r.Header.Del(authHeaderName) - } - - // dump request to wire format - if dump, err := httputil.DumpRequestOut(r, true); err == nil { - log.Printf("[DEBUG] Azure Backend Request: \n%s\n", dump) - } else { - // fallback to basic message - log.Printf("[DEBUG] Azure Backend Request: %s to %s\n", r.Method, r.URL) - } - - // add the auth header back - if auth != "" { - r.Header.Add(authHeaderName, auth) - } - - resp, err := s.Do(r) - if resp != nil { - // dump response to wire format - if dump, err2 := httputil.DumpResponse(resp, true); err2 == nil { - log.Printf("[DEBUG] Azure Backend Response for %s: \n%s\n", r.URL, dump) - } else { - // fallback to basic message - log.Printf("[DEBUG] Azure Backend Response: %s for %s\n", resp.Status, r.URL) - } - } else { - log.Printf("[DEBUG] Request to %s completed with no response", r.URL) - } - return resp, err - }) - } -} From afdda8d5c11f27e68fdac8fa574518f4d2007070 Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 17:28:03 +1100 Subject: [PATCH 16/18] remove sender.go --- go.sum | 6 ------ internal/backend/remote-state/azure/go.mod | 5 +---- internal/backend/remote-state/azure/go.sum | 7 ------- 3 files changed, 1 insertion(+), 17 deletions(-) diff --git a/go.sum b/go.sum index c918807d2161..e065329eca12 100644 --- a/go.sum +++ b/go.sum @@ -190,8 +190,6 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ= github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= -github.com/Azure/azure-sdk-for-go v59.2.0+incompatible h1:mbxiZy1K820hQ+dI+YIO/+a0wQDYqOu18BAGe4lXjVk= -github.com/Azure/azure-sdk-for-go v59.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= @@ -204,10 +202,6 @@ github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSY github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= -github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= -github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index a369aa2930ff..b321e6e7fe18 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -3,8 +3,6 @@ module github.com/hashicorp/terraform/internal/backend/remote-state/azure go 1.23.3 require ( - github.com/Azure/azure-sdk-for-go v59.2.0+incompatible - github.com/Azure/go-autorest/autorest v0.11.29 github.com/hashicorp/go-azure-helpers v0.67.0 github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 @@ -16,10 +14,9 @@ require ( require ( github.com/Azure/go-autorest v14.2.0+incompatible // indirect + github.com/Azure/go-autorest/autorest v0.11.29 // indirect github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect - github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect - github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/agext/levenshtein v1.2.3 // indirect diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index 692feda9092e..57581a626cbe 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -44,8 +44,6 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f cloud.google.com/go/storage v1.30.1 h1:uOdMxAs8HExqBlnLtnQyP0YkvbiDpdGShGKtx6U/oNM= cloud.google.com/go/storage v1.30.1/go.mod h1:NfxhC0UJE1aXSx7CIIbCf7y9HKT7BiccwkR7+P7gN8E= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v59.2.0+incompatible h1:mbxiZy1K820hQ+dI+YIO/+a0wQDYqOu18BAGe4lXjVk= -github.com/Azure/azure-sdk-for-go v59.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= @@ -58,10 +56,6 @@ github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSY github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= -github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= -github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= @@ -276,7 +270,6 @@ github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= From e661f73a4be46a50cc3a92100698e22475e9c9cd Mon Sep 17 00:00:00 2001 From: magodo Date: Fri, 3 Jan 2025 17:34:50 +1100 Subject: [PATCH 17/18] Update helper/sdk to latest version --- go.mod | 6 +++--- go.sum | 12 ++++++------ internal/backend/remote-state/azure/go.mod | 6 +++--- internal/backend/remote-state/azure/go.sum | 12 ++++++------ 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index 691444814344..b03ed29c8d0c 100644 --- a/go.mod +++ b/go.mod @@ -178,9 +178,9 @@ require ( github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.58 // indirect github.com/hashicorp/consul/api v1.13.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-azure-helpers v0.67.0 // indirect - github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 // indirect - github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 // indirect + github.com/hashicorp/go-azure-helpers v0.71.0 // indirect + github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051 // indirect + github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-immutable-radix v1.0.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect diff --git a/go.sum b/go.sum index e065329eca12..d7f8a16ce513 100644 --- a/go.sum +++ b/go.sum @@ -614,12 +614,12 @@ github.com/hashicorp/copywrite v0.19.0/go.mod h1:6wvQH+ICDoD2bpjO1RJ6fi+h3aY5NeL github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.67.0 h1:0RY6mY3W3Ym2I+jExLtyLx96fh6p5n9vidqisAKGUSE= -github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= -github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= -github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= -github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 h1:jvdGTdPZhl5PBAQO2VdTewQlQiZ2NW68wJztVEYMDGc= -github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320/go.mod h1:Ts5vRL3KPw8iLit+4WSi1hOWlRCx++wJrCkMGj69xBY= +github.com/hashicorp/go-azure-helpers v0.71.0 h1:ra3aIRzg01g6MLKQ+yABcb6WJtrqRUDDgyuPLmyZ9lY= +github.com/hashicorp/go-azure-helpers v0.71.0/go.mod h1:BmbF4JDYXK5sEmFeU5hcn8Br21uElcqLfdQxjatwQKw= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051 h1:jFgd3bzeRViGTzicIn9gDw2O/Gk6WjVJCTTefPNOGPY= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051/go.mod h1:XapOZ9HiCtXz3qb5yNFiCuWbOBj2I3WU1K2jwqgK2zA= +github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051 h1:4fCKJPSeLVvwl7ZCqU7MOUKyx/M7kl/J6wlw2O3xn40= +github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051/go.mod h1:oI5R0fTbBx3K/sJBK5R/OlEy8ozdQjvctxVU9v3EDkc= github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index b321e6e7fe18..ad71caf0c94f 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -3,9 +3,9 @@ module github.com/hashicorp/terraform/internal/backend/remote-state/azure go 1.23.3 require ( - github.com/hashicorp/go-azure-helpers v0.67.0 - github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 - github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 + github.com/hashicorp/go-azure-helpers v0.71.0 + github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051 + github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051 github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/terraform v0.0.0-00010101000000-000000000000 github.com/hashicorp/terraform/internal/legacy v0.0.0-00010101000000-000000000000 diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index 57581a626cbe..7004c6d4ee55 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -178,12 +178,12 @@ github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.67.0 h1:0RY6mY3W3Ym2I+jExLtyLx96fh6p5n9vidqisAKGUSE= -github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A= -github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320 h1:dd0vM8u66FOrCuU3zFzj7R5IjwVJtfX3Smv2gUFo1jg= -github.com/hashicorp/go-azure-sdk/resource-manager v0.20240425.1225320/go.mod h1:lqTkN6888JpeHTjLu1A5tJZW0b/SyGCJ1GTyf6SfXoE= -github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320 h1:jvdGTdPZhl5PBAQO2VdTewQlQiZ2NW68wJztVEYMDGc= -github.com/hashicorp/go-azure-sdk/sdk v0.20240425.1225320/go.mod h1:Ts5vRL3KPw8iLit+4WSi1hOWlRCx++wJrCkMGj69xBY= +github.com/hashicorp/go-azure-helpers v0.71.0 h1:ra3aIRzg01g6MLKQ+yABcb6WJtrqRUDDgyuPLmyZ9lY= +github.com/hashicorp/go-azure-helpers v0.71.0/go.mod h1:BmbF4JDYXK5sEmFeU5hcn8Br21uElcqLfdQxjatwQKw= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051 h1:jFgd3bzeRViGTzicIn9gDw2O/Gk6WjVJCTTefPNOGPY= +github.com/hashicorp/go-azure-sdk/resource-manager v0.20241212.1154051/go.mod h1:XapOZ9HiCtXz3qb5yNFiCuWbOBj2I3WU1K2jwqgK2zA= +github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051 h1:4fCKJPSeLVvwl7ZCqU7MOUKyx/M7kl/J6wlw2O3xn40= +github.com/hashicorp/go-azure-sdk/sdk v0.20241212.1154051/go.mod h1:oI5R0fTbBx3K/sJBK5R/OlEy8ozdQjvctxVU9v3EDkc= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= From dd0f7ba24ae9be7b1c7aa01aae3644abec4f681e Mon Sep 17 00:00:00 2001 From: magodo Date: Mon, 20 Jan 2025 13:25:07 +1100 Subject: [PATCH 18/18] Replace giovanni from tombuildsstuff org to jackofallops --- go.mod | 2 +- go.sum | 4 ++-- internal/backend/remote-state/azure/api_client.go | 4 ++-- internal/backend/remote-state/azure/backend_state.go | 4 ++-- internal/backend/remote-state/azure/client.go | 2 +- internal/backend/remote-state/azure/client_test.go | 2 +- internal/backend/remote-state/azure/go.mod | 2 +- internal/backend/remote-state/azure/go.sum | 4 ++-- internal/backend/remote-state/azure/helpers_test.go | 4 ++-- 9 files changed, 14 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 57ea17a4a337..7a4411cbf9ad 100644 --- a/go.mod +++ b/go.mod @@ -197,6 +197,7 @@ require ( github.com/huandu/xstrings v1.3.3 // indirect github.com/imdario/mergo v0.3.13 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/jackofallops/giovanni v0.28.0 // indirect github.com/jedib0t/go-pretty v4.3.0+incompatible // indirect github.com/jedib0t/go-pretty/v6 v6.5.9 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect @@ -239,7 +240,6 @@ require ( github.com/tencentyun/cos-go-sdk-v5 v0.7.42 // indirect github.com/thanhpk/randstr v1.0.6 // indirect github.com/thlib/go-timezone-local v0.0.3 // indirect - github.com/tombuildsstuff/giovanni v0.27.0 // indirect github.com/ulikunitz/xz v0.5.10 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect github.com/vmihailenco/msgpack/v4 v4.3.12 // indirect diff --git a/go.sum b/go.sum index e440c539e5cf..ee074135b6f7 100644 --- a/go.sum +++ b/go.sum @@ -719,6 +719,8 @@ github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jackofallops/giovanni v0.28.0 h1:fxn55SnxL2Rj3hgkkgQS9UKlIRXkkTZ5WcnE04JCBRE= +github.com/jackofallops/giovanni v0.28.0/go.mod h1:CyzRgZyts4YSI/1iZF8poqdn9I6J8xpmg1iMpvhthTs= github.com/jedib0t/go-pretty v4.3.0+incompatible h1:CGs8AVhEKg/n9YbUenWmNStRW2PHJzaeDodcfvRAbIo= github.com/jedib0t/go-pretty v4.3.0+incompatible/go.mod h1:XemHduiw8R651AF9Pt4FwCTKeG3oo7hrHJAoznj9nag= github.com/jedib0t/go-pretty/v6 v6.5.9 h1:ACteMBRrrmm1gMsXe9PSTOClQ63IXDUt03H5U+UV8OU= @@ -983,8 +985,6 @@ github.com/thanhpk/randstr v1.0.6 h1:psAOktJFD4vV9NEVb3qkhRSMvYh4ORRaj1+w/hn4B+o github.com/thanhpk/randstr v1.0.6/go.mod h1:M/H2P1eNLZzlDwAzpkkkUvoyNNMbzRGhESZuEQk3r0U= github.com/thlib/go-timezone-local v0.0.3 h1:ie5XtZWG5lQ4+1MtC5KZ/FeWlOKzW2nPoUnXYUbV/1s= github.com/thlib/go-timezone-local v0.0.3/go.mod h1:/Tnicc6m/lsJE0irFMA0LfIwTBo4QP7A8IfyIv4zZKI= -github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= -github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= diff --git a/internal/backend/remote-state/azure/api_client.go b/internal/backend/remote-state/azure/api_client.go index cc9d59040b49..0cb2237da2e7 100644 --- a/internal/backend/remote-state/azure/api_client.go +++ b/internal/backend/remote-state/azure/api_client.go @@ -18,8 +18,8 @@ import ( "github.com/hashicorp/go-azure-sdk/sdk/environments" "github.com/hashicorp/terraform/internal/httpclient" "github.com/hashicorp/terraform/version" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/blobs" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/containers" ) type Client struct { diff --git a/internal/backend/remote-state/azure/backend_state.go b/internal/backend/remote-state/azure/backend_state.go index c4b4ea53aacb..94a8f7ef078a 100644 --- a/internal/backend/remote-state/azure/backend_state.go +++ b/internal/backend/remote-state/azure/backend_state.go @@ -12,8 +12,8 @@ import ( "github.com/hashicorp/terraform/internal/states" "github.com/hashicorp/terraform/internal/states/remote" "github.com/hashicorp/terraform/internal/states/statemgr" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/blobs" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/containers" ) const ( diff --git a/internal/backend/remote-state/azure/client.go b/internal/backend/remote-state/azure/client.go index a5567440a6d6..855c11dd11aa 100644 --- a/internal/backend/remote-state/azure/client.go +++ b/internal/backend/remote-state/azure/client.go @@ -14,7 +14,7 @@ import ( "time" "github.com/hashicorp/go-uuid" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/blobs" "github.com/hashicorp/terraform/internal/states/remote" "github.com/hashicorp/terraform/internal/states/statemgr" diff --git a/internal/backend/remote-state/azure/client_test.go b/internal/backend/remote-state/azure/client_test.go index 91622c56afc3..ab0e0706345c 100644 --- a/internal/backend/remote-state/azure/client_test.go +++ b/internal/backend/remote-state/azure/client_test.go @@ -8,7 +8,7 @@ import ( "github.com/hashicorp/terraform/internal/backend" "github.com/hashicorp/terraform/internal/states/remote" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/blobs" ) var _ remote.Client = new(RemoteClient) diff --git a/internal/backend/remote-state/azure/go.mod b/internal/backend/remote-state/azure/go.mod index e81754eee609..5f07d05a9d31 100644 --- a/internal/backend/remote-state/azure/go.mod +++ b/internal/backend/remote-state/azure/go.mod @@ -9,7 +9,7 @@ require ( github.com/hashicorp/go-uuid v1.0.3 github.com/hashicorp/terraform v0.0.0-00010101000000-000000000000 github.com/hashicorp/terraform/internal/legacy v0.0.0-00010101000000-000000000000 - github.com/tombuildsstuff/giovanni v0.27.0 + github.com/jackofallops/giovanni v0.28.0 ) require ( diff --git a/internal/backend/remote-state/azure/go.sum b/internal/backend/remote-state/azure/go.sum index e665a026f064..3c4fd63c43af 100644 --- a/internal/backend/remote-state/azure/go.sum +++ b/internal/backend/remote-state/azure/go.sum @@ -222,6 +222,8 @@ github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/jackofallops/giovanni v0.28.0 h1:fxn55SnxL2Rj3hgkkgQS9UKlIRXkkTZ5WcnE04JCBRE= +github.com/jackofallops/giovanni v0.28.0/go.mod h1:CyzRgZyts4YSI/1iZF8poqdn9I6J8xpmg1iMpvhthTs= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= @@ -279,8 +281,6 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/tombuildsstuff/giovanni v0.27.0 h1:3CDNjauK78FIhvvCp0SAHlvNcPTcofR6zQXvxwhk4zY= -github.com/tombuildsstuff/giovanni v0.27.0/go.mod h1:SviBdlwdVn2HyArdRABBqMUODBJ2adQHi+RFEVaO05I= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= diff --git a/internal/backend/remote-state/azure/helpers_test.go b/internal/backend/remote-state/azure/helpers_test.go index d89b59ddda86..33bab5d9289b 100644 --- a/internal/backend/remote-state/azure/helpers_test.go +++ b/internal/backend/remote-state/azure/helpers_test.go @@ -20,8 +20,8 @@ import ( "github.com/hashicorp/go-azure-sdk/resource-manager/storage/2023-01-01/storageaccounts" "github.com/hashicorp/go-azure-sdk/sdk/auth" "github.com/hashicorp/go-azure-sdk/sdk/environments" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/blobs" - "github.com/tombuildsstuff/giovanni/storage/2023-11-03/blob/containers" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/blobs" + "github.com/jackofallops/giovanni/storage/2023-11-03/blob/containers" ) const (