Service accounts: Bring the service account permission code up to dat…

…e with Golang API Client changes (#1132) * update service account permissions to use the new endpoints from Golang API client * bump golang API version
grafana · Nov 8, 2023 · 222c4f1 · 222c4f1
1 parent 872533d
commit 222c4f1
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 13 deletions.
diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/go-openapi/strfmt v0.21.7
 	github.com/grafana/amixr-api-go-client v0.0.10
-	github.com/grafana/grafana-api-golang-client v0.25.0
+	github.com/grafana/grafana-api-golang-client v0.26.0
 	github.com/grafana/grafana-openapi-client-go v0.0.0-20231031181526-6f78415901a3
 	github.com/grafana/machine-learning-go-client v0.5.0
 	github.com/grafana/synthetic-monitoring-agent v0.18.3

diff --git a/go.sum b/go.sum
@@ -146,6 +146,8 @@ github.com/grafana/amixr-api-go-client v0.0.10 h1:L2Wc1aETiG7ORqmB+XSCBJdncHM/V0
 github.com/grafana/amixr-api-go-client v0.0.10/go.mod h1:N6x26XUrM5zGtK5zL5vNJnAn2JFMxLFPPLTw/6pDkFE=
 github.com/grafana/grafana-api-golang-client v0.25.0 h1:jDxnR0U5xgIwKzE+IliZJvjMUUTQxGq+c1s+3M46flI=
 github.com/grafana/grafana-api-golang-client v0.25.0/go.mod h1:24W29gPe9yl0/3A9X624TPkAOR8DpHno490cPwnkv8E=
+github.com/grafana/grafana-api-golang-client v0.26.0 h1:Eu2YsfUezYngy8ifvmLybgluIcn/2IS9u1xkzuYstEM=
+github.com/grafana/grafana-api-golang-client v0.26.0/go.mod h1:uNLZEmgKtTjHBtCQMwNn3qsx2mpMb8zU+7T4Xv3NR9Y=
 github.com/grafana/grafana-openapi-client-go v0.0.0-20231031181526-6f78415901a3 h1:jZrhPmoUBL+kwwV5e2AIalKnxV0VW/e0QZ7aHP7Zg3c=
 github.com/grafana/grafana-openapi-client-go v0.0.0-20231031181526-6f78415901a3/go.mod h1:2vJ8YEgriYoHaNg5eijRU/q7eJTxT078VrGRSTTLeRk=
 github.com/grafana/machine-learning-go-client v0.5.0 h1:Q1K+MPSy8vfMm2jsk3WQ7O77cGr2fM5hxwtPSoPc5NU=

diff --git a/internal/resources/grafana/resource_service_account_permission.go b/internal/resources/grafana/resource_service_account_permission.go
@@ -119,7 +119,7 @@ func getServiceAccountPermissions(ctx context.Context, d *schema.ResourceData, m
 		return nil, diag.FromErr(err)
 	}
 
-	saPermissions, err := client.GetServiceAccountPermissions(id)
+	saPermissions, err := client.ListServiceAccountResourcePermissions(id)
 	if err, shouldReturn := common.CheckReadError("service account permissions", d, err); shouldReturn {
 		return nil, err
 	}
@@ -163,12 +163,12 @@ func updateServiceAccountPermissions(client *gapi.Client, idStr string, from, to
 		}
 	}
 
-	permissionList := gapi.ServiceAccountPermissionItems{}
+	var permissionList []gapi.SetResourcePermissionItem
 
 	// Iterate over permissions from the configuration (the desired permission setup)
 	for _, p := range listOrSet(to) {
 		permission := p.(map[string]interface{})
-		permissionItem := gapi.ServiceAccountPermissionItem{}
+		permissionItem := gapi.SetResourcePermissionItem{}
 		_, teamIDStr := SplitOrgResourceID(permission["team_id"].(string))
 		teamID, _ := strconv.ParseInt(teamIDStr, 10, 64)
 		_, userIDStr := SplitOrgResourceID(permission["user_id"].(string))
@@ -194,24 +194,25 @@ func updateServiceAccountPermissions(client *gapi.Client, idStr string, from, to
 			permissionItem.UserID = userID
 		}
 		permissionItem.Permission = permission["permission"].(string)
-		permissionList.Permissions = append(permissionList.Permissions, &permissionItem)
+		permissionList = append(permissionList, permissionItem)
 	}
 
 	// Remove the permissions that are in the state but not in the config
 	for teamID := range oldTeamPerms {
-		permissionList.Permissions = append(permissionList.Permissions, &gapi.ServiceAccountPermissionItem{
+		permissionList = append(permissionList, gapi.SetResourcePermissionItem{
 			TeamID:     teamID,
 			Permission: "",
 		})
 	}
 	for userID := range oldUserPerms {
-		permissionList.Permissions = append(permissionList.Permissions, &gapi.ServiceAccountPermissionItem{
+		permissionList = append(permissionList, gapi.SetResourcePermissionItem{
 			UserID:     userID,
 			Permission: "",
 		})
 	}
 
-	return client.UpdateServiceAccountPermissions(id, &permissionList)
+	_, err = client.SetServiceAccountResourcePermissions(id, gapi.SetResourcePermissionsBody{Permissions: permissionList})
+	return err
 }
 
 func listOrSet(v interface{}) []interface{} {

diff --git a/internal/resources/grafana/resource_service_account_permission_test.go b/internal/resources/grafana/resource_service_account_permission_test.go
@@ -20,7 +20,7 @@ func TestAccServiceAccountPermission_basic(t *testing.T) {
 
 	name := acctest.RandString(10)
 
-	var saPermission gapi.ServiceAccountPermission
+	var saPermission gapi.ResourcePermission
 	resource.ParallelTest(t, resource.TestCase{
 		ProviderFactories: testutils.ProviderFactories,
 		CheckDestroy:      testAccServiceAccountPermissionsCheckDestroy(saPermission.ID),
@@ -42,7 +42,7 @@ func TestAccServiceAccountPermission_inOrg(t *testing.T) {
 
 	name := acctest.RandString(10)
 
-	var saPermission gapi.ServiceAccountPermission
+	var saPermission gapi.ResourcePermission
 	resource.ParallelTest(t, resource.TestCase{
 		ProviderFactories: testutils.ProviderFactories,
 		CheckDestroy:      testAccServiceAccountPermissionsCheckDestroy(saPermission.ID),
@@ -61,7 +61,7 @@ func TestAccServiceAccountPermission_inOrg(t *testing.T) {
 	})
 }
 
-func testServiceAccountPermissionsCheckExists(rn string, saPerm *gapi.ServiceAccountPermission) resource.TestCheckFunc {
+func testServiceAccountPermissionsCheckExists(rn string, saPerm *gapi.ResourcePermission) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[rn]
 		if !ok {
@@ -76,7 +76,7 @@ func testServiceAccountPermissionsCheckExists(rn string, saPerm *gapi.ServiceAcc
 		}
 		client := testutils.Provider.Meta().(*common.Client).GrafanaAPI.WithOrgID(orgID)
 
-		perms, err := client.GetServiceAccountPermissions(saID)
+		perms, err := client.ListServiceAccountResourcePermissions(saID)
 		if err != nil {
 			return fmt.Errorf("error getting service account permissions: %s", err)
 		}
@@ -92,7 +92,7 @@ func testServiceAccountPermissionsCheckExists(rn string, saPerm *gapi.ServiceAcc
 func testAccServiceAccountPermissionsCheckDestroy(id int64) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		client := testutils.Provider.Meta().(*common.Client).GrafanaAPI
-		saPerms, err := client.GetServiceAccountPermissions(id)
+		saPerms, err := client.ListServiceAccountResourcePermissions(id)
 		if err != nil {
 			return err
 		}