From 22c99cd66fc8158460c1f0d93ab609224d60725a Mon Sep 17 00:00:00 2001 From: MrLuje Date: Mon, 21 Mar 2022 10:51:44 +0100 Subject: [PATCH] fix: crash when adding a role on an existing project without role (#154) --- argocd/resource_argocd_project.go | 3 +- argocd/resource_argocd_project_test.go | 106 +++++++++++++++++++++++++ 2 files changed, 108 insertions(+), 1 deletion(-) diff --git a/argocd/resource_argocd_project.go b/argocd/resource_argocd_project.go index a8be79dc..f432dfd0 100644 --- a/argocd/resource_argocd_project.go +++ b/argocd/resource_argocd_project.go @@ -248,8 +248,9 @@ func resourceArgoCDProjectUpdate(ctx context.Context, d *schema.ResourceData, me }, } } + } else { // Only preserve preexisting JWTs for managed roles if we found an existing matching project + projectRequest.Project.Spec.Roles[i].JWTTokens = pr.JWTTokens } - projectRequest.Project.Spec.Roles[i].JWTTokens = pr.JWTTokens } } diff --git a/argocd/resource_argocd_project_test.go b/argocd/resource_argocd_project_test.go index 6e2b38d4..1b9be29d 100644 --- a/argocd/resource_argocd_project_test.go +++ b/argocd/resource_argocd_project_test.go @@ -114,6 +114,35 @@ func TestAccArgoCDProject_tokensCoexistence(t *testing.T) { }) } +func TestAccArgoCDProjectUpdateAddRole(t *testing.T) { + name := acctest.RandomWithPrefix("test-acc") + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ProviderFactories: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccArgoCDProjectSimpleWithoutRole(name), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet( + "argocd_project.simple", + "metadata.0.uid", + ), + ), + }, + { + Config: testAccArgoCDProjectSimpleWithRole(name), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrSet( + "argocd_project.simple", + "metadata.0.uid", + ), + ), + }, + }, + }) +} + func testAccArgoCDProjectSimple(name string) string { return fmt.Sprintf(` resource "argocd_project" "simple" { @@ -393,3 +422,80 @@ resource "argocd_project" "failure" { } `, name, name, name) } + +func testAccArgoCDProjectSimpleWithoutRole(name string) string { + return fmt.Sprintf(` + resource "argocd_project" "simple" { + metadata { + name = "%s" + namespace = "argocd" + labels = { + acceptance = "true" + } + annotations = { + "this.is.a.really.long.nested.key" = "yes, really!" + } + } + + spec { + description = "simple project" + source_repos = ["*"] + + destination { + name = "anothercluster" + namespace = "bar" + } + orphaned_resources { + warn = true + ignore { + group = "apps/v1" + kind = "Deployment" + name = "ignored1" + } + } + } + } + `, name) +} + +func testAccArgoCDProjectSimpleWithRole(name string) string { + return fmt.Sprintf(` + resource "argocd_project" "simple" { + metadata { + name = "%s" + namespace = "argocd" + labels = { + acceptance = "true" + } + annotations = { + "this.is.a.really.long.nested.key" = "yes, really!" + } + } + + spec { + description = "simple project" + source_repos = ["*"] + + destination { + name = "anothercluster" + namespace = "bar" + } + orphaned_resources { + warn = true + ignore { + group = "apps/v1" + kind = "Deployment" + name = "ignored1" + } + } + role { + name = "anotherrole" + policies = [ + "p, proj:%s:anotherrole, applications, get, %s/*, allow", + "p, proj:%s:anotherrole, applications, sync, %s/*, deny", + ] + } + } + } + `, name, name, name, name, name) +}