Merge pull request #240 from ImMin5/feature-service-accont-auto-sync

Modify unique rule for service account name
cloudforet-io · Apr 4, 2024 · de9dcc6 · de9dcc6
2 parents 23f1362 + 1a746fc
commit de9dcc6
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 7 deletions.
diff --git a/src/spaceone/identity/manager/resource_manager.py b/src/spaceone/identity/manager/resource_manager.py
@@ -1,6 +1,8 @@
+import logging
 from typing import Union
 
 from spaceone.core.manager import BaseManager
+from spaceone.core.error import ERROR_NOT_FOUND
 
 from spaceone.identity.error.custom import ERROR_MANAGED_RESOURCE_CAN_NOT_BE_MODIFIED
 from spaceone.identity.model.service_account.database import ServiceAccount
@@ -9,6 +11,8 @@
 from spaceone.identity.model.project_group.database import ProjectGroup
 from spaceone.identity.model.workspace.database import Workspace
 
+_LOGGER = logging.getLogger(__name__)
+
 
 class ResourceManager(BaseManager):
     def __init__(self, *args, **kwargs):
@@ -19,10 +23,16 @@ def check_is_managed_resource(
         self,
         resource_vo: Union[ServiceAccount, Project, ProjectGroup, Workspace],
     ) -> None:
-        if resource_vo.is_managed:
-            trusted_account_vo = self.trusted_account_model.get(
-                trusted_account_id=resource_vo.trusted_account_id,
-                domain_id=resource_vo.domain_id,
+        try:
+            if resource_vo.is_managed:
+                trusted_account_vo = self.trusted_account_model.get(
+                    trusted_account_id=resource_vo.trusted_account_id,
+                    domain_id=resource_vo.domain_id,
+                )
+                if trusted_account_vo.schedule.get("state") != "ENABLED":
+                    raise ERROR_MANAGED_RESOURCE_CAN_NOT_BE_MODIFIED()
+        except ERROR_NOT_FOUND:
+            _LOGGER.debug(
+                f"[check_is_managed_resource] TrustedAccount not found. (trusted_account_id={resource_vo.trusted_account_id})"
             )
-            if trusted_account_vo.schedule.get("state") != "ENABLED":
-                raise ERROR_MANAGED_RESOURCE_CAN_NOT_BE_MODIFIED()
+            return
diff --git a/src/spaceone/identity/model/service_account/database.py b/src/spaceone/identity/model/service_account/database.py
@@ -4,7 +4,7 @@
 
 class ServiceAccount(MongoModel):
     service_account_id = StringField(max_length=40, generate_id="sa", unique=True)
-    name = StringField(max_length=255, unique_with=["domain_id"])
+    name = StringField(max_length=255, unique_with=["project_id"])
     data = DictField(default=None)
     provider = StringField(max_length=40)
     options = DictField(default=None)