fix: (storage) added validation for cors parameters method, origin and response_header cannot be empty #14482
Conversation
Tests analyticsTotal tests: 123 Click here to see the affected service packages
Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
|
|
🔴 Tests failed during RECORDING mode: 🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR. |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
Missing test reportYour PR includes resource fields which are not covered by any test. Resource: resource "google_storage_bucket" "primary" {
cors {
send_max_age_seconds_if_zero = # value needed
}
}
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
Tests analyticsTotal tests: 123 Click here to see the affected service packages
Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests
|
|
Hello! I am a robot. Tests will require approval from a repository maintainer to run. Googlers: For automatic test runs see go/terraform-auto-test-runs. @melinath, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look. You can help make sure that review is quick by doing a self-review and by running impacted tests locally. |
There was a problem hiding this comment.
While I agree that validation logic will work in this case, can we not fix the issue with diffSupressFunc? If that works, we don't have to go through separate customize diff and validation logic from client side.
If CustomizeDiff is the only solution, I would recommend adding unit and acceptance tests for the same. Current tests are essentially not validating the issue scenario rather they just ensure working of the new field.
| @@ -2208,8 +2256,10 @@ func setStorageBucket(d *schema.ResourceData, config *transport_tpg.Config, res | |||
| if err := d.Set("location", res.Location); err != nil { | |||
| return fmt.Errorf("Error setting location: %s", err) | |||
| } | |||
| if err := d.Set("cors", flattenCors(res.Cors)); err != nil { | |||
| return fmt.Errorf("Error setting cors: %s", err) | |||
| if res.Cors != nil { | |||
There was a problem hiding this comment.
In case of nil value of CORS, can we set empty empty list similar to lifecycle rules?
There was a problem hiding this comment.
added empty list
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
|
@melinath This PR has been waiting for review for 3 weekdays. Please take a look! Use the label |
| func corsValidation(_ context.Context, d *schema.ResourceDiff, meta interface{}) error { | ||
| cors, corsOk := d.GetOk("cors") | ||
| if corsOk && len(cors.([]interface{})) == 0 { | ||
| return fmt.Errorf("cors cannot be empty") | ||
| } | ||
| for _, corsRule := range cors.([]interface{}) { | ||
| if corsRule == nil { | ||
| return fmt.Errorf("cors cannot be empty") | ||
| } | ||
| rule := corsRule.(map[string]interface{}) | ||
| maxAgeSeconds := rule["max_age_seconds"].(int) | ||
| sendMaxAge := rule["send_max_age_seconds_if_zero"].(bool) | ||
| // if send_max_age_seconds_if_zero is true, max_age_seconds can be zero | ||
| if sendMaxAge || maxAgeSeconds > 0 { | ||
| continue | ||
| } | ||
|
|
||
| method := rule["method"].([]interface{}) | ||
| responseHeader := rule["response_header"].([]interface{}) | ||
| origin := rule["origin"].([]interface{}) | ||
|
|
||
| // check if all cors attributes provided have values | ||
| if !(len(method) > 0 || len(origin) > 0 || len(responseHeader) > 0) { | ||
| return fmt.Errorf("cors attributes cannot be empty or use send_max_age_seconds_if_zero flag to send max_age_seconds as zero") | ||
| } | ||
| } | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Just want to verify: are the error cases here things that would otherwise be API errors? Otherwise this would be a breaking change.
There was a problem hiding this comment.
these are not replication API errors even API accepts empty values for cors field but in API response we wont get anything back for cors field, so validating here to ensure values are provided and not empty
There was a problem hiding this comment.
If it's valid from the API's perspective, we can't add stricter client-side validation once the field in question is introduced. Since cors is already released, adding validation to it would be a breaking change.
There was a problem hiding this comment.
If CustomizeDiff is the only solution, I would recommend adding unit and acceptance tests for the same.
I think CustomizeDiff is necessary since this needs to take multiple fields into account. +1 to this point - please add unit tests.
List types cannot be handled by diffsuppress func as per terraform SDK its not recommended approach |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
There was a problem hiding this comment.
Marking as changes requested due to the feedback above.
List types cannot be handled by diffsuppress func as per terraform SDK its not recommended approach
Just to clarify, I don't think this is correct - diffsuppress definitely works for lists - but diffsuppress can't handle validation across multiple fields.
sorry it supports, I tried diffsuppress first but seems not feasible for this solution to handle multiple fields, customize diff seems a better option here as multiple fields needed for validation |
|
Diffsuppress only provides way to show diff or not in tf plan but it will not to throw any error, here we need to validate the data and let customer/user know about the data validation error, so customDiff seems a feasible solution than diffsuppress, please correct me if I am wrong |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 0 Click here to see the affected service packages
View the build log |
|
Hi there, I'm the Modular magician. I've detected the following information about your changes: Diff reportYour PR generated some diffs in downstreams - here they are.
|
Tests analyticsTotal tests: 123 Click here to see the affected service packages
View the build log |
yes, that's also correct. Single-field validation would use validation functions, not diff suppress. 🤦 |
Release Note Template for Downstream PRs (will be copied)
See Write release notes for guidance.
Fixes: hashicorp/terraform-provider-google#15280