Comments (10)
Hi @AliAllomani,
this should be fixed with release v1.9.0.
from terraform-provider-nexus.
Hi @AliAllomani,
this should be fixed with release v1.9.0.
Hi @Nosmoht ,
Have just tested out.
It's not fixed.
I still get number of roles being touched all the time.
What I see is that it sees description
and name
fields as equal to id
one. Even though they are not.
Roles assignment is re-do each time as well. Like role has sub-roles. And those roles are evaluated as to be added each time.
I have an assumption that it's due to ID
filed having the value in UPPERCASE
:
# nexus_role.UPPER_USERS will be updated in-place
~ resource "nexus_role" "UPPER_USERS" {
~ description = "UPPER_USERS" -> "LDAP role for UPPER_USERS" # but the field already has its final value. It's not equal to ID one.
id = "UPPER_USERS" # defined in upper case string.
~ name = "UPPER_USERS" -> "ldap-some_value_users" # but the field already has its final value. It's not equal to ID one.
privileges = []
roleid = "UPPER_USERS"
~ roles = [
+ "docker-group-read",
+ "docker-internal-some-read",
+ "internal-some-read",
+ "maven-group-some-read",
...
]
}
Regards,
Taras.
from terraform-provider-nexus.
Hi @fog1985 ,
could you please provide a full Terraform file which we can use to reproduce this? With the current test i'm not able to reproduce it.
from terraform-provider-nexus.
Hi @fog1985 ,
could you please provide a full Terraform file which we can use to reproduce this? With the current test i'm not able to reproduce it.
Hi @Nosmoht ,
I can't easily copy-paste whole tf file due to data sensitivity, but one of those roles which are re-created declaration is as follow:
resource "nexus_role" "SOME_USERS" {
roleid = "SOME_USERS"
name = "ldap-some_users"
description = "LDAP role for SOME_USERS"
privileges = []
roles = ["npm-group-read", "docker-group-read", "maven-group-some-read", "internal-some-read", "pypi-group-read", "docker-internal-some-read"]
}
And those roles this role is referencing are defined in the same manner but they have privileges defined. Not the roles. So only this one main is referencing sub-roles.
Please let me know if still will not be reproducible from your side. Will try to get more details.
Regards,
Taras.
from terraform-provider-nexus.
Hi @fog1985,
i'm testing with the following code, which hopefully reflects your real code, but i'm not able to reproduce the behaviour.
provider "nexus" {
url = "http://127.0.0.1:8081"
username = "admin"
password = "admin123"
}
resource "nexus_role" "npm_group_read" {
name = "npm-group-read"
privileges = ["nx-repository-view-npm-*-read"]
roleid = "npm-group-read"
}
resource "nexus_role" "docker_group_read" {
name = "docker-group-read"
privileges = ["nx-repository-view-docker-*-read"]
roleid = "docker-group-read"
}
resource "nexus_role" "maven_group_read" {
name = "maven-group-read"
privileges = ["nx-repository-view-maven2-*-read"]
roleid = "maven-group-read"
}
resource "nexus_role" "some_users" {
name = "some-users"
roles = [
nexus_role.npm_group_read.name,
nexus_role.docker_group_read.name,
nexus_role.maven_group_read.name,
]
roleid = "some-users"
}
If this does not reflect your code, could you please modify it so i've something which brings up the change ?
from terraform-provider-nexus.
Hi @fog1985,
i'm testing with the following code, which hopefully reflects your real code, but i'm not able to reproduce the behaviour.
provider "nexus" { url = "http://127.0.0.1:8081" username = "admin" password = "admin123" } resource "nexus_role" "npm_group_read" { name = "npm-group-read" privileges = ["nx-repository-view-npm-*-read"] roleid = "npm-group-read" } resource "nexus_role" "docker_group_read" { name = "docker-group-read" privileges = ["nx-repository-view-docker-*-read"] roleid = "docker-group-read" } resource "nexus_role" "maven_group_read" { name = "maven-group-read" privileges = ["nx-repository-view-maven2-*-read"] roleid = "maven-group-read" } resource "nexus_role" "some_users" { name = "some-users" roles = [ nexus_role.npm_group_read.name, nexus_role.docker_group_read.name, nexus_role.maven_group_read.name, ] roleid = "some-users" }If this does not reflect your code, could you please modify it so i've something which brings up the change ?
Hi @Nosmoht , please try to change this block:
resource "nexus_role" "some_users" {
name = "some-users"
roles = [
nexus_role.npm_group_read.name,
nexus_role.docker_group_read.name,
nexus_role.maven_group_read.name,
]
roleid = "some-users"
}
To this one:
resource "nexus_role" "SOME_USERS" {
roleid = "SOME_USERS"
name = "some-users"
description = "SOME_USERS role"
privileges = []
roles = [
nexus_role.npm_group_read.name,
nexus_role.docker_group_read.name,
nexus_role.maven_group_read.name,
]
}
from terraform-provider-nexus.
Hi @fog1985 ,
i did, but the result is as expected:
No changes. Infrastructure is up-to-date.
But i realized that nexus_role.<role>.name
is wrong and must be nexus_role.<role>.roleid
instead in a role's roles. Unfortunately Nexus API docu only says The list of roles assigned to this role.
to attribute roles
. So the right code would be:
provider "nexus" {
url = "http://127.0.0.1:8081"
username = "admin"
password = "admin123"
}
resource "nexus_role" "npm_group_read" {
name = "npm-group-read-name"
privileges = ["nx-repository-view-npm-*-read"]
roleid = "npm-group-read-id"
}
resource "nexus_role" "docker_group_read" {
name = "docker-group-read-name"
privileges = ["nx-repository-view-docker-*-read"]
roleid = "docker-group-read-id"
}
resource "nexus_role" "maven_group_read" {
name = "maven-group-read-name"
privileges = ["nx-repository-view-maven2-*-read"]
roleid = "maven-group-read-id"
}
resource "nexus_role" "role" {
name = "role-name"
roleid = "role-id"
description = "role-description"
}
resource "nexus_role" "SOME_USERS" {
roleid = "SOME_USERS"
name = "some-users"
description = "SOME_USERS role"
privileges = []
roles = [
nexus_role.npm_group_read.roleid,
nexus_role.docker_group_read.roleid,
nexus_role.maven_group_read.roleid,
]
}
from terraform-provider-nexus.
Hi @fog1985 ,
i did, but the result is as expected:
No changes. Infrastructure is up-to-date.But i realized that
nexus_role.<role>.name
is wrong and must benexus_role.<role>.roleid
instead in a role's roles. Unfortunately Nexus API docu only saysThe list of roles assigned to this role.
to attributeroles
. So the right code would be:provider "nexus" { url = "http://127.0.0.1:8081" username = "admin" password = "admin123" } resource "nexus_role" "npm_group_read" { name = "npm-group-read-name" privileges = ["nx-repository-view-npm-*-read"] roleid = "npm-group-read-id" } resource "nexus_role" "docker_group_read" { name = "docker-group-read-name" privileges = ["nx-repository-view-docker-*-read"] roleid = "docker-group-read-id" } resource "nexus_role" "maven_group_read" { name = "maven-group-read-name" privileges = ["nx-repository-view-maven2-*-read"] roleid = "maven-group-read-id" } resource "nexus_role" "role" { name = "role-name" roleid = "role-id" description = "role-description" } resource "nexus_role" "SOME_USERS" { roleid = "SOME_USERS" name = "some-users" description = "SOME_USERS role" privileges = [] roles = [ nexus_role.npm_group_read.roleid, nexus_role.docker_group_read.roleid, nexus_role.maven_group_read.roleid, ] }
Ah. And one more I provide roles as a list of Ids as follow:
roles = [
"npm-group-read-id",
"docker-group-read-id",
"maven-group-read-id",
]
So not referring role's names based on their resources. But based on their IDs just as strings.
In TF's declaration roleid
equals to name
.
from terraform-provider-nexus.
And you still get changes all the time?
from terraform-provider-nexus.
I close this stale issue. Please reopen if this error still exists
from terraform-provider-nexus.
Related Issues (20)
- Support for latestPolicy on Docker hosted repositories
- runtime error: index out of range [0] with length 0 HOT 1
- Support for email settings HOT 2
- Allow local development on Apple M1
- Workflow fails due to expired Nexus Pro license HOT 1
- Support for Docker Subdomain Connector HOT 5
- Support for `source` when using `nexus_security_user`
- SAML : validate_response_signature no respected
- Update nexus version in tests HOT 1
- pre-commit commitizen not working anymore
- Could not unmarshal list of generic blobstores
- bug ? nexus_security_role error when the role is modified
- Not possible to set maven configuration on a nexus_repository_maven_group HOT 5
- nexus_security_ldap resource group_type does not see the actual value HOT 1
- Repository doesn't notice changes to routing rules HOT 3
- Nexus_blobstore_file cannot apply path does not reflect in tf state HOT 1
- Error: Plugin did not respond - panic: runtime error: index out of range [0] with length | by adding Repos
- apt hosted signing info not handled by data source HOT 1
- Support for changing the admin password using terraform
- My Local development env gives invalid resource_type error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-nexus.