Git Product home page Git Product logo

Comments (5)

kasir-barati avatar kasir-barati commented on September 17, 2024

My guess is that we are not able to configure our default fusionauth tenant with this terraform provider, I mean let's simulate it, I have an unconfigured fusionauth client:

version: "3"

services:
  db:
    image: postgres:12.14
    restart: always
    environment:
      PGDATA: /var/lib/postgresql/data/pgdata
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - db_net
    volumes:
      - db_data:/var/lib/postgresql/data

  search:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
    environment:
      cluster.name: fusionauth
      bootstrap.memory_lock: "true"
      discovery.type: single-node
      ES_JAVA_OPTS: ${ES_JAVA_OPTS}
    healthcheck:
      test:
        [
          "CMD",
          "curl",
          "--fail",
          "--write-out",
          "'HTTP %{http_code}'",
          "--silent",
          "--output",
          "/dev/null",
          "http://localhost:9200/",
        ]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - search_net
    restart: unless-stopped
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - search_data:/usr/share/elasticsearch/data

  fusionauth:
    image: fusionauth/fusionauth-app:1.45.3
    depends_on:
      db:
        condition: service_healthy
      search:
        condition: service_healthy
    environment:
      DATABASE_URL: jdbc:postgresql://db:5432/fusionauth
      DATABASE_ROOT_USERNAME: ${POSTGRES_USER}
      DATABASE_ROOT_PASSWORD: ${POSTGRES_PASSWORD}
      DATABASE_USERNAME: ${DATABASE_USERNAME}
      DATABASE_PASSWORD: ${DATABASE_PASSWORD}
      FUSIONAUTH_APP_MEMORY: 512M
      FUSIONAUTH_APP_RUNTIME_MODE: development
      FUSIONAUTH_APP_URL: http://fusionauth:9012
      SEARCH_SERVERS: http://search:9200
      SEARCH_TYPE: elasticsearch
    healthcheck:
      test: ["CMD-SHELL", "curl -f http://localhost:9012/api/status"]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - db_net
      - search_net
    restart: unless-stopped
    ports:
      - 9012:9011
    volumes:
      - fusionauth_config:/usr/local/fusionauth/config

  mailcatcher:
    image: sj26/mailcatcher:v0.8.2
    ports:
      - "1021:1025"
      - "1081:1080"
networks:
  db_net:
    driver: bridge
  search_net:
    driver: bridge

volumes:
  db_data:
  fusionauth_config:
  search_data:

And now I wanna configure it, but I cannot since it does not have any apiKey. Now I am wondering if it is possible to configure an fusionauth instance from 0 to ready for use, both in dev env (local) and or staging/prod env. I tried this:

resource "fusionauth_api_key" "api-key" {
  tenant_id   = "5f41c3c4-032e-2f9b-8900-37c098b0be88"
  description = "my super secret key"
  key         = "super-secret-key"
}

And I got this error:

│ Error: Cycle: fusionauth_api_key.api-key, provider["registry.terraform.io/gpsinsight/fusionauth"]

from terraform-provider-fusionauth.

kasir-barati avatar kasir-barati commented on September 17, 2024

I know it looks like two different question but they are relevant too IMO. I just added that docker compose file in favor of adding more clarity to my question and why I am asking it in the first place.

BTW I also tried to use fusionauth_tenant resource and use

tenant_id = "5f41c3c4-032e-2f9b-8900-37c098b0be88"
name       = "Default"
# ...

in order to configure my default tenant but I get an error that was saying that the Default name is already exists which conveys that it was trying to create a new tenant and not update the existing one

*5f41c3c4-032e-2f9b-8900-37c098b0be88 is the default tenant ID

from terraform-provider-fusionauth.

kasir-barati avatar kasir-barati commented on September 17, 2024

BTW i just think that regarding adding api key through this provider was not really doable. It seems that we cannot skip using kickstart.json for creating an super api key ref.

But regarding the default tenant and updating it, I think that is not feasible using normal existing means that are provided by this provider.

But definitely if you think like me and wanna keep your infrastructure configuration in one location you might wanna consider adding this in your terraform and then you can send a patch request to the default tenant when you are creating the theme or whatever it is in the terraform (In my case I am creating a custom theme in my terraform code and IO wanna use it for the default tenant as well)*:

data "httpclient_request" "get-tenants" {
  url            = "${var.fusionauth_host}/api/tenant/search?name=Default"
  request_method = "GET"
  request_headers = {
    "Accept"        = "application/json"
    "Authorization" = "${var.fusionauth_api_key}"
  }
}

locals {
  fusionauth_tenant_id   = jsondecode(data.httpclient_request.get-tenants.response_body).tenants[0].id
  fusionauth_tenant_name = jsondecode(data.httpclient_request.get-tenants.response_body).tenants[0].name
}

data "httpclient_request" "set-default-tenant-theme" {
  depends_on     = [fusionauth_theme.custom-theme, data.httpclient_request.get-tenants]
  url            = "${var.fusionauth_host}/api/tenant/${local.fusionauth_tenant_id}"
  request_method = "PATCH"
  request_headers = {
    "Accept"        = "application/json"
    "Content-Type"  = "application/json"
    "Authorization" = "${var.fusionauth_api_key}"
  }
  request_body = jsonencode(
    {
      "tenant" : {
        "name" : "${local.fusionauth_tenant_name}",
        "themeId" : "${fusionauth_theme.custom-theme.id}"
      }
    }
  )
}

from terraform-provider-fusionauth.

kasir-barati avatar kasir-barati commented on September 17, 2024

Although you still need to create the super admin via kickstart.json 😭

from terraform-provider-fusionauth.

kasir-barati avatar kasir-barati commented on September 17, 2024

Have some breakthroughs but the new situation is that I have to apply the terraform twice in order to have the theme applied to the Default tenant. Any idea why?

Here is the log of my terraform:
As you can see it here my terraform is saying that it is gonna create the theme again and modify a bunch of things since it thinks it has been changed and also it is

from terraform-provider-fusionauth.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.