-
Notifications
You must be signed in to change notification settings - Fork 273
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Databases: Save DB password from initial POST request #1166
Databases: Save DB password from initial POST request #1166
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @razum90!
As I mentioned in #1165, I haven't been able to reproduce the issue as described. Though there is one case where a non-Mongo cluster will not return the password, when you use a read-only API token.
I think it would be useful if we make a change so that instead of special casing any particular database engine, we:
- Always set the password on create
- Only overwrite the password attribute on subsequent updates if it is not blank
this would achieve what you want as well as protecting against overwriting a password if someone switches to a read-only token post-create.
Something like:
diff --git a/digitalocean/database/resource_database_cluster.go b/digitalocean/database/resource_database_cluster.go
index c02b32cf..58bd62e4 100644
--- a/digitalocean/database/resource_database_cluster.go
+++ b/digitalocean/database/resource_database_cluster.go
@@ -337,13 +337,9 @@ func resourceDigitalOceanDatabaseClusterCreate(ctx context.Context, d *schema.Re
return diag.Errorf("Error creating database cluster: %s", err)
}
- // MongoDB clusters only return the password in response to the initial POST.
- // We need to set it here before any subsequent GETs.
- if database.EngineSlug == mongoDBEngineSlug {
- err = setDatabaseConnectionInfo(database, d)
- if err != nil {
- return diag.Errorf("Error setting connection info for database cluster: %s", err)
- }
+ err = setDatabaseConnectionInfo(database, d)
+ if err != nil {
+ return diag.Errorf("Error setting connection info for database cluster: %s", err)
}
d.SetId(database.ID)
@@ -651,31 +647,27 @@ func setDatabaseConnectionInfo(database *godo.Database, d *schema.ResourceData)
d.Set("uri", database.Connection.URI)
d.Set("database", database.Connection.Database)
d.Set("user", database.Connection.User)
+ if database.Connection.Password != "" {
+ d.Set("password", database.Connection.Password)
+ }
if database.EngineSlug == mongoDBEngineSlug {
- if database.Connection.Password != "" {
- d.Set("password", database.Connection.Password)
- }
uri, err := buildMongoDBConnectionURI(database.Connection, d)
if err != nil {
return err
}
d.Set("uri", uri)
- } else {
- d.Set("password", database.Connection.Password)
- d.Set("uri", database.Connection.URI)
}
}
if database.PrivateConnection != nil {
d.Set("private_host", database.PrivateConnection.Host)
+ d.Set("private_uri", database.PrivateConnection.URI)
if database.EngineSlug == mongoDBEngineSlug {
uri, err := buildMongoDBConnectionURI(database.PrivateConnection, d)
if err != nil {
return err
}
d.Set("private_uri", uri)
- } else {
- d.Set("private_uri", database.PrivateConnection.URI)
}
}
How's that sound?
4120b8b
to
2c0d44f
Compare
…bases And if in subsequent GET requests we get a password, that will be used instead.
2c0d44f
to
9489aee
Compare
@andrewsomething I've updated the code now. I created two new functions, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 Thanks so much for working through this with us!
For all databases. Use password from subsequent GET requests in case it's not empty.
Fixes #1165.