-
Notifications
You must be signed in to change notification settings - Fork 214
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: ALL implicit privileges equality check (#339)
When using resources `postgresql_default_privileges` or `postgresql_grant` you have the option to define a fine grained set of privileges (for example only `CONNECT` for object_type `database`) or all at once, either by setting all privileges (for database: `["CREATE", "CONNECT", "TEMPORARY"]` or simply `["ALL"]`. The latter one is quite handy, since you do not have to find out which privileges are part of it. When using `ALL`, the provider will grant the privileges by using the set of the actual grants, so in this scenario by granting `"CREATE", "CONNECT", "TEMPORARY"` and not `ALL`. Probably because `ALL` is not known to postgres. 🤷🏼♂️ Anyways, when executing a `terraform plan` the next time after the apply for `ALL`, the diff will find out, that not `ALL` is set as privilege, but `"CREATE", "CONNECT", "TEMPORARY"`. Since these privileges are the same or have the same semantic to it, there shouldn't be really a update each time you use terraform, because the state on the DB is totally fine and according to the resource. To prevent this unnecessary modification, I implemented some more detailed equality check for all `object_type`s except `column`. I tested the changes locally with a dockerized postgres and also wrote some unit tests for it. Would love to hear some feedback about it, especially since it's my first time working on a terraform provider.. Cheers fix #32 --------- Co-authored-by: Cyril Gaudin <[email protected]> Co-authored-by: Cyril Gaudin <[email protected]>
- Loading branch information
1 parent
6d26b59
commit fc5c40d
Showing
5 changed files
with
203 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters