Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update user secret doesn't work #354

Closed
ihannache opened this issue Oct 14, 2022 · 3 comments
Closed

Update user secret doesn't work #354

ihannache opened this issue Oct 14, 2022 · 3 comments

Comments

@ihannache
Copy link

ihannache commented Oct 14, 2022
edited
Loading

Description

I have an existing minio user, when I try to update the secret for this user it's not working. the user still have the old password.

Steps to Reproduce

Create a new minio user :

resource "minio_iam_user" "test_user" {
   name = "test"
   secret = "test1234"
}

then update the ressource secret:

resource "minio_iam_user" "test_user" {
   name = "test"
   secret = "newPassword"
}

Terraform plan, apply shows the change:

Terraform will perform the following actions:

  # minio_iam_user.test_user will be updated in-place
  ~ resource "minio_iam_user" "test_user" {
        id            = "test"
        name          = "test"
      # Warning: this attribute value will no longer be marked as sensitive
      # after applying this change.
      ~ secret        = (sensitive value)
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Expected behavior:
login with new user:password --> test: newPassword

Actual behavior:
403 invalid login
I can't login with the new password, but the old password works, so the secret doesn't update
Reproduces how often:
100%
@ihannache
Copy link
Author

The problem is here : https://github.com/aminueza/terraform-provider-minio/blob/master/minio/resource_minio_iam_user.go#L104

func minioUpdateUser(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {

	iamUserConfig := IAMUserConfig(d, meta)

	var err error
	secretKey := iamUserConfig.MinioSecret

	if secretKey == "" || iamUserConfig.MinioUpdateKey {
		if secretKey, err = generateSecretAccessKey(); err != nil {
			return NewResourceError("error creating user", d.Id(), err)
		}
	}

the fix :

func minioUpdateUser(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {

	iamUserConfig := IAMUserConfig(d, meta)

	var err error
	secretKey := iamUserConfig.MinioSecret

---> if secretKey == "" {
		if secretKey, err = generateSecretAccessKey(); err != nil {
			return NewResourceError("error creating user", d.Id(), err)
		}
	}

@ihannache
Copy link
Author

You generate a new secret when the string is empty, but you don't have to generate one when the client updates the user secret.

@ihannache ihannache mentioned this issue Oct 17, 2022
Closed
This was referenced Oct 22, 2022
Closed
Closed
@BuJo
Copy link
Collaborator

BuJo commented Feb 27, 2023

Let's hope with the latest round of fixes that this problem is gone. I've released v1.12.0

@BuJo BuJo closed this as completed Feb 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: INFRA-132 Fixed update user secret Ferlab-Ste-Justine/terraform-provider-minio
2 participants
@BuJo @ihannache