Add user agent and scopes #15
Conversation
| @@ -59,6 +60,7 @@ func (c *mongoDBAtlasConnectionProducer) Connection(_ context.Context) (interfac | |||
| if err != nil { | |||
| return nil, err | |||
| } | |||
| client.UserAgent = useragent.String() | |||
There was a problem hiding this comment.
I think that this returns the version that's pinned on the sdk and not necessarily the Vault version that the plugin is running on. We don't have access to the system view in this case though (unlike the changes over at hashicorp/vault-plugin-secrets-mongodbatlas#13), so it's a bit tricky to address.
There was a problem hiding this comment.
For the common case of the plugin being bundled, the sdk will be the same files that Vault is using which should be (better be!) accurate.
There was a problem hiding this comment.
Within the limitations of a database plugin, AFAIK the only thing we could do to improve this is also include the version of the plugin itself (and add the necessary code/linker flags so the plugin knows its own version).
On a similar note, the useragent package doesn't let us include the plugin name unless we have a *logical.PluginEnvironment available, so allowing version as a string in PluginString would be another possible update.
Are either of those worthwhile updates, or do you think we should land the PR as-is?
|
@tomhjp Looks like there are a few conflicts since then, can you resolve those? |
|
@calvn thanks, I've resolved those conflicts now, and rerun the acceptance tests: go test -v ./...
=== RUN TestIntegrationDatabaseUser_Initialize
--- PASS: TestIntegrationDatabaseUser_Initialize (0.00s)
=== RUN TestAcceptanceDatabaseUser_CreateUser
mongodbatlas_test.go:190: Asserting username: v-test-Yl6skiNNN5lRO
--- PASS: TestAcceptanceDatabaseUser_CreateUser (27.67s)
=== RUN TestAcceptanceDatabaseUser_CreateUserWithSpecialChar
mongodbatlas_test.go:234: Asserting username: v-test-NaA7Mrpp5zEgJ
--- PASS: TestAcceptanceDatabaseUser_CreateUserWithSpecialChar (31.56s)
=== RUN TestAcceptanceDatabaseUser_DeleteUser
mongodbatlas_test.go:283: Asserting username: v-test-G84jxpv7QLfxJ
--- PASS: TestAcceptanceDatabaseUser_DeleteUser (61.46s)
=== RUN TestAcceptanceDatabaseUser_UpdateUser_Password
mongodbatlas_test.go:327: Asserting username: testmongouser
mongodbatlas_test.go:340: Asserting username: testmongouser
--- PASS: TestAcceptanceDatabaseUser_UpdateUser_Password (93.23s)
PASS
ok github.com/hashicorp/vault-plugin-database-mongodbatlas 215.013s |
Co-authored-by: Tom Proctor <[email protected]>
Overview
Adds user agent to MongoDB Atlas requests for tracking usage, and adds the ability to specify scopes for created users. Both requested by MongoDB.
Design of Change
Adding scopes required a client upgrade, which in turn required some updates to calling
DeleteUser. This means we can support managing users on non-"admin" database names now, as per https://docs.atlas.mongodb.com/reference/api/database-users-create-a-user/#request-body-parameters. The Vault docs state that Atlas does not support non-"admin" database names, but the Atlas docs seem to suggest it does, so perhaps it has been updated since.Alongside
databaseNamebeing supported in delete statements, this PR also requires a docs update for addingscopesto creation statements, detailed in the same docs link as above. I haven't written a docs PR yet because I wanted to get some feedback on this PR first.On setting user agent, unfortunately I don't think we can get at a
PluginEnvironmentstruct, so I'm not sure we can use the slightly more detaileduseragent.PluginString. though I would like a second opinion on that.Finally, I'm not sure whether I can really test the user agent update, because communication is handled internally to the MongoDB client and uses TLS. Any thoughts on that appreciated.
Related Issues/Pull Requests
hashicorp/vault-plugin-secrets-mongodbatlas#13
Contributor Checklist
Acceptance tests passing:
go test ./... ok github.com/hashicorp/vault-plugin-database-mongodbatlas 176.564s