New Resource azuredevops_service_principal_entitlement

[nyanhp]

All Submissions:

• Have you added an explanation of what your changes do and why you'd like us to include them?
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.
• My code follows the code style of this project.
• I ran lint checks locally prior to submission.
• Have you checked to ensure there aren't other open PRs for the same update/change?

What about the current behavior has changed?

Added new resource azuredevops_service_principal_entitlement to handle service principal entitlements. The API threw errors when attempting to use a principal name to add the principal, so I only implemented the use of origin and origin_id.

Issue Number: #1025 #797 #889

Does this introduce a change to go.mod, go.sum or vendor/?

• Yes
• No

Does this introduce a breaking change?

• Yes
• No

Any relevant logs, error output, etc?

jhp@S1-0666-W:~/azdotest$ terraform apply

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azuredevops_service_principal_entitlement.entitlement will be created
  + resource "azuredevops_service_principal_entitlement" "entitlement" {
      + account_license_type = "express"
      + descriptor           = (known after apply)
      + id                   = (known after apply)
      + licensing_source     = "account"
      + origin               = "aad"
      + origin_id            = "0f3bc8a7-70d6-471a-8224-1419cbfdf862"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azuredevops_service_principal_entitlement.entitlement: Creating...
azuredevops_service_principal_entitlement.entitlement: Creation complete after 2s [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
jhp@S1-0666-W:~/azdotest$ terraform apply --destroy --auto-approve
azuredevops_service_principal_entitlement.entitlement: Refreshing state... [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # azuredevops_service_principal_entitlement.entitlement will be destroyed
  - resource "azuredevops_service_principal_entitlement" "entitlement" {
      - account_license_type = "express" -> null
      - descriptor           = "aadsp.NTgzNTAxYTMtM2VhNS03ZTBkLTgzMjktNTJjOTVlZDk4NmEx" -> null
      - id                   = "583501a3-3ea5-6e0d-8329-52c95ed986a1" -> null
      - licensing_source     = "account" -> null
      - origin               = "aad" -> null
      - origin_id            = "0f3bc8a7-70d6-471a-8224-1419cbfdf862" -> null
    }

Plan: 0 to add, 0 to change, 1 to destroy.
azuredevops_service_principal_entitlement.entitlement: Destroying... [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]
azuredevops_service_principal_entitlement.entitlement: Destruction complete after 1s

Apply complete! Resources: 0 added, 0 changed, 1 destroyed.
jhp@S1-0666-W:~/azdotest$

azuredevops_service_principal_entitlement.entitlement: Refreshing state... [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # azuredevops_service_principal_entitlement.entitlement will be updated in-place
  ~ resource "azuredevops_service_principal_entitlement" "entitlement" {
      ~ account_license_type = "express" -> "Stakeholder"
        id                   = "583501a3-3ea5-6e0d-8329-52c95ed986a1"
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
azuredevops_service_principal_entitlement.entitlement: Modifying... [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]
azuredevops_service_principal_entitlement.entitlement: Modifications complete after 1s [id=583501a3-3ea5-6e0d-8329-52c95ed986a1]

Other information

[xuzhang3]

@nyanph can you add the AccTest for the new resources?

[xuzhang3]

any other possible values ​​besides the default value?

[nyanhp]

Not sure. The docs say AAD, AD, MSA, but I'm not sure if that list is exhaustive

[xuzhang3]

we can add AD, AAD, MSA to the doc

[xuzhang3]

Should check the servicePrincipalEntitlement.ServicePrincipal.Descriptor and servicePrincipalEntitlement.ServicePrincipal first before get the values to prevent potential nil exception

[nyanhp]

I'm not sure I understand the request. The check is done in l126, before the function is called. I can repeat the same check within the function and throw an error if that is the correct way to do it

[xuzhang3]

Service may not return the property due to permission. Therefore, you need to check this property before calling it with a pointer.

[xuzhang3]

Can you add some AccTest to cover the usage scenarios?
Refs:
https://developer.hashicorp.com/terraform/plugin/sdkv2/testing/acceptance-tests
https://github.com/microsoft/terraform-provider-azuredevops/blob/main/azuredevops/internal/acceptancetests/resource_group_entitlement_test.go

[xuzhang3]

Service may not return the property due to permission. Therefore, you need to check this property before calling it with a pointer.

[nyanhp]

Can you add some AccTest to cover the usage scenarios? Refs: https://developer.hashicorp.com/terraform/plugin/sdkv2/testing/acceptance-tests https://github.com/microsoft/terraform-provider-azuredevops/blob/main/azuredevops/internal/acceptancetests/resource_group_entitlement_test.go

I am not that good with Go to be honest, so I'm afraid I can't do that properly.