Skip to content

Commit 23cc144

Browse files
tuvia-akeylesstuvia-akeyless
committed
Bug fix in auth method krb5 resource
1 parent cff7043 commit 23cc144

3 files changed

Lines changed: 2 additions & 23 deletions

File tree

akeyless/resource_auth_method_kerberos.go

Lines changed: 2 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package akeyless
33

44
import (
55
"context"
6+
"encoding/base64"
67
"strconv"
78
"strings"
89

@@ -125,21 +126,11 @@ func resourceAuthMethodKerberos() *schema.Resource {
125126
Sensitive: true,
126127
Description: "Keytab file data (base64 encoded)",
127128
},
128-
"keytab_file_path": {
129-
Type: schema.TypeString,
130-
Optional: true,
131-
Description: "Keytab file path",
132-
},
133129
"krb5_conf_data": {
134130
Type: schema.TypeString,
135131
Optional: true,
136132
Description: "Kerberos configuration file data (base64 encoded)",
137133
},
138-
"krb5_conf_path": {
139-
Type: schema.TypeString,
140-
Optional: true,
141-
Description: "Kerberos configuration file path",
142-
},
143134
"ldap_anonymous_search": {
144135
Type: schema.TypeBool,
145136
Optional: true,
@@ -215,9 +206,7 @@ func resourceAuthMethodKerberosCreate(d *schema.ResourceData, m interface{}) err
215206
groupDn := d.Get("group_dn").(string)
216207
groupFilter := d.Get("group_filter").(string)
217208
keytabFileData := d.Get("keytab_file_data").(string)
218-
keytabFilePath := d.Get("keytab_file_path").(string)
219209
krb5ConfData := d.Get("krb5_conf_data").(string)
220-
krb5ConfPath := d.Get("krb5_conf_path").(string)
221210
ldapAnonymousSearch := d.Get("ldap_anonymous_search").(bool)
222211
ldapCaCert := d.Get("ldap_ca_cert").(string)
223212
ldapUrl := d.Get("ldap_url").(string)
@@ -248,9 +237,7 @@ func resourceAuthMethodKerberosCreate(d *schema.ResourceData, m interface{}) err
248237
common.GetAkeylessPtr(&body.GroupDn, groupDn)
249238
common.GetAkeylessPtr(&body.GroupFilter, groupFilter)
250239
common.GetAkeylessPtr(&body.KeytabFileData, keytabFileData)
251-
common.GetAkeylessPtr(&body.KeytabFilePath, keytabFilePath)
252240
common.GetAkeylessPtr(&body.Krb5ConfData, krb5ConfData)
253-
common.GetAkeylessPtr(&body.Krb5ConfPath, krb5ConfPath)
254241
common.GetAkeylessPtr(&body.LdapAnonymousSearch, ldapAnonymousSearch)
255242
common.GetAkeylessPtr(&body.LdapCaCert, ldapCaCert)
256243
common.GetAkeylessPtr(&body.LdapUrl, ldapUrl)
@@ -413,7 +400,7 @@ func resourceAuthMethodKerberosRead(d *schema.ResourceData, m interface{}) error
413400
}
414401
}
415402
if kd.KerberosKrb5Conf != nil {
416-
if err := d.Set("krb5_conf_data", *kd.KerberosKrb5Conf); err != nil {
403+
if err := d.Set("krb5_conf_data", base64.StdEncoding.EncodeToString([]byte(*kd.KerberosKrb5Conf))); err != nil {
417404
return err
418405
}
419406
}
@@ -506,9 +493,7 @@ func resourceAuthMethodKerberosUpdate(d *schema.ResourceData, m interface{}) err
506493
groupDn := d.Get("group_dn").(string)
507494
groupFilter := d.Get("group_filter").(string)
508495
keytabFileData := d.Get("keytab_file_data").(string)
509-
keytabFilePath := d.Get("keytab_file_path").(string)
510496
krb5ConfData := d.Get("krb5_conf_data").(string)
511-
krb5ConfPath := d.Get("krb5_conf_path").(string)
512497
ldapAnonymousSearch := d.Get("ldap_anonymous_search").(bool)
513498
ldapCaCert := d.Get("ldap_ca_cert").(string)
514499
ldapUrl := d.Get("ldap_url").(string)
@@ -539,9 +524,7 @@ func resourceAuthMethodKerberosUpdate(d *schema.ResourceData, m interface{}) err
539524
common.GetAkeylessPtr(&body.GroupDn, groupDn)
540525
common.GetAkeylessPtr(&body.GroupFilter, groupFilter)
541526
common.GetAkeylessPtr(&body.KeytabFileData, keytabFileData)
542-
common.GetAkeylessPtr(&body.KeytabFilePath, keytabFilePath)
543527
common.GetAkeylessPtr(&body.Krb5ConfData, krb5ConfData)
544-
common.GetAkeylessPtr(&body.Krb5ConfPath, krb5ConfPath)
545528
common.GetAkeylessPtr(&body.LdapAnonymousSearch, ldapAnonymousSearch)
546529
common.GetAkeylessPtr(&body.LdapCaCert, ldapCaCert)
547530
common.GetAkeylessPtr(&body.LdapUrl, ldapUrl)

akeyless/tests/gateway/auth_kerberos_test.go

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,6 @@ import (
1010

1111
func TestAuthMethodKerberosResource(t *testing.T) {
1212

13-
t.Skip("TODO: GW is broken. Need to skip dry run.")
14-
1513
testutils.SkipIfNoGateway(t)
1614

1715
name := "test_auth_method_kerberos"

docs/resources/auth_method_kerberos.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,9 +37,7 @@ Kerberos Auth Method Resource
3737
- `gw_bound_ips` (Set of String) A comma-separated CIDR block list as a trusted Gateway entity
3838
- `jwt_ttl` (Number) creds expiration time in minutes. If not set, use default according to account settings (see get-account-settings)
3939
- `keytab_file_data` (String, Sensitive) Keytab file data (base64 encoded)
40-
- `keytab_file_path` (String) Keytab file path
4140
- `krb5_conf_data` (String) Kerberos configuration file data (base64 encoded)
42-
- `krb5_conf_path` (String) Kerberos configuration file path
4341
- `ldap_anonymous_search` (Boolean) Enable LDAP anonymous search
4442
- `ldap_ca_cert` (String) LDAP CA certificate
4543
- `ldap_url` (String) LDAP URL

0 commit comments

Comments
 (0)