Skip to content
This repository has been archived by the owner on Sep 21, 2020. It is now read-only.

Support for hook secrets #11

Closed
xanderflood opened this issue Apr 8, 2020 · 1 comment
Closed

Support for hook secrets #11

xanderflood opened this issue Apr 8, 2020 · 1 comment
Labels
enhancement

Comments

@xanderflood
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The provider supports rules, rule configs, and hooks, but currently doesn't support hook secrets, which are the analog of configs for hooks.

A current workaround for this is simply to use templatefile with a hook resource. This is fully functional but somewhat less secure and requires the maintainer to store their hooks in files that are not necessarily valid JS, meaning for instance that they'll have issues with code analysis tools.

New or Affected Resource(s)

This would entail introducing a single new resource auth0_hook_secret. It's lifecycle callbacks would be implemented as follows:

  • Create: makes a call to this endpoint, with a single secret in the body, then sets the id of the resource
  • Read: makes a call to this endpoint (which gets all secrets for the hook) and then sets only the value for the desired secret
  • Update: makes a call to this endpoint, again with a single secret
  • Destroy: makes a call to this endpoint, passing an array containing only the name of the secret

Changes to the name field should force a new resource. This is equivalent to but simpler than correctly implementing name changes.

Also, there's a question about how to set the ID of a resource. Using {hook_id}{separator}{secret_name} has the advantage that it will be possible to do imports. However, since hook_id is itself an opaque string, choosing a separator is difficult. Moreover, imports seem unimportant for this resource since destroying and re-creating is generally low cost.

Potential Terraform Configuration

resource "auth0_hook_secret" "internal" {
  hook_id = auth0_hook.my-hook.id
  name = "mySecretName"
  value = "json-value"
}
@ghost ghost mentioned this issue Apr 15, 2020
Closed
@ghost ghost deleted a comment from alexkappa Apr 15, 2020
@ghost
Copy link

ghost commented Apr 15, 2020

This issue was moved by alexkappa to alexkappa/terraform-provider-auth0#205.

@hashicorp hashicorp deleted a comment Apr 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexkappa @xanderflood