Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for source when using nexus_security_user #371

Open
1 of 2 tasks
ehuizar1028 opened this issue Aug 14, 2023 · 1 comment
Open
1 of 2 tasks

Support for source when using nexus_security_user #371

ehuizar1028 opened this issue Aug 14, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@ehuizar1028
Copy link

ehuizar1028 commented Aug 14, 2023
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Due to limitations Nexus on Kubernetes has, API calls to query security users seem to randomly timeout when searching across all realms (LDAP, local, etc) when using LDAP, local users, etc. This timeout happens very random.

Could the source argument be added in your next release to be able to have a more precise query to avoid timeouts (a way to increase timeouts during lookups would be a nice to have too).

Thanks!

https://github.com/datadrivers/go-nexus-client/blob/main/nexus3/schema/security/user.go

New or Affected Resource(s)/Data Source(s)

nexus_security_user

Pro feature

  • Yes. Pro license Required

Community Plugin

No response

Potential Terraform Configuration

resource "nexus_security_user" "admin" {
  userid    = "admin"
  firstname = "Administrator"
  lastname  = "User"
  email     = "[email protected]"
  password  = "admin123"
  roles     = ["nx-admin"]
  status    = "active"
  source    = "internal"
}

References

No response
@ehuizar1028 ehuizar1028 added the enhancement New feature or request label Aug 14, 2023
@Edu-DevOps
Copy link

In my case this become an issue more than an enhancement:

I have a local Nexus user and a LDAP Nexus user which both users have the same userid

Due to how the provider refresh the terraform resource for the local user, it reads the LDAP user before than the local one which ends in a resource that will never be aligned:

  ~ resource "nexus_security_user" "local_users" {
      + email     = "[email protected]"    # TF wants to add the email because the LDAP user doesn't have it
      ~ firstname = "<ldap user firstname>" -> "My" # TF wants to modify the firstname field because the LDAP user firstname differs
        id        = "my-user"
      + lastname  = "User     # TF wants to add lastname field because LDAP user doesn't have it
      ~ roles     = [
          + "my-role",     # TF wants to add a role because LDAP users doesn't have it
        ]
        # (3 unchanged attributes hidden)
    }

This is happening because how the user tf resource is being refreshed is querying the API using only the id as parameter like v1/security/users?userId=my-user and if you have a couple of users with differente source which shares the userid, as my case, the API will give you most than one user.

Potential solution: add the source parameter to the API query to ensure the API gives you 1 result.

@Edu-DevOps Edu-DevOps mentioned this issue Oct 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Nexus Terraform Provider
Status: Low priority
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ehuizar1028 @Edu-DevOps