From 025cf55d2356a23572c4b07433cee6f58d99f956 Mon Sep 17 00:00:00 2001 From: pjsier Date: Tue, 7 Nov 2023 18:10:08 -0500 Subject: [PATCH] Parse service account user from LDAP str --- minio/resource_minio_service_account.go | 19 ++++++++++++++++++- minio/resource_minio_service_account_test.go | 7 +++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/minio/resource_minio_service_account.go b/minio/resource_minio_service_account.go index ea83339b..a39f6483 100644 --- a/minio/resource_minio_service_account.go +++ b/minio/resource_minio_service_account.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "log" + "strings" "github.com/aws/aws-sdk-go/aws" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" @@ -177,7 +178,8 @@ func minioReadServiceAccount(ctx context.Context, d *schema.ResourceData, meta i _ = d.Set("disable_user", output.AccountStatus == "off") - if err := d.Set("target_user", output.ParentUser); err != nil { + targetUser := parseUserFromParentUser(output.ParentUser) + if err := d.Set("target_user", targetUser); err != nil { return NewResourceError("reading service account failed", d.Id(), err) } @@ -230,3 +232,18 @@ func processServiceAccountPolicy(policy string) []byte { } return []byte(policy) } + +// Handle LDAP responses in ParentUser struct +func parseUserFromParentUser(parentUser string) string { + user := parentUser + + // Iterate through comma-separated chunks, will be ignored if not LDAP + for _, ldapSection := range strings.Split(parentUser, ",") { + splitSection := strings.Split(ldapSection, "=") + if len(splitSection) == 2 && strings.ToLower(strings.TrimSpace(splitSection[0])) == "cn" { + return strings.TrimSpace(splitSection[1]) + } + } + + return user +} diff --git a/minio/resource_minio_service_account_test.go b/minio/resource_minio_service_account_test.go index 1751a9bc..6c087567 100644 --- a/minio/resource_minio_service_account_test.go +++ b/minio/resource_minio_service_account_test.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" "github.com/minio/madmin-go/v3" + "gotest.tools/v3/assert" ) func TestServiceAccount_basic(t *testing.T) { @@ -147,6 +148,12 @@ func TestServiceAccount_Policy(t *testing.T) { }) } +func TestParseUserFromParentUser(t *testing.T) { + assert.Equal(t, "minio-user", parseUserFromParentUser("minio-user")) + assert.Equal(t, "minio-user", parseUserFromParentUser("CN = minio-user, DC=example,DC=org")) + assert.Equal(t, "minio-user", parseUserFromParentUser("cn=minio-user, DC=example")) +} + func testAccMinioServiceAccountConfig(rName string) string { return fmt.Sprintf(` resource "minio_iam_service_account" "test" {