Skip to content

azurerm_search_service - implement plan time error when local_authentication_enabled = false and authentication_failure_mode is set#30882

Merged
mbfrahry merged 3 commits intohashicorp:mainfrom
djryanj:30880
Oct 20, 2025
Merged

azurerm_search_service - implement plan time error when local_authentication_enabled = false and authentication_failure_mode is set#30882
mbfrahry merged 3 commits intohashicorp:mainfrom
djryanj:30880

Conversation

@djryanj
Copy link
Contributor

@djryanj djryanj commented Oct 16, 2025

Community Note

  • Please vote on this PR by adding a 👍 reaction to the original PR to help the community and maintainers prioritize for review
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for PR followers and do not help prioritize for review

Description

In #30871 it was identified that an improvement to the plan time error checking when local_authentication_enabled = false and authentication_failure_mode is set could be implemented. This PR implements that check.

PR Checklist

  • I have followed the guidelines in our Contributing Documentation.
  • I have checked to ensure there aren't other open Pull Requests for the same update/change.
  • I have checked if my changes close any open issues. If so please include appropriate closing keywords below.
  • I have updated/added Documentation as required written in a helpful and kind way to assist users that may be unfamiliar with the resource / data source.
  • I have used a meaningful PR title to help maintainers and other users understand this change and help prevent duplicate work.
    For example: “resource_name_here - description of change e.g. adding property new_property_name_here

Closes #30880

Testing

No new tests required. Running existing tests shows a dramatic change in test run time for the case where the error would be seen (which is expected).

Relevant test output before change:

make acctests SERVICE='search' TESTARGS='-run=TestAccSearchService_apiAccessControlRbacError' TESTTIMEOUT='60m'
==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
==> Checking that acceptance test packages are used...
TF_ACC=1 go test -v ./internal/services/search -run=TestAccSearchService_apiAccessControlRbacError -timeout 60m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccSearchService_apiAccessControlRbacError
=== PAUSE TestAccSearchService_apiAccessControlRbacError
=== CONT  TestAccSearchService_apiAccessControlRbacError
--- PASS: TestAccSearchService_apiAccessControlRbacError (37.23s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/search        37.276s

After the change:

$make acctests SERVICE='search' TESTARGS='-run=TestAccSearchService_apiAccessControlRbacError' TESTTIMEOUT='60m'
==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
==> Checking that acceptance test packages are used...
TF_ACC=1 go test -v ./internal/services/search -run=TestAccSearchService_apiAccessControlRbacError -timeout 60m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccSearchService_apiAccessControlRbacError
=== PAUSE TestAccSearchService_apiAccessControlRbacError
=== CONT  TestAccSearchService_apiAccessControlRbacError
--- PASS: TestAccSearchService_apiAccessControlRbacError (11.68s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/search        11.709s

Testing the non-error case:

$ make acctests SERVICE='search' TESTARGS='-run=TestAccSearchService_apiAccessControlUpdate' TESTTIMEOUT='60m'
==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
==> Checking that acceptance test packages are used...
TF_ACC=1 go test -v ./internal/services/search -run=TestAccSearchService_apiAccessControlUpdate -timeout 60m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccSearchService_apiAccessControlUpdate
=== PAUSE TestAccSearchService_apiAccessControlUpdate
=== CONT  TestAccSearchService_apiAccessControlUpdate
--- PASS: TestAccSearchService_apiAccessControlUpdate (245.03s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/search        245.073s

Change Log

Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.

This is a (please select all that apply):

  • Bug Fix
  • New Feature (ie adding a service, resource, or data source)
  • Enhancement
  • Breaking Change

Related Issue(s)

Fixes #30880

AI Assistance Disclosure

  • AI Assisted - This contribution was made by, or with the assistance of, AI/LLMs

Rollback Plan

If a change needs to be reverted, we will publish an updated version of the provider.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

Note

If this PR changes meaningfully during the course of review please update the title and description as required.

@djryanj djryanj requested review from a team, WodansSon and magodo as code owners October 16, 2025 15:39
mbfrahry
mbfrahry requested changes Oct 17, 2025
View reviewed changes
Copy link
Member

@mbfrahry mbfrahry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @djryanj, thanks for getting this customize diff in! It looks good but we can also do a little more cleanup by removing that check in the create. We'll never hit it with the customizeDiff in place so we can get it outta there

@djryanj
Copy link
Contributor Author

djryanj commented Oct 17, 2025

@mbfrahry I can do that.

The same check exists in the update method too e.g., here; would the same logic apply (e.g., it'll never get hit because of the customizeDiff)?

@djryanj
Copy link
Contributor Author

djryanj commented Oct 17, 2025

I answered my own question by removing that extraneous check in the update code and adding a test step to validate.

Test output:

make acctests SERVICE='search' TESTARGS='-run=TestAccSearchService_apiAccessControlUpdate' TESTTIMEOUT='60m'
==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
==> Checking that acceptance test packages are used...
TF_ACC=1 go test -v ./internal/services/search -run=TestAccSearchService_apiAccessControlUpdate -timeout 60m -ldflags="-X=github.com/hashicorp/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccSearchService_apiAccessControlUpdate
=== PAUSE TestAccSearchService_apiAccessControlUpdate
=== CONT  TestAccSearchService_apiAccessControlUpdate
--- PASS: TestAccSearchService_apiAccessControlUpdate (820.87s)
PASS
ok      github.com/hashicorp/terraform-provider-azurerm/internal/services/search        820.918s

mbfrahry
mbfrahry approved these changes Oct 20, 2025
View reviewed changes
Copy link
Member

@mbfrahry mbfrahry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for this @djryanj

@mbfrahry mbfrahry added this to the v4.50.0 milestone Oct 20, 2025
@mbfrahry mbfrahry merged commit 83b56c2 into hashicorp:main Oct 20, 2025
33 checks passed
@github-actions
Copy link
Contributor

github-actions bot commented Nov 20, 2025

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 20, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@mbfrahry mbfrahry mbfrahry approved these changes

@WodansSon WodansSon Awaiting requested review from WodansSon WodansSon is a code owner

@magodo magodo Awaiting requested review from magodo magodo is a code owner

Assignees

@mbfrahry mbfrahry

Labels

enhancement service/search size/XS

Projects

None yet

Milestone

v4.50.0

Development

Successfully merging this pull request may close these issues.

Improved validation of the azurerm_search_service schema

2 participants

@djryanj @mbfrahry