apply feedback

Signed-off-by: Jorge Turrado <jorge.turrado@mail.schwarz>

Author: JorTurFer

docs/index.md

@@ -208,4 +208,4 @@ Note: AWS specific checks must be skipped as they do not work on STACKIT. For de
 - `ske_custom_endpoint` (String) Custom endpoint for the Kubernetes Engine (SKE) service
 - `sqlserverflex_custom_endpoint` (String) Custom endpoint for the SQL Server Flex service
 - `token_custom_endpoint` (String) Custom endpoint for the token API, which is used to request access tokens when using the key flow
-- `use_oidc` (Boolean) Should OIDC be used for Authentication? This can also be sourced from the `STACKIT_USE_OIDC` Environment Variable. Defaults to `false`.
+- `use_oidc` (Boolean) Enables OIDC for Authentication. This can also be sourced from the `STACKIT_USE_OIDC` Environment Variable. Defaults to `false`.

stackit/internal/utils/environment.go

@@ -0,0 +1,39 @@
+package utils
+
+import (
+	"os"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+// GetEnvStringOrDefault takes a Framework StringValue and a corresponding Environment Variable name and returns
+// either the string value set in the StringValue if not Null / Unknown _or_ the os.GetEnv() value of the Environment
+// Variable provided. If both of these are empty, an empty string defaultValue is returned.
+func GetEnvStringOrDefault(val types.String, envVar, defaultValue string) string {
+	if val.IsNull() || val.IsUnknown() {
+		if v := os.Getenv(envVar); v != "" {
+			return os.Getenv(envVar)
+		}
+		return defaultValue
+	}
+
+	return val.ValueString()
+}
+
+// GetEnvBoolIfValueAbsent takes a Framework BoolValue and a corresponding Environment Variable name and returns
+// one of the following in priority order:
+// 1 - the Boolean value set in the BoolValue if this is not Null / Unknown.
+// 2 - the boolean representation of the os.GetEnv() value of the Environment Variable provided (where anything but
+// 'true' or '1' is 'false').
+// 3 - `false` in all other cases.
+func GetEnvBoolIfValueAbsent(val types.Bool, envVar string) bool {
+	if val.IsNull() || val.IsUnknown() {
+		v := os.Getenv(envVar)
+		if strings.EqualFold(v, "true") || strings.EqualFold(v, "1") {
+			return true
+		}
+	}
+
+	return val.ValueBool()
+}

stackit/internal/utils/environment_test.go

@@ -0,0 +1,231 @@
+package utils
+
+import (
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-framework/types"
+)
+
+func TestGetEnvStringOrDefault(t *testing.T) {
+	const defaultValue = "default_value"
+	tests := []struct {
+		name         string
+		val          types.String
+		envVar       string
+		envValue     string
+		defaultValue string
+		expected     string
+	}{
+		{
+			name:         "value is set - should return value",
+			val:          types.StringValue("configured_value"),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "env_value",
+			defaultValue: defaultValue,
+			expected:     "configured_value",
+		},
+		{
+			name:         "value is null, env var set - should return env value",
+			val:          types.StringNull(),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "env_value",
+			defaultValue: defaultValue,
+			expected:     "env_value",
+		},
+		{
+			name:         "value is unknown, env var set - should return env value",
+			val:          types.StringUnknown(),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "env_value",
+			defaultValue: defaultValue,
+			expected:     "env_value",
+		},
+		{
+			name:         "value is null, env var not set - should return default",
+			val:          types.StringNull(),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "",
+			defaultValue: defaultValue,
+			expected:     defaultValue,
+		},
+		{
+			name:         "value is unknown, env var not set - should return default",
+			val:          types.StringUnknown(),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "",
+			defaultValue: defaultValue,
+			expected:     defaultValue,
+		},
+		{
+			name:         "value is null, env var not set, empty default - should return empty string",
+			val:          types.StringNull(),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "",
+			defaultValue: "",
+			expected:     "",
+		},
+		{
+			name:         "value is empty string - should return empty string",
+			val:          types.StringValue(""),
+			envVar:       "TEST_ENV_VAR",
+			envValue:     "env_value",
+			defaultValue: defaultValue,
+			expected:     "",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Clean up any previous value first
+			os.Unsetenv(tt.envVar)
+
+			// Setup environment variable
+			if tt.envValue != "" {
+				os.Setenv(tt.envVar, tt.envValue)
+				defer os.Unsetenv(tt.envVar)
+			}
+
+			result := GetEnvStringOrDefault(tt.val, tt.envVar, tt.defaultValue)
+
+			if result != tt.expected {
+				t.Errorf("GetEnvStringOrDefault() = %v, expected %v", result, tt.expected)
+			}
+		})
+	}
+}
+
+func TestGetEnvBoolIfValueAbsent(t *testing.T) {
+	tests := []struct {
+		name     string
+		val      types.Bool
+		envVar   string
+		envValue string
+		expected bool
+	}{
+		{
+			name:     "value is true - should return true",
+			val:      types.BoolValue(true),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "false",
+			expected: true,
+		},
+		{
+			name:     "value is false - should return false",
+			val:      types.BoolValue(false),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "true",
+			expected: false,
+		},
+		{
+			name:     "value is null, env var is 'true' - should return true",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "true",
+			expected: true,
+		},
+		{
+			name:     "value is null, env var is 'True' (case insensitive) - should return true",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "True",
+			expected: true,
+		},
+		{
+			name:     "value is null, env var is 'TRUE' (case insensitive) - should return true",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "TRUE",
+			expected: true,
+		},
+		{
+			name:     "value is null, env var is '1' - should return true",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "1",
+			expected: true,
+		},
+		{
+			name:     "value is null, env var is 'false' - should return false",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "false",
+			expected: false,
+		},
+		{
+			name:     "value is null, env var is 'False' - should return false",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "False",
+			expected: false,
+		},
+		{
+			name:     "value is null, env var is '0' - should return false",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "0",
+			expected: false,
+		},
+		{
+			name:     "value is null, env var is empty - should return false",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "",
+			expected: false,
+		},
+		{
+			name:     "value is null, env var is random string - should return false",
+			val:      types.BoolNull(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "random",
+			expected: false,
+		},
+		{
+			name:     "value is unknown, env var is 'true' - should return true",
+			val:      types.BoolUnknown(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "true",
+			expected: true,
+		},
+		{
+			name:     "value is unknown, env var is '1' - should return true",
+			val:      types.BoolUnknown(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "1",
+			expected: true,
+		},
+		{
+			name:     "value is unknown, env var is 'false' - should return false",
+			val:      types.BoolUnknown(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "false",
+			expected: false,
+		},
+		{
+			name:     "value is unknown, env var not set - should return false",
+			val:      types.BoolUnknown(),
+			envVar:   "TEST_BOOL_ENV_VAR",
+			envValue: "",
+			expected: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Clean up any previous value first
+			os.Unsetenv(tt.envVar)
+
+			// Setup environment variable
+			if tt.envValue != "" {
+				os.Setenv(tt.envVar, tt.envValue)
+				defer os.Unsetenv(tt.envVar)
+			}
+
+			result := GetEnvBoolIfValueAbsent(tt.val, tt.envVar)
+
+			if result != tt.expected {
+				t.Errorf("GetEnvBoolIfValueAbsent() = %v, expected %v", result, tt.expected)
+			}
+		})
+	}
+}

stackit/provider.go

@@ -3,7 +3,6 @@ package stackit
 import (
 	"context"
 	"fmt"
-	"os"
 	"strings"
 
 	"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
@@ -112,6 +111,7 @@ import (
 	skeMachineImages "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/ske/provideroptions/machineimages"
 	sqlServerFlexInstance "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/sqlserverflex/instance"
 	sqlServerFlexUser "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/sqlserverflex/user"
+	"github.com/stackitcloud/terraform-provider-stackit/stackit/internal/utils"
 )
 
 // Ensure the implementation satisfies the expected interfaces
@@ -205,7 +205,7 @@ func (p *Provider) Schema(_ context.Context, _ provider.SchemaRequest, resp *pro
 		"service_account_email":                "Service account email. It can also be set using the environment variable STACKIT_SERVICE_ACCOUNT_EMAIL. It is required if you want to use the resource manager project resource. This value is required using OpenID Connect authentication.",
 		"service_account_federated_token_path": "Path for workload identity assertion. It can also be set using the environment variable STACKIT_FEDERATED_TOKEN_FILE.",
 		"service_account_federated_token":      "The OIDC ID token for use when authenticating as a Service Account using OpenID Connect.",
-		"use_oidc":                             "Should OIDC be used for Authentication? This can also be sourced from the `STACKIT_USE_OIDC` Environment Variable. Defaults to `false`.",
+		"use_oidc":                             "Enables OIDC for Authentication. This can also be sourced from the `STACKIT_USE_OIDC` Environment Variable. Defaults to `false`.",
 		"oidc_request_url":                     "The URL for the OIDC provider from which to request an ID token. For use when authenticating as a Service Account using OpenID Connect.",
 		"oidc_request_token":                   "The bearer token for the request to the OIDC provider. For use when authenticating as a Service Account using OpenID Connect.",
 		"region":                               "Region will be used as the default location for regional services. Not all services require a region, some are global",
@@ -550,11 +550,11 @@ func (p *Provider) Configure(ctx context.Context, req provider.ConfigureRequest,
 	}
 
 	// Workload Identity Federation via provided OIDC Token from GitHub Actions
-	if sdkConfig.ServiceAccountFederatedTokenFunc == nil && getEnvBoolIfValueAbsent(providerConfig.UseOIDC, "STACKIT_USE_OIDC") {
+	if sdkConfig.ServiceAccountFederatedTokenFunc == nil && utils.GetEnvBoolIfValueAbsent(providerConfig.UseOIDC, "STACKIT_USE_OIDC") {
 		sdkConfig.WorkloadIdentityFederation = true
 		// https://docs.github.com/en/actions/reference/security/oidc#methods-for-requesting-the-oidc-token
-		oidcReqURL := getEnvStringOrDefault(providerConfig.OIDCTokenRequestURL, "ACTIONS_ID_TOKEN_REQUEST_URL", "")
-		oidcReqToken := getEnvStringOrDefault(providerConfig.OIDCTokenRequestToken, "ACTIONS_ID_TOKEN_REQUEST_TOKEN", "")
+		oidcReqURL := utils.GetEnvStringOrDefault(providerConfig.OIDCTokenRequestURL, "ACTIONS_ID_TOKEN_REQUEST_URL", "")
+		oidcReqToken := utils.GetEnvStringOrDefault(providerConfig.OIDCTokenRequestToken, "ACTIONS_ID_TOKEN_REQUEST_TOKEN", "")
 		if oidcReqURL != "" && oidcReqToken != "" {
 			sdkConfig.ServiceAccountFederatedTokenFunc = oidcadapters.RequestGHOIDCToken(oidcReqURL, oidcReqToken)
 		}
@@ -759,34 +759,3 @@ func (p *Provider) EphemeralResources(_ context.Context) []func() ephemeral.Ephe
 		access_token.NewAccessTokenEphemeralResource,
 	}
 }
-
-// getEnvStringOrDefault takes a Framework StringValue and a corresponding Environment Variable name and returns
-// either the string value set in the StringValue if not Null / Unknown _or_ the os.GetEnv() value of the Environment
-// Variable provided. If both of these are empty, an empty string defaultValue is returned.
-func getEnvStringOrDefault(val types.String, envVar, defaultValue string) string {
-	if val.IsNull() || val.IsUnknown() {
-		if v := os.Getenv(envVar); v != "" {
-			return os.Getenv(envVar)
-		}
-		return defaultValue
-	}
-
-	return val.ValueString()
-}
-
-// getEnvBoolIfValueAbsent takes a Framework BoolValue and a corresponding Environment Variable name and returns
-// one of the following in priority order:
-// 1 - the Boolean value set in the BoolValue if this is not Null / Unknown.
-// 2 - the boolean representation of the os.GetEnv() value of the Environment Variable provided (where anything but
-// 'true' or '1' is 'false').
-// 3 - `false` in all other cases.
-func getEnvBoolIfValueAbsent(val types.Bool, envVar string) bool {
-	if val.IsNull() || val.IsUnknown() {
-		v := os.Getenv(envVar)
-		if strings.EqualFold(v, "true") || strings.EqualFold(v, "1") {
-			return true
-		}
-	}
-
-	return val.ValueBool()
-}