Feature: standalone topic permission grant #162
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR extends the pulsar_permission_grant resource to support topic-level permissions in addition to existing namespace permissions, addressing issue #161.
- Adds topic permission support to the standalone permission grant resource with mutual exclusion validation
- Modifies topic resource to avoid interfering with externally managed permissions
- Includes comprehensive test coverage for topic permissions and validation scenarios
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pulsar/resource_pulsar_permission_grant.go | Adds topic field with ExactlyOneOf validation and implements CRUD operations for topic permissions |
| pulsar/resource_pulsar_permission_grant_test.go | Adds comprehensive test coverage for topic permissions, validation, and update scenarios |
| pulsar/resource_pulsar_topic.go | Modifies to use filtered permission setting to avoid conflicts with external permissions |
| pulsar/resource_pulsar_topic_test.go | Adds test to verify topic resource doesn't interfere with external permission management |
| pulsar/permission_grant.go | Removes unused setPermissionGrant function |
| examples/permission_grants/main.tf | Adds topic permission grant examples |
| docs/resources/permission_grant.md | Updates documentation to reflect topic permission support |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| - `actions` (Set of String) A set of authorization actions granted to the role. | ||
| - `role` (String) The name of the Pulsar role to grant permissions to | ||
|
|
||
| ### Optional |
There was a problem hiding this comment.
Does "Optional" make sense here?
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| package pulsar | ||
|
|
||
| import ( |
There was a problem hiding this comment.
[nitpick] The regexp import is added but only used in two test functions. Consider grouping imports by standard library, third-party, and local packages for better organization.
Copilot uses AI. Check for mistakes.
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: config, | ||
| ExpectError: regexp.MustCompile(`only one of .*namespace,topic.* can be specified`), |
There was a problem hiding this comment.
The error message pattern uses regex wildcards that may be too permissive. Consider using a more specific pattern like only one of .* can be specified to avoid false matches.
| ExpectError: regexp.MustCompile(`only one of .*namespace,topic.* can be specified`), | |
| ExpectError: regexp.MustCompile(`^only one of namespace,topic can be specified$`), |
Copilot uses AI. Check for mistakes.
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: config, | ||
| ExpectError: regexp.MustCompile(`one of .*namespace,topic.* must be specified`), |
There was a problem hiding this comment.
Similar to the previous regex pattern, this could match unintended text. Consider using a more specific pattern to ensure accurate test validation.
| ExpectError: regexp.MustCompile(`one of .*namespace,topic.* must be specified`), | |
| ExpectError: regexp.MustCompile(`one of (namespace|topic) must be specified`), |
Copilot uses AI. Check for mistakes.
2 participants
Fixes #161
Motivation
Extends the pulsar_permission_grant resource to add topic permissions.
Modifications
ExactlyOneOfvalidation between topic & namespace fieldsVerifying this change
(Please pick either of the following options)
This change added tests and can be verified as follows:
Documentation
doc(If this PR contains doc changes)