chore: deprecate VRA7_ environmental variables

- Adds `envDefaultFunc` helper function to create a `schema.DefaultFunc` to read the values from the environment variables. This allows the provider to accept, but deprecate legacy environmental variables. - Updates `reauthorize_timeout` to accept `VRA_INSECURE`, and `VRA7_INSECURE`. Use of `VRA7_INSECURE` will trigger the depreciation notice. - Updates `insecure` to accept `VRA_REAUTHORIZE_TIMEOUT`, and `VRA7_REAUTHORIZE_TIMEOUT`. Use of `VRA7_REAUTHORIZE_TIMEOUT` will trigger the depreciation notice. - Updates documentation. Ref: #518 Signed-off-by: Ryan Johnson <[email protected]>
vmware · Jul 10, 2024 · eb35e7c · eb35e7c
1 parent 8c3524d
commit eb35e7c
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 8 deletions.
diff --git a/vra/provider.go b/vra/provider.go
@@ -2,11 +2,11 @@ package vra
 
 import (
 	"errors"
+	"os"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
-// Provider represents the VRA provider
 func Provider() *schema.Provider {
 	return &schema.Provider{
 		Schema: map[string]*schema.Schema{
@@ -32,15 +32,17 @@ func Provider() *schema.Provider {
 			},
 			"insecure": {
 				Type:        schema.TypeBool,
-				DefaultFunc: schema.EnvDefaultFunc("VRA7_INSECURE", nil),
+				DefaultFunc: envDefaultFunc("VRA_INSECURE", "VRA7_INSECURE"),
 				Optional:    true,
+				Deprecated:  "The 'VRA7_INSECURE' environment variable is deprecated. Please use 'VRA_INSECURE' instead.",
 				Description: "Specify whether to validate TLS certificates.",
 			},
 			"reauthorize_timeout": {
 				Type:        schema.TypeString,
-				DefaultFunc: schema.EnvDefaultFunc("VRA7_REAUTHORIZE_TIMEOUT", nil),
+				DefaultFunc: envDefaultFunc("VRA_REAUTHORIZE_TIMEOUT", "VRA7_REAUTHORIZE_TIMEOUT"),
 				Optional:    true,
-				Description: "Specify timeout for how often to reauthorize the access token",
+				Deprecated:  "The 'VRA7_REAUTHORIZE_TIMEOUT' environment variable is deprecated. Please use 'VRA_REAUTHORIZE_TIMEOUT' instead.",
+				Description: "Specify timeout for how often to reauthorize the access token.",
 			},
 			"api_timeout": {
 				Type:        schema.TypeInt,
@@ -172,3 +174,16 @@ func configureProvider(d *schema.ResourceData) (interface{}, error) {
 
 	return NewClientFromRefreshToken(url, refreshToken, insecure, reauth, apiTimeout)
 }
+
+// envDefaultFunc is a custom helper function to create a schema.DefaultFunc to
+// read the values from the environment variables.
+func envDefaultFunc(vars ...string) schema.SchemaDefaultFunc {
+	return func() (interface{}, error) {
+		for _, envVar := range vars {
+			if value, exists := os.LookupEnv(envVar); exists && value != "" {
+				return value, nil
+			}
+		}
+		return nil, nil
+	}
+}
diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown
@@ -35,6 +35,7 @@ provider "vra" {
   // Configuration Options
 }
 ```
+
 In order to use the provider you must configure the provider to communicate with the vRealize Automation endpoint. The provider configuration requires the `url` and `refresh_token` or `access_token`.
 
 The provider also can accept both signed and self-signed server certificates. It is recommended that in production environments you only use certificates signed by a certificate authority. Setting the `insecure` parameter to `true` will direct the Terraform to skip certificate verification. This is **not recommended** in production deployments. It is recommended that you use a trusted connection using certificates signed by a certificate authority.
@@ -48,10 +49,11 @@ provider "vra" {
   insecure      = false
 }
 ```
+
 **Example**: Setting Environment Variables
 
 ```shell
-export VRA_URL="https://api.mgmt.cloud.vmware.com"
+export VRA_URL="https://foo.example.com"
 export VRA_REFRESH_TOKEN="***********************"
 ```
 
@@ -66,11 +68,10 @@ The following arguments are used to configure the Terraform Provider for VMware
 * `url` - (Required) This is the URL to the VMware vRealize Automation endpoint. Can also be specified with the `VRA_URL` environment variable.
 * `access_token` - (Optional) This is the access token used to create an API refresh token. Can also be specified with the `VRA_ACCESS_TOKEN` environment variable.
 * `refresh_token` - (Optional) This is a refresh_token used for API access that has been pre-generated. One of `access_token` or `refresh_token` is required. Can also be specified with the `VRA_REFRESH_TOKEN` environment variable.
-* `insecure` - (Optional) This specifies whether if the TLS certificates are validated. Can also be specified with the `VRA7_INSECURE` environment variable.
-* `reauthorize_timeout` - (Optional) This specifies the timeout for how often to reauthorize the access token. Can also be specified with the `VRA7_REAUTHORIZE_TIMEOUT` environment variable.
+* `insecure` - (Optional) This specifies whether if the TLS certificates are validated. Can also be specified with the `VRA_INSECURE` environment variable.
+* `reauthorize_timeout` - (Optional) This specifies the timeout for how often to reauthorize the access token. Can also be specified with the `VRA_REAUTHORIZE_TIMEOUT` environment variable.
 * `api_timeout` - (Optional) This specifies the timeout in seconds for API operations. Can also be specified with the `VRA_API_TIMEOUT` environment variable.
 
-
 ## Bug Reports and Contributing
 
 For more information how how to submit bug reports, feature requests, or details on how to make your own contributions to the provider, see the Terraform provider for VMware vRealize Automation [project][tf-vra-project-page].