fix synapse endpoint not available issue in other cloud (#9100)

njuCZ · web-flow · commit 442b5815d437 · 2020-11-05T07:34:45.000Z
diff --git a/azurerm/internal/clients/builder.go b/azurerm/internal/clients/builder.go
@@ -3,8 +3,11 @@ package clients
 import (
 	"context"
 	"fmt"
+	"log"
 	"strings"
 
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/hashicorp/go-azure-helpers/authentication"
 	"github.com/hashicorp/go-azure-helpers/sender"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
@@ -98,9 +101,14 @@ func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 	}
 
 	// Synapse Endpoints
-	synapseAuth, err := builder.AuthConfig.GetAuthorizationToken(sender, oauthConfig, env.ResourceIdentifiers.Synapse)
-	if err != nil {
-		return nil, err
+	var synapseAuth autorest.Authorizer = nil
+	if env.ResourceIdentifiers.Synapse != azure.NotAvailable {
+		synapseAuth, err = builder.AuthConfig.GetAuthorizationToken(sender, oauthConfig, env.ResourceIdentifiers.Synapse)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		log.Printf("[DEBUG] Skipping building the Synapse Authorizer since this is not supported in the current Azure Environment")
 	}
 
 	// Key Vault Endpoints
diff --git a/azurerm/internal/services/synapse/client/client.go b/azurerm/internal/services/synapse/client/client.go
@@ -52,9 +52,12 @@ func NewClient(o *common.ClientOptions) *Client {
 	}
 }
 
-func (client Client) AccessControlClient(workspaceName, synapseEndpointSuffix string) *accesscontrol.BaseClient {
+func (client Client) AccessControlClient(workspaceName, synapseEndpointSuffix string) (*accesscontrol.BaseClient, error) {
+	if client.synapseAuthorizer == nil {
+		return nil, fmt.Errorf("Synapse is not supported in this Azure Environment")
+	}
 	endpoint := fmt.Sprintf("https://%s.%s", workspaceName, synapseEndpointSuffix)
 	accessControlClient := accesscontrol.New(endpoint)
 	accessControlClient.Client.Authorizer = client.synapseAuthorizer
-	return &accessControlClient
+	return &accessControlClient, nil
 }
diff --git a/azurerm/internal/services/synapse/synapse_role_assignment_resource.go b/azurerm/internal/services/synapse/synapse_role_assignment_resource.go
@@ -78,7 +78,10 @@ func resourceArmSynapseRoleAssignmentCreate(d *schema.ResourceData, meta interfa
 	principalID := d.Get("principal_id").(string)
 	roleName := d.Get("role_name").(string)
 
-	client := synapseClient.AccessControlClient(workspaceId.Name, environment.SynapseEndpointSuffix)
+	client, err := synapseClient.AccessControlClient(workspaceId.Name, environment.SynapseEndpointSuffix)
+	if err != nil {
+		return err
+	}
 	roleId, err := getRoleIdByName(ctx, client, roleName)
 	if err != nil {
 		return err
@@ -128,7 +131,10 @@ func resourceArmSynapseRoleAssignmentRead(d *schema.ResourceData, meta interface
 		return err
 	}
 
-	client := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+	client, err := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+	if err != nil {
+		return err
+	}
 	resp, err := client.GetRoleAssignmentByID(ctx, id.Id)
 	if err != nil {
 		if utils.ResponseWasNotFound(resp.Response) {
@@ -163,7 +169,10 @@ func resourceArmSynapseRoleAssignmentDelete(d *schema.ResourceData, meta interfa
 		return err
 	}
 
-	client := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+	client, err := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+	if err != nil {
+		return err
+	}
 	if _, err := client.DeleteRoleAssignmentByID(ctx, id.Id); err != nil {
 		return fmt.Errorf("deleting Synapse RoleAssignment %q (workspace %q): %+v", id, id.Workspace.Name, err)
 	}
diff --git a/azurerm/internal/services/synapse/tests/synapse_role_assignment_resource_test.go b/azurerm/internal/services/synapse/tests/synapse_role_assignment_resource_test.go
@@ -61,7 +61,10 @@ func testCheckAzureRMSynapseRoleAssignmentExists(resourceName string) resource.T
 		if err != nil {
 			return err
 		}
-		client := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+		client, err := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+		if err != nil {
+			return err
+		}
 		if resp, err := client.GetRoleAssignmentByID(ctx, id.Id); err != nil {
 			if !utils.ResponseWasNotFound(resp.Response) {
 				return fmt.Errorf("bad: Synapse role assignment %q does not exist", id.Id)
@@ -93,7 +96,10 @@ func testCheckAzureRMSynapseRoleAssignmentDestroy(s *terraform.State) error {
 			return nil
 		}
 
-		client := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+		client, err := synapseClient.AccessControlClient(id.Workspace.Name, environment.SynapseEndpointSuffix)
+		if err != nil {
+			return err
+		}
 		resp, err := client.GetRoleAssignmentByID(ctx, id.Id)
 		if err != nil {
 			if !utils.ResponseWasNotFound(resp.Response) {

Original file line number	Diff line number	Diff line change
`@@ -52,9 +52,12 @@ func NewClient(o common.ClientOptions) Client {`
`52`	`52`	`}`
`53`	`53`	`}`
`54`	`54`
`55`		`-func (client Client) AccessControlClient(workspaceName, synapseEndpointSuffix string) *accesscontrol.BaseClient {`
	`55`	`+func (client Client) AccessControlClient(workspaceName, synapseEndpointSuffix string) (*accesscontrol.BaseClient, error) {`
	`56`	`+ if client.synapseAuthorizer == nil {`
	`57`	`+ return nil, fmt.Errorf("Synapse is not supported in this Azure Environment")`
	`58`	`+ }`
`56`	`59`	`endpoint := fmt.Sprintf("https://%s.%s", workspaceName, synapseEndpointSuffix)`
`57`	`60`	`accessControlClient := accesscontrol.New(endpoint)`
`58`	`61`	`accessControlClient.Client.Authorizer = client.synapseAuthorizer`
`59`		`- return &accessControlClient`
	`62`	`+ return &accessControlClient, nil`
`60`	`63`	`}`